summaryrefslogtreecommitdiffstats
path: root/arch/microblaze
diff options
context:
space:
mode:
authorFan Wu <wufan@linux.microsoft.com>2024-08-03 08:08:30 +0200
committerPaul Moore <paul@paul-moore.com>2024-08-20 20:03:35 +0200
commit31f8c8682f30720be25e9b1021caa43c64e8d9ce (patch)
tree5c210c974594b30fc81a0857beae388e6b9cf6b8 /arch/microblaze
parentfsverity: expose verified fsverity built-in signatures to LSMs (diff)
downloadlinux-31f8c8682f30720be25e9b1021caa43c64e8d9ce.tar.xz
linux-31f8c8682f30720be25e9b1021caa43c64e8d9ce.zip
ipe: enable support for fs-verity as a trust provider
Enable IPE policy authors to indicate trust for a singular fsverity file, identified by the digest information, through "fsverity_digest" and all files using valid fsverity builtin signatures via "fsverity_signature". This enables file-level integrity claims to be expressed in IPE, allowing individual files to be authorized, giving some flexibility for policy authors. Such file-level claims are important to be expressed for enforcing the integrity of packages, as well as address some of the scalability issues in a sole dm-verity based solution (# of loop back devices, etc). This solution cannot be done in userspace as the minimum threat that IPE should mitigate is an attacker downloads malicious payload with all required dependencies. These dependencies can lack the userspace check, bypassing the protection entirely. A similar attack succeeds if the userspace component is replaced with a version that does not perform the check. As a result, this can only be done in the common entry point - the kernel. Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com> Signed-off-by: Fan Wu <wufan@linux.microsoft.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'arch/microblaze')
0 files changed, 0 insertions, 0 deletions