Lines Matching +full:0 +full:- +full:based
1 // SPDX-License-Identifier: GPL-2.0-only
55 if (strncmp(str, "off", 3) == 0) in ima_setup()
57 else if (strncmp(str, "on", 2) == 0) in ima_setup()
58 ima_disabled = 0; in ima_setup()
74 if (strcmp(template_desc->name, IMA_TEMPLATE_IMA_NAME) == 0) { in hash_setup()
75 if (strncmp(str, "sha1", 4) == 0) { in hash_setup()
77 } else if (strncmp(str, "md5", 3) == 0) { in hash_setup()
88 if (i < 0) { in hash_setup()
111 int rc = 0; in mmap_violation_check()
114 mapping_writably_mapped(file->f_mapping)) { in mmap_violation_check()
115 rc = -ETXTBSY; in mmap_violation_check()
118 if (!*pathbuf) /* ima_rdwr_violation possibly pre-fetched */ in mmap_violation_check()
119 *pathname = ima_d_path(&file->f_path, pathbuf, in mmap_violation_check()
122 "mmap_file", "mmapped_writers", rc, 0); in mmap_violation_check()
131 * - Opening a file for write when already open for read,
133 * - Opening a file for read when already open for write,
145 fmode_t mode = file->f_mode; in ima_rdwr_violation_check()
149 if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) { in ima_rdwr_violation_check()
155 &iint->atomic_flags)) in ima_rdwr_violation_check()
160 set_bit(IMA_MAY_EMIT_TOMTOU, &iint->atomic_flags); in ima_rdwr_violation_check()
165 &iint->atomic_flags)) in ima_rdwr_violation_check()
173 *pathname = ima_d_path(&file->f_path, pathbuf, filename); in ima_rdwr_violation_check()
186 fmode_t mode = file->f_mode; in ima_check_last_writer()
192 mutex_lock(&iint->mutex); in ima_check_last_writer()
193 if (atomic_read(&inode->i_writecount) == 1) { in ima_check_last_writer()
196 clear_bit(IMA_EMITTED_OPENWRITERS, &iint->atomic_flags); in ima_check_last_writer()
199 &iint->atomic_flags); in ima_check_last_writer()
200 if ((iint->flags & IMA_NEW_FILE) || in ima_check_last_writer()
201 vfs_getattr_nosec(&file->f_path, &stat, in ima_check_last_writer()
205 stat.change_cookie != iint->real_inode.version) { in ima_check_last_writer()
206 iint->flags &= ~(IMA_DONE_MASK | IMA_NEW_FILE); in ima_check_last_writer()
207 iint->measured_pcrs = 0; in ima_check_last_writer()
212 mutex_unlock(&iint->mutex); in ima_check_last_writer()
216 * ima_file_free - called on __fput()
219 * Flag files that changed, based on i_version
226 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) in ima_file_free()
248 int rc = 0, action, must_appraise = 0; in process_measurement()
252 int xattr_len = 0; in process_measurement()
255 unsigned int allowed_algos = 0; in process_measurement()
257 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) in process_measurement()
258 return 0; in process_measurement()
261 * bitmask based on the appraise/audit/measurement policy. in process_measurement()
271 (file->f_mode & FMODE_WRITE))); in process_measurement()
273 return 0; in process_measurement()
286 rc = -ENOMEM; in process_measurement()
300 mutex_lock(&iint->mutex); in process_measurement()
302 if (test_and_clear_bit(IMA_CHANGE_ATTR, &iint->atomic_flags)) in process_measurement()
304 * Reset appraisal flags (action and non-action rule-specific) in process_measurement()
307 iint->flags &= ~(IMA_APPRAISE | IMA_APPRAISED | in process_measurement()
312 * Re-evaulate the file if either the xattr has changed or the in process_measurement()
316 if (test_and_clear_bit(IMA_CHANGE_XATTR, &iint->atomic_flags) || in process_measurement()
317 ((inode->i_sb->s_iflags & SB_I_IMA_UNVERIFIABLE_SIGNATURE) && in process_measurement()
318 !(inode->i_sb->s_iflags & SB_I_UNTRUSTED_MOUNTER) && in process_measurement()
320 iint->flags &= ~IMA_DONE_MASK; in process_measurement()
321 iint->measured_pcrs = 0; in process_measurement()
325 * On stacked filesystems, detect and re-evaluate file data and in process_measurement()
330 (action & IMA_DO_MASK) && (iint->flags & IMA_DONE_MASK)) { in process_measurement()
332 integrity_inode_attrs_changed(&iint->real_inode, in process_measurement()
334 iint->flags &= ~IMA_DONE_MASK; in process_measurement()
335 iint->measured_pcrs = 0; in process_measurement()
344 iint->flags &= ~(IMA_APPRAISED | in process_measurement()
348 /* Determine if already appraised/measured based on bitmask in process_measurement()
352 iint->flags |= action; in process_measurement()
354 action &= ~((iint->flags & (IMA_DONE_MASK ^ IMA_MEASURED)) >> 1); in process_measurement()
357 if ((action & IMA_MEASURE) && (iint->measured_pcrs & (0x1 << pcr))) in process_measurement()
362 !(test_bit(IMA_DIGSIG, &iint->atomic_flags))) { in process_measurement()
366 (xattr_value->type == EVM_IMA_XATTR_DIGSIG)) in process_measurement()
367 set_bit(IMA_DIGSIG, &iint->atomic_flags); in process_measurement()
368 iint->flags |= IMA_HASHED; in process_measurement()
370 set_bit(IMA_UPDATE_XATTR, &iint->atomic_flags); in process_measurement()
385 strcmp(template_desc->name, IMA_TEMPLATE_IMA_NAME) != 0) { in process_measurement()
392 * an additional measurement list entry, if needed, based on the in process_measurement()
395 if (iint->flags & IMA_MODSIG_ALLOWED) { in process_measurement()
399 iint->flags & IMA_MEASURED) in process_measurement()
407 if (rc != 0 && rc != -EBADF && rc != -EINVAL) in process_measurement()
412 must_appraise = 0; in process_measurement()
416 if (!pathbuf) /* ima_rdwr_violation possibly pre-fetched */ in process_measurement()
417 pathname = ima_d_path(&file->f_path, &pathbuf, filename); in process_measurement()
423 if (rc == 0 && (action & IMA_APPRAISE_SUBMASK)) { in process_measurement()
425 if (rc != -EPERM) { in process_measurement()
439 if ((file->f_flags & O_DIRECT) && (iint->flags & IMA_PERMIT_DIRECTIO)) in process_measurement()
440 rc = 0; in process_measurement()
443 if (rc == 0 && must_appraise && allowed_algos != 0 && in process_measurement()
444 (allowed_algos & (1U << hash_algo)) == 0) { in process_measurement()
445 rc = -EACCES; in process_measurement()
449 "denied-hash-algorithm", rc, 0); in process_measurement()
452 if ((mask & MAY_WRITE) && test_bit(IMA_DIGSIG, &iint->atomic_flags) && in process_measurement()
453 !(iint->flags & IMA_NEW_FILE)) in process_measurement()
454 rc = -EACCES; in process_measurement()
455 mutex_unlock(&iint->mutex); in process_measurement()
463 return -EACCES; in process_measurement()
464 if (file->f_mode & FMODE_WRITE) in process_measurement()
465 set_bit(IMA_UPDATE_XATTR, &iint->atomic_flags); in process_measurement()
467 return 0; in process_measurement()
471 * ima_file_mmap - based on policy, collect/store measurement.
477 * Measure files being mmapped executable based on the ima_must_measure()
480 * On success return 0. On integrity appraisal error, assuming the file
481 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
490 return 0; in ima_file_mmap()
496 0, MAY_EXEC, MMAP_CHECK_REQPROT, 0); in ima_file_mmap()
503 0, MAY_EXEC, MMAP_CHECK, 0); in ima_file_mmap()
505 return 0; in ima_file_mmap()
509 * ima_file_mprotect - based on policy, limit mprotect change
520 * On mprotect change success, return 0. On failure, return -EACESS.
532 int result = 0; in ima_file_mprotect()
537 if (!(ima_policy_flag & IMA_APPRAISE) || !vma->vm_file || in ima_file_mprotect()
538 !(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC)) in ima_file_mprotect()
539 return 0; in ima_file_mprotect()
542 inode = file_inode(vma->vm_file); in ima_file_mprotect()
543 action = ima_get_action(file_mnt_idmap(vma->vm_file), inode, in ima_file_mprotect()
546 action |= ima_get_action(file_mnt_idmap(vma->vm_file), inode, in ima_file_mprotect()
553 return 0; in ima_file_mprotect()
556 result = -EPERM; in ima_file_mprotect()
558 file = vma->vm_file; in ima_file_mprotect()
559 pathname = ima_d_path(&file->f_path, &pathbuf, filename); in ima_file_mprotect()
561 "collect_data", "failed-mprotect", result, 0); in ima_file_mprotect()
569 * ima_bprm_check - based on policy, collect/store measurement.
578 * On success return 0. On integrity appraisal error, assuming the file
579 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
586 return process_measurement(bprm->file, current_cred(), in ima_bprm_check()
587 &prop, NULL, 0, MAY_EXEC, BPRM_CHECK, 0); in ima_bprm_check()
591 * ima_creds_check - based on policy, collect/store measurement.
604 * commit 56305aa9b6fab ("exec: Compute file based creds only once"), the
608 * On success return 0. On integrity appraisal error, assuming the file
609 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
616 return process_measurement((struct file *)file, bprm->cred, &prop, NULL, in ima_creds_check()
617 0, MAY_EXEC, CREDS_CHECK, 0); in ima_creds_check()
621 * ima_bprm_creds_for_exec - collect/store/appraise measurement.
624 * Based on the IMA policy and the execveat(2) AT_EXECVE_CHECK flag, measure
630 * On success return 0. On integrity appraisal error, assuming the file
631 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
642 if (!bprm->is_check) in ima_bprm_creds_for_exec()
643 return 0; in ima_bprm_creds_for_exec()
649 * ima_file_check - based on policy, collect/store measurement.
653 * Measure files based on the ima_must_measure() policy decision.
655 * On success return 0. On integrity appraisal error, assuming the file
656 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
663 return process_measurement(file, current_cred(), &prop, NULL, 0, in ima_file_check()
665 MAY_APPEND), FILE_CHECK, 0); in ima_file_check()
677 mutex_lock(&iint->mutex); in __ima_inode_hash()
680 if ((!iint || !(iint->flags & IMA_COLLECTED)) && file) { in __ima_inode_hash()
682 mutex_unlock(&iint->mutex); in __ima_inode_hash()
684 memset(&tmp_iint, 0, sizeof(tmp_iint)); in __ima_inode_hash()
687 rc = ima_collect_measurement(&tmp_iint, file, NULL, 0, in __ima_inode_hash()
689 if (rc < 0) { in __ima_inode_hash()
691 if (rc != -ENOMEM) in __ima_inode_hash()
694 return -EOPNOTSUPP; in __ima_inode_hash()
698 mutex_lock(&iint->mutex); in __ima_inode_hash()
702 return -EOPNOTSUPP; in __ima_inode_hash()
708 if (!iint->ima_hash || !(iint->flags & IMA_COLLECTED)) { in __ima_inode_hash()
709 mutex_unlock(&iint->mutex); in __ima_inode_hash()
710 return -EOPNOTSUPP; in __ima_inode_hash()
716 copied_size = min_t(size_t, iint->ima_hash->length, buf_size); in __ima_inode_hash()
717 memcpy(buf, iint->ima_hash->digest, copied_size); in __ima_inode_hash()
719 hash_algo = iint->ima_hash->algo; in __ima_inode_hash()
720 mutex_unlock(&iint->mutex); in __ima_inode_hash()
723 kfree(iint->ima_hash); in __ima_inode_hash()
729 * ima_file_hash - return a measurement of the file
739 * The file hash returned is based on the entire file, including the appended
742 * If the measurement cannot be performed, return -EOPNOTSUPP.
743 * If the parameters are incorrect, return -EINVAL.
748 return -EINVAL; in ima_file_hash()
755 * ima_inode_hash - return the stored measurement if the inode has been hashed
766 * The hash returned is based on the entire contents, including the appended
769 * If IMA is disabled or if no measurement is available, return -EOPNOTSUPP.
770 * If the parameters are incorrect, return -EINVAL.
775 return -EINVAL; in ima_inode_hash()
782 * ima_post_create_tmpfile - mark newly created tmpfile as new
797 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) in ima_post_create_tmpfile()
811 set_bit(IMA_UPDATE_XATTR, &iint->atomic_flags); in ima_post_create_tmpfile()
812 iint->ima_file_status = INTEGRITY_PASS; in ima_post_create_tmpfile()
816 * ima_post_path_mknod - mark as a new inode
826 struct inode *inode = dentry->d_inode; in ima_post_path_mknod()
829 if (!ima_policy_flag || !S_ISREG(inode->i_mode)) in ima_post_path_mknod()
842 /* needed for re-opening empty files */ in ima_post_path_mknod()
843 iint->flags |= IMA_NEW_FILE; in ima_post_path_mknod()
847 * ima_read_file - pre-measure/appraise hook decision based on policy
852 * Permit reading a file based on policy. The policy rules are written
856 * For permission return 0, otherwise return -EACCES.
865 * Do devices using pre-allocated memory run the risk of the in ima_read_file()
878 return 0; in ima_read_file()
883 return process_measurement(file, current_cred(), &prop, NULL, 0, in ima_read_file()
884 MAY_READ, func, 0); in ima_read_file()
897 * ima_post_read_file - in memory collect/appraise/audit measurement
903 * Measure/appraise/audit in memory file based on policy. Policy rules
906 * On success return 0. On integrity appraisal error, assuming the file
907 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
917 return 0; in ima_post_read_file()
919 if (!file || !buf || size == 0) { /* should never happen */ in ima_post_read_file()
921 return -EACCES; in ima_post_read_file()
922 return 0; in ima_post_read_file()
932 * ima_load_data - appraise decision based on policy
941 * For permission return 0, otherwise return -EACCES.
955 return -EACCES; in ima_load_data()
960 return -EACCES; /* INTEGRITY_UNKNOWN */ in ima_load_data()
966 return -EACCES; /* INTEGRITY_UNKNOWN */ in ima_load_data()
975 return -EACCES; /* INTEGRITY_UNKNOWN */ in ima_load_data()
981 return 0; in ima_load_data()
985 * ima_post_load_data - appraise decision based on policy
989 * @description: @load_id-specific description of contents
991 * Measure/appraise/audit in memory buffer based on policy. Policy rules
994 * On success return 0. On integrity appraisal error, assuming the file
995 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
1005 return -EACCES; /* INTEGRITY_UNKNOWN */ in ima_post_load_data()
1007 return 0; in ima_post_load_data()
1015 buf, size, true, NULL, 0); in ima_post_load_data()
1017 return 0; in ima_post_load_data()
1021 * process_buffer_measurement - Measure the buffer or the buffer data hash
1034 * Based on policy, either the buffer data or buffer data hash is measured
1036 * Return: 0 if the buffer has been successfully measured, 1 if the digest
1046 int ret = 0; in process_buffer_measurement()
1060 int violation = 0; in process_buffer_measurement()
1061 int action = 0; in process_buffer_measurement()
1065 return -EINVAL; in process_buffer_measurement()
1068 return -ENOENT; in process_buffer_measurement()
1072 ret = -EINVAL; in process_buffer_measurement()
1078 * Both LSM hooks and auxiliary based buffer measurements are in process_buffer_measurement()
1079 * based on policy. To avoid code duplication, differentiate in process_buffer_measurement()
1087 &prop, 0, func, &pcr, &template, in process_buffer_measurement()
1090 return -ENOENT; in process_buffer_measurement()
1097 iint.ima_hash->algo = ima_hash_algo; in process_buffer_measurement()
1098 iint.ima_hash->length = hash_digest_size[ima_hash_algo]; in process_buffer_measurement()
1101 if (ret < 0) { in process_buffer_measurement()
1107 memcpy(digest_hash, hash_hdr->digest, digest_hash_len); in process_buffer_measurement()
1111 if (ret < 0) { in process_buffer_measurement()
1121 memcpy(digest, iint.ima_hash->digest, digest_hash_len); in process_buffer_measurement()
1127 if (ret < 0) { in process_buffer_measurement()
1133 if (ret < 0) { in process_buffer_measurement()
1139 if (ret < 0) in process_buffer_measurement()
1142 audit_cause, ret, 0, ret); in process_buffer_measurement()
1148 * ima_kexec_cmdline - measure kexec cmdline boot args
1165 buf, size, "kexec-cmdline", KEXEC_CMDLINE, 0, in ima_kexec_cmdline()
1166 NULL, false, NULL, 0); in ima_kexec_cmdline()
1170 * ima_measure_critical_data - measure kernel integrity critical data
1184 * Return: 0 if the buffer has been successfully measured, 1 if the digest
1194 return -ENOPARAM; in ima_measure_critical_data()
1197 event_name, CRITICAL_DATA, 0, in ima_measure_critical_data()
1206 * ima_kernel_module_request - Prevent crypto-pkcs1(rsa,*) requests
1210 * binary requires executing modprobe itself. Since the modprobe iint->mutex
1220 * Since we don't have any real "crypto-pkcs1(rsa,*)" kernel modules,
1224 * Return: Zero if it is safe to load the kernel module, -EINVAL otherwise.
1228 if (strncmp(kmod_name, "crypto-pkcs1(rsa,", 17) == 0) in ima_kernel_module_request()
1229 return -EINVAL; in ima_kernel_module_request()
1231 return 0; in ima_kernel_module_request()
1243 return 0; in init_ima()
1252 CONFIG_IMA_DEFAULT_HASH) != 0) { in init_ima()
1255 hash_setup_done = 0; in init_ima()
1306 return 0; in init_ima_lsm()