1 /* 2 * Copyright (C) 2005-2010 IBM Corporation 3 * 4 * Authors: 5 * Mimi Zohar <zohar@us.ibm.com> 6 * Kylene Hall <kjhall@us.ibm.com> 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License as published by 10 * the Free Software Foundation, version 2 of the License. 11 * 12 * File: evm_crypto.c 13 * Using root's kernel master key (kmk), calculate the HMAC 14 */ 15 16 #include <linux/module.h> 17 #include <linux/crypto.h> 18 #include <linux/xattr.h> 19 #include <keys/encrypted-type.h> 20 #include <crypto/hash.h> 21 #include "evm.h" 22 23 #define EVMKEY "evm-key" 24 #define MAX_KEY_SIZE 128 25 static unsigned char evmkey[MAX_KEY_SIZE]; 26 static int evmkey_len = MAX_KEY_SIZE; 27 28 struct crypto_shash *hmac_tfm; 29 30 static struct shash_desc *init_desc(void) 31 { 32 int rc; 33 struct shash_desc *desc; 34 35 if (hmac_tfm == NULL) { 36 hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC); 37 if (IS_ERR(hmac_tfm)) { 38 pr_err("Can not allocate %s (reason: %ld)\n", 39 evm_hmac, PTR_ERR(hmac_tfm)); 40 rc = PTR_ERR(hmac_tfm); 41 hmac_tfm = NULL; 42 return ERR_PTR(rc); 43 } 44 } 45 46 desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm), 47 GFP_KERNEL); 48 if (!desc) 49 return ERR_PTR(-ENOMEM); 50 51 desc->tfm = hmac_tfm; 52 desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; 53 54 rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len); 55 if (rc) 56 goto out; 57 rc = crypto_shash_init(desc); 58 out: 59 if (rc) { 60 kfree(desc); 61 return ERR_PTR(rc); 62 } 63 return desc; 64 } 65 66 /* Protect against 'cutting & pasting' security.evm xattr, include inode 67 * specific info. 68 * 69 * (Additional directory/file metadata needs to be added for more complete 70 * protection.) 71 */ 72 static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, 73 char *digest) 74 { 75 struct h_misc { 76 unsigned long ino; 77 __u32 generation; 78 uid_t uid; 79 gid_t gid; 80 umode_t mode; 81 } hmac_misc; 82 83 memset(&hmac_misc, 0, sizeof hmac_misc); 84 hmac_misc.ino = inode->i_ino; 85 hmac_misc.generation = inode->i_generation; 86 hmac_misc.uid = inode->i_uid; 87 hmac_misc.gid = inode->i_gid; 88 hmac_misc.mode = inode->i_mode; 89 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); 90 crypto_shash_final(desc, digest); 91 } 92 93 /* 94 * Calculate the HMAC value across the set of protected security xattrs. 95 * 96 * Instead of retrieving the requested xattr, for performance, calculate 97 * the hmac using the requested xattr value. Don't alloc/free memory for 98 * each xattr, but attempt to re-use the previously allocated memory. 99 */ 100 int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, 101 const char *req_xattr_value, size_t req_xattr_value_len, 102 char *digest) 103 { 104 struct inode *inode = dentry->d_inode; 105 struct shash_desc *desc; 106 char **xattrname; 107 size_t xattr_size = 0; 108 char *xattr_value = NULL; 109 int error; 110 int size; 111 112 if (!inode->i_op || !inode->i_op->getxattr) 113 return -EOPNOTSUPP; 114 desc = init_desc(); 115 if (IS_ERR(desc)) 116 return PTR_ERR(desc); 117 118 error = -ENODATA; 119 for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) { 120 if ((req_xattr_name && req_xattr_value) 121 && !strcmp(*xattrname, req_xattr_name)) { 122 error = 0; 123 crypto_shash_update(desc, (const u8 *)req_xattr_value, 124 req_xattr_value_len); 125 continue; 126 } 127 size = vfs_getxattr_alloc(dentry, *xattrname, 128 &xattr_value, xattr_size, GFP_NOFS); 129 if (size == -ENOMEM) { 130 error = -ENOMEM; 131 goto out; 132 } 133 if (size < 0) 134 continue; 135 136 error = 0; 137 xattr_size = size; 138 crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size); 139 } 140 hmac_add_misc(desc, inode, digest); 141 142 out: 143 kfree(xattr_value); 144 kfree(desc); 145 return error; 146 } 147 148 /* 149 * Calculate the hmac and update security.evm xattr 150 * 151 * Expects to be called with i_mutex locked. 152 */ 153 int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name, 154 const char *xattr_value, size_t xattr_value_len) 155 { 156 struct inode *inode = dentry->d_inode; 157 struct evm_ima_xattr_data xattr_data; 158 int rc = 0; 159 160 rc = evm_calc_hmac(dentry, xattr_name, xattr_value, 161 xattr_value_len, xattr_data.digest); 162 if (rc == 0) { 163 xattr_data.type = EVM_XATTR_HMAC; 164 rc = __vfs_setxattr_noperm(dentry, XATTR_NAME_EVM, 165 &xattr_data, 166 sizeof(xattr_data), 0); 167 } 168 else if (rc == -ENODATA) 169 rc = inode->i_op->removexattr(dentry, XATTR_NAME_EVM); 170 return rc; 171 } 172 173 int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr, 174 char *hmac_val) 175 { 176 struct shash_desc *desc; 177 178 desc = init_desc(); 179 if (IS_ERR(desc)) { 180 printk(KERN_INFO "init_desc failed\n"); 181 return PTR_ERR(desc); 182 } 183 184 crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len); 185 hmac_add_misc(desc, inode, hmac_val); 186 kfree(desc); 187 return 0; 188 } 189 190 /* 191 * Get the key from the TPM for the SHA1-HMAC 192 */ 193 int evm_init_key(void) 194 { 195 struct key *evm_key; 196 struct encrypted_key_payload *ekp; 197 int rc = 0; 198 199 evm_key = request_key(&key_type_encrypted, EVMKEY, NULL); 200 if (IS_ERR(evm_key)) 201 return -ENOENT; 202 203 down_read(&evm_key->sem); 204 ekp = evm_key->payload.data; 205 if (ekp->decrypted_datalen > MAX_KEY_SIZE) { 206 rc = -EINVAL; 207 goto out; 208 } 209 memcpy(evmkey, ekp->decrypted_data, ekp->decrypted_datalen); 210 out: 211 /* burn the original key contents */ 212 memset(ekp->decrypted_data, 0, ekp->decrypted_datalen); 213 up_read(&evm_key->sem); 214 key_put(evm_key); 215 return rc; 216 } 217