On Mon, Apr 18, 2022 at 03:43:27PM -0700, Matthias Kaehlcke wrote: > Hi Kees, > > On Mon, Apr 18, 2022 at 03:14:14PM -0700, Kees Cook wrote: > > [oops, resending to actual CC list] > > > > On Mon, Apr 18, 2022 at 02:15:56PM -0700, Matthias Kaehlcke wrote: > > > This series extends LoadPin to allow loading of kernel files > > > from trusted dm-verity devices. It adds the concept of > > > trusted verity devices to LoadPin. Userspace can use the > > > new systl file 'loadpin/trusted_verity_root_digests' to > > > provide LoadPin with a list of root digests from dm-verity > > > devices that LoadPin should consider as trusted. When a > > > kernel file is read LoadPin first checks (as usual) whether > > > the file is located on the pinned root, if so the file can > > > be loaded. Otherwise, if the verity extension is enabled, > > > LoadPin determines whether the file is located on a verity > > > backed device and whether the root digest of that device > > > is in the list of trusted digests. The file can be loaded > > > if the verity device has a trusted root digest. > > > > > > The list of trusted root digests can only be written once > > > (typically at boot time), to limit the possiblity of > > > attackers setting up rogue verity devices and marking them > > > as trusted. > > > > Thanks for working all this out! Where does the list of trusted > > roothashes come from? I assume some chain of trust exists. Is the list > > maybe already stored on the rootfs? > > Yes, at least the content of the list comes from the rootfs. The > userspace part is still TBD (also pending on the evolution of this > patchset), having the list pre-formatted in a single file on the > rootfs should be fine. Ah-ha, that's perfect. > > It'd be nice if there was some way to pass the trust chain to LoadPin > > more directly. > > I imagine you envision LoadPin reading the file itself, instead of > just processing the content. That should be doable. One option would > be to pass the path of the file with the hashes through the sysctl > file and use kernel_read_file_from_path() to read it if the path is > in the pinned root (or maybe even in any trusted file system ;-) It could be a boot param or a Kconfig too. But yeah, having LoadPin able to use itself to validate the file path would be much nicer. -- Kees Cook