On Mon, Apr 15, 2024 at 10:25 AM Roberto Sassu <roberto.sassu@xxxxxxxxxxxxxxx> wrote: > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > Integrity detection and protection has long been a desirable feature, to > reach a large user base and mitigate the risk of flaws in the software > and attacks. > > However, while solutions exist, they struggle to reach the large user > base, due to requiring higher than desired constraints on performance, > flexibility and configurability, that only security conscious people are > willing to accept. > > This is where the new digest_cache LSM comes into play, it offers > additional support for new and existing integrity solutions, to make > them faster and easier to deploy. > > The full documentation with the motivation and the solution details can be > found in patch 14. > > The IMA integration patch set will be introduced separately. Also a PoC > based on the current version of IPE can be provided. I'm not sure we want to implement a cache as a LSM. I'm sure it would work, but historically LSMs have provided some form of access control, measurement, or other traditional security service. A digest cache, while potentially useful for a variety of security related applications, is not a security service by itself, it is simply a file digest storage mechanism. I think it's fine if an individual LSM wants to implement a file digest cache as part of its own functionality, but a generalized file digest cache seems like something that should be part of the general kernel, and not implemented as a LSM. -- paul-moore.com
