On 6/22/20 1:27 PM, Bruno Meneguele wrote:
IMA_APPRAISE_BOOTPARAM has been marked as dependent on !IMA_ARCH_POLICY in
compile time, enforcing the appraisal whenever the kernel had the arch
policy option enabled.
However it breaks systems where the option is actually set but the system
wasn't booted in a "secure boot" platform. In this scenario, anytime the
an appraisal policy (i.e. ima_policy=appraisal_tcb) is used it will be
forced, giving no chance to the user set the 'fix' state (ima_appraise=fix)
to actually measure system's files.
This patch remove this compile time dependency and move it to a runtime
decision, based on the arch policy loading failure/success.
Thanks for looking at this.
For arch specific policies, kernel signature verification is enabled
based on the secure boot state of the system. Perhaps, enforce the
appraisal as well based on if secure boot is enabled.
Thanks & Regards,
- Nayna