New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open...
Transcript of New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open...
![Page 1: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/1.jpg)
INTEL CONFIDENTIAL
1 © 2014 SAMSUNG Electronics Co.Samsung Open Source Group
Extending secure boot to user space with Linux Integrity Subsystem
Dmitry KasatkinIntegrity subsystem developer/co-maintainer
Samsung Open Source GroupSamsung Research UK, Finland branch
LinuxCon Europe 2014Düsseldorf, Germany, October 13 – 15, 2014
![Page 2: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/2.jpg)
LinuxCon Europe 20142Samsung Open Source Group
Agenda
● What is the integrity protection?
● Boot integrity protection
● OS integrity protection with Linux Integrity Subsystem
● Summary
● Q&A
![Page 3: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/3.jpg)
LinuxCon Europe 20143Samsung Open Source Group
What is the integrity protection?
● Runtime system integrity is protected by Access Control (AC) mechanisms, such as Discretionary AC and Mandatory ACs.
● Relies on trustworthiness of the access control/security related attributes, such as file uid, gid, permissions, security labels or account information in /etc/passwd, etc...
● Integrity protection ensures that offline and partially online modification of the data will not remain undetected and access to such data will be forbidden or logged
![Page 4: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/4.jpg)
Samsung Open Source Group
Boot integrity protection
![Page 5: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/5.jpg)
LinuxCon Europe 20145Samsung Open Source Group
UEFI x86 boot process
UEFIBoot ROM
Linux Kernel
TPMPCRs
AttestationClient Attestation
Server
nonce
quote
UEFIboot loader
/init
MeasuredBoot
Secure Boot Trusted Boot (Optional)
![Page 6: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/6.jpg)
LinuxCon Europe 20146Samsung Open Source Group
UEFI x86 boot process
● Trusted Boot (TCG, Pre-UEFI)● TPM based measurements● Does not prevent booting if measurement is wrong
● UEFI Secure Boot – PreOS boot ● Root of trust in the firmware (UEFI)● Prevents modified firmware and boot loader from running● Boot loader verifies Linux kernel
● OS Trusted/Secure Boot?● Linux kernel verifies kernel modules● What about user space??
![Page 7: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/7.jpg)
LinuxCon Europe 20147Samsung Open Source Group
Embedded System Boot – not-connected
Secure ROMRoot of trust
Linux Kernel
boot loader(u-boot)
/init
Secure Boot
![Page 8: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/8.jpg)
LinuxCon Europe 20148Samsung Open Source Group
Embedded System Boot – for connected
Secure ROMRoot of trust
Linux Kernel
TEE basedMobile TPM
PCRs
AttestationClient Attestation
Server
nonce
quote
boot loader(u-boot)
/init
MeasuredBoot
Secure Boot Trusted Boot
![Page 9: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/9.jpg)
LinuxCon Europe 20149Samsung Open Source Group
Secure/Trusted u-boot (~2013.07)
● Secure boot extensions since 2013.07● Create FIT kernel image (Flattened uImage Tree)
● mkimage -f kernel.its kernel.itb● Create signed FIT kernel image
● mkimage -f kernel.its -k /path/to/keys -K u-boot.dtb kernel.itb● Resign
● mkimage -F -k /path/to/keys -K u-boot.dtb kernel.itb● TPM support
● TPM library● Drivers for common TPMs
![Page 10: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/10.jpg)
LinuxCon Europe 201410Samsung Open Source Group
Signature in FIT
{description = "Simple kernel / FDT configuration";images {
kernel@1 {data = /incbin/("../vmlinuz-3.13.0");kernel-version = <1>;signature@1 {
algo = "sha1,rsa2048";key-name-hint = "dev";
};};fdt@1 {
description = "snow";data = /incbin/("exynos5250-snow.dtb");type = "flat_dt";arch = "arm";
};};
};
![Page 11: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/11.jpg)
Samsung Open Source Group
OS integrity protection withLinux Integrity Subsystem
![Page 12: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/12.jpg)
LinuxCon Europe 201412Samsung Open Source Group
Linux Integrity Subsystem
● Allows to extend Trusted and Secure Boot to the user space● Linux Integrity Subsystem is the Policy Based VFS level integrity
protection● Located under <linux>/security/integrity● Provides several integrity functions such as
● Collect, store, attest, apprise, protect, audit● Consists of following components:
● IMA – Integrity Measurement Architecture module– IMA-measurement– IMA-appraisal– Directory integrity verification extension
● EVM – Extended Verification Module● Digital signature verification support
![Page 13: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/13.jpg)
LinuxCon Europe 201413Samsung Open Source Group
IMA/EVM hooks
● IMA hooks● int ima_bprm_check();● int ima_file_check();● int ima_file_free();● int ima_file_mmap();● int ima_module_check();
● EVM hooks● int evm_inode_setattr();● void evm_inode_post_setattr();● int evm_inode_setxattr();● void evm_inode_post_setxattr();● int evm_inode_removexattr();● void evm_inode_post_removexattr();
![Page 14: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/14.jpg)
LinuxCon Europe 201414Samsung Open Source Group
IMA-measurement
● Since 2.6.30 (CONFIG_IMA)● Can be used to remotely attest system's runtime integrity● Collect: measure a file's content before it is accessed using cryptographic
hash● Store: add the measurement to the runtime measurement list, and if
TPM is present, extend the IMA PCR-10● Incorrect value may “lock” TPM secrets such as keys
● Attest: if TPM is present, sign IMA PCR value to allow remote validation of the measurement list
● Requires attestation server (challenger) to maintain hash database● Also calculates and stores boot aggregate value over the TPM PCRs 0 - 7
![Page 15: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/15.jpg)
LinuxCon Europe 201415Samsung Open Source Group
IMA measurement list – original format
● /sys/kernel/security/integrity/ima/ascii_runtime_measurements● Format: PCR template-hash template filedata-hash pathname● Original SHA1-only format:
10 992676726c30b83e352f7bdb75e1c4dc9bab2067 ima 1f50f71b43752cd541a851a585cba3580902e7a9 /sbin/init
![Page 16: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/16.jpg)
LinuxCon Europe 201416Samsung Open Source Group
IMA measurement list – new format
● PCR template-hash template algo:filedata-hash pathname file-signature● Larger hash algo:
10 992676726c30b83e352f7bdb75e1c4dc9bab2067 ima-ng sha256:c023470c0fc8aa1dbb95504d5af5d46cad94e8bf5eea8e0ab0eeff7a7fe1697a /sbin/init
● Signatures:10 992676726c30b83e352f7bdb75e1c4dc9bab2067 ima-sig 1f50f71b43752cd541a851a585cba3580902e7a9 /sbin/init 030202db1ff72a008016c593387220a2adda990969d87a56a8a24eece51e3689fd229c4c56e7fddd4eb99f360c2ee3ff0f6344de24ecd3263f4c7a74ac6498403d7ce9e9865e4d2f32522de79e96d0cb265d5b2ab8fe54953ce53d5e59a51460f67d18e2cbacb4765ea97f2d9cdd2065816d50fb74e631efd4c2e07c72c01fd9b0f9e3efc6d91a789d
![Page 17: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/17.jpg)
LinuxCon Europe 201417Samsung Open Source Group
EVM – extended verification module
● Since 3.2 (CONFIG_EVM)● Protect: protects integrity of file (extended) attributes against offline
modification● attributes: ino, uid, gid, mode● extended attributes: security.{ima,SMACK64,selinux}
● Measures integrity using (keyed) cryptographic hash (hash/HMAC)● Performs local integrity validation and enforcement against a “good”
reference HMAC value● 'security.evm' extended attribute● May contain HMAC or signature
![Page 18: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/18.jpg)
LinuxCon Europe 201418Samsung Open Source Group
IMA-appraisal
● Since 3.7 (CONFIG_IMA_APPRAISE)● Appraise: enforce local integrity validation of a file measurement against a
“good” reference value● 'security.ima' extended attribute may hold hash or signature● signature is never replaced with hash – file is immutable● Protected by EVM
● In other words, allows to protect file data from offline modification● IMA signatures may be used
● To protect immutable files from runtime modification● To perform remote attestation without maintaining hash-database
![Page 19: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/19.jpg)
LinuxCon Europe 201419Samsung Open Source Group
Digital signature extension
● Since 3.3 (CONFIG_INTEGRITY_SIGNATURE)● Protects file attributes using digital signatures
● security.evm may hold signature instead of hmac● signature is replaced with hmac on successful verification
● EVM signatures may be used● When there is no possibility to use device-specific HMAC key during
flashing/copying– No special flashing/update mode (fastboot on Android)
● When raw FS image needs to be created for use on multiple devices– HMAC key is device-specific and cannot be used during image
creation
![Page 20: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/20.jpg)
LinuxCon Europe 201420Samsung Open Source Group
IMA policy
# see <linux>/Documentation/ABI/testing/ima_policy
# SYSFS_MAGIC
dont_measure fsmagic=0x62656572
dont_appraise fsmagic=0x62656572
# DEBUGFS_MAGIC
dont_measure fsmagic=0x64626720
dont_appraise fsmagic=0x64626720
…...
measure func=BPRM_CHECK
measure func=FILE_MMAP mask=MAY_EXEC
measure func=FILE_CHECK mask=MAY_READ uid=0
appraise obj_user=sig_t func=FILE_CHECK appraise_type=imasig
appraise fowner=1001 appraise_type=imasig
appraise fowner=0
![Page 21: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/21.jpg)
LinuxCon Europe 201421Samsung Open Source Group
What's new
● Trusted integrity IMA keyring '.ima' (3.17)● Only signed keys can be loaded
● Asynchronous hash API support (3.17)● HW acceleration● Tune ahash parameters to particular hw
● Firmware integrity verification● ima_fw_from_file() hook
● Signed user space initialization● In-kernel IMA X509 loading● Force embedded IMA policy to require IMA signatures● Should be 3.19
● Also lots of fixes and code cleanups
![Page 22: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/22.jpg)
LinuxCon Europe 201422Samsung Open Source Group
What more is needed?
● EVM protects integrity of inode metadata● IMA protects integrity of the content of regular files● Inode itself does not have a name associated with it
● Same inode can be hard linked from different directories● EVM cannot include path data
● Name is associated with inode via directory entry – not protected● Offline, files can be deleted, renamed or moved from one directory to
another one● Symlinks, device nodes are not protected also● Directory content integrity verification is needed to prevent that
![Page 23: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/23.jpg)
LinuxCon Europe 201423Samsung Open Source Group
Directory & special files integrity protection
● Available out of tree since 2012● CONFIG_IMA_DIRECTORIES● New hooks for directory/special files integrity verification in fs/namei.c
● ima_dir_check(), ima_dir_update(), ima_link_check()● Directory measurement is a hash over directory content
● List of (inode number, file name) tuples● Symlink measurement
● Hash of the target path● Device node measurement
● Hash over MAJOR:MINOR● Hash is also stored in 'security.ima'● No EVM changes are required for this
![Page 24: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/24.jpg)
LinuxCon Europe 201424Samsung Open Source Group
What's coming (1)
● Kernel signed policy loading interface● IMA policy, LSM policy, etc..
● In-kernel EVM initialization● EVM X509 loading● EVM encrypted key loading
● New IMA locking (without heavy use of i_mutex)● O_DIRECT support● Possibly sparse file handling
● Dynamic measurement format● ima-fmt:d|n|status● addition of appraisal status into measurement list
● Directory & special files integrity verification
![Page 25: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/25.jpg)
LinuxCon Europe 201425Samsung Open Source Group
What's coming (2)
● Path support for the policy● Protect filesystem subtree● appraise path=/bin/passwd appraise_type=imasig
● Kernel API to retrieve appraisal status● If binary was digitally signed
● Extended attribute support to initramfs● Simple kernel cpio parser with xattr support
![Page 26: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/26.jpg)
LinuxCon Europe 201426Samsung Open Source Group
Kernel key retention service
● IMA/EVM uses key retention service to retrieve symmetric and asymmetric keys
● EVM uses encrypted keys that might be encrypted with user-supplied master key or TPM-based trusted key
● Digital signature verification support uses asymmetric keys from independent keyrings: _ima, _evm, _module
● Each keyring can be “locked” from further key importing
![Page 27: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/27.jpg)
LinuxCon Europe 201427Samsung Open Source Group
ima-evm-utils (evmctl)
● Use of digital signatures requires user-space tools● ima-evm-utils (evmctl)
● Sign file metadata and content– evmctl sign –imahash foo– evmctl sign –imasig foo
● Sign content only– evmctl ima_sign foo
● Verify (for testing purpose)● Import public keys into the kernel keyring
– evmctl import /path/to/key● Additional labeling commands
– ima_hash, ima_fix● Supports password protected private keys● Supports recursive signing with '-r' option
![Page 28: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/28.jpg)
Samsung Open Source Group
Examples
![Page 29: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/29.jpg)
LinuxCon Europe 201429Samsung Open Source Group
Example: initramfs script
SECFS=/sys/kernel/security
grep -q $SECFS /proc/mounts || mount -n -t securityfs securityfs $SECFS
ima_id="`awk '/\.ima/ { printf "%d", "0x"$1; }' /proc/keys`"
evmctl import /etc/keys/x509_ima.der $ima_id # import IMA X509 certificate
keyctl setperm $ima_id 0x0b0b0000 # lock keyring
evm_id=`keyctl newring _evm @u` # create EVM keyring
evmctl import /etc/keys/x509_evm.der $evm_id # import EVM X509 certificate
keyctl setperm $evm_id 0x0b0b0000 # lock keyring
cat /etc/keys/kmk | keyctl padd user kmk @u # import master key
keyctl add encrypted evm-key "load `cat /etc/keys/evm-key`" @u # import EVM HMAC key
cat /etc/ima_policy >/sys/kernel/security/ima/policy # load IMA policy
echo "1" > /sys/kernel/security/evm # enable EVM
![Page 30: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/30.jpg)
LinuxCon Europe 201430Samsung Open Source Group
Example: labeling with signatures
Label one file:
$ echo Hello >foo
$ evmctl sign --imahash foo
$ getfattr -e hex -m security -d foo
security.evm=0x030155475e4e0000bc16a96303fd3e7901040060bab44648764dca46ad7.......bafb
security.ima=0x011d229271928d3f9e2bb0375bd6ce5db6c6d348d9
$ evmctl ima_sign bar
$ getfattr -e hex -m security -d bar
security.evm=0x024c75dc0ae5993f2ddbd32979c06055c0045d229f
security.ima=0x03020204eb351b0080732ba3d0901d2fd817ec9b57821a610b472b5c0071......8722
Label entire file system with EVM signature:
$ evmctl -r sign --imahash /
Sign initial rootstrap for using “signed userspace”
$ evmctl -r ima_sign /init
Booting with signed userspace can done by passing kernel parameter: 'init=/init/signed-init'
![Page 31: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/31.jpg)
LinuxCon Europe 201431Samsung Open Source Group
Summary
● Integrity protection can be implemented in most systems● Main requirement is HW root of trust: Secure ROM● X86 UEFI supports secure boot● ARM UEFI/U-boot provides support for secure/trusted boot
● Linux Integrity Subsystem helps to protect OS integrity● DAC and MAC assumes trustworthiness of file ownership, attributes and
labels● EVM protects file attributes● IMA protects file content● IMA policy tells what and how to protect● Integrity measurements can be appraised locally or remotely● Digital signatures make system core immutable
![Page 32: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/32.jpg)
LinuxCon Europe 201432Samsung Open Source Group
Links
● Linux IMA project page: http://sourceforge.net/projects/linux-ima
● Integrity tree: http://git.kernel.org/?p=linux/kernel/git/zohar/linux-integrity.git● My tree: http://git.kernel.org/?p=linux/kernel/git/kasatkin/linux-digsig.git
● Utils: http://sourceforge.net/p/linux-ima/ima-evm-utils/ci/master/tree● evmctl man page: http://linux-ima.sourceforge.net/evmctl.1.html
● Security subsystems updates from Linux Security Summit (LSS): http://kernsec.org/wiki/index.php/Linux_Security_Summit_2014
● U-Boot: http://www.denx.de/wiki/U-Boot
![Page 33: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/33.jpg)
INTEL CONFIDENTIAL
33 © 2014 SAMSUNG Electronics Co.Samsung Open Source Group
Questions?
![Page 34: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/34.jpg)
INTEL CONFIDENTIAL
34 © 2014 SAMSUNG Electronics Co.Samsung Open Source Group
Thank You
![Page 35: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/35.jpg)
INTEL CONFIDENTIAL
35 © 2014 SAMSUNG Electronics Co.Samsung Open Source Group
Contact information
Dmitry Kasatkin
Samsung Open Source GroupSamsung Research UK, Finland branch
![Page 36: New Extending secure boot to user space with Linux Integrity … · 2017. 12. 14. · Samsung Open Source Group 12 LinuxCon Europe 2014 Linux Integrity Subsystem Allows to extend](https://reader034.fdocuments.in/reader034/viewer/2022051922/600f778cec31e570bf64406e/html5/thumbnails/36.jpg)
INTEL CONFIDENTIAL
36 © 2014 SAMSUNG Electronics Co.Samsung Open Source Group
We Are Hiring...