Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp2536967ybg; Fri, 5 Jun 2020 16:50:44 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwRIBaoiVQyaHnAFFSWclJXvB2lWYxq3b9HwUdRrCJQDjW3aQUHEd31iVF9/AQpcme+3DFE X-Received: by 2002:a05:6402:144c:: with SMTP id d12mr11899699edx.386.1591401044205; Fri, 05 Jun 2020 16:50:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591401044; cv=none; d=google.com; s=arc-20160816; b=EkCQMv6kc4TjLvA6oWKN+jw+eMDSPK6e9CjWmSWV/QrAzJlH656izdNIHO/LLeucr9 b8+er+nIMvc39frSlHJQZJCh9cPF84IhlLp+x4w3Xu15Rw82cbCom6a/3C/gqA09S0QA KOVcJs84gV3y+E1zMPJGhI7hzfcisaLC7RyBeAoCLZ5yjL8mLE6499sguq19Q7TapdqD 0l6CkOrXfug6KsWDwkWYRGZ0yz06Xwo9joVubRDfaxBbQJ5b9tY0LqIVc2kIHNd7zfIB El3XwWEEilotNDLiBN8cBNNjsI+oBUK4jJsOvayIPvMXmnxP9B0sVTN+ZQoAsAks3qys Pb+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id; bh=s13NpuxJStX333/ASHTudeg1ttBjIBuByNYT6FqxQ4Q=; b=SW0gCQ7Q2VwdsZ64e03kHS14IBko1Y2yTZeEYu9V8LsmIHTcfcx/VlA7itpnWil70e n/JVjXuNyzx6rbtWtw5d+BlWjmfzm8ovHMR5oK/LhTLNARLSiQw8g757zcUcm/vILwHF apODrzpqvSDIsZ65KEizcl3NqTfDREjswqSHmHiTPvzozOUgHRqb9qBDyaGdDUcNFWyk nUz3VYZ+Ikzuo9Ah3JzJXheQZsbNZi8Cgcbh1glmql68aNnYNzJf9HaWuzteARN82N5R aqN19mq1tN/GqV++jHqg76ii1lnChHvTC10U8D+EDE/IB6S0Vy0jfTQnsn1mOCEjHWGc L8KQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y1si4436652ejg.164.2020.06.05.16.50.21; Fri, 05 Jun 2020 16:50:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728509AbgFEXsl (ORCPT + 99 others); Fri, 5 Jun 2020 19:48:41 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:24612 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728353AbgFEXsl (ORCPT ); Fri, 5 Jun 2020 19:48:41 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 055NVs6P100498; Fri, 5 Jun 2020 19:48:23 -0400 Received: from ppma04fra.de.ibm.com (6a.4a.5195.ip4.static.sl-reverse.com [149.81.74.106]) by mx0b-001b2d01.pphosted.com with ESMTP id 31fjk6qc2m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 05 Jun 2020 19:48:22 -0400 Received: from pps.filterd (ppma04fra.de.ibm.com [127.0.0.1]) by ppma04fra.de.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 055Nk7os013978; Fri, 5 Jun 2020 23:48:21 GMT Received: from b06avi18878370.portsmouth.uk.ibm.com (b06avi18878370.portsmouth.uk.ibm.com [9.149.26.194]) by ppma04fra.de.ibm.com with ESMTP id 31f2q415jx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 05 Jun 2020 23:48:21 +0000 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 055NmIYH55378380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 5 Jun 2020 23:48:18 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C2E2111C04C; Fri, 5 Jun 2020 23:48:18 +0000 (GMT) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D582111C04A; Fri, 5 Jun 2020 23:48:15 +0000 (GMT) Received: from localhost.localdomain (unknown [9.80.234.64]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 5 Jun 2020 23:48:15 +0000 (GMT) Message-ID: <1591400895.4615.45.camel@linux.ibm.com> Subject: Re: [PATCH v6 8/8] ima: add FIRMWARE_PARTIAL_READ support From: Mimi Zohar To: Scott Branden , Luis Chamberlain , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann Cc: "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Kees Cook , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Date: Fri, 05 Jun 2020 19:48:15 -0400 In-Reply-To: <824407ae-8ab8-0fe3-bd72-270fce960ac5@broadcom.com> References: <20200605225959.12424-1-scott.branden@broadcom.com> <20200605225959.12424-9-scott.branden@broadcom.com> <1591399166.4615.37.camel@linux.ibm.com> <824407ae-8ab8-0fe3-bd72-270fce960ac5@broadcom.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216,18.0.687 definitions=2020-06-05_07:2020-06-04,2020-06-05 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxscore=0 clxscore=1015 lowpriorityscore=0 suspectscore=0 bulkscore=0 priorityscore=1501 phishscore=0 malwarescore=0 spamscore=0 cotscore=-2147483648 mlxlogscore=999 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006050170 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2020-06-05 at 16:31 -0700, Scott Branden wrote: > Hi Mimi, > > On 2020-06-05 4:19 p.m., Mimi Zohar wrote: > > Hi Scott, > > > > On Fri, 2020-06-05 at 15:59 -0700, Scott Branden wrote: > >> @@ -648,6 +667,9 @@ int ima_post_read_file(struct file *file, void *buf, loff_t size, > >> enum ima_hooks func; > >> u32 secid; > >> > >> + if (!file && read_id == READING_FIRMWARE_PARTIAL_READ) > >> + return 0; > > The file should be measured on the pre security hook, not here on the > > post security hook.  Here, whether "file" is defined or not, is > > irrelevant.  The test should just check "read_id". > OK, will remove the !file from here. thanks! > > > > Have you tested measuring the firmware by booting a system with > > "ima_policy=tcb" specified on the boot command line and compared the > > measurement entry in the IMA measurement list with the file hash (eg. > > sha1sum, sha256sum)? > Yes, I enabled IMA in my kernel and added ima_policy=tsb to the boot > command line, > > Here are the entries from > /sys/kernel/security/ima/ascii_runtime_measurements of the files I am > accessing. > Please let me know if I am doing anything incorrectly. > > 10 4612bce355b2dbc45ecd95e17001636be8832c7f ima-ng > sha1:fddd9a28c2b15acf3b0fc9ec0cf187cb2153d7f2 > /lib/firmware/vk-boot1-bcm958401m2.ecdsa.bin > 10 4c0eb0fc30eb7ac3a30a27f05c1d2a8d28d6a9ec ima-ng > sha1:b16d343dd63352d10309690c71b110762a9444c3 > /lib/firmware/vk-boot2-bcm958401m2_a72.ecdsn > > The sha1 sum matches: > root@genericx86-64:/sys/kernel/security/ima# sha1sum > /lib/firmware/vk-boot1-bcm958401m2.ecdsa.bin > fddd9a28c2b15acf3b0fc9ec0cf187cb2153d7f2 > /lib/firmware/vk-boot1-bcm958401m2.ecdsa.bin > > root@genericx86-64:/sys/kernel/security/ima# sha1sum > /lib/firmware/vk-boot2-bcm958401m2_a72.ecdsa.bin > b16d343dd63352d10309690c71b110762a9444c3 > /lib/firmware/vk-boot2-bcm958401m2_a72.ecdsa.bin Looks good! (FYI, a larger hash algorithm can be specified in the Kconfig or "ima_hash=" on the boot command line.) Mimi