Hi Simon,
On Thu, 2021-08-12 at 09:16 -0400, Mimi Zohar wrote:
> On Thu, 2021-08-12 at 08:06 +0000, THOBY Simon wrote:
> > However your comment does applies to the next patch ("IMA: introduce a new policy
> > option func=SETXATTR_CHECK"), and we probably could restrict the algorithms referenced in
> > ima_setxattr_allowed_hash_algorithms to ones the current kernel can use.
> > The easiest way to enforce this would probably be to check that when parsing 'appraise_algos'
> > in ima_parse_appraise_algos(), we only add algorithms that are available, ignoring - or
> > rejecting, according to the outcome of the discussion above - the other algorithms. That way,
> > we do not have to pay the price of allocating a hash object every time validate_hash_algo() is
> > called.
> >
> > Would it be ok if I did that?
>
> Without knowing and understanding all the environments in which IMA is
> enabled (e.g. front end, back end build system), you're correct -
> protecting the user from themselves -might not be the right answer.
>
> What you suggested, above, would be the correct solution. Perhaps post
> that change as a separate patch, on top of this patch set, for
> additional discussion.
Before posting the patch, please fix your user name and email address
in the git configuration. scripts/checkpatch.pl is complaining:
ERROR: Missing Signed-off-by: line by nominal patch author 'THOBY Simon
<Simon.THOBY@xxxxxxxxxx>'
total: 1 errors, 0 warnings, 218 lines checked
thanks,
Mimi
