From patchwork Fri May 20 14:26:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thore Sommer X-Patchwork-Id: 12856866 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CEABAC433EF for ; Fri, 20 May 2022 14:26:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237057AbiETO0U (ORCPT ); Fri, 20 May 2022 10:26:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34820 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237044AbiETO0T (ORCPT ); Fri, 20 May 2022 10:26:19 -0400 Received: from mo4-p00-ob.smtp.rzone.de (mo4-p00-ob.smtp.rzone.de [81.169.146.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C1A4A35244 for ; Fri, 20 May 2022 07:26:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1653056774; s=strato-dkim-0002; d=thson.de; h=Message-Id:Date:Subject:Cc:To:From:Cc:Date:From:Subject:Sender; bh=RfTpcBuRSxrx/rQxCuBgj+dhizmZZfnQk1VUMNUun8w=; b=GFjyCFD7Y25WUrdaeeLYXtt4/z3VeDxpn/4W/AJtwM2ibbhDl5HrsP1wFVPk/kKRE6 DymMoquanWYNmqC2hn7nJN4J/lkfpPkHY7iEDkKMBrdBP8ZgwgNI0SaIRyIggaA2tn6P Fog4wEqDdQbM87DkW1De6/G/MAr2D/kRIWPW0Mv7TB2ZebRLwIGXt8FzzzBflMMzYuy9 F2S0105KDFyPncvhVIq80qr3CUMKWYZ0F/aQy4tQnU9tgIuvHu0SJJ1ElvxlV77Azy1t sZhsyYuEDUwzy2GuZz+Du2bzd+zraleYnTUR/jaMiqtUOO90fScBve1ymqNt/229rqFK BefA== Authentication-Results: strato.com; dkim=none X-RZG-AUTH: ":PHkGeUmrW+uCZmxs998QJRUX30nOwJd7nOD9sw/xoauycprg5uef7cgCEpy7sPc=" X-RZG-CLASS-ID: mo00 Received: from USER-PC.fritz.box by smtp.strato.de (RZmta 47.42.2 DYNA|AUTH) with ESMTPSA id Y03eaey4KEQDQD4 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Fri, 20 May 2022 16:26:13 +0200 (CEST) From: Thore Sommer To: dm-devel@redhat.com, agk@redhat.com, snitzer@redhat.com, nramas@linux.microsoft.com Cc: linux-integrity@vger.kernel.org, Thore Sommer Subject: [PATCH 0/3] dm ima: allow targets to remeasure their state Date: Fri, 20 May 2022 16:26:02 +0200 Message-Id: <20220520142605.270625-1-public@thson.de> X-Mailer: git-send-email 2.36.0 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org The existing device mapper IMA measurements only measure the table content on target creation. This is fine for targets that do not change their table during runtime, but some targets like verity use the table to display state changes. Those changes are not visible through the existing device mapper integration. A new DM event "dm_target_update" is introduced for targets to remeasure their table entry. This event is intended to be used by targets that change their table entries to indicate potential security relevant information. This allows for a more complete Remote Attestation of device mapper targets. One example use case is to verify the with verity protected root filesystem using Remote Attestation via IMA. This was not possible before because the corruption is only detected during runtime and not when the table is loaded. Keylime [1] has experimental support for validating this event, but it has to be enabled manually. Changes since RFC patch set [2]: - Added suggested changes from Lakshmi - rewrote target index calculation and removed unnecessary NULL check - rewrote verity integration to be more readable - Added more detailed description to the single commit messages [1] https://keylime.dev/ [2] https://lore.kernel.org/linux-integrity/20220106203436.281629-1-public@thson.de/T/ Thore Sommer (3): dm ima: allow targets to remeasure their table entry dm verity: add support for IMA target update event dm ima: add documentation target update event .../admin-guide/device-mapper/dm-ima.rst | 33 +++++++++ drivers/md/dm-ima.c | 70 +++++++++++++++++++ drivers/md/dm-ima.h | 2 + drivers/md/dm-verity-target.c | 10 ++- 4 files changed, 113 insertions(+), 2 deletions(-)