[Dev] Integrity protection mechanism for the root file system?

Whiteman, John L john.l.whiteman at intel.com
Wed Sep 17 17:29:24 GMT 2014


Hi Tom,

Yes, I hope to answer that question with performance data as part of the
scoping effort.  Once I know more I will definitely share.  Integrity is a
good thing. 

Best Regards,

John

-----Original Message-----
From: Counihan, Tom 
Sent: Wednesday, September 17, 2014 9:07 AM
To: Whiteman, John L; dev at lists.tizen.org
Subject: RE: Integrity protection mechanism for the root file system?

Thanks John and Janusz for the prompt response.

Can you expand a little on the 'constant block level checks' comment?
I'm interested to learn more if you would entertain that request please?

Warm regards
Tom.

> -----Original Message-----
> From: Whiteman, John L
> Sent: Wednesday, September 17, 2014 4:39 PM
> To: Counihan, Tom; dev at lists.tizen.org
> Subject: RE: Integrity protection mechanism for the root file system?
> 
> Hi Tom,
> 
> I was asked recently to re-scope IMA/EVM.  Prior to that there were 
> concerns about performance degradation particularly caused by constant 
> block level checks.  There was talk about using it for a single system 
> partition, but this still may be unacceptable for low end processors.  
> There is code checked in upstream already, but not integrated.
> 
> Best Regards,
> 
> John
> 
> -----Original Message-----
> From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Counihan, 
> Tom
> Sent: Wednesday, September 17, 2014 12:58 AM
> To: dev at lists.tizen.org
> Subject: [Dev] Integrity protection mechanism for the root file system?
> 
> Folks,
> 
> While this https://bugs.tizen.org/jira/browse/TC-375  was raised and 
> disposition a year ago, I did observe some presentations subsequently; 
> https://archive.fosdem.org/2014/schedule/event/integrity_protection_so
> lu
> tion
> s_for_embedded_systems/attachments/slides/414/export/events/attachm
> ents/inte
> grity_protection_solutions_for_embedded_systems/slides/414/Integrity_P
> r
> otect
> ion_For_Embedded_Systems_FOSDEM_2014.pdf
> 
> And then I stumbled here:
> https://wiki.tizen.org/wiki/Security:IntegrityMeasurement
> 
> I'd like to understand the current day status. How progressed is this?
> It hit the wiki April/may this year, and I now found a mail on tizen 
> dev from  Janusz announcing an intent to focus - but no real response 
> and no further update.
> 
> Any insight greatly appreciated.
> 
> 
> Warm Regards
> Tom.
> --------------------------------------------------------------
> Intel Shannon Limited
> Registered in Ireland
> Registered Office: Collinstown Industrial Park, Leixlip, County 
> Kildare Registered Number: 308263 Business address: Dromore House, 
> East Park, Shannon, Co. Clare
> 
> This e-mail and any attachments may contain confidential material for 
> the sole use of the intended recipient(s). Any review or distribution 
> by others is strictly prohibited. If you are not the intended 
> recipient, please contact the sender and delete all copies.
> 
> 
> _______________________________________________
> Dev mailing list
> Dev at lists.tizen.org
> https://lists.tizen.org/listinfo/dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6664 bytes
Desc: not available
URL: <http://lists.tizen.org/pipermail/dev/attachments/20140917/06876868/attachment-0001.p7s>


More information about the Dev mailing list