On Tue, 2020-08-11 at 10:48 -0400, Chuck Lever wrote: > Mimi's earlier point is that any IMA metadata format that involves > unsigned digests is exposed to an alteration attack at rest or in > transit, thus will not provide a robust end-to-end integrity > guarantee. I don't believe that is Mimi's point, because it's mostly not correct: the xattr mechanism does provide this today. The point is the mechanism we use for storing IMA hashes and signatures today is xattrs because they have robust security properties for local filesystems that the kernel enforces. This use goes beyond IMA, selinux labels for instance use this property as well. What I think you're saying is that NFS can't provide the robust security for xattrs we've been relying on, so you need some other mechanism for storing them. I think Mimi's other point is actually that IMA uses a flat hash which we derive by reading the entire file and then watching for mutations. Since you cannot guarantee we get notice of mutation with NFS, the entire IMA mechanism can't really be applied in its current form and we have to resort to chunk at a time verifications that a Merkel tree would provide. Doesn't this make moot any thinking about standardisation in NFS for the current IMA flat hash mechanism because we simply can't use it ... If I were to construct a prototype I'd have to work out and securely cache the hash of ever chunk when verifying the flat hash so I could recheck on every chunk read. I think that's infeasible for large files. James
