Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp1671645ybt; Mon, 15 Jun 2020 06:36:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxieUR9MS1nZwnBCM1XYH1yu3e7VsyBqQJ6d6hr3NCSxMI7WpLajcOozcyGNWnoH7iiOk8R X-Received: by 2002:a17:906:360b:: with SMTP id q11mr21583892ejb.290.1592228185250; Mon, 15 Jun 2020 06:36:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592228185; cv=none; d=google.com; s=arc-20160816; b=y3L7/6UxpHSrFL/dkiH2/Nn41NS9hj11eN4QutIgwrv9w6IdpPfkEZSO7mtku20M3a ZtyzHKzcUlvma5ju1M2Aripyb4AybhPZ6u/8rm2pFZ9+2ffQuy6Q5alkRAQoW4R6Qeef /13leWb7x0m8lJ4Bl1zULngqa96FzL0Gf6b5KAApbfdqFnMH/VmrRwNY5TTnJztzkotv KKNfzmujmQ/zxD4FpCzhFHsvwsK3AII4J55n5GHhs0zM0drEBEb/7zzEpfzCZLsJX6SH Q6GefBJ3WAXnYw/lTB6r+/ZEYweJ5dp3Kxe0AY0QuGLk7YM/eAvco1g9sAN9+Pf61szI CU7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=jqmttIKDv0CjLA+NO+HgmwFUY3hsIX4ea9REGpMDxTM=; b=DxclcANRYv1sOvIzKWrxG3Dbg7XD8vgWWyunjxeA+kPu3RUyjna1L0gfbk2kHNgoVg YP3R0TRlPS47N8pSt3sECmaO1v9yXj5drImxG2NqIq5Af59h2pFE9t/scaJdF/LoXUZV wTPhVazK523mKvP2lev30vr+jm6k341uKcA+dC+uPME2Glia+C8S8l1alytdnqutqal5 NB5t5K75jPMbFLZSXo+7K9XlS2rML3APjxA/HSrvyZi1Eiwiba3E428s/w2fM7IxC/9x O/9NMxAxqicm/GzDSSaGDaQ7oE6xn4EuIiDx7VmSiifrz0hYFvrsE8s2qsYvjfovsiLD SylA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="sMwR/d96"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id yd28si8284816ejb.580.2020.06.15.06.36.02; Mon, 15 Jun 2020 06:36:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="sMwR/d96"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730620AbgFONdw (ORCPT + 99 others); Mon, 15 Jun 2020 09:33:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57562 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730333AbgFONdu (ORCPT ); Mon, 15 Jun 2020 09:33:50 -0400 Received: from mail-ot1-x344.google.com (mail-ot1-x344.google.com [IPv6:2607:f8b0:4864:20::344]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 31C16C061A0E; Mon, 15 Jun 2020 06:33:50 -0700 (PDT) Received: by mail-ot1-x344.google.com with SMTP id g5so13094323otg.6; Mon, 15 Jun 2020 06:33:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jqmttIKDv0CjLA+NO+HgmwFUY3hsIX4ea9REGpMDxTM=; b=sMwR/d96SkC8pPPjhsxJCmWF490809kPW2Tgd0DAqdk0yhj0iosebr7yKJhVJ4jYo8 Pi7smhYVMepAT6rBbXSY3A3WCmyBcwCZGX6sr3pnP7looBEBq7gI3biTwrbRYLyZzgRn ZPC/UqifZldp29cfHa/I2vlDc/U07ndI37ZMxsT5mCMgYDDUg1FPvlX2Oyi43fnI6eXz dfDA6jzn27vDNnSRXoaBzvA0V4/EVPpipEKB/X3gsE5fnqmtTtAoHd0Lgi/UlG1+Jpak VMpk5YmiHW8PgUI5coQBoAmTkF+5OozDvCYFf60zTnnhZxGuxos8p8+mBNU1lY3AEy7g l99A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jqmttIKDv0CjLA+NO+HgmwFUY3hsIX4ea9REGpMDxTM=; b=N6IAAo2BmTB87Ii6C2IPAXTrdCFGyJhhTHtyV8srkcjxY/XFLfWlb51N69LdBf9mUU Bh/zanogLbYGipljKnd7m1f2nyDM680e7XKS9knrMRMGKeYoEj2t1iYnxu0UpJUHiBaz HxRnvk+frYXxdK9DHNGk9s+6WqauXbNUqeJFGgxCyfHmaGM0Q2076T1z8rUGRW0MWMaf au2hUbs4pvCvrl9+UQrcZBLTF/zVy9AY4g0KxttABX8IfSB00wNAvHxm+dkF7JAi0wDY FmGJ9HpAcyfCYmVYA2C5PDg8MphkDfYS0PIz8lDtqb+FgINYsxJPynryYCLX4ZEM7HVj Fh0A== X-Gm-Message-State: AOAM533v9jR3QsobmuWFkHX7Hp3nVYPI7e85Bf3vWCHWzkwRaqHOx8vb jHsQI9j9qNk5dZxn1Xvx6a2BIDxnlw3sVONyoQI= X-Received: by 2002:a05:6830:2003:: with SMTP id e3mr20375240otp.89.1592228029199; Mon, 15 Jun 2020 06:33:49 -0700 (PDT) MIME-Version: 1.0 References: <20200613024130.3356-1-nramas@linux.microsoft.com> <20200613024130.3356-6-nramas@linux.microsoft.com> In-Reply-To: <20200613024130.3356-6-nramas@linux.microsoft.com> From: Stephen Smalley Date: Mon, 15 Jun 2020 09:33:38 -0400 Message-ID: Subject: Re: [PATCH 5/5] LSM: Define workqueue for measuring security module state To: Lakshmi Ramasubramanian Cc: Mimi Zohar , Stephen Smalley , Casey Schaufler , James Morris , linux-integrity@vger.kernel.org, LSM List , linux-kernel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 12, 2020 at 10:42 PM Lakshmi Ramasubramanian wrote: > > The data maintained by the security modules could be tampered with by > malware. The LSM needs to periodically query the state of > the security modules and measure the data when the state is changed. > > Define a workqueue for handling this periodic query and measurement. Won't this make it difficult/impossible to predict the IMA PCR value? Unless I missed it, you are going to end up measuring every N minutes even if there was no change and therefore constantly be extending the PCR. That will break attestation or sealing against the IMA PCR.