Microsoft developers unveiled recently information about the introduction of the IPE mechanism (Integrity Policy Enforcement), implemented as an LSM module (Linux Security Module) for the Linux kernel.
The module will allows you to define a general integrity policy for the entire system, indicating which operations are valid and how the authenticity of the components should be verified. With IPE, you can specify which executable files can be run and make sure these files are identical to the version provided by a trusted source. The code is open under the MIT license.
Kernel Linux supports multiple LSMs, including SELinux (Linux with enhanced security) and AppArmor among the best known. Microsoft contributes on Linux as the technical basis for various initiatives and this new project has named it as IPE (Integrity Policy Enforcement).
This is designed to strengthen the integrity of the code for the Linux kernel, to ensure that "any code that is running (or files that are being read) are identical to the version created by a trusted source," Microsoft said on GitHub.
IPE aims to create fully verifiable systems whose integrity is verified from bootloader and kernel to final executable files, configuration and downloads.
In the event of a file change or replacement, the IPE can block the operation or record the fact of integrity violation. The proposed mechanism can be used in firmware for embedded devices where all software and settings are collected and provided especially by the owner, for example, in Microsoft data centers, IPE is used in equipment for firewalls.
Although the kernel of Linux already has several modules for verification integrity as IMA.
IPE specifically offers runtime verification of binary code. Microsoft states that IPE differs from other LSMs in several ways that they provide integrity verification.
IPE also supports successful audits. When enabled, all events
that pass the IPE policy and are not blocked will emit an audit event.
This new module proposed by Microsoft, it is not the same as other integrity verification systems, such as IMA. The interesting thing about IPE is that differs in several respects and is independent of metadata in the filesystem, besides that all the properties that determine the validity of the operations are stored directly in the kernel.
For example, IPE does not depend on the file system metadata and attributes that IPE verifies. Also, IPE does not implement any mechanism to verify IMA signature files. This is because the Linux kernel already has modules for it, such as dm-verity.
That is to verify the integrity of the file content using cryptographic hashes, the dm-verity or fs-verity mechanisms that already exist in the kernel are used.
By analogy with SELinux, two modes of operation are permissive and mandatory. In the first mode, a problem log is only made when performing checks, which, for example, can be used for preliminary tests of the environment.
"Ideally, a system using IPE is not intended for general computer use and does not use third-party software or settings," said the publisher.
Furthermore, the LSM promoted by Microsoft is designed for specific cases, as embedded systems, where security is a priority and system administrators are in full control.
System owners can create their own policies for integrity checks and use built-in dm-verity signatures to authenticate codes.
To conclude, the new project brings a new Linux security module that other modules cannot do to protect the system from the execution of malicious code.
Finally If you want to know more about the details of this new module proposed by Microsoft developers, you can check the details In the following link. You can check the source code of this module in the following link.
Microsoft scares me ...
Microsoft wants to check the integrity of the Linux system? LOL . It must be a joke
Linux doesn't need mirdosoft.
All your work is very good and I do not despise it, the Linux world does not close its doors to anyone and everything is welcome if you row in the same direction. Peeeeeeeero I like to mess with my Linux ad nauseam, do experiments, compile my kernels, lighten them and look for optimizations. And I already had the sacred eggs the uefi, that I have to have strange configurations in the bios because of this, as if to put more shit into the system with a very clear background.
If they wanted Linux they would spend real money not expecting to always make a cut, they would provide large user programs and they would get wet in projects to force the industry to move forward, see an official and open source directx or allocate resources to projects like wayland and not flirtations where there is always fine print to copy Linux features and scrounge cheaply. That I don't believe that fallacy about loving Linux, I'm tired of so many lies.