[RFC] IMA Log Snapshotting Design Proposal - unseal
Ken Goldman
kgold at linux.ibm.com
Wed Aug 30 19:12:39 UTC 2023
On 8/1/2023 3:12 PM, Sush Shringarputale wrote:
> For remote attestation to work, the service will need to know how to
> validate the snapshot_aggregate entry in the IMA log. It will have
> to read the PCR values present in the template data of
> snapshot_aggregate event in the latest IMA log, and ensure that the
> PCR quotes align with the contents of the past UM_snapshot_file(s).
> This will re-establish the chain of trust needed for the device to
> pass remote attestation. This will also maintain the ability of the
> remote-attestation-service to seal the secrets, if the client-server
> use TPM unseal mechanism to attest the state of the device.
I think that seal/unseal to IMA PCRs is futile. Since boot is
multi-threaded, the IMA PCR is unpredictable even when valid.
More information about the Linux-security-module-archive
mailing list