[PATCH 0/6] Measuring TPM update counter in IMA

Stefan Berger stefanb at linux.ibm.com
Thu Aug 3 15:55:43 PDT 2023



On 8/3/23 18:36, Mimi Zohar wrote:
> On Thu, 2023-08-03 at 18:09 -0400, Stefan Berger wrote:
>>> I can remove the kexec example if it is causing confusion.> Please let me know.
>>
>> I am not convinced we need this series  ... :-( Your kexec series prevents
>> further logging and especially PCR extensions after the frozen measurement log
>> has been created and in ima_add_template_entry(), if we hit an oom condition,
>> then we luckily do not extend the PCR either. If either the log was to have one
>> more entry than number PCR extensions occurred or vice versa, then the remote
>> attestation service will see this mismatch no matter what and all the PCR update
>> counter won't help (and is generally not a good indicator for this purpose imo)
>> for it to recover from this. It's better to declare the system as un-trusted/
>> corrupted in this case then.
> 
> As previously mentioned, there is a patch set that doesn't carry any
> records across kexec, if the the measurement list is too large, and
> another proposal to trim the measurement list.
> 
> In both of these cases including a new IMA mesaurement record, at least
> after the boot_aggregate, would help simplify detecting whether the
> measurement list has been trimmed/truncated.
> 

And if you can detect that I would log an event but not using the PCR update counter.
Unless the state of PCRs is also logged, it's going to be unrecoverable for a log+quote
verifier from there.

    Stefan



More information about the kexec mailing list