Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp796365pxa; Wed, 5 Aug 2020 13:01:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwfis5uKYzvrduzQGmSILdFFpcqsA2i2Q02ypW0tq+DfJXIBJsBWl/51wvI+xzeniotRRjd X-Received: by 2002:a05:6402:899:: with SMTP id e25mr877006edy.311.1596657667813; Wed, 05 Aug 2020 13:01:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1596657667; cv=none; d=google.com; s=arc-20160816; b=ZiqOCb5VL61hELGc9sBkL4q9K6f3bALLjvvAKQwwzKxeRP5OlapV5zvasKi2eYm4Pw YOVWp93owNYDIrtPIWoOK1W8nknPfr7pTzp8PgjsyoJw9qP55LU6jgwDbwF9dPjJGAIY A21tl2ue0zt7KNINu8JC3tJdPqvSD4Z8EznHNIviWUjOTbYfIj47xb/gEtc73yUt/6tr Bib8cRIk1sYbN07uc6v8p/K6q5ZnaLz7GdavMqq9i0W9iX0dEFtvcFeZL1vxFF02S9bO nwKLterL6EGSI/YWFqIZCLsrYKgNr8QI/oNdPD+bpYujxt4RlgVTbl+DTBF9B1tsQarx /vqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:dkim-filter; bh=4htCjq+HrG+6KX6M1fUa9DbFBYUOf9aj/qs9e1AjTKM=; b=W8dQ6yFxk6wi7X/CKnZ9/PuTlQv8qIwZiitu2UtosYEhGXxL+/ZYHEvP7SekWWBhGK 37h6Zfm5UBPg7rtuWKT2HdK8gWXPlrNpyoxiyu0WqxoHUJAg5S2df3SEdzrYlSrOMy4h Qq6qoyeWDWXGsWZmJLg6uYqZigSirQtE/V0E8+896+aIOmLCqQ92LWBWb3+PWD2llftb gbmUE2/ZMvmL0NC5ju7/oyTuErnoe3jKGrQuCI1bj7QeKMv6wFkb7r+djs3Aa0crYr4g sZRyBXKJoijn0au//STxa8l2rkBljODZsT20MibZUGE/M5vj5Rrm9zp+nPcJwYiKsNiF xVDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=j0Uxi7FL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bs1si2016398edb.418.2020.08.05.13.00.45; Wed, 05 Aug 2020 13:01:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=j0Uxi7FL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728043AbgHEUAK (ORCPT + 99 others); Wed, 5 Aug 2020 16:00:10 -0400 Received: from linux.microsoft.com ([13.77.154.182]:46054 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727900AbgHEQlb (ORCPT ); Wed, 5 Aug 2020 12:41:31 -0400 Received: from sequoia (162-237-133-238.lightspeed.rcsntx.sbcglobal.net [162.237.133.238]) by linux.microsoft.com (Postfix) with ESMTPSA id 075F820B490A; Wed, 5 Aug 2020 08:07:44 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 075F820B490A DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1596640065; bh=4htCjq+HrG+6KX6M1fUa9DbFBYUOf9aj/qs9e1AjTKM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=j0Uxi7FLcZAMLbHkrUUJLqtPs/+J67eH9olMkJ8yRQ+mKoiOQem85K1ROoq0JqfZ+ PbNfl9Y25Kc6toJCSLhPXlRiHyPxYgM7G8aOC0yPMMlY1MtJD3Z8znaXMyBCIlaCC3 rJroDqCLmL9kOfqQIOKBfIBB4/fE45Cfkifgc+C8= Date: Wed, 5 Aug 2020 10:07:32 -0500 From: Tyler Hicks To: Stephen Smalley Cc: Mimi Zohar , Lakshmi Ramasubramanian , Casey Schaufler , sashal@kernel.org, James Morris , linux-integrity@vger.kernel.org, SElinux list , LSM List , linux-kernel , John Johansen Subject: Re: [PATCH v6 1/4] IMA: Add func to measure LSM state and policy Message-ID: <20200805150732.GA4365@sequoia> References: <20200805004331.20652-1-nramas@linux.microsoft.com> <20200805004331.20652-2-nramas@linux.microsoft.com> <4b9d2715d3ef3c8f915ef03867cfb1a39c0abc54.camel@linux.ibm.com> <31d00876438d2652890ab8bf6ba2e80f554ca7a4.camel@linux.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020-08-05 10:27:43, Stephen Smalley wrote: > On Wed, Aug 5, 2020 at 9:20 AM Mimi Zohar wrote: > > > > On Wed, 2020-08-05 at 09:03 -0400, Stephen Smalley wrote: > > > On Wed, Aug 5, 2020 at 8:57 AM Mimi Zohar wrote: > > > > On Wed, 2020-08-05 at 08:46 -0400, Stephen Smalley wrote: > > > > > On 8/4/20 11:25 PM, Mimi Zohar wrote: > > > > > > > > > > > Hi Lakshmi, > > > > > > > > > > > > There's still a number of other patch sets needing to be reviewed > > > > > > before my getting to this one. The comment below is from a high level. > > > > > > > > > > > > On Tue, 2020-08-04 at 17:43 -0700, Lakshmi Ramasubramanian wrote: > > > > > > > Critical data structures of security modules need to be measured to > > > > > > > enable an attestation service to verify if the configuration and > > > > > > > policies for the security modules have been setup correctly and > > > > > > > that they haven't been tampered with at runtime. A new IMA policy is > > > > > > > required for handling this measurement. > > > > > > > > > > > > > > Define two new IMA policy func namely LSM_STATE and LSM_POLICY to > > > > > > > measure the state and the policy provided by the security modules. > > > > > > > Update ima_match_rules() and ima_validate_rule() to check for > > > > > > > the new func and ima_parse_rule() to handle the new func. > > > > > > I can understand wanting to measure the in kernel LSM memory state to > > > > > > make sure it hasn't changed, but policies are stored as files. Buffer > > > > > > measurements should be limited to those things that are not files. > > > > > > > > > > > > Changing how data is passed to the kernel has been happening for a > > > > > > while. For example, instead of passing the kernel module or kernel > > > > > > image in a buffer, the new syscalls - finit_module, kexec_file_load - > > > > > > pass an open file descriptor. Similarly, instead of loading the IMA > > > > > > policy data, a pathname may be provided. > > > > > > > > > > > > Pre and post security hooks already exist for reading files. Instead > > > > > > of adding IMA support for measuring the policy file data, update the > > > > > > mechanism for loading the LSM policy. Then not only will you be able > > > > > > to measure the policy, you'll also be able to require the policy be > > > > > > signed. > > > > > > > > > > To clarify, the policy being measured by this patch series is a > > > > > serialized representation of the in-memory policy data structures being > > > > > enforced by SELinux. Not the file that was loaded. Hence, this > > > > > measurement would detect tampering with the in-memory policy data > > > > > structures after the policy has been loaded. In the case of SELinux, > > > > > one can read this serialized representation via /sys/fs/selinux/policy. > > > > > The result is not byte-for-byte identical to the policy file that was > > > > > loaded but can be semantically compared via sediff and other tools to > > > > > determine whether it is equivalent. > > > > > > > > Thank you for the clarification. Could the policy hash be included > > > > with the other critical data? Does it really need to be measured > > > > independently? > > > > > > They were split into two separate functions because we wanted to be > > > able to support using different templates for them (ima-buf for the > > > state variables so that the measurement includes the original buffer, > > > which is small and relatively fixed-size, and ima-ng for the policy > > > because it is large and we just want to capture the hash for later > > > comparison against known-good). Also, the state variables are > > > available for measurement always from early initialization, whereas > > > the policy is only available for measurement once we have loaded an > > > initial policy. > > > > Ok, measuring the policy separately from other critical data makes > > sense. Instead of measuring the policy, which is large, measure the > > policy hash. > > I think that was the original approach. However, I had concerns with > adding code to SELinux to compute a hash over the policy versus > leaving that to IMA's existing policy and mechanism. If that's > preferred I guess we can do it that way but seems less flexible and > duplicative. In AppArmor, we store the sha1 of the raw policy as the policy is loaded. The hash is exposed to userspace in apparmorfs. See commit 5ac8c355ae00 ("apparmor: allow introspecting the loaded policy pre internal transform"). It has proved useful as a mechanism for debugging as sometimes the on-disk policy doesn't match the loaded policy and this can be a good way to check that while providing support to users. John also mentions checkpoint/restore in the commit message and I could certainly see how the policy hashes would be useful in that scenario. When thinking through how Lakshmi's series could be extended for AppArmor support, I was thinking that the AppArmor policy measurement would be a measurement of these hashes that we already have in place. Perhaps there's some general usefulness in storing/exposing an SELinux policy hash rather than only seeing it as duplicative property required this measurement series? Tyler