xref: /linux/security/integrity/integrity.h (revision c532de5a67a70f8533d495f8f2aaa9a0491c3ad0)
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3  * Copyright (C) 2009-2010 IBM Corporation
4  *
5  * Authors:
6  * Mimi Zohar <zohar@us.ibm.com>
7  */
8 
9 #ifdef pr_fmt
10 #undef pr_fmt
11 #endif
12 
13 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14 
15 #include <linux/types.h>
16 #include <linux/integrity.h>
17 #include <crypto/sha1.h>
18 #include <crypto/hash.h>
19 #include <linux/key.h>
20 #include <linux/audit.h>
21 #include <linux/lsm_hooks.h>
22 
23 enum evm_ima_xattr_type {
24 	IMA_XATTR_DIGEST = 0x01,
25 	EVM_XATTR_HMAC,
26 	EVM_IMA_XATTR_DIGSIG,
27 	IMA_XATTR_DIGEST_NG,
28 	EVM_XATTR_PORTABLE_DIGSIG,
29 	IMA_VERITY_DIGSIG,
30 	IMA_XATTR_LAST
31 };
32 
33 struct evm_ima_xattr_data {
34 	/* New members must be added within the __struct_group() macro below. */
35 	__struct_group(evm_ima_xattr_data_hdr, hdr, __packed,
36 		u8 type;
37 	);
38 	u8 data[];
39 } __packed;
40 
41 /* Only used in the EVM HMAC code. */
42 struct evm_xattr {
43 	struct evm_ima_xattr_data_hdr data;
44 	u8 digest[SHA1_DIGEST_SIZE];
45 } __packed;
46 
47 #define IMA_MAX_DIGEST_SIZE	HASH_MAX_DIGESTSIZE
48 
49 struct ima_digest_data {
50 	/* New members must be added within the __struct_group() macro below. */
51 	__struct_group(ima_digest_data_hdr, hdr, __packed,
52 	u8 algo;
53 	u8 length;
54 	union {
55 		struct {
56 			u8 unused;
57 			u8 type;
58 		} sha1;
59 		struct {
60 			u8 type;
61 			u8 algo;
62 		} ng;
63 		u8 data[2];
64 	} xattr;
65 	);
66 	u8 digest[];
67 } __packed;
68 
69 /*
70  * Instead of wrapping the ima_digest_data struct inside a local structure
71  * with the maximum hash size, define ima_max_digest_data struct.
72  */
73 struct ima_max_digest_data {
74 	struct ima_digest_data_hdr hdr;
75 	u8 digest[HASH_MAX_DIGESTSIZE];
76 } __packed;
77 
78 /*
79  * signature header format v2 - for using with asymmetric keys
80  *
81  * The signature_v2_hdr struct includes a signature format version
82  * to simplify defining new signature formats.
83  *
84  * signature format:
85  * version 2: regular file data hash based signature
86  * version 3: struct ima_file_id data based signature
87  */
88 struct signature_v2_hdr {
89 	uint8_t type;		/* xattr type */
90 	uint8_t version;	/* signature format version */
91 	uint8_t	hash_algo;	/* Digest algorithm [enum hash_algo] */
92 	__be32 keyid;		/* IMA key identifier - not X509/PGP specific */
93 	__be16 sig_size;	/* signature size */
94 	uint8_t sig[];		/* signature payload */
95 } __packed;
96 
97 /*
98  * IMA signature version 3 disambiguates the data that is signed, by
99  * indirectly signing the hash of the ima_file_id structure data,
100  * containing either the fsverity_descriptor struct digest or, in the
101  * future, the regular IMA file hash.
102  *
103  * (The hash of the ima_file_id structure is only of the portion used.)
104  */
105 struct ima_file_id {
106 	__u8 hash_type;		/* xattr type [enum evm_ima_xattr_type] */
107 	__u8 hash_algorithm;	/* Digest algorithm [enum hash_algo] */
108 	__u8 hash[HASH_MAX_DIGESTSIZE];
109 } __packed;
110 
111 int integrity_kernel_read(struct file *file, loff_t offset,
112 			  void *addr, unsigned long count);
113 
114 #define INTEGRITY_KEYRING_EVM		0
115 #define INTEGRITY_KEYRING_IMA		1
116 #define INTEGRITY_KEYRING_PLATFORM	2
117 #define INTEGRITY_KEYRING_MACHINE	3
118 #define INTEGRITY_KEYRING_MAX		4
119 
120 extern struct dentry *integrity_dir;
121 
122 struct modsig;
123 
124 #ifdef CONFIG_INTEGRITY_SIGNATURE
125 
126 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
127 			    const char *digest, int digestlen);
128 int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);
129 
130 int __init integrity_init_keyring(const unsigned int id);
131 int __init integrity_load_x509(const unsigned int id, const char *path);
132 int __init integrity_load_cert(const unsigned int id, const char *source,
133 			       const void *data, size_t len, key_perm_t perm);
134 #else
135 
136 static inline int integrity_digsig_verify(const unsigned int id,
137 					  const char *sig, int siglen,
138 					  const char *digest, int digestlen)
139 {
140 	return -EOPNOTSUPP;
141 }
142 
143 static inline int integrity_modsig_verify(unsigned int id,
144 					  const struct modsig *modsig)
145 {
146 	return -EOPNOTSUPP;
147 }
148 
149 static inline int integrity_init_keyring(const unsigned int id)
150 {
151 	return 0;
152 }
153 
154 static inline int __init integrity_load_cert(const unsigned int id,
155 					     const char *source,
156 					     const void *data, size_t len,
157 					     key_perm_t perm)
158 {
159 	return 0;
160 }
161 #endif /* CONFIG_INTEGRITY_SIGNATURE */
162 
163 #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
164 int asymmetric_verify(struct key *keyring, const char *sig,
165 		      int siglen, const char *data, int datalen);
166 #else
167 static inline int asymmetric_verify(struct key *keyring, const char *sig,
168 				    int siglen, const char *data, int datalen)
169 {
170 	return -EOPNOTSUPP;
171 }
172 #endif
173 
174 #ifdef CONFIG_IMA_APPRAISE_MODSIG
175 int ima_modsig_verify(struct key *keyring, const struct modsig *modsig);
176 #else
177 static inline int ima_modsig_verify(struct key *keyring,
178 				    const struct modsig *modsig)
179 {
180 	return -EOPNOTSUPP;
181 }
182 #endif
183 
184 #ifdef CONFIG_IMA_LOAD_X509
185 void __init ima_load_x509(void);
186 #else
187 static inline void ima_load_x509(void)
188 {
189 }
190 #endif
191 
192 #ifdef CONFIG_EVM_LOAD_X509
193 void __init evm_load_x509(void);
194 #else
195 static inline void evm_load_x509(void)
196 {
197 }
198 #endif
199 
200 #ifdef CONFIG_INTEGRITY_AUDIT
201 /* declarations */
202 void integrity_audit_msg(int audit_msgno, struct inode *inode,
203 			 const unsigned char *fname, const char *op,
204 			 const char *cause, int result, int info);
205 
206 void integrity_audit_message(int audit_msgno, struct inode *inode,
207 			     const unsigned char *fname, const char *op,
208 			     const char *cause, int result, int info,
209 			     int errno);
210 
211 static inline struct audit_buffer *
212 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
213 {
214 	return audit_log_start(ctx, gfp_mask, type);
215 }
216 
217 #else
218 static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
219 				       const unsigned char *fname,
220 				       const char *op, const char *cause,
221 				       int result, int info)
222 {
223 }
224 
225 static inline void integrity_audit_message(int audit_msgno,
226 					   struct inode *inode,
227 					   const unsigned char *fname,
228 					   const char *op, const char *cause,
229 					   int result, int info, int errno)
230 {
231 }
232 
233 static inline struct audit_buffer *
234 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
235 {
236 	return NULL;
237 }
238 
239 #endif
240 
241 #ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
242 void __init add_to_platform_keyring(const char *source, const void *data,
243 				    size_t len);
244 #else
245 static inline void __init add_to_platform_keyring(const char *source,
246 						  const void *data, size_t len)
247 {
248 }
249 #endif
250 
251 #ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
252 void __init add_to_machine_keyring(const char *source, const void *data, size_t len);
253 bool __init imputed_trust_enabled(void);
254 #else
255 static inline void __init add_to_machine_keyring(const char *source,
256 						  const void *data, size_t len)
257 {
258 }
259 
260 static inline bool __init imputed_trust_enabled(void)
261 {
262 	return false;
263 }
264 #endif
265