Mimi, On Mon, Jul 08, 2019 at 11:30:50AM -0400, Mimi Zohar wrote: > [Cc'ing Roberto, Petr, Thiago, Prakhar] > Now that we're including ALL the kernel exported hash_info algorithms, > a colleague suggested defining a list of deprecated hash algorithms. > Instead of preventing the usage of these deprecated hash algorithms, > initially I would start out with a warning. It would be helpful to > indicate which standard deprecated the hash algorithm and year. At > some point, we might want to prevent their usage in signing files, but > not verifying file signatures. I think this is not a problem, because user explicitly states which hash algorithm he wants to use. Except for SHA1, which is also silent fallback algorithm. I think this fallback mechanism should be removed. Also, return values of sign_hash/ima_calc_hash/etc are not defined clearly and callers have weird checks such as `if (len <= 1)`. I think this should be conceptually simplified and made them `return -1` on any error. > evmctl "ima_measurement" doesn't support custom template definitions. > Also missing is support for verifying the "ima-buf" kexec command boot > command line and the "ima-modsig" template appended signature. > > David Jacobson started writing a regression framework and posted a v2 > version. I'd really appreciate help with cleaning up that code. Maybe tests should be integrated into ima-evm-utils too. Thanks,
