On Wed, Aug 26, 2020 at 10:13:43AM -0700, Chuck Lever wrote: > Hi Eric- > > I'm trying to construct a viable IMA metadata format (ie, what > goes into security.ima) to support Merkle trees. > > Rather than storing an entire Merkle tree per file, Mimi would > like to have a metadata format that can store the root hash of > a Merkle tree. Instead of reading the whole tree, an NFS client > (for example) would generate the parts of the file's fs-verity > Merkle tree on-demand. The tree itself would not be exposed or > transported by the NFS protocol. This won't work because you'd need to reconstruct the whole Merkle tree when reading the first byte from the file. Check the fs-verity FAQ (https://www.kernel.org/doc/html/latest/filesystems/fsverity.html#faq) where I explained this in more detail (fourth question). > Following up with the recent thread on linux-integrity, starting > here: > > https://lore.kernel.org/linux-integrity/1597079586.3966.34.camel@xxxxxxxxxxxxxxxxxxxxx/t/#u > > I think the following will be needed. > > 1. The parameters for (re)constructing the Merkle tree: > - The name of the digest algorithm > - The unit size represented by each leaf in the tree > - The depth of the finished tree > - The size of the file > - Perhaps a salt value > - Perhaps the file's mtime at the time the hash was computed > - The root hash Well, the xattr would need to contain the same information as struct fsverity_enable_arg, the argument to FS_IOC_ENABLE_VERITY. > 2. A fingerprint of the signer: > - The name of the digest algorithm > - The digest of the signer's certificate > > 3. The signature > - The name of the signature algorithm > - The signature, computed over 1. I thought there was a desire to just use the existing "integrity.ima" signature format. > Does this seem right to you? > > There has been some controversy about whether to allow the > metadata to be unsigned. It can't ever be unsigned for NFS files, > but some feel that on a physically secure local-only set up, > signatures could be unnecessary overhead. I'm not convinced, and > believe the metadata should always be signed: that's the only > way to guarantee end-to-end integrity, which includes protection > of the content's provenance, no matter how it is stored. Are you looking for integrity-only protection (protection against accidental modification), or also for authenticity protection (protection against malicicous modifications)? For authenticity, you have to verify the file's hash against something you trust. A signature is the usual way to do that. - Eric
