[RFC,v2,05/13] ima: select CRYPTO_SHA256 from Kconfig

Message ID	20250323140911.226137-6-nstange@suse.de (mailing list archive)
State	New
Headers	show Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A014142E86 for <linux-integrity@vger.kernel.org>; Sun, 23 Mar 2025 14:10:19 +0000 (UTC) From: Nicolai Stange <nstange@suse.de> To: Mimi Zohar <zohar@linux.ibm.com>, Roberto Sassu <roberto.sassu@huawei.com>, Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: Eric Snowberg <eric.snowberg@oracle.com>, Jarkko Sakkinen <jarkko@kernel.org>, James Bottomley <James.Bottomley@HansenPartnership.com>, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Nicolai Stange <nstange@suse.de> Subject: [RFC PATCH v2 05/13] ima: select CRYPTO_SHA256 from Kconfig Date: Sun, 23 Mar 2025 15:09:03 +0100 Message-ID: <20250323140911.226137-6-nstange@suse.de> In-Reply-To: <20250323140911.226137-1-nstange@suse.de> References: <20250323140911.226137-1-nstange@suse.de> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit default: False [-5.30 / 50.00]; REPLY(-4.00)[]; BAYES_HAM(-3.00)[99.99%]; SUSPICIOUS_RECIPS(1.50)[]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_MISSING_CHARSET(0.50)[]; NEURAL_HAM_SHORT(-0.20)[-0.998]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_TRACE(0.00)[0:+]; TAGGED_RCPT(0.00)[]; TO_DN_SOME(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_SEVEN(0.00)[10]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.de:email,suse.de:mid]; RCVD_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[linux.ibm.com,huawei.com,gmail.com]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; R_RATELIMIT(0.00)[to_ip_from(RL6owce66jwsk5yhus1j8gn7jo)]; FUZZY_BLOCKED(0.00)[rspamd.com]; FREEMAIL_ENVRCPT(0.00)[gmail.com]
Series	ima: get rid of hard dependency on SHA-1 \| expand [RFC,v2,00/13] ima: get rid of hard dependency on SHA-1 [RFC,v2,01/13] ima: don't expose runtime_measurements for unsupported hashes [RFC,v2,02/13] ima: always create runtime_measurements sysfs file for ima_hash [RFC,v2,03/13] ima: invalidate unsupported PCR banks [RFC,v2,04/13] ima: make SHA1 non-mandatory [RFC,v2,05/13] ima: select CRYPTO_SHA256 from Kconfig [RFC,v2,06/13] ima: move INVALID_PCR() to ima.h [RFC,v2,07/13] tpm: enable bank selection for PCR extend [RFC,v2,08/13] ima: track the set of PCRs ever extended [RFC,v2,09/13] ima: invalidate unsupported PCR banks only once [RFC,v2,10/13] tpm: authenticate tpm2_pcr_read() [RFC,v2,11/13] ima: introduce ima_pcr_invalidated_banks() helper [RFC,v2,12/13] ima: make ima_free_tfm()'s linkage extern [RFC,v2,13/13] ima: don't re-invalidate unsupported PCR banks after kexec

Message ID

20250323140911.226137-6-nstange@suse.de (mailing list archive)

State

New

Headers

From: Nicolai Stange <nstange@suse.de>
To: Mimi Zohar <zohar@linux.ibm.com>,
	Roberto Sassu <roberto.sassu@huawei.com>,
	Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: Eric Snowberg <eric.snowberg@oracle.com>,
	Jarkko Sakkinen <jarkko@kernel.org>,
	James Bottomley <James.Bottomley@HansenPartnership.com>,
	linux-integrity@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	Nicolai Stange <nstange@suse.de>
Subject: [RFC PATCH v2 05/13] ima: select CRYPTO_SHA256 from Kconfig
Date: Sun, 23 Mar 2025 15:09:03 +0100
Message-ID: <20250323140911.226137-6-nstange@suse.de>
In-Reply-To: <20250323140911.226137-1-nstange@suse.de>
References: <20250323140911.226137-1-nstange@suse.de>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

ima: get rid of hard dependency on SHA-1 | expand

Commit Message

Nicolai Stange March 23, 2025, 2:09 p.m. UTC

Since recently, IMA would not record measurement list entries into PCR
banks for which it doesn't have a corresponding in-kernel hash algorithm
implementation available anymore (for
CONFIG_IMA_COMPAT_FALLBACK_TPM_EXTEND=n).

With TPM 2.0, the only hash algorithms guaranteed to be implemented on a
TPM are SHA-256/384, c.f. "TCG PC Client Platform TPM Profile
Specification for TPM 2.0", sec. 4.6 "PCR Requirements".

In particular, sha1 is not mandatory, and thus, the CRYPTO_SHA1 dependency
of IMA is not sufficient anymore for ensuring that IMA would find at least
one usable PCR bank.

So, in order to make sure that IMA has access to at least one usable bank
on platforms featuring a TPM 2.0 device, make it depend on CRYPTO_SHA256.

Keep the dependency on CRYPTO_SHA1 for the TPM 1 case.

Signed-off-by: Nicolai Stange <nstange@suse.de>
---
 security/integrity/ima/Kconfig | 1 +
 1 file changed, 1 insertion(+)

Comments

Mimi Zohar March 25, 2025, 3:17 p.m. UTC | #1

On Sun, 2025-03-23 at 15:09 +0100, Nicolai Stange wrote:
> Since recently, IMA would not record measurement list entries into PCR
> banks for which it doesn't have a corresponding in-kernel hash algorithm
> implementation available anymore (for
> CONFIG_IMA_COMPAT_FALLBACK_TPM_EXTEND=n).

Not necessary info.

> 
> With TPM 2.0, the only hash algorithms guaranteed to be implemented on a
> TPM are SHA-256/384, c.f. "TCG PC Client Platform TPM Profile
> Specification for TPM 2.0", sec. 4.6 "PCR Requirements".

Ok

> In particular, sha1 is not mandatory, and thus, the CRYPTO_SHA1 dependency
> of IMA is not sufficient anymore for ensuring that IMA would find at least
> one usable PCR bank.

No necessary info.

> 
> So, in order to make sure that IMA has access to at least one usable bank
> on platforms featuring a TPM 2.0 device, make it depend on CRYPTO_SHA256.

-> Make sure that ...

> 
> Keep the dependency on CRYPTO_SHA1 for the TPM 1 case.

Wondering if the "select CRYPTO_SHA1" could be dependent on TPM 1.2 being
configured as builtin.

> 
> Signed-off-by: Nicolai Stange <nstange@suse.de>
> ---
>  security/integrity/ima/Kconfig | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
> index c8f12a4a4edf..8a7e74dc1477 100644
> --- a/security/integrity/ima/Kconfig
> +++ b/security/integrity/ima/Kconfig
> @@ -7,6 +7,7 @@ config IMA
>  	select CRYPTO
>  	select CRYPTO_HMAC
>  	select CRYPTO_SHA1
> +	select CRYPTO_SHA256
>  	select CRYPTO_HASH_INFO
>  	select SECURITY_PATH
>  	select TCG_TPM if HAS_IOMEM

It's not enough to "select CRYPTO_SHA256".  As mentioned on "[RFC PATCH v2
02/13] ima: always create runtime_measurements sysfs file for ima_hash",  don't
assume "ima_hash" will be SHA256.  Include SHA256 as an "extra" hash algorithm,
even if it isn't an enabled TPM bank.

Mimi

diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index c8f12a4a4edf..8a7e74dc1477 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -7,6 +7,7 @@  config IMA
 	select CRYPTO
 	select CRYPTO_HMAC
 	select CRYPTO_SHA1
+	select CRYPTO_SHA256
 	select CRYPTO_HASH_INFO
 	select SECURITY_PATH
 	select TCG_TPM if HAS_IOMEM

[RFC,v2,05/13] ima: select CRYPTO_SHA256 from Kconfig

Commit Message

Comments

Patch