From patchwork Fri Aug 28 20:26:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tushar Sugandhi X-Patchwork-Id: 11745755 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3899313B6 for ; Mon, 31 Aug 2020 07:57:24 +0000 (UTC) Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id E32E92073A for ; Mon, 31 Aug 2020 07:57:23 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E32E92073A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.microsoft.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=dm-devel-bounces@redhat.com Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-498-Won285vOPnmoHpWLE_0z7Q-1; Mon, 31 Aug 2020 03:57:20 -0400 X-MC-Unique: Won285vOPnmoHpWLE_0z7Q-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id BD44C1006701; Mon, 31 Aug 2020 07:57:15 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9F4F31009AD2; Mon, 31 Aug 2020 07:57:15 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7577F181A869; Mon, 31 Aug 2020 07:57:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 07SKRI3F008897 for ; Fri, 28 Aug 2020 16:27:19 -0400 Received: by smtp.corp.redhat.com (Postfix) id DB1FA1140F8; Fri, 28 Aug 2020 20:27:18 +0000 (UTC) Delivered-To: dm-devel@redhat.com Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D5E471140F6 for ; Fri, 28 Aug 2020 20:27:16 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9793D89D492 for ; Fri, 28 Aug 2020 20:27:16 +0000 (UTC) Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by relay.mimecast.com with ESMTP id us-mta-355-i9V7fJMMNb6tk7Z-mk8MLQ-1; Fri, 28 Aug 2020 16:27:13 -0400 X-MC-Unique: i9V7fJMMNb6tk7Z-mk8MLQ-1 Received: from tusharsu-Ubuntu.lan (c-71-197-163-6.hsd1.wa.comcast.net [71.197.163.6]) by linux.microsoft.com (Postfix) with ESMTPSA id 5C72520B7178; Fri, 28 Aug 2020 13:27:11 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 5C72520B7178 From: Tushar Sugandhi To: zohar@linux.ibm.com, agk@redhat.com, snitzer@redhat.com, gmazyland@gmail.com Date: Fri, 28 Aug 2020 13:26:58 -0700 Message-Id: <20200828202700.23086-1-tusharsu@linux.microsoft.com> X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false; X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: dm-devel@redhat.com X-Mailman-Approved-At: Mon, 31 Aug 2020 03:56:57 -0400 Cc: sashal@kernel.org, jmorris@namei.org, linux-kernel@vger.kernel.org, nramas@linux.microsoft.com, dm-devel@redhat.com, tyhicks@linux.microsoft.com, linux-integrity@vger.kernel.org Subject: [dm-devel] [PATCH v3 0/2] dm-devel:dm-crypt: infrastructure for measurement of DM target data using IMA X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=dm-devel-bounces@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com There are several device-mapper targets which contribute to verify the integrity of the mapped devices e.g. dm-integrity, dm-verity, dm-crypt etc. But they do not use the capabilities provided by kernel integrity subsystem (IMA). For instance, the IMA capability that measures several in-memory constructs and files to detect if they have been accidentally or maliciously altered. IMA also has the capability to include these measurements in the IMA measurement list and use them to extend a TPM PCR so that they can be quoted. These TPM PCR extend operations ensure that the tampering with the order of constructs being measured, and tampering with the measured constructs themselves - doesn't go undetected. In general, this capability is used for remote attestation of in-memory constructs and files of interest. As of today,device-mapper targets don't use the benefits of extended TPM PCR quotes and ultimately the benefits of remote attestation. This series bridges this gap, so that all device-mapper targets could take advantage of IMA's measuring and quoting abilities - thus ultimately enabling remote attestation for device-mapper targets. This series is based on the following repo/branch: repo: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git branch: next-integrity commit d012a7190fc1 ("Linux 5.9-rc2") This series also has a dependency on the following patch series and should be applied in the following order: 1. https://patchwork.kernel.org/patch/11709527/ 2. https://patchwork.kernel.org/patch/11742047/ 3. https://patchwork.kernel.org/patch/11743265/ Change Log v3: - add dm-crypt as a supported data source to measure in ima.h. - Taken dependency on the updated base series v3 (2. above) - Taken dependency on the updated early boot measurement series v2 (3. above). Change Log v2: - Removed the references to "local" measurement from the description - as this series only support remote attestation, and not local integrity enforcement. - Taken dependency on the updated base series (2. above), which introduced a boolean parameter measure_buf_hash as per community feedback to support measuring hash of the buffer, instead of the buffer itself. - Taken dependency on the updated early boot measurement series (3. above). Tushar Sugandhi (2): dm-devel: collect target data and submit to IMA to measure dm-crypt: collect data and submit to DM to measure drivers/md/Makefile | 1 + drivers/md/dm-crypt.c | 171 +++++++++++++++++++ drivers/md/dm-ima.c | 298 +++++++++++++++++++++++++++++++++ include/linux/device-mapper.h | 60 +++++++ security/integrity/ima/Kconfig | 3 +- security/integrity/ima/ima.h | 1 + 6 files changed, 532 insertions(+), 2 deletions(-) create mode 100644 drivers/md/dm-ima.c