1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2009-2010 IBM Corporation 4 * 5 * Authors: 6 * Mimi Zohar <zohar@us.ibm.com> 7 */ 8 9 #ifdef pr_fmt 10 #undef pr_fmt 11 #endif 12 13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 14 15 #include <linux/types.h> 16 #include <linux/integrity.h> 17 #include <crypto/sha1.h> 18 #include <crypto/hash.h> 19 #include <linux/key.h> 20 #include <linux/audit.h> 21 #include <linux/lsm_hooks.h> 22 23 enum evm_ima_xattr_type { 24 IMA_XATTR_DIGEST = 0x01, 25 EVM_XATTR_HMAC, 26 EVM_IMA_XATTR_DIGSIG, 27 IMA_XATTR_DIGEST_NG, 28 EVM_XATTR_PORTABLE_DIGSIG, 29 IMA_VERITY_DIGSIG, 30 IMA_XATTR_LAST 31 }; 32 33 struct evm_ima_xattr_data { 34 u8 type; 35 u8 data[]; 36 } __packed; 37 38 /* Only used in the EVM HMAC code. */ 39 struct evm_xattr { 40 struct evm_ima_xattr_data data; 41 u8 digest[SHA1_DIGEST_SIZE]; 42 } __packed; 43 44 #define IMA_MAX_DIGEST_SIZE HASH_MAX_DIGESTSIZE 45 46 struct ima_digest_data { 47 u8 algo; 48 u8 length; 49 union { 50 struct { 51 u8 unused; 52 u8 type; 53 } sha1; 54 struct { 55 u8 type; 56 u8 algo; 57 } ng; 58 u8 data[2]; 59 } xattr; 60 u8 digest[]; 61 } __packed; 62 63 /* 64 * Instead of wrapping the ima_digest_data struct inside a local structure 65 * with the maximum hash size, define ima_max_digest_data struct. 66 */ 67 struct ima_max_digest_data { 68 struct ima_digest_data hdr; 69 u8 digest[HASH_MAX_DIGESTSIZE]; 70 } __packed; 71 72 /* 73 * signature header format v2 - for using with asymmetric keys 74 * 75 * The signature_v2_hdr struct includes a signature format version 76 * to simplify defining new signature formats. 77 * 78 * signature format: 79 * version 2: regular file data hash based signature 80 * version 3: struct ima_file_id data based signature 81 */ 82 struct signature_v2_hdr { 83 uint8_t type; /* xattr type */ 84 uint8_t version; /* signature format version */ 85 uint8_t hash_algo; /* Digest algorithm [enum hash_algo] */ 86 __be32 keyid; /* IMA key identifier - not X509/PGP specific */ 87 __be16 sig_size; /* signature size */ 88 uint8_t sig[]; /* signature payload */ 89 } __packed; 90 91 /* 92 * IMA signature version 3 disambiguates the data that is signed, by 93 * indirectly signing the hash of the ima_file_id structure data, 94 * containing either the fsverity_descriptor struct digest or, in the 95 * future, the regular IMA file hash. 96 * 97 * (The hash of the ima_file_id structure is only of the portion used.) 98 */ 99 struct ima_file_id { 100 __u8 hash_type; /* xattr type [enum evm_ima_xattr_type] */ 101 __u8 hash_algorithm; /* Digest algorithm [enum hash_algo] */ 102 __u8 hash[HASH_MAX_DIGESTSIZE]; 103 } __packed; 104 105 /* integrity data associated with an inode */ 106 struct integrity_iint_cache { 107 struct rb_node rb_node; /* rooted in integrity_iint_tree */ 108 struct mutex mutex; /* protects: version, flags, digest */ 109 struct inode *inode; /* back pointer to inode in question */ 110 u64 version; /* track inode changes */ 111 unsigned long flags; 112 unsigned long measured_pcrs; 113 unsigned long atomic_flags; 114 unsigned long real_ino; 115 dev_t real_dev; 116 enum integrity_status ima_file_status:4; 117 enum integrity_status ima_mmap_status:4; 118 enum integrity_status ima_bprm_status:4; 119 enum integrity_status ima_read_status:4; 120 enum integrity_status ima_creds_status:4; 121 enum integrity_status evm_status:4; 122 struct ima_digest_data *ima_hash; 123 }; 124 125 /* rbtree tree calls to lookup, insert, delete 126 * integrity data associated with an inode. 127 */ 128 struct integrity_iint_cache *integrity_iint_find(struct inode *inode); 129 130 int integrity_kernel_read(struct file *file, loff_t offset, 131 void *addr, unsigned long count); 132 133 #define INTEGRITY_KEYRING_EVM 0 134 #define INTEGRITY_KEYRING_IMA 1 135 #define INTEGRITY_KEYRING_PLATFORM 2 136 #define INTEGRITY_KEYRING_MACHINE 3 137 #define INTEGRITY_KEYRING_MAX 4 138 139 extern struct dentry *integrity_dir; 140 141 struct modsig; 142 143 #ifdef CONFIG_INTEGRITY_SIGNATURE 144 145 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, 146 const char *digest, int digestlen); 147 int integrity_modsig_verify(unsigned int id, const struct modsig *modsig); 148 149 int __init integrity_init_keyring(const unsigned int id); 150 int __init integrity_load_x509(const unsigned int id, const char *path); 151 int __init integrity_load_cert(const unsigned int id, const char *source, 152 const void *data, size_t len, key_perm_t perm); 153 #else 154 155 static inline int integrity_digsig_verify(const unsigned int id, 156 const char *sig, int siglen, 157 const char *digest, int digestlen) 158 { 159 return -EOPNOTSUPP; 160 } 161 162 static inline int integrity_modsig_verify(unsigned int id, 163 const struct modsig *modsig) 164 { 165 return -EOPNOTSUPP; 166 } 167 168 static inline int integrity_init_keyring(const unsigned int id) 169 { 170 return 0; 171 } 172 173 static inline int __init integrity_load_cert(const unsigned int id, 174 const char *source, 175 const void *data, size_t len, 176 key_perm_t perm) 177 { 178 return 0; 179 } 180 #endif /* CONFIG_INTEGRITY_SIGNATURE */ 181 182 #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS 183 int asymmetric_verify(struct key *keyring, const char *sig, 184 int siglen, const char *data, int datalen); 185 #else 186 static inline int asymmetric_verify(struct key *keyring, const char *sig, 187 int siglen, const char *data, int datalen) 188 { 189 return -EOPNOTSUPP; 190 } 191 #endif 192 193 #ifdef CONFIG_IMA_APPRAISE_MODSIG 194 int ima_modsig_verify(struct key *keyring, const struct modsig *modsig); 195 #else 196 static inline int ima_modsig_verify(struct key *keyring, 197 const struct modsig *modsig) 198 { 199 return -EOPNOTSUPP; 200 } 201 #endif 202 203 #ifdef CONFIG_IMA_LOAD_X509 204 void __init ima_load_x509(void); 205 #else 206 static inline void ima_load_x509(void) 207 { 208 } 209 #endif 210 211 #ifdef CONFIG_EVM_LOAD_X509 212 void __init evm_load_x509(void); 213 #else 214 static inline void evm_load_x509(void) 215 { 216 } 217 #endif 218 219 #ifdef CONFIG_INTEGRITY_AUDIT 220 /* declarations */ 221 void integrity_audit_msg(int audit_msgno, struct inode *inode, 222 const unsigned char *fname, const char *op, 223 const char *cause, int result, int info); 224 225 void integrity_audit_message(int audit_msgno, struct inode *inode, 226 const unsigned char *fname, const char *op, 227 const char *cause, int result, int info, 228 int errno); 229 230 static inline struct audit_buffer * 231 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type) 232 { 233 return audit_log_start(ctx, gfp_mask, type); 234 } 235 236 #else 237 static inline void integrity_audit_msg(int audit_msgno, struct inode *inode, 238 const unsigned char *fname, 239 const char *op, const char *cause, 240 int result, int info) 241 { 242 } 243 244 static inline void integrity_audit_message(int audit_msgno, 245 struct inode *inode, 246 const unsigned char *fname, 247 const char *op, const char *cause, 248 int result, int info, int errno) 249 { 250 } 251 252 static inline struct audit_buffer * 253 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type) 254 { 255 return NULL; 256 } 257 258 #endif 259 260 #ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING 261 void __init add_to_platform_keyring(const char *source, const void *data, 262 size_t len); 263 #else 264 static inline void __init add_to_platform_keyring(const char *source, 265 const void *data, size_t len) 266 { 267 } 268 #endif 269 270 #ifdef CONFIG_INTEGRITY_MACHINE_KEYRING 271 void __init add_to_machine_keyring(const char *source, const void *data, size_t len); 272 bool __init imputed_trust_enabled(void); 273 #else 274 static inline void __init add_to_machine_keyring(const char *source, 275 const void *data, size_t len) 276 { 277 } 278 279 static inline bool __init imputed_trust_enabled(void) 280 { 281 return false; 282 } 283 #endif 284