Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp1159097img; Tue, 26 Feb 2019 15:30:58 -0800 (PST) X-Google-Smtp-Source: AHgI3IbLXMnvbfPQriog2UKeSgeQBOd5R6JQSYSbzHRTbjUcXl+kvqyj9YR30x6iiuuSS7QJPkvh X-Received: by 2002:a17:902:14b:: with SMTP id 69mr28014452plb.120.1551223858832; Tue, 26 Feb 2019 15:30:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551223858; cv=none; d=google.com; s=arc-20160816; b=Zo6pGZJ+sUM1eLbYa+R7gWkLbzjR1w9axh4vA01TMMSHjkRTiWXqCtrdScpv3Exej8 HolXPpgEBarHq1yB9IGKXgfBHb7zg5+b659MOPUszPjQIj6H+Zf0uCD0R872yxxMwAz7 b523pFHU/6oqgWkiuoV6Ts4zNzQuLMJj6PtHzSz+xKho9+6+aXul0guzP1r8UohOBtDr MSvAmph1eAnqufWuLFxScSz+jSXN3ep46UxOjpcaAwtpLFcmhw5e7Pdc3owb3xRCzYQ8 yqj+Z7TDCPBRjl8Y5G8lXBwv4hPXiOJAcPXtml0PiV6JIcwN6VLdGd0hlhNMOoNWDwWo Z2vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=MYGI5B/x4N8ptxah4Qy4TZW9Q9CwCzEE2159nArbSxQ=; b=yjpQFYc1S+Nk34rJ7dueYfObcG3ZDoWE8iGsPNU/xlZ+FCe1QmxmR5aMR57876af7S UGDVcOGA6UB5baKXMPLPh8TCHkV9R51sUaaCPTFZNGhC6gGw0duyd2NB+2vGxx0QErQb epOEZ/y0o2UfaQgYUdojQ49b+QxonfXtwfBmwzKWrb1xcy6/Cm0pEKvEAz2xdFoPnbEk hhiFqiLzyeqI2EAK61Pn2aMZ606YlQFc6F8a+eoNrZj/yhmN7KpAyjW5+7/JgM+Tcxnb JkD8sciDsTSExRAbOjy/CxfhCAMKfqqQagcYvT5Ds1kG2oW6yneumH6fRMcTgNjPF7hZ bxtw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u27si13398806pgk.555.2019.02.26.15.30.43; Tue, 26 Feb 2019 15:30:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729170AbfBZX1r (ORCPT + 99 others); Tue, 26 Feb 2019 18:27:47 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:53458 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727998AbfBZX1q (ORCPT ); Tue, 26 Feb 2019 18:27:46 -0500 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x1QNO68p021186 for ; Tue, 26 Feb 2019 18:27:45 -0500 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2qwc6f171r-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 26 Feb 2019 18:27:45 -0500 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 26 Feb 2019 23:27:43 -0000 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Tue, 26 Feb 2019 23:27:40 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x1QNRdID27721782 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Tue, 26 Feb 2019 23:27:39 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9C0C8A4053; Tue, 26 Feb 2019 23:27:39 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B43ADA4040; Tue, 26 Feb 2019 23:27:38 +0000 (GMT) Received: from localhost.ibm.com (unknown [9.80.106.105]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Tue, 26 Feb 2019 23:27:38 +0000 (GMT) From: Mimi Zohar To: linux-kselftest@vger.kernel.org, Shuah Khan Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, Mimi Zohar Subject: [PATCH v2 0/5] selftests/ima: add kexec and kernel module tests Date: Tue, 26 Feb 2019 18:26:55 -0500 X-Mailer: git-send-email 2.7.5 X-TM-AS-GCONF: 00 x-cbid: 19022623-4275-0000-0000-000003145942 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19022623-4276-0000-0000-000038229A64 Message-Id: <1551223620-11586-1-git-send-email-zohar@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-02-26_13:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1902260158 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The kernel can be configured to require kexec kernel images and kernel modules are signed. An IMA policy can be specified on the boot command line or a custom IMA policy loaded requiring the kexec kernel image and kernel modules be signed. In addition, systems booted in secure boot mode with the IMA architecture specific policy enabled, require validly signed kexec kernel images and kernel modules. There are two methods of signing kernel images and two methods of signing kernel modules. In addition, there are two syscalls for each. kernel image: PE signature, IMA signature kexec syscalls: kexec_load, kexec_file_load Both the PE and IMA kernel image signature can only be verified when loaded via the kexec_file_load syscall. kernel moodule: appended signature, IMA signature kernel module syscalls: init_module, finit_module The appended kernel module signature can be verified when the kernel module is loaded via either syscall. The IMA kernel module signature can only be verified when the kernel module is loaded via the finit_module syscall. The selftests in this patch set verify that only signed kernel images and kernel modules are loaded as required, based on the kernel config, the secure boot mode, and the IMA runtime policy. Loading a kernel image or kernel module requires root privileges. To run just the IMA selftests: sudo make TARGETS=ima kselftest Mimi Zohar (5): selftests/ima: cleanup the kexec selftest selftests/ima: define a set of common functions selftests/ima: define common logging functions selftests/ima: kexec_file_load syscall test selftests/ima: loading kernel modules tools/testing/selftests/ima/Makefile | 3 +- tools/testing/selftests/ima/common_lib.sh | 154 ++++++++++++++++ tools/testing/selftests/ima/test_kernel_module.sh | 96 ++++++++++ .../testing/selftests/ima/test_kexec_file_load.sh | 195 +++++++++++++++++++++ tools/testing/selftests/ima/test_kexec_load.sh | 53 ++---- 5 files changed, 463 insertions(+), 38 deletions(-) create mode 100755 tools/testing/selftests/ima/common_lib.sh create mode 100755 tools/testing/selftests/ima/test_kernel_module.sh create mode 100755 tools/testing/selftests/ima/test_kexec_file_load.sh -- 2.7.5