[PATCH v2 00/15] ima: digest list feature

Roberto Sassu roberto.sassu at huawei.com
Wed Dec 6 09:13:23 UTC 2017

On 12/5/2017 11:03 PM, Ken Goldman wrote:
> On 11/7/2017 5:36 AM, Roberto Sassu wrote:
>> Digest lists aim at mitigating these issues. A digest list is a list of
>> digests that are taken by IMA as reference measurements and loaded before
>> files are accessed. Then, IMA compares calculated digests of accessed 
>> files
>> with digests from loaded digest lists. If the digest is found, 
>> measurement,
>> appraisal and audit are not performed.
> If you don't do measurements (the extends), then the remote appraiser
> can't determine what's running.  Doesn't that break the whole point of 
> remote attestation?

There are two different approaches:

a) report everything

The local system just measures what is specified in the policy. The
system state is unpredictable, which means that PCRs cannot be used for
anything else than remote attestation.

b) report differences from an expected state

The expected state is defined in advance. This includes which files can
be accessed by the local system (digest lists), but could also include
which files must be accessed, and in which sequence. PCRs can be used
also for sealing policies (data can be unsealed if the system is in the
expected state).

Example of expected state:

1) only files with digest in the loaded digest lists can be accessed
2) the antivirus must be executed
3) sshd must be executed after iptables

The expected state (policy) is measured.

At run-time, the local system verifies the conditions above. If the
system is in the expected state, the measurement list will contain:

digest lists
the event 'antivirus was executed'

If 1 is false, unknown digests are added to the measurement list.
If 2 is false, the event 'antivirus was executed' is not added to the
measurement list.
If 3 is false, the event 'sshd was executed before iptables' is added to
the measurement list.

>> Digest lists address the first issue because the TPM is used only if the
>> digest of a measured file is unknown. On a minimal system, 10 of 1400
>> measurements are unknown because of mutable files (e.g. log files).
>> Digest lists mitigate the second issue because, since digest lists do not
>> change, they don't have to be sent at every remote attestation. Sending
>> unknown measurements and a reference to digest lists would be sufficient.
> Typically, one would not send the entire log at every attestation.  The
> algorithm I use is:

I think this is not suitable for scenarios where unknown Requestors are

(Section 4)

> - if it's the first quote after a reboot, send the entire log, else
> - if PCRs haven't changed, don't send anything, else
> - send a delta since the last attestation.
> Even without this obvious optimization, the transmit time is negligible 
> compared to the quote signature generation time.
Having large measurement lists introduces additional issues:

1) overhead to generate/parse the TCG Integrity Report
2) storage requirement (Verifier)
3) overhead to build the complete Integrity Report from base + delta if
    the verification tool is not stateful (Verifier)


> -- 
> To unsubscribe from this list: send the line "unsubscribe 
> linux-security-module" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Managing Director: Bo PENG, Qiuen PENG, Shengli WANG
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

More information about the Linux-security-module-archive mailing list