Re: [ANNOUNCE] Release Digsig 1.3.1: kernel module for run-time authentication of binaries

[Serge E. Hallyn]

> >      - support to avoid vulnerability for rewrite of shared
> >      libraries
> 
> Could you elaborate on this one?

When a file is being executed, deny_write_access(file) is called to
prevent writing until execution completes.  Because deny_write_access
is not exported from fs/namei.c, we emulate this behavior for shared
libraries.

> > Future works
> > =============
> > 
> >      - improving the caching and revocation: it is currently tested
> >        and will be sent out soon after stability testing
> 
> Should be helpful enough to cache result until thing's opened for
> writing, or is that what you're doing now?

Exactly.  When the file is opened for writing (which as much as possible
requires the file to not be executed), we uncache the signature
validation.

(The new patch hashes revocations (they were on a linked list), and
steals the seqlock-based structure Rik van Riel had suggested for
the selinux avc cache for use in the signature revocation cache.  There
is no change in functionality, only (hopefully) performance improvements.)

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/