On Tue, Apr 14, 2020 at 4:11 AM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote: > > On Sun, 2020-04-12 at 11:15 +0300, Lev R. Oshvang . wrote: > > On Sat, Apr 11, 2020 at 10:07 PM Stephen Smalley > > It sees to me that LKRG (kernel run time guard) takes the role of > > measuring kernel structures. Perhaps you need to consult with LKRG > > guys. > > There definitely sounds like there is some overlap. LKRG seems to be > measuring kernel structures for enforcing local integrity. In the > context of IMA, measurements are included in the IMA measurement list > and used to extend a TPM PCR so that it can be quoted. > > A generic method for measuring structures and including them in the > IMA measurement list sounds interesting. > > Mimi > I frankly do not understand the threat model. Secure boot or TPM provides trust in encryption/decryption keys dm-crypt/dm-verify use. When dm-verify discovers that the disk image is modified it will just do not allow the system to work ( mount roots, etc). So imagine that adversary took control of TPM and changed the keys dm-verify work with in order to sign malicious content on disk. In this case, remote attestation should alert of compromised TPM, no matter whether dmvery keys or other keys were forged. SELinux is another story and I think a run-time check of SElinux structures fits well into LKRG. IMA only provide guarantees that SELinux (or any other LSM) control files and attributes were intact.