Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

Chapter 8. Enhancing security with the kernel integrity subsystem

8.1. The kernel integrity subsystem

The integrity subsystem is a part of the kernel which is responsible for maintaining the system’s data integrity. This subsystem helps to keep the system in its initial state by preventing users from making undesired modification to specific system files.

The kernel integrity subsystem consists of two major components:

Integrity Measurement Architecture (IMA)
  • Measures files' content whenever it is executed or opened. Users can change this behavior by applying custom policies.
  • Places the measured values within the kernel’s memory space, thereby it prevents any modification by the users of the system.
  • Allows local and remote parties to verify the measured values.
Extended Verification Module (EVM)
  • Protects files' extended attributes (also known as xattr) that are related to the system’s security, like IMA measurements and SELinux attributes, by cryptographically hashing their corresponding values.

Both IMA and EVM also contain numerous feature extensions that bring additional functionality. For example:

IMA-Appraisal
  • Locally validates the current file’s content against the values previously stored in the measurement file within the kernel memory. This extension forbids any operation to be performed over a specific file in case the current measurement does not match the previous measurement.
EVM Digital Signatures
  • Allows the use of digital signatures through cryptographic keys stored into the kernel’s keyring. EVM Digital Signatures ensures the origin and integrity of xattr values of those files which have the content hash (security.ima) included.
Note

The feature extensions complement each other, but you can configure and use them independently of one another.

The kernel integrity subsystem can use the Trusted Platform Module (TPM) to further harden system security. TPM is a specification by the Trusted Computing Group (TCG) for important cryptographic functions. TPM is usually implemented as dedicated hardware that is attached to the platform’s motherboard and prevents software-based attacks by providing cryptographic functions from a protected and tamper-proof area of the hardware chip. Some of TPM features are:

  • Random-number generator
  • Generator and secure storage for cryptographic keys
  • Hashing generator
  • Remote attestation

8.2. Integrity measurement architecture

Integrity Measurement Architecture (IMA) is a component of the kernel integrity subsystem. IMA aims to maintain the contents of local files by measuring, storing, and appraising files' hashes before they are accessed. This prevents the reading and execution of unreliable data and enhances system security.

8.3. Extended verification module

Extended Verification Module (EVM) is a component of the kernel integrity subsystem that monitors changes in files' extended attributes (xattr). Many security-oriented technologies, including Integrity Measurement Architecture (IMA), store sensitive file information, such as content hashes, in extended attributes. EVM creates another hash from these extended attributes and from a special key, which is loaded at boot time. The resulting hash is validated every time the extended attribute is used. For example, when IMA appraises the file.

8.4. Trusted and encrypted keys

Trusted and encrypted keys are variable-length symmetric keys generated by the kernel that are used by the kernel keyring service. This type of keys never appears in the user space in an unencrypted form, which means that their integrity can be verified. They can therefore be used, for example, by the extended verification module (EVM) to verify and confirm the integrity of a running system. User-level programs can only access the keys in the form of encrypted blobs.

Trusted keys need a hardware component: the Trusted Platform Module (TPM) chip, which is used to both create and encrypt (seal) the keys. The TPM seals the keys using a 2048-bit RSA key called the storage root key (SRK).

For more information about trusted and encrypted keys see the Trusted and Encrypted Keys section of RHEL 7 Security Guide.

8.5. Enabling integrity measurement architecture and extended verification module

Integrity measurement architecture (IMA) and extended verification module (EVM) are components of the kernel integrity subsystem that enhance system security in various ways. Configuring IMA and EVM enables you to sign files and thereby to enhance system security.

Prerequisites

  • The ima-evm-utils, and keyutils packages are installed on your system.
  • The securityfs filesystem is mounted on the /sys/kernel/security/ directory.
  • The /sys/kernel/security/ima/ directory exists.

    # mount
    …​
    securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
    …​

Procedure

  1. Prepare your system to enable IMA and EVM:

    1. Add the following kernel command line parameters:

      # grubby --update-kernel=/boot/vmlinuz-$(uname -r) --args="ima_appraise=fix ima_appraise_tcb evm=fix"

      The command enables IMA and EVM in the fix mode for the current boot entry and allows users to gather and update IMA measurements.

      The ima_appraise_tcb kernel command line parameter ensures that the kernel uses the default Trusted Computing Base (TCB) measurement policy and the appraisal step. The appraisal step forbids access to files whose prior and current measurements do not match.

    2. Reboot for the changes to take effect.
    3. Optionally, verify that the kernel command line includes the new parameters:

      # cat /proc/cmdline
      BOOT_IMAGE=/vmlinuz-3.10.0-1136.el7.x86_64 root=/dev/mapper/rhel-root ro crashkernel=auto spectre_v2=retpoline rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet LANG=en_US.UTF-8 ima_appraise=fix ima_appraise_tcb evm=fix
  2. Create and set a public and private keypair for EVM:

    1. Create a new keyring for EVM:

      # evm_kr_id=$(keyctl newring _evm @u)

      The command creates the _evm keyring and attaches it to the @u system user keyring. Then, the keyring ID of _evm is assigned to the evm_kr_id variable for more convenient handling in the future.

    2. Optionally, view the newly created keyring:

      # keyctl show
      Session Keyring
      1025767139 --alswrv   0     0  keyring: _ses
      548660789 --alswrv   0 65534   \_ keyring: _uid.0
      456142548 --alswrv   0     0       \_ keyring: _evm
    3. Create a directory for keys:

      # mkdir -p /etc/keys/
    4. Generate a 1024-bit RSA private key into the /etc/keys/privkey.pem file:

      # openssl genrsa -out /etc/keys/privkey.pem 1024
      Generating RSA private key, 1024 bit long modulus
      .......++++++
      ...++++++
      e is 65537 (0x10001)
    5. Use the previously created /etc/keys/privkey.pem private key to derive a corresponding RSA public key into the /etc/keys/pubkey.pem file:

      # openssl rsa -pubout -in /etc/keys/privkey.pem -out /etc/keys/pubkey.pem
      writing RSA key
    6. Import the public key into the dedicated EVM keyring:

      # evmctl import --rsa /etc/keys/pubkey.pem $evm_kr_id
      1054989579

      The command imports the /etc/keys/pubkey.pem public key into the _evm keyring. The _evm keyring is then attached to the kernel keyring. The key serial number is on the second line of the previous example.

    7. Optionally, view the newly imported key:

      # keyctl show
      Session Keyring
      1025767139 --alswrv   0     0  keyring: _ses
      548660789 --alswrv   0 65534   \_ keyring: _uid.0
      456142548 --alswrv   0     0       \_ keyring: _evm
      1054989579 --alswrv   0     0           \_ user: FA0EF80BF06F80AC
      Note

      This asymmetric key pair can be used to digitally sign the contents of an extended attribute of a file using the evmctl sign command. The extended attribute is later verified by the kernel.

    8. Create a kernel master key to protect the EVM key:

      # dd if=/dev/urandom bs=1 count=32 2>/dev/null | keyctl padd user kmk-user @u

      The kernel master key (kmk) is kept entirely in the kernel space memory. The 32-byte long value of the kernel master key kmk is generated from random bytes from the /dev/urandom file and placed in the user (@u) keyring.

  3. Create an encrypted EVM key based on the kmk key:

    # keyctl add encrypted evm-key "new user:kmk 64" @u
    351426499

    The command uses kmk to generate and encrypt a 64-byte user key (named evm-key) and places it in the user (@u) keyring. The key serial number is on the second line of the previous example.

    Important

    It is necessary to name the user key evm-key because that is the name the EVM subsystem expects and works with.

  4. Activate EVM:

    # echo 1 > /sys/kernel/security/evm
  5. Verify that EVM has been initialized:

    dmesg | tail -1
    […​] EVM: initialized

8.6. Collecting file hashes with integrity measurement architecture

The first level of operation of integrity measurement architecture (IMA) is the measurement phase, which allows to create file hashes and store them as extended attributes (xattrs) of those files. The following section describes how to create and inspect the files' hashes.

Prerequisites

Procedure

  1. Create a test file:

    # echo <Test_text> > test_file
  2. Sign the file with the private key:

    # evmctl sign --imahash --key /etc/keys/privkey.pem test_file

    By creating a hash of the test_file file, IMA verifies that the file remains is uncorrupted. EVM ensures that the IMA hash is genuine by signing the hash content that is stored in the extended attribute of test_file.

  3. Optionally, check the extended attributes of the signed file:

    # getfattr -m . -d test_file
    file: test_file
    security.evm=0sAwICztVdCQCAZLtD7qAezGl8nGLgqFZzMzQp7Fm1svUet2Hy7TyI2vtT9/9ZfBTKMK6Mjoyk0VX+DciS85XOCYX6WnV1LF2P/pmPRfputSEq9fVD4SWfKKj2rI7qwpndC1UqRX1BbN3aRUYeoKQdPdl6Cz+cX4d7vS56FJkFhPGlhq/UQbBnd80=
    security.ima=0sAfgqQ5/05X4w/ltZEfbogdI9+KM5
    security.selinux="unconfined_u:object_r:admin_home_t:s0"

    This example output shows extended attributes related to SELinux and the IMA and EVM hash values. EVM actively adds a security.evm extended attribute and detects any offline tampering to xattrs of other files such as security.ima that are directly related to file content integrity. The value of the security.evm field is in Hash-based Message Authentication Code (HMAC-SHA1), which was generated with the private key.

Additional resources