On Thu, Oct 19, 2017 at 4:00 AM, Dmitry Kasatkin <dmitry.kasatkin@xxxxxxxxx> wrote: > On Wed, Oct 18, 2017 at 2:12 AM, Matthew Garrett <mjg59@xxxxxxxxxx> wrote: >> I'm interested in extending our use of IMA digital signatures to EVM >> in order to protect security.capability (and, in the near future, >> security.apparmor). However, right now this doesn't seem to quite work >> in terms of allowing updates to a running system. We've discussed the >> EVM siganture format's use of inode numbers and I think I've got that >> sorted (I'll send a patch once I've got a last couple of things >> working). >> >> However, I'm a little confused by how EVM should be working here. Once >> EVM is initialised, all EVM attributes will be protected, making it >> impossible to write new values to any xattrs covered by EVM unless >> IMA_NEW_FILE is set. > > > Sorry, why it is not possible to set xattrs? > system can change xattrs and hmac will be recalculated... Because there's no symmetric key loaded in this case.
