Hi Mimi, Vitaly, > Mimi, > On Mon, Jul 08, 2019 at 11:30:50AM -0400, Mimi Zohar wrote: > > [Cc'ing Roberto, Petr, Thiago, Prakhar] > > Now that we're including ALL the kernel exported hash_info algorithms, > > a colleague suggested defining a list of deprecated hash algorithms. > > Instead of preventing the usage of these deprecated hash algorithms, > > initially I would start out with a warning. It would be helpful to > > indicate which standard deprecated the hash algorithm and year. At > > some point, we might want to prevent their usage in signing files, but > > not verifying file signatures. Looks useful to me. > I think this is not a problem, because user explicitly states which hash > algorithm he wants to use. Except for SHA1, which is also silent > fallback algorithm. I think this fallback mechanism should be removed. Agree with removing fallback mechanism. > Also, return values of sign_hash/ima_calc_hash/etc are not defined > clearly and callers have weird checks such as `if (len <= 1)`. I think > this should be conceptually simplified and made them `return -1` on any > error. > > evmctl "ima_measurement" doesn't support custom template definitions. > > Also missing is support for verifying the "ima-buf" kexec command boot > > command line and the "ima-modsig" template appended signature. > > David Jacobson started writing a regression framework and posted a v2 > > version. I'd really appreciate help with cleaning up that code. > Maybe tests should be integrated into ima-evm-utils too. https://patchwork.kernel.org/project/linux-integrity/list/?series=95303 > Thanks, Kind regards, Petr
