[Dev] Integrity protection mechanism for the root file system?

Counihan, Tom tom.counihan at intel.com
Wed Sep 17 16:06:33 GMT 2014


Thanks John and Janusz for the prompt response.

Can you expand a little on the 'constant block level checks' comment?
I'm interested to learn more if you would entertain that request please?

Warm regards
Tom.

> -----Original Message-----
> From: Whiteman, John L
> Sent: Wednesday, September 17, 2014 4:39 PM
> To: Counihan, Tom; dev at lists.tizen.org
> Subject: RE: Integrity protection mechanism for the root file system?
> 
> Hi Tom,
> 
> I was asked recently to re-scope IMA/EVM.  Prior to that there were
> concerns
> about performance degradation particularly caused by constant block level
> checks.  There was talk about using it for a single system partition, but
> this still may be unacceptable for low end processors.  There is code
> checked in upstream already, but not integrated.
> 
> Best Regards,
> 
> John
> 
> -----Original Message-----
> From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Counihan, Tom
> Sent: Wednesday, September 17, 2014 12:58 AM
> To: dev at lists.tizen.org
> Subject: [Dev] Integrity protection mechanism for the root file system?
> 
> Folks,
> 
> While this https://bugs.tizen.org/jira/browse/TC-375  was raised and
> disposition a year ago, I did observe some presentations subsequently;
> https://archive.fosdem.org/2014/schedule/event/integrity_protection_solu
> tion
> s_for_embedded_systems/attachments/slides/414/export/events/attachm
> ents/inte
> grity_protection_solutions_for_embedded_systems/slides/414/Integrity_Pr
> otect
> ion_For_Embedded_Systems_FOSDEM_2014.pdf
> 
> And then I stumbled here:
> https://wiki.tizen.org/wiki/Security:IntegrityMeasurement
> 
> I'd like to understand the current day status. How progressed is this?
> It hit the wiki April/may this year, and I now found a mail on tizen dev
> from  Janusz announcing an intent to focus - but no real response and no
> further update.
> 
> Any insight greatly appreciated.
> 
> 
> Warm Regards
> Tom.
> --------------------------------------------------------------
> Intel Shannon Limited
> Registered in Ireland
> Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
> Registered Number: 308263 Business address: Dromore House, East Park,
> Shannon, Co. Clare
> 
> This e-mail and any attachments may contain confidential material for the
> sole use of the intended recipient(s). Any review or distribution by others
> is strictly prohibited. If you are not the intended recipient, please
> contact the sender and delete all copies.
> 
> 
> _______________________________________________
> Dev mailing list
> Dev at lists.tizen.org
> https://lists.tizen.org/listinfo/dev
--------------------------------------------------------------
Intel Shannon Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263
Business address: Dromore House, East Park, Shannon, Co. Clare

This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.




More information about the Dev mailing list