On Mon, Apr 15, 2024 at 10:25 AM Roberto Sassu roberto.sassu@huaweicloud.com wrote:
From: Roberto Sassu roberto.sassu@huawei.com
Integrity detection and protection has long been a desirable feature, to reach a large user base and mitigate the risk of flaws in the software and attacks.
However, while solutions exist, they struggle to reach the large user base, due to requiring higher than desired constraints on performance, flexibility and configurability, that only security conscious people are willing to accept.
This is where the new digest_cache LSM comes into play, it offers additional support for new and existing integrity solutions, to make them faster and easier to deploy.
The full documentation with the motivation and the solution details can be found in patch 14.
The IMA integration patch set will be introduced separately. Also a PoC based on the current version of IPE can be provided.
I'm not sure we want to implement a cache as a LSM. I'm sure it would work, but historically LSMs have provided some form of access control, measurement, or other traditional security service. A digest cache, while potentially useful for a variety of security related applications, is not a security service by itself, it is simply a file digest storage mechanism.
I think it's fine if an individual LSM wants to implement a file digest cache as part of its own functionality, but a generalized file digest cache seems like something that should be part of the general kernel, and not implemented as a LSM.