From: jason@perfinion.com (Jason Zaman)
Date: Thu, 8 Dec 2016 21:21:25 +0800
Subject: [refpolicy] SELinux and IMA
In-Reply-To: <67130EC7AFA3FE4E9290B03665B351F407E5CE@SE-EX021.groupinfra.com>
References: <67130EC7AFA3FE4E9290B03665B351F407E5CE@SE-EX021.groupinfra.com>
Message-ID: <20161208132125.GA12019@meriadoc.perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, Dec 06, 2016 at 10:49:33PM +0000, Fakim, Walid via refpolicy wrote:
> Hi Guys,
> 
> Does anyone here have experience of using both SELinux & Integrity Measurement Architecture (IMA) on a target system? From my online reading, they perform different functions and achieve different security goals - how do they perform when used together?
> 
> Would be great to hear anyone's experience, good or bad.

I dont personally have much experience, but here is some info that Sven
has put on the gentoo wiki.

https://wiki.gentoo.org/wiki/Project:Integrity
https://wiki.gentoo.org/wiki/Integrity
https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture
https://wiki.gentoo.org/wiki/Extended_Verification_Module

AIUI, there is more of a link between EVM and SELinux than between IMA
and SELinux so you might want to look at that as well.

I use tboot (Intel TXT) on my laptop so know that part and TPM
interaction but I have not had the time to fully explore IMA and what
happens there.

Is there something specific you are trying to work on? Maybe if you
explained more what you're looking for we could provide more pointers?

-- Jason