Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp729257pxm;
        Fri, 25 Feb 2022 18:31:40 -0800 (PST)
X-Google-Smtp-Source: ABdhPJyGNdevOUTcghzCzAu9DtDFGnfxPh+951tRdrQcLPIORG40F0fcWU4kHtnZbWp9TSjXevT3
X-Received: by 2002:a17:902:aa8e:b0:14f:fa5e:fe80 with SMTP id d14-20020a170902aa8e00b0014ffa5efe80mr10423201plr.84.1645842700102;
        Fri, 25 Feb 2022 18:31:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1645842700; cv=none;
        d=google.com; s=arc-20160816;
        b=ivDrbUruq6Co/rQK2rIs+xLu9xdQefipEugo0uHyydfN49L/87wnic9dKYeg8mbcJi
         /5Ux9/O8Gbkd0mFmMtk5ex2mK8VYAP79/cpvlVlT6d2nc4XMyYFnhjyPn2MpMBomRLL9
         yh4V40OIyKOzoqw0Iy3/wzPqE9hwqM0rTFulsT0GwtWtEycNAyzOIoofmpWVde/B30QV
         47CKuU5iXAEr23D8/tnOVVa8oHq7G2ESX1xouV69Cat2HO74tLCZSRAHpEvpJz1EFABC
         5Pmivc3NB5yFEuzinivVEZ6JS/rZhTCQNHzxj+oYhyiJ0yzmpNeIE7r1kAziDhBqTHuT
         MWqA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:content-transfer-encoding
         :content-language:accept-language:in-reply-to:references:message-id
         :date:thread-index:thread-topic:subject:cc:to:from;
        bh=GTupXfzzsiijV8Bn/AcOQqCHwiZR3fv3rhfaclDUiIk=;
        b=V1AHaUByi44qiCqCS41mqySzoSmDP9N1zJ2cwG/ZCqKHcgzQdX6ybgb6BD5nWTA67B
         UbVkovA0Tbqn3IqobPQ/V03XRWq14gfTi+TMwTFzN3mYa3D9KILoizB4ajkyMdeMxuJz
         TkZEjKv73gPA/3hEvWopLY5HPSRG5EvXwRl4qdpkLhTKakFmXs2JEo8ilSLrzUIbP6Mn
         s+CDqaW+nT5Dv8297fq1epsmQnXF6IG+n98qqgvR14iWCWCiFsoJ2NUHCf51D+Le0raS
         gGS6R7Ah3B8QXqtub3ysk5llyPgbokzGhxOa7BzohIUOthVwxzyzzhBseJhuOaQp6+yw
         hNBQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id u7-20020a056a00158700b004c3d9ff908fsi3395334pfk.260.2022.02.25.18.31.39
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 25 Feb 2022 18:31:40 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 16C5F2EAC55;
	Fri, 25 Feb 2022 17:58:56 -0800 (PST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S238585AbiBYImE convert rfc822-to-8bit (ORCPT
        <rfc822;andyjasonwalsh@gmail.com> + 99 others);
        Fri, 25 Feb 2022 03:42:04 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55318 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232557AbiBYImC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 25 Feb 2022 03:42:02 -0500
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 47B7E253145;
        Fri, 25 Feb 2022 00:41:27 -0800 (PST)
Received: from fraeml709-chm.china.huawei.com (unknown [172.18.147.206])
        by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4K4jsD5X8Kz67yxx;
        Fri, 25 Feb 2022 16:40:32 +0800 (CST)
Received: from fraeml714-chm.china.huawei.com (10.206.15.33) by
 fraeml709-chm.china.huawei.com (10.206.15.37) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.21; Fri, 25 Feb 2022 09:41:25 +0100
Received: from fraeml714-chm.china.huawei.com ([10.206.15.33]) by
 fraeml714-chm.china.huawei.com ([10.206.15.33]) with mapi id 15.01.2308.021;
 Fri, 25 Feb 2022 09:41:25 +0100
From:   Roberto Sassu <roberto.sassu@huawei.com>
To:     Mimi Zohar <zohar@linux.ibm.com>,
        "shuah@kernel.org" <shuah@kernel.org>,
        "ast@kernel.org" <ast@kernel.org>,
        "daniel@iogearbox.net" <daniel@iogearbox.net>,
        "andrii@kernel.org" <andrii@kernel.org>,
        "kpsingh@kernel.org" <kpsingh@kernel.org>,
        "revest@chromium.org" <revest@chromium.org>
CC:     "linux-integrity@vger.kernel.org" <linux-integrity@vger.kernel.org>,
        "linux-security-module@vger.kernel.org" 
        <linux-security-module@vger.kernel.org>,
        "linux-kselftest@vger.kernel.org" <linux-kselftest@vger.kernel.org>,
        "netdev@vger.kernel.org" <netdev@vger.kernel.org>,
        "bpf@vger.kernel.org" <bpf@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Thread-Topic: [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA
Thread-Index: AQHYImlgJM6Z1962JUm5hvc+dgM0dqyjZeaAgACU/jA=
Date:   Fri, 25 Feb 2022 08:41:25 +0000
Message-ID: <5117c79227ce4b9d97e193fd8fb59ba2@huawei.com>
References: <20220215124042.186506-1-roberto.sassu@huawei.com>
 <408a96085814b2578486b2859e63ff906f5e5876.camel@linux.ibm.com>
In-Reply-To: <408a96085814b2578486b2859e63ff906f5e5876.camel@linux.ibm.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.204.63.33]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 8BIT
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE,
	SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> From: Mimi Zohar [mailto:zohar@linux.ibm.com]
> Sent: Friday, February 25, 2022 1:22 AM
> Hi Roberto,
> 
> On Tue, 2022-02-15 at 13:40 +0100, Roberto Sassu wrote:
> > Extend the interoperability with IMA, to give wider flexibility for the
> > implementation of integrity-focused LSMs based on eBPF.
> 
> I've previously requested adding eBPF module measurements and signature
> verification support in IMA.  There seemed to be some interest, but
> nothing has been posted.

Hi Mimi

for my use case, DIGLIM eBPF, IMA integrity verification is
needed until the binary carrying the eBPF program is executed
as the init process. I've been thinking to use an appended
signature to overcome the limitation of lack of xattrs in the
initial ram disk.

At that point, the LSM is attached and it can enforce an
execution policy, allowing or denying execution and mmap
of files depending on the digest lists (reference values) read
by the user space side.

After the LSM is attached, IMA's job would be just to calculate
the file digests (currently, I'm using an audit policy to ensure
that the digest is available when the eBPF program calls
bpf_ima_inode_hash()).

The main benefit of this patch set is that the audit policy
would not be required and digests are calculated only when
requested by the eBPF program.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua