Microsoft has released detailed information about the company is committed to the Linux kernel new projects. The project, called Integrity Policy Enforcement (IPE) , is the Linux Security Module (Linux Security Module, LSM), which allows configurable policies to enforce integrity requirements on the entire system.
IPE is Microsoft's attempt to solve the problem of Linux and the integrity of the code of conduct. It is divided into two main parts: provided by the LSM configurable policies ( "IPE Core"), as well as deterministic attributes ( "IPE Properties") used to evaluate the documents provided by the kernel. Currently, IPE is still in the RFC (request for comments) state .
On the IPE enabled Linux system, the system administrator can create a list of allowed to perform binary file, and then add the kernel before running each binary files need to be checked to verify the properties. If an attacker to change the binaries, IPE can also prevent the execution of malicious code.
Microsoft said, IPE is designed for devices with a specific purpose, such as embedded systems (eg network firewall devices in the data center), in which all software and configuration by administrators to build and deliver. Ideally, the use of the IPE does not apply to general purpose computing systems, does not use any third-party software or configuration constructed.
IPE supports two modes of operation: permissive mode (similar to SELinux in permissive mode) and enforce mode. Which, enforce mode is the default mode. Permissive mode to perform the same checks and enforce mode, and record policy violations cases, but it does not enforce the policy, which allows users to test it out before enforce the policy.
Furthermore, Microsoft, the Linux kernel for existing LSM code for integrity (e.g., the IMA ) is different, IPE does not depend on the file system metadata, and properties as IPE is present only in the kernel deterministic property so it does not need, like the need IMA IMA like other code signing.