[v3,8/8] fsverity: update the documentation

Message ID	20220126000658.138345-9-zohar@linux.ibm.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <linux-fscrypt-owner@kernel.org> From: Mimi Zohar <zohar@linux.ibm.com> To: linux-integrity@vger.kernel.org Cc: Mimi Zohar <zohar@linux.ibm.com>, Eric Biggers <ebiggers@kernel.org>, Stefan Berger <stefanb@linux.ibm.com>, linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 8/8] fsverity: update the documentation Date: Tue, 25 Jan 2022 19:06:58 -0500 Message-Id: <20220126000658.138345-9-zohar@linux.ibm.com> In-Reply-To: <20220126000658.138345-1-zohar@linux.ibm.com> References: <20220126000658.138345-1-zohar@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	ima: support fs-verity digests and signatures \| expand [v3,0/8] ima: support fs-verity digests and signatures [v3,1/8] ima: rename IMA_ACTION_FLAGS to IMA_NONACTION_FLAGS [v3,2/8] ima: define ima_max_digest_data struct without a flexible array variable [v3,3/8] fs-verity: define a function to return the integrity protected file digest [v3,4/8] ima: define a new template field 'd-type' and a new template 'ima-ngv2' [v3,5/8] ima: include fsverity's file digests in the IMA measurement list [v3,6/8] ima: define signature version 3 [v3,7/8] ima: support fs-verity file digest based version 3 signatures [v3,8/8] fsverity: update the documentation

Message ID

20220126000658.138345-9-zohar@linux.ibm.com (mailing list archive)

State

Superseded

Headers

From: Mimi Zohar <zohar@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.ibm.com>,
        Eric Biggers <ebiggers@kernel.org>,
        Stefan Berger <stefanb@linux.ibm.com>,
        linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v3 8/8] fsverity: update the documentation
Date: Tue, 25 Jan 2022 19:06:58 -0500
Message-Id: <20220126000658.138345-9-zohar@linux.ibm.com>
In-Reply-To: <20220126000658.138345-1-zohar@linux.ibm.com>
References: <20220126000658.138345-1-zohar@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

ima: support fs-verity digests and signatures | expand

Commit Message

Mimi Zohar Jan. 26, 2022, 12:06 a.m. UTC

Update the fsverity documentation related to IMA signature support.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 Documentation/filesystems/fsverity.rst | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/Documentation/filesystems/fsverity.rst b/Documentation/filesystems/fsverity.rst
index 1d831e3cbcb3..7d8a574a0d3b 100644
--- a/Documentation/filesystems/fsverity.rst
+++ b/Documentation/filesystems/fsverity.rst
@@ -74,8 +74,12 @@  authenticating the files is up to userspace.  However, to meet some
 users' needs, fs-verity optionally supports a simple signature
 verification mechanism where users can configure the kernel to require
 that all fs-verity files be signed by a key loaded into a keyring; see
-`Built-in signature verification`_.  Support for fs-verity file hashes
-in IMA (Integrity Measurement Architecture) policies is also planned.
+`Built-in signature verification`_.
+
+IMA supports including fs-verity file digests and signatures based
+on the fs-verity file digests in the IMA (Integrity Measurement
+Architecture) measurement list and verifying fs-verity based file
+signatures stored as security.ima xattrs, based on policy.
 
 User API
 ========
@@ -653,13 +657,13 @@  weren't already directly answered in other parts of this document.
     hashed and what to do with those hashes, such as log them,
     authenticate them, or add them to a measurement list.
 
-    IMA is planned to support the fs-verity hashing mechanism as an
-    alternative to doing full file hashes, for people who want the
-    performance and security benefits of the Merkle tree based hash.
-    But it doesn't make sense to force all uses of fs-verity to be
-    through IMA.  As a standalone filesystem feature, fs-verity
-    already meets many users' needs, and it's testable like other
-    filesystem features e.g. with xfstests.
+    IMA supports the fs-verity hashing mechanism as an alternative
+    to doing full file hashes, for people who want the performance
+    and security benefits of the Merkle tree based hash.  But it
+    doesn't make sense to force all uses of fs-verity to be through
+    IMA.  As a standalone filesystem feature, fs-verity already meets
+    many users' needs, and it's testable like other filesystem
+    features e.g. with xfstests.
 
 :Q: Isn't fs-verity useless because the attacker can just modify the
     hashes in the Merkle tree, which is stored on-disk?

[v3,8/8] fsverity: update the documentation

Commit Message

Patch