Re: [PATCH 3/6] integrity: IMA as an integrity service provider

[Dave Hansen]

On Tue, 2008-12-02 at 16:47 -0500, Mimi Zohar wrote:
> IMA provides hardware (TPM) based measurement and attestation for both
> files and other types of template measurements. As the Trusted Computing
> (TPM) model requires, IMA measures all files before they are accessed
> in any way (on the bprm_check_integrity, path_check_integrity, and
> file_mmap hooks), and commits the measurements to the TPM.  In addition,
> IMA maintains a list of these hash values, which can be used to validate
> the aggregate PCR value.  The TPM can sign these measurements, and thus
> the system can prove to itself and to a third party these measurements
> in a way that cannot be circumvented by malicious or compromised software.

I think this needs a bit of a plain-text explanation, sans acronyms.
Perhaps a real-world example with files like /etc/passwd or /bin/sh
would help me understand it better.	

I'm still trying to wrap my head around the whole "invalidate something
when there are both readers and writers around" situation.  How does
that fit into the description above?  Does that tie into the guarantee
that "IMA measures all files before they are accessed in any way"?

-- Dave

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/