preisacm
/
masterthesis
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

added IMA install instructions

master
Michael Preisach 6 years ago
parent
5323ccc866
commit
e1cae90154
3 changed files with 45 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      thesis/MAIN.pdf
  2. 33
      thesis/MAIN.tex
  3. 13
      thesis/mainmatter.tex

BIN
thesis/MAIN.pdf
View File

Binary file not shown.

33
thesis/MAIN.tex
View File

@ -1,3 +1,4 @@
% !TeX document-id = {7131b1f7-d05a-492d-b4e1-23bbecfee18f}
% !TeX encoding = UTF-8 % !TeX encoding = UTF-8
% !TeX program = pdflatex % !TeX program = pdflatex
% !BIB program = biber % !BIB program = biber
@ -23,7 +24,7 @@
parskip=half*, parskip=half*,
% toc=flat, % toc=flat,
table, table,
11pt, 12pt,
% draft % draft
]{scrbook} ]{scrbook}
@ -93,6 +94,8 @@
\usepackage{sourcecodepro} \usepackage{sourcecodepro}
\usepackage{microtype} \usepackage{microtype}
\usepackage{listings}
% \setcounter{tocdepth}{3} %subsubsection % \setcounter{tocdepth}{3} %subsubsection
% \setcounter{secnumdepth}{3} % \setcounter{secnumdepth}{3}
@ -152,4 +155,32 @@
\appendix \appendix
\section{Installing IMA on Arch}
\url{https://wiki.archlinux.org/index.php/Kernel/Arch_Build_System} in combination with \url{https://wiki.gentoo.org/wiki/Integrity_Measurement_Architecture}:
\begin{lstlisting}
sudo pacman -S asp base-devel
cd ~
mkdir build && cd build
asp update linux
asp export linux #Linux repo exported to this directory
\end{lstlisting}
Change \emph{pkgbase} in \texttt{linux/PKGBUILD} to custom name, e.g. linux-ima.
Check \texttt{linux/config} for the following settings:
\begin{lstlisting}
CONFIG_INTEGRITY=y
CONFIG_IMA=y
CONFIG_IMA_MEASURE_PCR_IDX=10
CONFIG_IMA_LSM_RULES=y
CONFIG_INTEGRITY_SIGNATURE=y
CONFIG_IMA_APPRAISE=y
IMA_APPRAISE_BOOTPARAM=y
\end{lstlisting}
For optimizing file access, add to every fstab-entry \emph{iversion}.
It prevents creating a hash of the file at every access.
Instead the hash will only be created when writing the file.
\texttt{updpkgsums} generates new checksums for the modified files.
\texttt{makepkg -s} then makes the new kernel
\end{document} \end{document}

13
thesis/mainmatter.tex
View File

@ -1,5 +1,12 @@
\chapter{Introduction} \chapter{Introduction}
All about motivation of doing this masterthesis
\begin{itemize}
\item introduction in project digidow
\item privacy
\item integrity
\end{itemize}
\chapter{Concept} \chapter{Concept}
The theoretical tool that should be formed to one whole system implementation in this thesis
\section{Attack Vectors and Threat Model} \section{Attack Vectors and Threat Model}
\section{Trust and Security} \section{Trust and Security}
\section{Systems of Trust} \section{Systems of Trust}
@ -11,7 +18,13 @@
\section{Extend the Trust to External Hardware} \section{Extend the Trust to External Hardware}
\section{Mitigation of Attack Vectors} \section{Mitigation of Attack Vectors}
\chapter{Implemtentation and Limitations} \chapter{Implemtentation and Limitations}
\section{Trusted Boot}
\section{Linux Kernel Integrity Tools}
\chapter{Conclusion and Outlook} \chapter{Conclusion and Outlook}
It is yet very hard to implement a system of this kind.
The tools are available, but the documentation is not.
I did at least figure out what a prototype can look like.
\autoref{tab:example} is an example of a table, in which the numbers are aligned at the comma, every second line is colored and the commands \texttt{\textbackslash toprule}, \texttt{\textbackslash midrule} and \texttt{\textbackslash bottomrule} are used \cite{arthur15}. \autoref{tab:example} is an example of a table, in which the numbers are aligned at the comma, every second line is colored and the commands \texttt{\textbackslash toprule}, \texttt{\textbackslash midrule} and \texttt{\textbackslash bottomrule} are used \cite{arthur15}.
\begin{table}[ht] \begin{table}[ht]

Write Preview
Loading…
Cancel
Save