Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp4325180yba; Sun, 12 May 2019 10:07:45 -0700 (PDT) X-Google-Smtp-Source: APXvYqxuRy2kWYWzCTTgGbM2fQPs6HWjVnM1NK977QprgPh4AAehI4D1JeR0Xqa1MHU03uWc8zBE X-Received: by 2002:a63:2a89:: with SMTP id q131mr25847610pgq.359.1557680865735; Sun, 12 May 2019 10:07:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557680865; cv=none; d=google.com; s=arc-20160816; b=Th+dZ2EjZSsOgWYZcx8IlVYhwQ4bsrAQDXJsnOuCXJZNphIAl4GZw8eS6OB7bydNf5 PBi3CtVWu6ws0fBXOgbVW+/ZrXWnp/4/Rmfrw82EvXA/BXZsC52pihBTGzwGbUFTPBB3 W/34TqHwpbibDSDCTPUKfEo3JCsp9rII1hStFzaOnUn42SbKQ/0vU4jzEAsHKlO7DF4G yY2ISk4WIka/jW+rrubKnF/c9UKWtciaGc906hlLvGwZ8y++/Cq0fb5GzR2sci/C578o F66xGsxrKgRMEkZTY7bzk60TvZ9WxaPQ6ImDlZMtxKWUbLrY4JFX7/feJ5jZ9lFxz79a TzuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=; b=vdnGFoqfH9kOs+9Fam6UBqEN5QG7PDUGF53FRNYu6Z7+8y4AbrCXvcTCdGYydppyV+ UZefOxl+LDXEC5UM0spiCoZdWEzwZ5gExJ8DvJNZpS44kHlOZXFw+38IUT7wfOYDFJWd 5AcCFTwU9wyeuK7CnzWMuCmH2Ho4Q+kw1NJzNqyo19GcivR3JEG+kNk6tAXbytsD/TgF leh/vqwVC4JLTOMV0USkdd1IcWT+FZlfsxxz3Juz1ZlwHtneGeLNH0WjXvCwA+MeZW2q eN27BaZ1DjF+SDpC7+2RKW8oYCW237Ei/IYeOylaEY4/7X2aAKj0DaW6m+modyKoP3BL kkog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=M1kb+HIz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d24si14667749pgm.405.2019.05.12.10.07.29; Sun, 12 May 2019 10:07:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=M1kb+HIz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726931AbfELRFT (ORCPT + 99 others); Sun, 12 May 2019 13:05:19 -0400 Received: from mail-oi1-f194.google.com ([209.85.167.194]:38237 "EHLO mail-oi1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726909AbfELRFT (ORCPT ); Sun, 12 May 2019 13:05:19 -0400 Received: by mail-oi1-f194.google.com with SMTP id u199so7719587oie.5 for ; Sun, 12 May 2019 10:05:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=landley-net.20150623.gappssmtp.com; s=20150623; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=; b=M1kb+HIzVOLjPCV4h6Pn4lve+FlnoRhh7JL/WOdRAHWhP7XRiXt2Sb1zCx+P73FWpH KH+vO3XX2/+B76I47eV+x5dE3f6pnMgrTIJE7VNh4ZChznUcTJY9sLB9hecdROdExjmg /JPQRL9+WNauQRy09PAuL4L+fpknOrj50gkModVL0BMNekoH7GBXdRdXfxoaLcWOG03L Y+O3tl58C2QvVdDq9MUnLdKYMn7lI9M9GE8l5NKOH1AX/WldekcH2nLERHsnEiX4sVsK tDUJ/uw9Na9lpPhy3YjlBknNgRsJ/+qzkinLg8HkU903BWLWhwIYA6J1YzU1WDzc0gEI hjfg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=QSdaCWlLqhcDnznsymm2aG1Z95spPWEN1cuWFhXTYhg=; b=WL9HWoF1PBIiEOK7gFwGJhHSf83frxUvlfWg8ju92sfIKTlrDf2HHD03lxBrBNGMHv zEJr4wG4Nr/nfS4BJWFDlK5e9yWn/6JL1qTueMTMthzBzAGvikmO+sUAiJkkZG3K5Ql+ Nyc3nChvu5Ou6edOQgr3Pu0s62EY2TX+l9ppyA9HhkqKuFuab+R77OWvc+D2Za0fkZYN 4yidBrgrjZ7L1vFJMJSmSFPm8VaSIbmX/0rvGfr4nMngG9un/PjKPA5OTLnZMTO3OLbc kRgWy7zcwvUB1V2a5NSbZniH9dLjvie0ijL/Y5TlBt2o2NbQzmBFAB1ATVluRmfWeW8n cyIQ== X-Gm-Message-State: APjAAAWVZ6v9IVDNqYAdBrSPpL7m1qQZnRnb6EByCzJ1z0300YyfTt3C h24j0uad1da0wV6Rdm/xtmiDAQ== X-Received: by 2002:aca:e594:: with SMTP id c142mr3854397oih.155.1557680718422; Sun, 12 May 2019 10:05:18 -0700 (PDT) Received: from [192.168.1.5] (072-182-052-210.res.spectrum.com. [72.182.52.210]) by smtp.googlemail.com with ESMTPSA id w192sm4456571oiw.57.2019.05.12.10.05.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 12 May 2019 10:05:17 -0700 (PDT) Subject: Re: [PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk To: Mimi Zohar , Dominik Brodowski , Roberto Sassu Cc: viro@zeniv.linux.org.uk, linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, initramfs@vger.kernel.org, linux-api@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, zohar@linux.vnet.ibm.com, silviu.vlasceanu@huawei.com, dmitry.kasatkin@huawei.com, takondra@cisco.com, kamensky@cisco.com, hpa@zytor.com, arnd@arndb.de, james.w.mcmechan@gmail.com References: <20190509112420.15671-1-roberto.sassu@huawei.com> <20190512091748.s6fvy2f5p2a2o6ja@isilmar-4.linta.de> <1557665567.10635.222.camel@linux.ibm.com> From: Rob Landley Message-ID: Date: Sun, 12 May 2019 12:05:48 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: <1557665567.10635.222.camel@linux.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 5/12/19 7:52 AM, Mimi Zohar wrote: > On Sun, 2019-05-12 at 11:17 +0200, Dominik Brodowski wrote: >> On Thu, May 09, 2019 at 01:24:17PM +0200, Roberto Sassu wrote: >>> This proposal consists in marshaling pathnames and xattrs in a file called >>> .xattr-list. They are unmarshaled by the CPIO parser after all files have >>> been extracted. >> >> Couldn't this parsing of the .xattr-list file and the setting of the xattrs >> be done equivalently by the initramfs' /init? Why is kernel involvement >> actually required here? > > It's too late. The /init itself should be signed and verified. If the initramfs cpio.gz image was signed and verified by the extractor, how is the init in it _not_ verified? Rob