1 /* 2 * Copyright (C) 2005-2010 IBM Corporation 3 * 4 * Authors: 5 * Mimi Zohar <zohar@us.ibm.com> 6 * Kylene Hall <kjhall@us.ibm.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation, version 2 of the License. 11 * 12 * File: evm_crypto.c 13 * Using root's kernel master key (kmk), calculate the HMAC 14 */ 15 16 #include <linux/module.h> 17 #include <linux/crypto.h> 18 #include <linux/xattr.h> 19 #include <keys/encrypted-type.h> 20 #include <crypto/hash.h> 21 #include "evm.h" 22 23 #define EVMKEY "evm-key" 24 #define MAX_KEY_SIZE 128 25 static unsigned char evmkey[MAX_KEY_SIZE]; 26 static int evmkey_len = MAX_KEY_SIZE; 27 28 struct crypto_shash *hmac_tfm; 29 30 static DEFINE_MUTEX(mutex); 31 32 static struct shash_desc *init_desc(void) 33 { 34 int rc; 35 struct shash_desc *desc; 36 37 if (hmac_tfm == NULL) { 38 mutex_lock(&mutex); 39 if (hmac_tfm) 40 goto out; 41 hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC); 42 if (IS_ERR(hmac_tfm)) { 43 pr_err("Can not allocate %s (reason: %ld)\n", 44 evm_hmac, PTR_ERR(hmac_tfm)); 45 rc = PTR_ERR(hmac_tfm); 46 hmac_tfm = NULL; 47 mutex_unlock(&mutex); 48 return ERR_PTR(rc); 49 } 50 rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len); 51 if (rc) { 52 crypto_free_shash(hmac_tfm); 53 hmac_tfm = NULL; 54 mutex_unlock(&mutex); 55 return ERR_PTR(rc); 56 } 57 out: 58 mutex_unlock(&mutex); 59 } 60 61 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm), 62 GFP_KERNEL); 63 if (!desc) 64 return ERR_PTR(-ENOMEM); 65 66 desc->tfm = hmac_tfm; 67 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 68 69 rc = crypto_shash_init(desc); 70 if (rc) { 71 kfree(desc); 72 return ERR_PTR(rc); 73 } 74 return desc; 75 } 76 77 /* Protect against 'cutting & pasting' security.evm xattr, include inode 78 * specific info. 79 * 80 * (Additional directory/file metadata needs to be added for more complete 81 * protection.) 82 */ 83 static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, 84 char *digest) 85 { 86 struct h_misc { 87 unsigned long ino; 88 __u32 generation; 89 uid_t uid; 90 gid_t gid; 91 umode_t mode; 92 } hmac_misc; 93 94 memset(&hmac_misc, 0, sizeof hmac_misc); 95 hmac_misc.ino = inode->i_ino; 96 hmac_misc.generation = inode->i_generation; 97 hmac_misc.uid = inode->i_uid; 98 hmac_misc.gid = inode->i_gid; 99 hmac_misc.mode = inode->i_mode; 100 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); 101 crypto_shash_final(desc, digest); 102 } 103 104 /* 105 * Calculate the HMAC value across the set of protected security xattrs. 106 * 107 * Instead of retrieving the requested xattr, for performance, calculate 108 * the hmac using the requested xattr value. Don't alloc/free memory for 109 * each xattr, but attempt to re-use the previously allocated memory. 110 */ 111 int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, 112 const char *req_xattr_value, size_t req_xattr_value_len, 113 char *digest) 114 { 115 struct inode *inode = dentry->d_inode; 116 struct shash_desc *desc; 117 char **xattrname; 118 size_t xattr_size = 0; 119 char *xattr_value = NULL; 120 int error; 121 int size; 122 123 if (!inode->i_op || !inode->i_op->getxattr) 124 return -EOPNOTSUPP; 125 desc = init_desc(); 126 if (IS_ERR(desc)) 127 return PTR_ERR(desc); 128 129 error = -ENODATA; 130 for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) { 131 if ((req_xattr_name && req_xattr_value) 132 && !strcmp(*xattrname, req_xattr_name)) { 133 error = 0; 134 crypto_shash_update(desc, (const u8 *)req_xattr_value, 135 req_xattr_value_len); 136 continue; 137 } 138 size = vfs_getxattr_alloc(dentry, *xattrname, 139 &xattr_value, xattr_size, GFP_NOFS); 140 if (size == -ENOMEM) { 141 error = -ENOMEM; 142 goto out; 143 } 144 if (size < 0) 145 continue; 146 147 error = 0; 148 xattr_size = size; 149 crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size); 150 } 151 hmac_add_misc(desc, inode, digest); 152 153 out: 154 kfree(xattr_value); 155 kfree(desc); 156 return error; 157 } 158 159 /* 160 * Calculate the hmac and update security.evm xattr 161 * 162 * Expects to be called with i_mutex locked. 163 */ 164 int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name, 165 const char *xattr_value, size_t xattr_value_len) 166 { 167 struct inode *inode = dentry->d_inode; 168 struct evm_ima_xattr_data xattr_data; 169 int rc = 0; 170 171 rc = evm_calc_hmac(dentry, xattr_name, xattr_value, 172 xattr_value_len, xattr_data.digest); 173 if (rc == 0) { 174 xattr_data.type = EVM_XATTR_HMAC; 175 rc = __vfs_setxattr_noperm(dentry, XATTR_NAME_EVM, 176 &xattr_data, 177 sizeof(xattr_data), 0); 178 } 179 else if (rc == -ENODATA) 180 rc = inode->i_op->removexattr(dentry, XATTR_NAME_EVM); 181 return rc; 182 } 183 184 int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr, 185 char *hmac_val) 186 { 187 struct shash_desc *desc; 188 189 desc = init_desc(); 190 if (IS_ERR(desc)) { 191 printk(KERN_INFO "init_desc failed\n"); 192 return PTR_ERR(desc); 193 } 194 195 crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len); 196 hmac_add_misc(desc, inode, hmac_val); 197 kfree(desc); 198 return 0; 199 } 200 201 /* 202 * Get the key from the TPM for the SHA1-HMAC 203 */ 204 int evm_init_key(void) 205 { 206 struct key *evm_key; 207 struct encrypted_key_payload *ekp; 208 int rc = 0; 209 210 evm_key = request_key(&key_type_encrypted, EVMKEY, NULL); 211 if (IS_ERR(evm_key)) 212 return -ENOENT; 213 214 down_read(&evm_key->sem); 215 ekp = evm_key->payload.data; 216 if (ekp->decrypted_datalen > MAX_KEY_SIZE) { 217 rc = -EINVAL; 218 goto out; 219 } 220 memcpy(evmkey, ekp->decrypted_data, ekp->decrypted_datalen); 221 out: 222 /* burn the original key contents */ 223 memset(ekp->decrypted_data, 0, ekp->decrypted_datalen); 224 up_read(&evm_key->sem); 225 key_put(evm_key); 226 return rc; 227 } 228