From: jason@perfinion.com (Jason Zaman) Date: Thu, 8 Dec 2016 21:21:25 +0800 Subject: [refpolicy] SELinux and IMA In-Reply-To: <67130EC7AFA3FE4E9290B03665B351F407E5CE@SE-EX021.groupinfra.com> References: <67130EC7AFA3FE4E9290B03665B351F407E5CE@SE-EX021.groupinfra.com> Message-ID: <20161208132125.GA12019@meriadoc.perfinion.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Tue, Dec 06, 2016 at 10:49:33PM +0000, Fakim, Walid via refpolicy wrote: > Hi Guys, > > Does anyone here have experience of using both SELinux & Integrity Measurement Architecture (IMA) on a target system? From my online reading, they perform different functions and achieve different security goals - how do they perform when used together? > > Would be great to hear anyone's experience, good or bad. I dont personally have much experience, but here is some info that Sven has put on the gentoo wiki. https://wiki.gentoo.org/wiki/Project:Integrity https://wiki.gentoo.org/wiki/Integrity https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture https://wiki.gentoo.org/wiki/Extended_Verification_Module AIUI, there is more of a link between EVM and SELinux than between IMA and SELinux so you might want to look at that as well. I use tboot (Intel TXT) on my laptop so know that part and TPM interaction but I have not had the time to fully explore IMA and what happens there. Is there something specific you are trying to work on? Maybe if you explained more what you're looking for we could provide more pointers? -- Jason