Re: [Linux-ima-user] Initramfs and IMA Appraisal
From: David Lang
Date: Mon Dec 29 2014 - 21:26:25 EST
On Mon, 29 Dec 2014, Mimi Zohar wrote:
Thanks Rob for the explanation. The problem is that ramfs does not
support extended attributes, while tmpfs does. The boot loader could
"measure" (trusted boot) the initramfs, but as the initramfs is
generated on the target system, the initramfs is not signed, preventing
it from being appraised (secure Boot). To close the initramfs integrity
appraisal gap requires verifying the individual initramfs file
signatures, which are stored as extended attributes.
what's the point of checking the files on the filesystem against signatures
stored on the same filesystem? If someone could alter the file contents they can
alter the signatures as well.
David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/