ima: calculate and verify the serialized IMA measurement list buffer hash
Bit flips and errant DMA transfers happen routinely and can easily
result in a corrupt data structure which may be non-trivial to verify.
The kexec hash, which would normally detect these sorts of changes, is
calculated during the kexec load. Unfortunately, new measurements can
take place between the kexec load and execute, while other measurements
are the result of the kexec execute itself.
Instead of including the hash of the serialized IMA measurement list
buffer as part of the kexec hash, defer calculating and verifying the
serialized IMA measurement list buffer hash to IMA.
This patch calculates a hash of the serialized measurement list
buffer, including the ima_kexec_hdr structure, except for the digest
itself. Before restoring the IMA measurement list, verify the hash.
On hash verification failure, for now, allow the boot to continue
normally without restoring the measurement list.
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
2 files changed
