On Thu, 2021-06-03 at 15:17 +0200, Roberto Sassu wrote: > With the recent introduction of the evmsig template field, remote verifiers > can obtain the EVM portable signature instead of the IMA signature, to > verify file metadata. > > After introducing the new fields to include file metadata in the > measurement list, this patch finally defines the evm-sig template, whose > format is: > > d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode > > xattrnames, xattrlengths and xattrvalues are populated only from defined > EVM protected xattrs, i.e. the ones that EVM considers to verify the > portable signature. xattrnames and xattrlengths are populated only if the > xattr is present. > > xattrnames and xattrlengths are not necessary for verifying the EVM > portable signature, but they are included for completeness of information, > if a remote verifier wants to infer more from file metadata. > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> > --- > Documentation/security/IMA-templates.rst | 1 + > security/integrity/ima/ima_template.c | 5 ++++- > 2 files changed, 5 insertions(+), 1 deletion(-) > > diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst > index 6a58760a0a35..5adc22f99496 100644 > --- a/Documentation/security/IMA-templates.rst > +++ b/Documentation/security/IMA-templates.rst > @@ -91,6 +91,7 @@ Below, there is the list of defined template descriptors: > - "ima-sig": its format is ``d-ng|n-ng|sig``; > - "ima-buf": its format is ``d-ng|n-ng|buf``; > - "ima-modsig": its format is ``d-ng|n-ng|sig|d-modsig|modsig``; > + - "evm-sig": its format is ``d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode``; > > > Use > diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c > index 159a31d2fcdf..a85963853a91 100644 > --- a/security/integrity/ima/ima_template.c > +++ b/security/integrity/ima/ima_template.c > @@ -22,6 +22,8 @@ static struct ima_template_desc builtin_templates[] = { > {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"}, > {.name = "ima-buf", .fmt = "d-ng|n-ng|buf"}, > {.name = "ima-modsig", .fmt = "d-ng|n-ng|sig|d-modsig|modsig"}, > + {.name = "evm-sig", > + .fmt = "d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode"}, > {.name = "", .fmt = ""}, /* placeholder for a custom format */ > }; > > @@ -69,7 +71,8 @@ static const struct ima_template_field supported_fields[] = { > * need to be accounted for since they shouldn't be defined in the same template > * description as 'd-ng' and 'n-ng' respectively. > */ > -#define MAX_TEMPLATE_NAME_LEN sizeof("d-ng|n-ng|sig|buf|d-modisg|modsig") > +#define MAX_TEMPLATE_NAME_LEN \ > + sizeof("d-ng|n-ng|evmsig|xattrnames|xattrlengths|xattrvalues|iuid|igid|imode") > > static struct ima_template_desc *ima_template; > static struct ima_template_desc *ima_buf_template; Thanks, Roberto. Updated and merged next-integrity-testing, next-integrity branches. thanks, Mimi