Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp4325180yba;
        Sun, 12 May 2019 10:07:45 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxuRy2kWYWzCTTgGbM2fQPs6HWjVnM1NK977QprgPh4AAehI4D1JeR0Xqa1MHU03uWc8zBE
X-Received: by 2002:a63:2a89:: with SMTP id q131mr25847610pgq.359.1557680865735;
        Sun, 12 May 2019 10:07:45 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1557680865; cv=none;
        d=google.com; s=arc-20160816;
        b=Th+dZ2EjZSsOgWYZcx8IlVYhwQ4bsrAQDXJsnOuCXJZNphIAl4GZw8eS6OB7bydNf5
         PBi3CtVWu6ws0fBXOgbVW+/ZrXWnp/4/Rmfrw82EvXA/BXZsC52pihBTGzwGbUFTPBB3
         W/34TqHwpbibDSDCTPUKfEo3JCsp9rII1hStFzaOnUn42SbKQ/0vU4jzEAsHKlO7DF4G
         yY2ISk4WIka/jW+rrubKnF/c9UKWtciaGc906hlLvGwZ8y++/Cq0fb5GzR2sci/C578o
         F66xGsxrKgRMEkZTY7bzk60TvZ9WxaPQ6ImDlZMtxKWUbLrY4JFX7/feJ5jZ9lFxz79a
         TzuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature;
        bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=;
        b=vdnGFoqfH9kOs+9Fam6UBqEN5QG7PDUGF53FRNYu6Z7+8y4AbrCXvcTCdGYydppyV+
         UZefOxl+LDXEC5UM0spiCoZdWEzwZ5gExJ8DvJNZpS44kHlOZXFw+38IUT7wfOYDFJWd
         5AcCFTwU9wyeuK7CnzWMuCmH2Ho4Q+kw1NJzNqyo19GcivR3JEG+kNk6tAXbytsD/TgF
         leh/vqwVC4JLTOMV0USkdd1IcWT+FZlfsxxz3Juz1ZlwHtneGeLNH0WjXvCwA+MeZW2q
         eN27BaZ1DjF+SDpC7+2RKW8oYCW237Ei/IYeOylaEY4/7X2aAKj0DaW6m+modyKoP3BL
         kkog==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=M1kb+HIz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d24si14667749pgm.405.2019.05.12.10.07.29;
        Sun, 12 May 2019 10:07:45 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=M1kb+HIz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726931AbfELRFT (ORCPT <rfc822;chauncqc@gmail.com> + 99 others);
        Sun, 12 May 2019 13:05:19 -0400
Received: from mail-oi1-f194.google.com ([209.85.167.194]:38237 "EHLO
        mail-oi1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726909AbfELRFT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 12 May 2019 13:05:19 -0400
Received: by mail-oi1-f194.google.com with SMTP id u199so7719587oie.5
        for <linux-kernel@vger.kernel.org>; Sun, 12 May 2019 10:05:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=landley-net.20150623.gappssmtp.com; s=20150623;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=;
        b=M1kb+HIzVOLjPCV4h6Pn4lve+FlnoRhh7JL/WOdRAHWhP7XRiXt2Sb1zCx+P73FWpH
         KH+vO3XX2/+B76I47eV+x5dE3f6pnMgrTIJE7VNh4ZChznUcTJY9sLB9hecdROdExjmg
         /JPQRL9+WNauQRy09PAuL4L+fpknOrj50gkModVL0BMNekoH7GBXdRdXfxoaLcWOG03L
         Y+O3tl58C2QvVdDq9MUnLdKYMn7lI9M9GE8l5NKOH1AX/WldekcH2nLERHsnEiX4sVsK
         tDUJ/uw9Na9lpPhy3YjlBknNgRsJ/+qzkinLg8HkU903BWLWhwIYA6J1YzU1WDzc0gEI
         hjfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=;
        b=WL9HWoF1PBIiEOK7gFwGJhHSf83frxUvlfWg8ju92sfIKTlrDf2HHD03lxBrBNGMHv
         zEJr4wG4Nr/nfS4BJWFDlK5e9yWn/6JL1qTueMTMthzBzAGvikmO+sUAiJkkZG3K5Ql+
         Nyc3nChvu5Ou6edOQgr3Pu0s62EY2TX+l9ppyA9HhkqKuFuab+R77OWvc+D2Za0fkZYN
         4yidBrgrjZ7L1vFJMJSmSFPm8VaSIbmX/0rvGfr4nMngG9un/PjKPA5OTLnZMTO3OLbc
         kRgWy7zcwvUB1V2a5NSbZniH9dLjvie0ijL/Y5TlBt2o2NbQzmBFAB1ATVluRmfWeW8n
         cyIQ==
X-Gm-Message-State: APjAAAWVZ6v9IVDNqYAdBrSPpL7m1qQZnRnb6EByCzJ1z0300YyfTt3C
        h24j0uad1da0wV6Rdm/xtmiDAQ==
X-Received: by 2002:aca:e594:: with SMTP id c142mr3854397oih.155.1557680718422;
        Sun, 12 May 2019 10:05:18 -0700 (PDT)
Received: from [192.168.1.5] (072-182-052-210.res.spectrum.com. [72.182.52.210])
        by smtp.googlemail.com with ESMTPSA id w192sm4456571oiw.57.2019.05.12.10.05.16
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 12 May 2019 10:05:17 -0700 (PDT)
Subject: Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial
 ram disk
To:     Mimi Zohar <zohar@linux.ibm.com>,
        Dominik Brodowski <linux@dominikbrodowski.net>,
        Roberto Sassu <roberto.sassu@huawei.com>
Cc:     viro@zeniv.linux.org.uk, linux-security-module@vger.kernel.org,
        linux-integrity@vger.kernel.org, initramfs@vger.kernel.org,
        linux-api@vger.kernel.org, linux-fsdevel@vger.kernel.org,
        linux-kernel@vger.kernel.org, zohar@linux.vnet.ibm.com,
        silviu.vlasceanu@huawei.com, dmitry.kasatkin@huawei.com,
        takondra@cisco.com, kamensky@cisco.com, hpa@zytor.com,
        arnd@arndb.de, james.w.mcmechan@gmail.com
References: <20190509112420.15671-1-roberto.sassu@huawei.com>
 <20190512091748.s6fvy2f5p2a2o6ja@isilmar-4.linta.de>
 <1557665567.10635.222.camel@linux.ibm.com>
From:   Rob Landley <rob@landley.net>
Message-ID: <dca50ee1-62d8-2256-6fdb-9a786e6cea5a@landley.net>
Date:   Sun, 12 May 2019 12:05:48 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <1557665567.10635.222.camel@linux.ibm.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 5/12/19 7:52 AM, Mimi Zohar wrote:
> On Sun, 2019-05-12 at 11:17 +0200, Dominik Brodowski wrote:
>> On Thu, May 09, 2019 at 01:24:17PM +0200, Roberto Sassu wrote:
>>> This proposal consists in marshaling pathnames and xattrs in a file called
>>> .xattr-list. They are unmarshaled by the CPIO parser after all files have
>>> been extracted.
>>
>> Couldn't this parsing of the .xattr-list file and the setting of the xattrs
>> be done equivalently by the initramfs' /init? Why is kernel involvement
>> actually required here?
> 
> It's too late.  The /init itself should be signed and verified.

If the initramfs cpio.gz image was signed and verified by the extractor, how is
the init in it _not_ verified?

Rob