Re: [RFC] IMA: New IMA measurements for dm-crypt and selinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 2020-04-13 6:11 p.m., Mimi Zohar wrote:
On Sun, 2020-04-12 at 11:15 +0300, Lev R. Oshvang . wrote:
On Sat, Apr 11, 2020 at 10:07 PM Stephen Smalley
It sees to me that  LKRG (kernel run time guard)  takes the role of
measuring kernel structures.  Perhaps you need to consult with LKRG
guys.

There definitely sounds like there is some overlap.  LKRG seems to be
measuring kernel structures for enforcing local integrity.  In the
context of IMA, measurements are included in the IMA measurement list
and used to extend a TPM PCR so that it can be quoted.

A generic method for measuring structures and including them in the
IMA measurement list sounds interesting.
Thanks for the feedback Mimi.
We were also thinking along the same lines of generic method
for measuring structures.
We will take this feedback into account while implementing.

Mimi




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux