[PATCH v2 0/3] initramfs: add support for xattrs in the initial ram disk
hpa at zytor.com
hpa at zytor.com
Mon May 13 00:21:17 UTC 2019
On May 12, 2019 5:02:30 PM PDT, Mimi Zohar <zohar at linux.ibm.com> wrote:
>On Sun, 2019-05-12 at 17:31 +0200, Dominik Brodowski wrote:
>> On Sun, May 12, 2019 at 08:52:47AM -0400, Mimi Zohar wrote:
>
>
>> > It's too late. The /init itself should be signed and verified.
>>
>> Could you elaborate a bit more about the threat model, and why
>deferring
>> this to the initramfs is too late?
>
>The IMA policy defines a number of different methods of identifying
>which files to measure, appraise, audit.[1] Without xattrs, the
>granularity of the policy rules is severely limited. Without xattrs,
>a filesystem is either in policy, or not.
>
>With an IMA policy rule requiring rootfs (tmpfs) files to be verified,
>then /init needs to be properly labeled, otherwise /init will fail to
>execute.
>
>Mimi
>
>[1] Documentation/ABI/testing/ima_policy
And the question is what is the sense in that, especially if /init is provided as play of the kernel itself.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the Linux-security-module-archive
mailing list