On Tue, 2018-05-15 at 10:38 -0700, Matthew Garrett wrote: > Sites may wish to provide additional metadata alongside files in order > to make more fine-grained security decisions[1]. The security of this is > enhanced if this metadata is protected, something that EVM makes > possible. However, the kernel cannot know about the set of extended > attributes that local admins may wish to protect, and hardcoding this > policy in the kernel makes it difficult to change over time and less > convenient for distributions to enable. > > This patch adds a new /sys/kernel/security/integrity/evm/evm_xattrs node, > which can be read to obtain the current set of EVM-protected extended > attributes or written to in order to add new entries. Extending this list > will not change the validity of any existing signatures provided that the > file in question does not have any of the additional extended attributes - > missing xattrs are skipped when calculating the EVM hash. > > [1] For instance, a package manager could install information about the > package uploader in an additional extended attribute. Local LSM policy > could then be associated with that extended attribute in order to > restrict the privileges available to packages from less trusted > uploaders. > > Signed-off-by: Matthew Garrett <mjg59@xxxxxxxxxx> > --- > > Calling simple_setattr() directly here - this should be safe, since > there'd only be a different setattr() implementation if we'd passed one > in in the first place. Thanks, no error messages now. Mimi
