On 5/24/2019 5:12 PM, Mimi Zohar wrote:
On Mon, 2019-05-20 at 17:06 -0700, Prakhar Srivastava wrote:
A buffer(cmdline args) measured into ima cannot be appraised
without already being aware of the buffer contents.Since we
don't know what cmdline args will be passed (or need to validate
what was passed) it is not possible to appraise it.
Since hashs are non reversible the raw buffer is needed to
recompute the hash.
To regenrate the hash of the buffer and appraise the same
the contents of the buffer need to be available.
A new template field buf is added to the existing ima template
fields, which can be used to store/read the buffer itself.
Two new fields are added to the ima_event_data to carry the
buf and buf_len whenever necessary.
Updated the process_buffer_measurement call to add the buf
to the ima_event_data.
process_buffer_measurement added in "Add a new ima hook
ima_kexec_cmdline to measure cmdline args"
- Add a new template field 'buf' to be used to store/read
the buffer data.
- Added two new fields to ima_event_data to hold the buf and
buf_len [Suggested by Roberto]
-Updated process_buffer_meaurement to add the buffer to
ima_event_data
This patch description can be written more concisely.
Patch 1/3 in this series introduces measuring the kexec boot command
line. This patch defines a new template field for storing the kexec
boot command line in the measurement list in order for a remote
attestation server to verify.
As mentioned, the first patch description should include a shell
command for verifying the digest in the kexec boot command line
measurement list record against /proc/cmdline. This patch description
should include a shell command showing how to verify the digest based
on the new field. Should the new field in the ascii measurement list
be displayed as a string, not hex?
We should define a new type. If the type is DATA_FMT_STRING, spaces are
replaced with '_'.
Roberto
--
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Jian LI, Yanli SHI