Received: by 2002:a25:f815:0:0:0:0:0 with SMTP id u21csp144156ybd;
        Fri, 28 Jun 2019 16:27:50 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyzIqV8fWudJhX67cUkrkFrXrCsoxVpOAEqIjQkj4AwI/1JJN3ZiIzUlNmLqnhn/JwgXFpL
X-Received: by 2002:a17:902:2983:: with SMTP id h3mr14662589plb.45.1561764470698;
        Fri, 28 Jun 2019 16:27:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1561764470; cv=none;
        d=google.com; s=arc-20160816;
        b=WgnwV4p46nR/ir6b7cFd+V4Llah/GV6UY//SorhktqZ8ldsEpe7tCoSECVFSQ5SLuB
         Xw7uXu/+FSnFWq+h3/GTNZkdKM7lysL2n9Ht/ZYHXzWVYJav2eymF5EjYwLzn1885pW5
         BEXfCJTXhs5vX7jb7p/9lp8bFdJScCobGCsH3wnzYBUG2VC6r4XCNrzS21+bR1eNZKH0
         0X1V9XILyKn4zNbJFz2zUliS5GxrMl5oLwNG6otPuwDTXJwluA2MjU5jnStkEERhYu+S
         NmOcsEFXO6KLT/b3yDfwb2KQWFbD8CpJ0j3dkfciUFhie8w5p1ER1c92Ile3US1kaoWI
         4fSw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:mime-version:user-agent:references
         :message-id:in-reply-to:subject:cc:to:from:date;
        bh=+mGACyAueJlrcaGfxzX1/AUvEyJPMb/Kqw4+B5eJ9+I=;
        b=R+nm/3xfPJrtv+a3unTcITjnXBrr7awKjT3ZvSatSveUL8aX5FGFOBWkhJr5nX+yrb
         DqdfTNO3uPvENv2RWWBvhvL1ATV4Rfj/6TAxmCeuz3VvnSmX99Y2wKTHwDidsNEL/dcL
         1GzYXSxzhvTveA8LIYcZ+HijGasv2E6FRNNZhN5CwIMKv5rzgN7uFI8CaR2kKYTsKw6p
         2fa9c4R4s011jj+4Ta48ZCesR+pvhr3xC/ETfw8N+/9YKY1B61S0uyaHXYnMsu/jHXME
         6L5oYwuNc6pnPzsZ+jXIojNUD99ruIFOy/t32orWtnTak3AjTsKqsbZmQmJYEI7I1D+q
         MhTA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e90si3342968plb.309.2019.06.28.16.27.34;
        Fri, 28 Jun 2019 16:27:50 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726930AbfF1X1a (ORCPT <rfc822;ayiehere@gmail.com> + 99 others);
        Fri, 28 Jun 2019 19:27:30 -0400
Received: from linux.microsoft.com ([13.77.154.182]:53018 "EHLO
        linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726643AbfF1X13 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 28 Jun 2019 19:27:29 -0400
Received: by linux.microsoft.com (Postfix, from userid 1029)
        id 07D5F2007697; Fri, 28 Jun 2019 16:27:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
        by linux.microsoft.com (Postfix) with ESMTP id DD9873007AB2;
        Fri, 28 Jun 2019 16:27:28 -0700 (PDT)
Date:   Fri, 28 Jun 2019 16:27:28 -0700 (PDT)
From:   Jaskaran Singh Khurana <jaskarankhurana@linux.microsoft.com>
X-X-Sender: jaskarankhurana@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net
To:     Eric Biggers <ebiggers@kernel.org>
cc:     linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, agk@redhat.com, snitzer@redhat.com,
        dm-devel@redhat.com, jmorris@namei.org, scottsh@microsoft.com,
        mpatocka@redhat.com, gmazyland@gmail.com
Subject: Re: [RFC PATCH v5 0/1] Add dm verity root hash pkcs7 sig
 validation.
In-Reply-To: <20190628203450.GD103946@gmail.com>
Message-ID: <alpine.LRH.2.21.1906281552350.26685@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.inter>
References: <20190619191048.20365-1-jaskarankhurana@linux.microsoft.com> <20190628040041.GB673@sol.localdomain> <alpine.LRH.2.21.1906281242110.2789@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.inter> <20190628203450.GD103946@gmail.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


Hello Eric,

On Fri, 28 Jun 2019, Eric Biggers wrote:

>> In a datacenter like environment, this will protect the system from below
>> attacks:
>>
>> 1.Prevents attacker from deploying scripts that run arbitrary executables on the system.
>> 2.Prevents physically present malicious admin to run arbitrary code on the
>>   machine.
>>
>> Regards,
>> Jaskaran
>
> So you are trying to protect against people who already have a root shell?
>
> Can't they just e.g. run /usr/bin/python and type in some Python code?
>
> Or run /usr/bin/curl and upload all your secret data to their server.
>
> - Eric
>

You are correct, it would not be feasible for a general purpose distro, 
but for embedded systems and other cases where there is a more tightly 
locked-down system.

Regards,
Jaskaran.