Blame - Documentation/ABI/testing/ima_policy - kernel/msm-4.9

blob: ec0a38ef3145e30a90ace37c391d0eba33c81bc7 [file] [log] [blame]

Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	1	What: security/ima/policy
				2	Date: May 2008
				3	Contact: Mimi Zohar <zohar@us.ibm.com>
				4	Description:
				5	The Trusted Computing Group(TCG) runtime Integrity
				6	Measurement Architecture(IMA) maintains a list of hash
				7	values of executables and other sensitive system files
				8	loaded into the run-time of this system. At runtime,
				9	the policy can be constrained based on LSM specific data.
				10	Policies are loaded into the securityfs file ima/policy
				11	by opening the file, writing the rules one at a time and
				12	then closing the file. The new policy takes effect after
				13	the file ima/policy is closed.
				14
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	15	IMA appraisal, if configured, uses these file measurements
				16	for local measurement appraisal.
				17
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	18	rule format: action [condition ...]
				19
Peter Moody	e7c568e	2012-06-14 10:04:36 -0700	[diff] [blame]	20	action: measure \| dont_measure \| appraise \| dont_appraise \| audit
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	21	condition:= base \| lsm
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	22	base: [[func=] [mask=] [fsmagic=] [uid=] [fowner]]
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	23	lsm: [[subj_user=] [subj_role=] [subj_type=]
				24	[obj_user=] [obj_role=] [obj_type=]]
				25
Mimi Zohar	fdf9072	2012-10-16 12:40:08 +1030	[diff] [blame]	26	base: func:= [BPRM_CHECK][FILE_MMAP][FILE_CHECK][MODULE_CHECK]
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	27	mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
				28	fsmagic:= hex value
				29	uid:= decimal value
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	30	fowner:=decimal value
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	31	lsm: are LSM specific
				32
				33	default policy:
				34	# PROC_SUPER_MAGIC
				35	dont_measure fsmagic=0x9fa0
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	36	dont_appraise fsmagic=0x9fa0
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	37	# SYSFS_MAGIC
				38	dont_measure fsmagic=0x62656572
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	39	dont_appraise fsmagic=0x62656572
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	40	# DEBUGFS_MAGIC
				41	dont_measure fsmagic=0x64626720
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	42	dont_appraise fsmagic=0x64626720
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	43	# TMPFS_MAGIC
				44	dont_measure fsmagic=0x01021994
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	45	dont_appraise fsmagic=0x01021994
				46	# RAMFS_MAGIC
				47	dont_measure fsmagic=0x858458f6
				48	dont_appraise fsmagic=0x858458f6
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	49	# SECURITYFS_MAGIC
				50	dont_measure fsmagic=0x73636673
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	51	dont_appraise fsmagic=0x73636673
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	52
				53	measure func=BPRM_CHECK
				54	measure func=FILE_MMAP mask=MAY_EXEC
Mimi Zohar	1e93d00	2010-01-26 17:02:41 -0500	[diff] [blame]	55	measure func=FILE_CHECK mask=MAY_READ uid=0
Mimi Zohar	fdf9072	2012-10-16 12:40:08 +1030	[diff] [blame]	56	measure func=MODULE_CHECK uid=0
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	57	appraise fowner=0
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	58
				59	The default policy measures all executables in bprm_check,
				60	all files mmapped executable in file_mmap, and all files
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	61	open for read by root in do_filp_open. The default appraisal
				62	policy appraises all files owned by root.
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	63
				64	Examples of LSM specific definitions:
				65
				66	SELinux:
				67	# SELINUX_MAGIC
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	68	dont_measure fsmagic=0xf97cff8c
				69	dont_appraise fsmagic=0xf97cff8c
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	70
				71	dont_measure obj_type=var_log_t
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	72	dont_appraise obj_type=var_log_t
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	73	dont_measure obj_type=auditd_log_t
Mimi Zohar	07f6a79	2011-03-09 22:25:48 -0500	[diff] [blame]	74	dont_appraise obj_type=auditd_log_t
Mimi Zohar	1e93d00	2010-01-26 17:02:41 -0500	[diff] [blame]	75	measure subj_user=system_u func=FILE_CHECK mask=MAY_READ
				76	measure subj_role=system_r func=FILE_CHECK mask=MAY_READ
Mimi Zohar	4af4662	2009-02-04 09:07:00 -0500	[diff] [blame]	77
				78	Smack:
Mimi Zohar	1e93d00	2010-01-26 17:02:41 -0500	[diff] [blame]	79	measure subj_user=_ func=FILE_CHECK mask=MAY_READ