Re: [Linux-ima-user] [RFC][PATCH V2][1/1] ima: extending the format of the measurement list

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Tue, 2010-04-20 at 18:03 +0200, Roberto Sassu wrote:

< snip >

>  /* IMA inode template definition */
>  struct ima_template_data {
>  	u8 digest[IMA_DIGEST_SIZE];	/* sha1/md5 measurement hash */
>  	char file_name[IMA_EVENT_NAME_LEN_MAX + 1];	/* name + \0 */
> +	char subj_label[IMA_LABEL_LEN_MAX + 1];	/* subj_label + \0 */
> +	char obj_label[IMA_LABEL_LEN_MAX + 1];	/* obj_label + \0 */
>  };

As you noted, LSMs have differing size labels. The maximum SMACK label,
for example, is 23 bytes, so hard coding the size here just doesn't seem
like the right idea. But before making changes, I think we need to step
back and discuss what the template data should contain.  

To begin the discussion, we know that the template data should not
contain system specific information, such as inode numbers, as there is
no way to remotely verify it. LSM labels are system dependent. So do
they fall into this category? We do know that we need to support
additional digest types with differing sizes.

Mimi