git.maquefel.me Git - linux.git/commit

author	THOBY Simon <Simon.THOBY@viveris.fr>
	Mon, 16 Aug 2021 08:11:01 +0000 (08:11 +0000)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Mon, 16 Aug 2021 21:35:35 +0000 (17:35 -0400)
commit	4f2946aa0c45c78b4f4ef101bab9694e38c68db0
tree	0dd88bc80160aa79584e4050e0e03b40d2502298	tree \| snapshot
parent	583a80ae86b5ceb68119cfb9a37404cf22f6cc46	commit \| diff

IMA: introduce a new policy option func=SETXATTR_CHECK

While users can restrict the accepted hash algorithms for the
security.ima xattr file signature when appraising said file, users
cannot restrict the algorithms that can be set on that attribute:
any algorithm built in the kernel is accepted on a write.

Define a new value for the ima policy option 'func' that restricts
globally the hash algorithms accepted when writing the security.ima
xattr.

When a policy contains a rule of the form
appraise func=SETXATTR_CHECK appraise_algos=sha256,sha384,sha512
only values corresponding to one of these three digest algorithms
will be accepted for writing the security.ima xattr. Attempting to
write the attribute using another algorithm (or "free-form" data)
will be denied with an audit log message. In the absence of such a
policy rule, the default is still to only accept hash algorithms
built in the kernel (with all the limitations that entails).

Signed-off-by: THOBY Simon <Simon.THOBY@viveris.fr>
Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Documentation/ABI/testing/ima_policy		diff \| blob \| history
security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_appraise.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history
security/integrity/ima/ima_policy.c		diff \| blob \| history