Re: [Linux-ima-user] Initramfs and IMA Appraisal

From: David Lang
Date: Mon Dec 29 2014 - 21:26:25 EST

Next message: Joonsoo Kim: "Re: [PATCH 3/3] cma: add functions to get region pages counters"
Previous message: Ben Hutchings: "Re: [PATCH 3.2 00/27] 3.2.66-rc1 review"
In reply to: Rob Landley: "Re: [Linux-ima-user] Initramfs and IMA Appraisal"
Next in thread: Mimi Zohar: "Re: [Linux-ima-user] Initramfs and IMA Appraisal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 29 Dec 2014, Mimi Zohar wrote:

Thanks Rob for the explanation. The problem is that ramfs does not
support extended attributes, while tmpfs does. The boot loader could
"measure" (trusted boot) the initramfs, but as the initramfs is
generated on the target system, the initramfs is not signed, preventing
it from being appraised (secure Boot). To close the initramfs integrity
appraisal gap requires verifying the individual initramfs file
signatures, which are stored as extended attributes.

what's the point of checking the files on the filesystem against signatures stored on the same filesystem? If someone could alter the file contents they can alter the signatures as well.

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joonsoo Kim: "Re: [PATCH 3/3] cma: add functions to get region pages counters"
Previous message: Ben Hutchings: "Re: [PATCH 3.2 00/27] 3.2.66-rc1 review"
In reply to: Rob Landley: "Re: [Linux-ima-user] Initramfs and IMA Appraisal"
Next in thread: Mimi Zohar: "Re: [Linux-ima-user] Initramfs and IMA Appraisal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]