Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp216894ybm; Mon, 20 May 2019 14:56:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqw+p+RmMJPlqtG+iA8v5In3vE6y+PNCYcBqqGoz4PKC3I/asz9EAfZ7Pv+M55zGu0oEzeJo X-Received: by 2002:aa7:8a53:: with SMTP id n19mr82397585pfa.11.1558389361546; Mon, 20 May 2019 14:56:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558389361; cv=none; d=google.com; s=arc-20160816; b=rNC0//IYB8gT+zviVhoni40pAiIwy3/4uk4cYM+bK/lD0Pu3zooNZUvfByXNr9MbYE RvM+ydB0qCoe9MCjEqvWXcG5JxWMDU17sYot/cOdHUJSphag6UnP1dEdC/XlOGG4HKHD IJ09MwWUiurxfPbgh0qeOENHgzIn3AUR2wiwBzoilYgLYabLCqeZyC/x4MGYLc7z9tte wL1qvIO7AxWvH2x+8hCJd2Wg+tLYzB/Ln+Zaeg1TtoGdPD7eLbeitbUaoUF2j0mjb31i a/a4jOE0SwRpu9x1nS+Lx0czb5LGGH5VlEFKW0I3ygttAGBx2VvoViH0382Env0hF1a/ b4lA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=qwCzHVuamEgKLPYX07U4ZuZriJJy6/1djjvy+zCZmyU=; b=w6zZNqEe045qPoXXR5IMtqr4UnqgVnZ68aWr3BwaeYc4zYaPBtu23Mvp5c7m/yto4a W95wUYfcad2j+QUpF/DaBKFyjR9rO0xyjq9NV1SANvIZMpL2ipDTvecKDDF8kDE9N86l LQU3W8dz4/KOgWUq9y4CNkTMI0Y/vXSL/6ueRgG6mh+3dCHpuMVC212E72Em4s/1PxWk BL6VxEOB7+sTZXjDx26ARTlzXpioV75wvq13Xou5cdVZYoZ4n46LtdTe/e/ovLexQhlA LaopW1WfxC0yHrq3KaktwUbDOz5H9L4AbkwiSJGrJRKGSbbK1YnXed/+lPlzw+4+uTeD gBMg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h25si20042356pfn.209.2019.05.20.14.55.46; Mon, 20 May 2019 14:56:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727074AbfETVya (ORCPT + 99 others); Mon, 20 May 2019 17:54:30 -0400 Received: from linux.microsoft.com ([13.77.154.182]:35994 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725810AbfETVy3 (ORCPT ); Mon, 20 May 2019 17:54:29 -0400 Received: from jaskaran-Intel-Server-Board-S1200V3RPS-UEFI-Development-Kit.corp.microsoft.com (unknown [131.107.160.238]) by linux.microsoft.com (Postfix) with ESMTPSA id 69C3C20B7192; Mon, 20 May 2019 14:54:28 -0700 (PDT) From: Jaskaran Khurana To: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Cc: agk@redhat.com, snitzer@redhat.com, dm-devel@redhat.com, jmorris@namei.org Subject: [RFC 0/1] Add dm verity root hash pkcs7 sig validation. Date: Mon, 20 May 2019 14:54:21 -0700 Message-Id: <20190520215422.23939-1-jaskarankhurana@linux.microsoft.com> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch set adds in-kernel pkcs7 signature checking for the roothash of the dm-verity hash tree. The verification is to support cases where the roothash is not secured by Trusted Boot, UEFI Secureboot or similar technologies. One of the use cases for this is for dm-verity volumes mounted after boot, the root hash provided during the creation of the dm-verity volume has to be secure and thus in-kernel validation implemented here will be used before we trust the root hash and allow the block device to be created. Why we are doing validation in the Kernel? The reason is to still be secure in cases where the attacker is able to compromise the user mode application in which case the user mode validation could not have been trusted. The root hash signature validation in the kernel along with existing dm-verity implementation gives a higher level of confidence in the executable code or the protected data. Before allowing the creation of the device mapper block device the kernel code will check that the detached pkcs7 signature passed to it validates the roothash and the signature is trusted by builtin keys set at kernel creation. The kernel should be secured using Verified boot, UEFI Secure Boot or similar technologies so we can trust it. What about attacker mounting non dm-verity volumes to run executable code? This verification can be used to have a security architecture where a LSM can enforce this verification for all the volumes and by doing this it can ensure that all executable code runs from signed and trusted dm-verity volumes. Further patches will be posted that build on this and enforce this verification based on policy for all the volumes on the system. How are these changes tested? veritysetup part of cryptsetup library was modified to take a optional root-hash-sig parameter. Commandline used to test the changes: veritysetup open --root-hash-sig= The changes for veritysetup are in a topic branch for now at: https://github.com/jaskarankhurana/veritysetup/tree/veritysetup_add_sig Jaskaran Khurana (1): Add dm verity root hash pkcs7 sig validation. drivers/md/Kconfig | 23 ++++++ drivers/md/Makefile | 2 +- drivers/md/dm-verity-target.c | 44 ++++++++-- drivers/md/dm-verity-verify-sig.c | 129 ++++++++++++++++++++++++++++++ drivers/md/dm-verity-verify-sig.h | 32 ++++++++ 5 files changed, 222 insertions(+), 8 deletions(-) create mode 100644 drivers/md/dm-verity-verify-sig.c create mode 100644 drivers/md/dm-verity-verify-sig.h -- 2.17.1