xref: /linux/security/integrity/integrity.h (revision 7255fcc80d4b525cc10cfaaf7f485830d4ed2000) 
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3  * Copyright (C) 2009-2010 IBM Corporation
4  *
5  * Authors:
6  * Mimi Zohar <zohar@us.ibm.com>
7  */
8 
9 #ifdef pr_fmt
10 #undef pr_fmt
11 #endif
12 
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14 
15 #include <linux/types.h>
16 #include <linux/integrity.h>
17 #include <crypto/sha1.h>
18 #include <crypto/hash.h>
19 #include <linux/key.h>
20 #include <linux/audit.h>
21 #include <linux/lsm_hooks.h>
22 
23 enum evm_ima_xattr_type {
24 	IMA_XATTR_DIGEST = 0x01,
25 	EVM_XATTR_HMAC,
26 	EVM_IMA_XATTR_DIGSIG,
27 	IMA_XATTR_DIGEST_NG,
28 	EVM_XATTR_PORTABLE_DIGSIG,
29 	IMA_VERITY_DIGSIG,
30 	IMA_XATTR_LAST
31 };
32 
33 struct evm_ima_xattr_data {
34 	u8 type;
35 	u8 data[];
36 } __packed;
37 
38 /* Only used in the EVM HMAC code. */
39 struct evm_xattr {
40 	struct evm_ima_xattr_data data;
41 	u8 digest[SHA1_DIGEST_SIZE];
42 } __packed;
43 
44 #define IMA_MAX_DIGEST_SIZE	HASH_MAX_DIGESTSIZE
45 
46 struct ima_digest_data {
47 	u8 algo;
48 	u8 length;
49 	union {
50 		struct {
51 			u8 unused;
52 			u8 type;
53 		} sha1;
54 		struct {
55 			u8 type;
56 			u8 algo;
57 		} ng;
58 		u8 data[2];
59 	} xattr;
60 	u8 digest[];
61 } __packed;
62 
63 /*
64  * Instead of wrapping the ima_digest_data struct inside a local structure
65  * with the maximum hash size, define ima_max_digest_data struct.
66  */
67 struct ima_max_digest_data {
68 	struct ima_digest_data hdr;
69 	u8 digest[HASH_MAX_DIGESTSIZE];
70 } __packed;
71 
72 /*
73  * signature header format v2 - for using with asymmetric keys
74  *
75  * The signature_v2_hdr struct includes a signature format version
76  * to simplify defining new signature formats.
77  *
78  * signature format:
79  * version 2: regular file data hash based signature
80  * version 3: struct ima_file_id data based signature
81  */
82 struct signature_v2_hdr {
83 	uint8_t type;		/* xattr type */
84 	uint8_t version;	/* signature format version */
85 	uint8_t	hash_algo;	/* Digest algorithm [enum hash_algo] */
86 	__be32 keyid;		/* IMA key identifier - not X509/PGP specific */
87 	__be16 sig_size;	/* signature size */
88 	uint8_t sig[];		/* signature payload */
89 } __packed;
90 
91 /*
92  * IMA signature version 3 disambiguates the data that is signed, by
93  * indirectly signing the hash of the ima_file_id structure data,
94  * containing either the fsverity_descriptor struct digest or, in the
95  * future, the regular IMA file hash.
96  *
97  * (The hash of the ima_file_id structure is only of the portion used.)
98  */
99 struct ima_file_id {
100 	__u8 hash_type;		/* xattr type [enum evm_ima_xattr_type] */
101 	__u8 hash_algorithm;	/* Digest algorithm [enum hash_algo] */
102 	__u8 hash[HASH_MAX_DIGESTSIZE];
103 } __packed;
104 
105 int integrity_kernel_read(struct file *file, loff_t offset,
106 			  void *addr, unsigned long count);
107 
108 #define INTEGRITY_KEYRING_EVM		0
109 #define INTEGRITY_KEYRING_IMA		1
110 #define INTEGRITY_KEYRING_PLATFORM	2
111 #define INTEGRITY_KEYRING_MACHINE	3
112 #define INTEGRITY_KEYRING_MAX		4
113 
114 extern struct dentry *integrity_dir;
115 
116 struct modsig;
117 
118 #ifdef CONFIG_INTEGRITY_SIGNATURE
119 
120 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
121 			    const char *digest, int digestlen);
122 int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);
123 
124 int __init integrity_init_keyring(const unsigned int id);
125 int __init integrity_load_x509(const unsigned int id, const char *path);
126 int __init integrity_load_cert(const unsigned int id, const char *source,
127 			       const void *data, size_t len, key_perm_t perm);
128 #else
129 
130 static inline int integrity_digsig_verify(const unsigned int id,
131 					  const char *sig, int siglen,
132 					  const char *digest, int digestlen)
133 {
134 	return -EOPNOTSUPP;
135 }
136 
137 static inline int integrity_modsig_verify(unsigned int id,
138 					  const struct modsig *modsig)
139 {
140 	return -EOPNOTSUPP;
141 }
142 
143 static inline int integrity_init_keyring(const unsigned int id)
144 {
145 	return 0;
146 }
147 
148 static inline int __init integrity_load_cert(const unsigned int id,
149 					     const char *source,
150 					     const void *data, size_t len,
151 					     key_perm_t perm)
152 {
153 	return 0;
154 }
155 #endif /* CONFIG_INTEGRITY_SIGNATURE */
156 
157 #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
158 int asymmetric_verify(struct key *keyring, const char *sig,
159 		      int siglen, const char *data, int datalen);
160 #else
161 static inline int asymmetric_verify(struct key *keyring, const char *sig,
162 				    int siglen, const char *data, int datalen)
163 {
164 	return -EOPNOTSUPP;
165 }
166 #endif
167 
168 #ifdef CONFIG_IMA_APPRAISE_MODSIG
169 int ima_modsig_verify(struct key *keyring, const struct modsig *modsig);
170 #else
171 static inline int ima_modsig_verify(struct key *keyring,
172 				    const struct modsig *modsig)
173 {
174 	return -EOPNOTSUPP;
175 }
176 #endif
177 
178 #ifdef CONFIG_IMA_LOAD_X509
179 void __init ima_load_x509(void);
180 #else
181 static inline void ima_load_x509(void)
182 {
183 }
184 #endif
185 
186 #ifdef CONFIG_EVM_LOAD_X509
187 void __init evm_load_x509(void);
188 #else
189 static inline void evm_load_x509(void)
190 {
191 }
192 #endif
193 
194 #ifdef CONFIG_INTEGRITY_AUDIT
195 /* declarations */
196 void integrity_audit_msg(int audit_msgno, struct inode *inode,
197 			 const unsigned char *fname, const char *op,
198 			 const char *cause, int result, int info);
199 
200 void integrity_audit_message(int audit_msgno, struct inode *inode,
201 			     const unsigned char *fname, const char *op,
202 			     const char *cause, int result, int info,
203 			     int errno);
204 
205 static inline struct audit_buffer *
206 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
207 {
208 	return audit_log_start(ctx, gfp_mask, type);
209 }
210 
211 #else
212 static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
213 				       const unsigned char *fname,
214 				       const char *op, const char *cause,
215 				       int result, int info)
216 {
217 }
218 
219 static inline void integrity_audit_message(int audit_msgno,
220 					   struct inode *inode,
221 					   const unsigned char *fname,
222 					   const char *op, const char *cause,
223 					   int result, int info, int errno)
224 {
225 }
226 
227 static inline struct audit_buffer *
228 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
229 {
230 	return NULL;
231 }
232 
233 #endif
234 
235 #ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
236 void __init add_to_platform_keyring(const char *source, const void *data,
237 				    size_t len);
238 #else
239 static inline void __init add_to_platform_keyring(const char *source,
240 						  const void *data, size_t len)
241 {
242 }
243 #endif
244 
245 #ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
246 void __init add_to_machine_keyring(const char *source, const void *data, size_t len);
247 bool __init imputed_trust_enabled(void);
248 #else
249 static inline void __init add_to_machine_keyring(const char *source,
250 						  const void *data, size_t len)
251 {
252 }
253 
254 static inline bool __init imputed_trust_enabled(void)
255 {
256 	return false;
257 }
258 #endif
259