On Mon, 2018-03-19 at 15:43 +1100, James Morris wrote: > On Sat, 17 Mar 2018, Mimi Zohar wrote: > > > On Sat, 2018-03-17 at 00:28 +0100, Petr Vorel wrote: > > > IMA requires have it's hash algorithm to be compiled-in due it's early > > > use. Default IMA algorithm is protected by Kconfig to be compiled-in. > > > > > > ima_hash kernel parameter allows to choose hash algorithm. When > > > specified algorithm not available or available as module, IMA > > > initialization fails, but mknodat syscall expect it and calls > > > ima_post_path_mknod(). This leads to to kernel oops: > > > > > > $ grep CONFIG_CRYPTO_MD4 .config > > > CONFIG_CRYPTO_MD4=m > > > > > > [ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.12.14-2.3-default root=UUID=74ae8202-9ca7-4e39-813b-22287ec52f7a video=1024x768-16 plymouth.ignore-serial-consoles console=ttyS0 console=tty resume=/dev/disk/by-path/pci-0000:00:07.0-part3 splash=silent showopts ima_hash=md4 > > > ... > > > [ 1.545190] ima: Can not allocate md4 (reason: -2) > > > > The hash algorithm specified on the boot command line needs to be > > builtin. For whatever reason it isn't builtin, rather than skipping > > measurements, a better solution I think would be to fallback to the > > builtin hash algorithm. > > What if this falls back to a hash which is not secure enough? It should fallback to the Kconfig selected hash algorithm as defined in CONFIG_IMA_DEFAULT_HASH. Mimi
