| ima_main.c (84594c9ecdca7ca595bc50e315093cb76921fd8e) | ima_main.c (4de2f084fbff41113d9adec3c9e15ab12bf05e21) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Integrity Measurement Architecture 4 * 5 * Copyright (C) 2005,2006,2007,2008 IBM Corporation 6 * 7 * Authors: 8 * Reiner Sailer <sailer@watson.ibm.com> --- 100 unchanged lines hidden (view full) --- 109 * Only invalidate the PCR for measured files: 110 * - Opening a file for write when already open for read, 111 * results in a time of measure, time of use (ToMToU) error. 112 * - Opening a file for read when already open for write, 113 * could result in a file measurement error. 114 * 115 */ 116static void ima_rdwr_violation_check(struct file *file, | 1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Integrity Measurement Architecture 4 * 5 * Copyright (C) 2005,2006,2007,2008 IBM Corporation 6 * 7 * Authors: 8 * Reiner Sailer <sailer@watson.ibm.com> --- 100 unchanged lines hidden (view full) --- 109 * Only invalidate the PCR for measured files: 110 * - Opening a file for write when already open for read, 111 * results in a time of measure, time of use (ToMToU) error. 112 * - Opening a file for read when already open for write, 113 * could result in a file measurement error. 114 * 115 */ 116static void ima_rdwr_violation_check(struct file *file, |
| 117 struct integrity_iint_cache *iint, | 117 struct ima_iint_cache *iint, |
| 118 int must_measure, 119 char **pathbuf, 120 const char **pathname, 121 char *filename) 122{ 123 struct inode *inode = file_inode(file); 124 fmode_t mode = file->f_mode; 125 bool send_tomtou = false, send_writers = false; 126 127 if (mode & FMODE_WRITE) { 128 if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) { 129 if (!iint) | 118 int must_measure, 119 char **pathbuf, 120 const char **pathname, 121 char *filename) 122{ 123 struct inode *inode = file_inode(file); 124 fmode_t mode = file->f_mode; 125 bool send_tomtou = false, send_writers = false; 126 127 if (mode & FMODE_WRITE) { 128 if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) { 129 if (!iint) |
| 130 iint = integrity_iint_find(inode); | 130 iint = ima_iint_find(inode); |
| 131 /* IMA_MEASURE is set from reader side */ 132 if (iint && test_bit(IMA_MUST_MEASURE, 133 &iint->atomic_flags)) 134 send_tomtou = true; 135 } 136 } else { 137 if (must_measure) 138 set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); --- 9 unchanged lines hidden (view full) --- 148 if (send_tomtou) 149 ima_add_violation(file, *pathname, iint, 150 "invalid_pcr", "ToMToU"); 151 if (send_writers) 152 ima_add_violation(file, *pathname, iint, 153 "invalid_pcr", "open_writers"); 154} 155 | 131 /* IMA_MEASURE is set from reader side */ 132 if (iint && test_bit(IMA_MUST_MEASURE, 133 &iint->atomic_flags)) 134 send_tomtou = true; 135 } 136 } else { 137 if (must_measure) 138 set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); --- 9 unchanged lines hidden (view full) --- 148 if (send_tomtou) 149 ima_add_violation(file, *pathname, iint, 150 "invalid_pcr", "ToMToU"); 151 if (send_writers) 152 ima_add_violation(file, *pathname, iint, 153 "invalid_pcr", "open_writers"); 154} 155 |
| 156static void ima_check_last_writer(struct integrity_iint_cache *iint, | 156static void ima_check_last_writer(struct ima_iint_cache *iint, |
| 157 struct inode *inode, struct file *file) 158{ 159 fmode_t mode = file->f_mode; 160 bool update; 161 162 if (!(mode & FMODE_WRITE)) 163 return; 164 --- 22 unchanged lines hidden (view full) --- 187 * ima_file_free - called on __fput() 188 * @file: pointer to file structure being freed 189 * 190 * Flag files that changed, based on i_version 191 */ 192static void ima_file_free(struct file *file) 193{ 194 struct inode *inode = file_inode(file); | 157 struct inode *inode, struct file *file) 158{ 159 fmode_t mode = file->f_mode; 160 bool update; 161 162 if (!(mode & FMODE_WRITE)) 163 return; 164 --- 22 unchanged lines hidden (view full) --- 187 * ima_file_free - called on __fput() 188 * @file: pointer to file structure being freed 189 * 190 * Flag files that changed, based on i_version 191 */ 192static void ima_file_free(struct file *file) 193{ 194 struct inode *inode = file_inode(file); |
| 195 struct integrity_iint_cache *iint; | 195 struct ima_iint_cache *iint; |
| 196 197 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 198 return; 199 | 196 197 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 198 return; 199 |
| 200 iint = integrity_iint_find(inode); | 200 iint = ima_iint_find(inode); |
| 201 if (!iint) 202 return; 203 204 ima_check_last_writer(iint, inode, file); 205} 206 207static int process_measurement(struct file *file, const struct cred *cred, 208 u32 secid, char *buf, loff_t size, int mask, 209 enum ima_hooks func) 210{ 211 struct inode *backing_inode, *inode = file_inode(file); | 201 if (!iint) 202 return; 203 204 ima_check_last_writer(iint, inode, file); 205} 206 207static int process_measurement(struct file *file, const struct cred *cred, 208 u32 secid, char *buf, loff_t size, int mask, 209 enum ima_hooks func) 210{ 211 struct inode *backing_inode, *inode = file_inode(file); |
| 212 struct integrity_iint_cache *iint = NULL; | 212 struct ima_iint_cache *iint = NULL; |
| 213 struct ima_template_desc *template_desc = NULL; 214 char *pathbuf = NULL; 215 char filename[NAME_MAX]; 216 const char *pathname = NULL; 217 int rc = 0, action, must_appraise = 0; 218 int pcr = CONFIG_IMA_MEASURE_PCR_IDX; 219 struct evm_ima_xattr_data *xattr_value = NULL; 220 struct modsig *modsig = NULL; --- 22 unchanged lines hidden (view full) --- 243 244 /* Is the appraise rule hook specific? */ 245 if (action & IMA_FILE_APPRAISE) 246 func = FILE_CHECK; 247 248 inode_lock(inode); 249 250 if (action) { | 213 struct ima_template_desc *template_desc = NULL; 214 char *pathbuf = NULL; 215 char filename[NAME_MAX]; 216 const char *pathname = NULL; 217 int rc = 0, action, must_appraise = 0; 218 int pcr = CONFIG_IMA_MEASURE_PCR_IDX; 219 struct evm_ima_xattr_data *xattr_value = NULL; 220 struct modsig *modsig = NULL; --- 22 unchanged lines hidden (view full) --- 243 244 /* Is the appraise rule hook specific? */ 245 if (action & IMA_FILE_APPRAISE) 246 func = FILE_CHECK; 247 248 inode_lock(inode); 249 250 if (action) { |
| 251 iint = integrity_inode_get(inode); | 251 iint = ima_inode_get(inode); |
| 252 if (!iint) 253 rc = -ENOMEM; 254 } 255 256 if (!rc && violation_check) 257 ima_rdwr_violation_check(file, iint, action & IMA_MEASURE, 258 &pathbuf, &pathname, filename); 259 --- 299 unchanged lines hidden (view full) --- 559 return process_measurement(file, current_cred(), secid, NULL, 0, 560 mask & (MAY_READ | MAY_WRITE | MAY_EXEC | 561 MAY_APPEND), FILE_CHECK); 562} 563 564static int __ima_inode_hash(struct inode *inode, struct file *file, char *buf, 565 size_t buf_size) 566{ | 252 if (!iint) 253 rc = -ENOMEM; 254 } 255 256 if (!rc && violation_check) 257 ima_rdwr_violation_check(file, iint, action & IMA_MEASURE, 258 &pathbuf, &pathname, filename); 259 --- 299 unchanged lines hidden (view full) --- 559 return process_measurement(file, current_cred(), secid, NULL, 0, 560 mask & (MAY_READ | MAY_WRITE | MAY_EXEC | 561 MAY_APPEND), FILE_CHECK); 562} 563 564static int __ima_inode_hash(struct inode *inode, struct file *file, char *buf, 565 size_t buf_size) 566{ |
| 567 struct integrity_iint_cache *iint = NULL, tmp_iint; | 567 struct ima_iint_cache *iint = NULL, tmp_iint; |
| 568 int rc, hash_algo; 569 570 if (ima_policy_flag) { | 568 int rc, hash_algo; 569 570 if (ima_policy_flag) { |
| 571 iint = integrity_iint_find(inode); | 571 iint = ima_iint_find(inode); |
| 572 if (iint) 573 mutex_lock(&iint->mutex); 574 } 575 576 if ((!iint || !(iint->flags & IMA_COLLECTED)) && file) { 577 if (iint) 578 mutex_unlock(&iint->mutex); 579 580 memset(&tmp_iint, 0, sizeof(tmp_iint)); | 572 if (iint) 573 mutex_lock(&iint->mutex); 574 } 575 576 if ((!iint || !(iint->flags & IMA_COLLECTED)) && file) { 577 if (iint) 578 mutex_unlock(&iint->mutex); 579 580 memset(&tmp_iint, 0, sizeof(tmp_iint)); |
| 581 tmp_iint.inode = inode; | |
| 582 mutex_init(&tmp_iint.mutex); 583 584 rc = ima_collect_measurement(&tmp_iint, file, NULL, 0, 585 ima_hash_algo, NULL); 586 if (rc < 0) { 587 /* ima_hash could be allocated in case of failure. */ 588 if (rc != -ENOMEM) 589 kfree(tmp_iint.ima_hash); --- 93 unchanged lines hidden (view full) --- 683 * No measuring, appraising or auditing of newly created tmpfiles is needed. 684 * Skip calling process_measurement(), but indicate which newly, created 685 * tmpfiles are in policy. 686 */ 687static void ima_post_create_tmpfile(struct mnt_idmap *idmap, 688 struct inode *inode) 689 690{ | 581 mutex_init(&tmp_iint.mutex); 582 583 rc = ima_collect_measurement(&tmp_iint, file, NULL, 0, 584 ima_hash_algo, NULL); 585 if (rc < 0) { 586 /* ima_hash could be allocated in case of failure. */ 587 if (rc != -ENOMEM) 588 kfree(tmp_iint.ima_hash); --- 93 unchanged lines hidden (view full) --- 682 * No measuring, appraising or auditing of newly created tmpfiles is needed. 683 * Skip calling process_measurement(), but indicate which newly, created 684 * tmpfiles are in policy. 685 */ 686static void ima_post_create_tmpfile(struct mnt_idmap *idmap, 687 struct inode *inode) 688 689{ |
| 691 struct integrity_iint_cache *iint; | 690 struct ima_iint_cache *iint; |
| 692 int must_appraise; 693 694 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 695 return; 696 697 must_appraise = ima_must_appraise(idmap, inode, MAY_ACCESS, 698 FILE_CHECK); 699 if (!must_appraise) 700 return; 701 702 /* Nothing to do if we can't allocate memory */ | 691 int must_appraise; 692 693 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 694 return; 695 696 must_appraise = ima_must_appraise(idmap, inode, MAY_ACCESS, 697 FILE_CHECK); 698 if (!must_appraise) 699 return; 700 701 /* Nothing to do if we can't allocate memory */ |
| 703 iint = integrity_inode_get(inode); | 702 iint = ima_inode_get(inode); |
| 704 if (!iint) 705 return; 706 707 /* needed for writing the security xattrs */ 708 set_bit(IMA_UPDATE_XATTR, &iint->atomic_flags); 709 iint->ima_file_status = INTEGRITY_PASS; 710} 711 712/** 713 * ima_post_path_mknod - mark as a new inode 714 * @idmap: idmap of the mount the inode was found from 715 * @dentry: newly created dentry 716 * 717 * Mark files created via the mknodat syscall as new, so that the 718 * file data can be written later. 719 */ 720static void ima_post_path_mknod(struct mnt_idmap *idmap, struct dentry *dentry) 721{ | 703 if (!iint) 704 return; 705 706 /* needed for writing the security xattrs */ 707 set_bit(IMA_UPDATE_XATTR, &iint->atomic_flags); 708 iint->ima_file_status = INTEGRITY_PASS; 709} 710 711/** 712 * ima_post_path_mknod - mark as a new inode 713 * @idmap: idmap of the mount the inode was found from 714 * @dentry: newly created dentry 715 * 716 * Mark files created via the mknodat syscall as new, so that the 717 * file data can be written later. 718 */ 719static void ima_post_path_mknod(struct mnt_idmap *idmap, struct dentry *dentry) 720{ |
| 722 struct integrity_iint_cache *iint; | 721 struct ima_iint_cache *iint; |
| 723 struct inode *inode = dentry->d_inode; 724 int must_appraise; 725 726 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 727 return; 728 729 must_appraise = ima_must_appraise(idmap, inode, MAY_ACCESS, 730 FILE_CHECK); 731 if (!must_appraise) 732 return; 733 734 /* Nothing to do if we can't allocate memory */ | 722 struct inode *inode = dentry->d_inode; 723 int must_appraise; 724 725 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) 726 return; 727 728 must_appraise = ima_must_appraise(idmap, inode, MAY_ACCESS, 729 FILE_CHECK); 730 if (!must_appraise) 731 return; 732 733 /* Nothing to do if we can't allocate memory */ |
| 735 iint = integrity_inode_get(inode); | 734 iint = ima_inode_get(inode); |
| 736 if (!iint) 737 return; 738 739 /* needed for re-opening empty files */ 740 iint->flags |= IMA_NEW_FILE; 741} 742 743/** --- 186 unchanged lines hidden (view full) --- 930 struct inode *inode, const void *buf, int size, 931 const char *eventname, enum ima_hooks func, 932 int pcr, const char *func_data, 933 bool buf_hash, u8 *digest, size_t digest_len) 934{ 935 int ret = 0; 936 const char *audit_cause = "ENOMEM"; 937 struct ima_template_entry *entry = NULL; | 735 if (!iint) 736 return; 737 738 /* needed for re-opening empty files */ 739 iint->flags |= IMA_NEW_FILE; 740} 741 742/** --- 186 unchanged lines hidden (view full) --- 929 struct inode *inode, const void *buf, int size, 930 const char *eventname, enum ima_hooks func, 931 int pcr, const char *func_data, 932 bool buf_hash, u8 *digest, size_t digest_len) 933{ 934 int ret = 0; 935 const char *audit_cause = "ENOMEM"; 936 struct ima_template_entry *entry = NULL; |
| 938 struct integrity_iint_cache iint = {}; | 937 struct ima_iint_cache iint = {}; |
| 939 struct ima_event_data event_data = {.iint = &iint, 940 .filename = eventname, 941 .buf = buf, 942 .buf_len = size}; 943 struct ima_template_desc *template; 944 struct ima_max_digest_data hash; 945 char digest_hash[IMA_MAX_DIGEST_SIZE]; 946 int digest_hash_len = hash_digest_size[ima_hash_algo]; --- 220 unchanged lines hidden (view full) --- 1167 LSM_HOOK_INIT(kernel_post_read_file, ima_post_read_file), 1168 LSM_HOOK_INIT(path_post_mknod, ima_post_path_mknod), 1169#ifdef CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS 1170 LSM_HOOK_INIT(key_post_create_or_update, ima_post_key_create_or_update), 1171#endif 1172#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS 1173 LSM_HOOK_INIT(kernel_module_request, ima_kernel_module_request), 1174#endif | 938 struct ima_event_data event_data = {.iint = &iint, 939 .filename = eventname, 940 .buf = buf, 941 .buf_len = size}; 942 struct ima_template_desc *template; 943 struct ima_max_digest_data hash; 944 char digest_hash[IMA_MAX_DIGEST_SIZE]; 945 int digest_hash_len = hash_digest_size[ima_hash_algo]; --- 220 unchanged lines hidden (view full) --- 1166 LSM_HOOK_INIT(kernel_post_read_file, ima_post_read_file), 1167 LSM_HOOK_INIT(path_post_mknod, ima_post_path_mknod), 1168#ifdef CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS 1169 LSM_HOOK_INIT(key_post_create_or_update, ima_post_key_create_or_update), 1170#endif 1171#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS 1172 LSM_HOOK_INIT(kernel_module_request, ima_kernel_module_request), 1173#endif |
| 1174 LSM_HOOK_INIT(inode_free_security, ima_inode_free), |
|
| 1175}; 1176 1177static const struct lsm_id ima_lsmid = { 1178 .name = "ima", 1179 .id = LSM_ID_IMA, 1180}; 1181 1182static int __init init_ima_lsm(void) 1183{ | 1175}; 1176 1177static const struct lsm_id ima_lsmid = { 1178 .name = "ima", 1179 .id = LSM_ID_IMA, 1180}; 1181 1182static int __init init_ima_lsm(void) 1183{ |
| 1184 ima_iintcache_init(); |
|
| 1184 security_add_hooks(ima_hooks, ARRAY_SIZE(ima_hooks), &ima_lsmid); 1185 init_ima_appraise_lsm(&ima_lsmid); 1186 return 0; 1187} 1188 | 1185 security_add_hooks(ima_hooks, ARRAY_SIZE(ima_hooks), &ima_lsmid); 1186 init_ima_appraise_lsm(&ima_lsmid); 1187 return 0; 1188} 1189 |
| 1190struct lsm_blob_sizes ima_blob_sizes __ro_after_init = { 1191 .lbs_inode = sizeof(struct ima_iint_cache *), 1192}; 1193 |
|
| 1189DEFINE_LSM(ima) = { 1190 .name = "ima", 1191 .init = init_ima_lsm, 1192 .order = LSM_ORDER_LAST, | 1194DEFINE_LSM(ima) = { 1195 .name = "ima", 1196 .init = init_ima_lsm, 1197 .order = LSM_ORDER_LAST, |
| 1198 .blobs = &ima_blob_sizes, |
|
| 1193}; 1194 1195late_initcall(init_ima); /* Start IMA after the TPM is available */ | 1199}; 1200 1201late_initcall(init_ima); /* Start IMA after the TPM is available */ |