• Matthew Garrett's avatar
    EVM: Add support for portable signature format · 50b97748
    Matthew Garrett authored
    The EVM signature includes the inode number and (optionally) the
    filesystem UUID, making it impractical to ship EVM signatures in
    packages. This patch adds a new portable format intended to allow
    distributions to include EVM signatures. It is identical to the existing
    format but hardcodes the inode and generation numbers to 0 and does not
    include the filesystem UUID even if the kernel is configured to do so.
    
    Removing the inode means that the metadata and signature from one file
    could be copied to another file without invalidating it. This is avoided
    by ensuring that an IMA xattr is present during EVM validation.
    
    Portable signatures are intended to be immutable - ie, they will never
    be transformed into HMACs.
    
    Based on earlier work by Dmitry Kasatkin and Mikhail Kurinnoi.
    Signed-off-by: default avatarMatthew Garrett <mjg59@google.com>
    Cc: Dmitry Kasatkin <dmitry.kasatkin@huawei.com>
    Cc: Mikhail Kurinnoi <viewizard@viewizard.com>
    Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
    50b97748
evm_main.c 15.5 KB