projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'regmap/range' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie...
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / security / integrity / ima / ima_api.c
1 /*
2 * Copyright (C) 2008 IBM Corporation
3 *
4 * Author: Mimi Zohar <zohar@us.ibm.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as
8 * published by the Free Software Foundation, version 2 of the
9 * License.
10 *
11 * File: ima_api.c
12 * Implements must_appraise_or_measure, collect_measurement,
13 * appraise_measurement, store_measurement and store_template.
14 */
15 #include <linux/module.h>
16 #include <linux/slab.h>
17 #include <linux/file.h>
18 #include <linux/fs.h>
19 #include <linux/xattr.h>
20 #include <linux/evm.h>
21 #include "ima.h"
22
23 static const char *IMA_TEMPLATE_NAME = "ima";
24
25 /*
26 * ima_store_template - store ima template measurements
27 *
28 * Calculate the hash of a template entry, add the template entry
29 * to an ordered list of measurement entries maintained inside the kernel,
30 * and also update the aggregate integrity value (maintained inside the
31 * configured TPM PCR) over the hashes of the current list of measurement
32 * entries.
33 *
34 * Applications retrieve the current kernel-held measurement list through
35 * the securityfs entries in /sys/kernel/security/ima. The signed aggregate
36 * TPM PCR (called quote) can be retrieved using a TPM user space library
37 * and is used to validate the measurement list.
38 *
39 * Returns 0 on success, error code otherwise
40 */
41 int ima_store_template(struct ima_template_entry *entry,
42 int violation, struct inode *inode)
43 {
44 const char *op = "add_template_measure";
45 const char *audit_cause = "hashing_error";
46 int result;
47
48 memset(entry->digest, 0, sizeof(entry->digest));
49 entry->template_name = IMA_TEMPLATE_NAME;
50 entry->template_len = sizeof(entry->template);
51
52 if (!violation) {
53 result = ima_calc_template_hash(entry->template_len,
54 &entry->template,
55 entry->digest);
56 if (result < 0) {
57 integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode,
58 entry->template_name, op,
59 audit_cause, result, 0);
60 return result;
61 }
62 }
63 result = ima_add_template_entry(entry, violation, op, inode);
64 return result;
65 }
66
67 /*
68 * ima_add_violation - add violation to measurement list.
69 *
70 * Violations are flagged in the measurement list with zero hash values.
71 * By extending the PCR with 0xFF's instead of with zeroes, the PCR
72 * value is invalidated.
73 */
74 void ima_add_violation(struct inode *inode, const unsigned char *filename,
75 const char *op, const char *cause)
76 {
77 struct ima_template_entry *entry;
78 int violation = 1;
79 int result;
80
81 /* can overflow, only indicator */
82 atomic_long_inc(&ima_htable.violations);
83
84 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
85 if (!entry) {
86 result = -ENOMEM;
87 goto err_out;
88 }
89 memset(&entry->template, 0, sizeof(entry->template));
90 strncpy(entry->template.file_name, filename, IMA_EVENT_NAME_LEN_MAX);
91 result = ima_store_template(entry, violation, inode);
92 if (result < 0)
93 kfree(entry);
94 err_out:
95 integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode, filename,
96 op, cause, result, 0);
97 }
98
99 /**
100 * ima_get_action - appraise & measure decision based on policy.
101 * @inode: pointer to inode to measure
102 * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXECUTE)
103 * @function: calling function (FILE_CHECK, BPRM_CHECK, FILE_MMAP)
104 *
105 * The policy is defined in terms of keypairs:
106 * subj=, obj=, type=, func=, mask=, fsmagic=
107 * subj,obj, and type: are LSM specific.
108 * func: FILE_CHECK | BPRM_CHECK | FILE_MMAP
109 * mask: contains the permission mask
110 * fsmagic: hex value
111 *
112 * Returns IMA_MEASURE, IMA_APPRAISE mask.
113 *
114 */
115 int ima_get_action(struct inode *inode, int mask, int function)
116 {
117 int flags = IMA_MEASURE | IMA_AUDIT | IMA_APPRAISE;
118
119 if (!ima_appraise)
120 flags &= ~IMA_APPRAISE;
121
122 return ima_match_policy(inode, function, mask, flags);
123 }
124
125 int ima_must_measure(struct inode *inode, int mask, int function)
126 {
127 return ima_match_policy(inode, function, mask, IMA_MEASURE);
128 }
129
130 /*
131 * ima_collect_measurement - collect file measurement
132 *
133 * Calculate the file hash, if it doesn't already exist,
134 * storing the measurement and i_version in the iint.
135 *
136 * Must be called with iint->mutex held.
137 *
138 * Return 0 on success, error code otherwise
139 */
140 int ima_collect_measurement(struct integrity_iint_cache *iint,
141 struct file *file)
142 {
143 struct inode *inode = file->f_dentry->d_inode;
144 const char *filename = file->f_dentry->d_name.name;
145 int result = 0;
146
147 if (!(iint->flags & IMA_COLLECTED)) {
148 u64 i_version = file->f_dentry->d_inode->i_version;
149
150 iint->ima_xattr.type = IMA_XATTR_DIGEST;
151 result = ima_calc_hash(file, iint->ima_xattr.digest);
152 if (!result) {
153 iint->version = i_version;
154 iint->flags |= IMA_COLLECTED;
155 }
156 }
157 if (result)
158 integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode,
159 filename, "collect_data", "failed",
160 result, 0);
161 return result;
162 }
163
164 /*
165 * ima_store_measurement - store file measurement
166 *
167 * Create an "ima" template and then store the template by calling
168 * ima_store_template.
169 *
170 * We only get here if the inode has not already been measured,
171 * but the measurement could already exist:
172 * - multiple copies of the same file on either the same or
173 * different filesystems.
174 * - the inode was previously flushed as well as the iint info,
175 * containing the hashing info.
176 *
177 * Must be called with iint->mutex held.
178 */
179 void ima_store_measurement(struct integrity_iint_cache *iint,
180 struct file *file, const unsigned char *filename)
181 {
182 const char *op = "add_template_measure";
183 const char *audit_cause = "ENOMEM";
184 int result = -ENOMEM;
185 struct inode *inode = file->f_dentry->d_inode;
186 struct ima_template_entry *entry;
187 int violation = 0;
188
189 if (iint->flags & IMA_MEASURED)
190 return;
191
192 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
193 if (!entry) {
194 integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode, filename,
195 op, audit_cause, result, 0);
196 return;
197 }
198 memset(&entry->template, 0, sizeof(entry->template));
199 memcpy(entry->template.digest, iint->ima_xattr.digest, IMA_DIGEST_SIZE);
200 strcpy(entry->template.file_name,
201 (strlen(filename) > IMA_EVENT_NAME_LEN_MAX) ?
202 file->f_dentry->d_name.name : filename);
203
204 result = ima_store_template(entry, violation, inode);
205 if (!result || result == -EEXIST)
206 iint->flags |= IMA_MEASURED;
207 if (result < 0)
208 kfree(entry);
209 }
210
211 void ima_audit_measurement(struct integrity_iint_cache *iint,
212 const unsigned char *filename)
213 {
214 struct audit_buffer *ab;
215 char hash[(IMA_DIGEST_SIZE * 2) + 1];
216 int i;
217
218 if (iint->flags & IMA_AUDITED)
219 return;
220
221 for (i = 0; i < IMA_DIGEST_SIZE; i++)
222 hex_byte_pack(hash + (i * 2), iint->ima_xattr.digest[i]);
223 hash[i * 2] = '\0';
224
225 ab = audit_log_start(current->audit_context, GFP_KERNEL,
226 AUDIT_INTEGRITY_RULE);
227 if (!ab)
228 return;
229
230 audit_log_format(ab, "file=");
231 audit_log_untrustedstring(ab, filename);
232 audit_log_format(ab, " hash=");
233 audit_log_untrustedstring(ab, hash);
234
235 audit_log_task_info(ab, current);
236 audit_log_end(ab);
237
238 iint->flags |= IMA_AUDITED;
239 }
kernel source for telekom puls (alcatel/mediatek)