diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-03-09 14:13:22 -0500 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-07-18 12:29:38 -0400 |
commit | f381c272224f5f158f5cff64f8f3481fa0eee8b3 (patch) | |
tree | a003dc4c6635c9d2fa90f31577ba5e7ea7bc71b1 | |
parent | 9d8f13ba3f4833219e50767b022b82cd0da930eb (diff) |
integrity: move ima inode integrity data management
Move the inode integrity data(iint) management up to the integrity directory
in order to share the iint among the different integrity models.
Changelog:
- don't define MAX_DIGEST_SIZE
- rename several globally visible 'ima_' prefixed functions, structs,
locks, etc to 'integrity_'
- replace '20' with SHA1_DIGEST_SIZE
- reflect location change in appropriate Kconfig and Makefiles
- remove unnecessary initialization of iint_initialized to 0
- rebased on current ima_iint.c
- define integrity_iint_store/lock as static
There should be no other functional changes.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-rw-r--r-- | include/linux/ima.h | 13 | ||||
-rw-r--r-- | include/linux/integrity.h | 30 | ||||
-rw-r--r-- | security/Kconfig | 2 | ||||
-rw-r--r-- | security/Makefile | 4 | ||||
-rw-r--r-- | security/integrity/Kconfig | 6 | ||||
-rw-r--r-- | security/integrity/Makefile | 10 | ||||
-rw-r--r-- | security/integrity/iint.c | 170 | ||||
-rw-r--r-- | security/integrity/ima/Kconfig | 1 | ||||
-rw-r--r-- | security/integrity/ima/Makefile | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima.h | 29 | ||||
-rw-r--r-- | security/integrity/ima/ima_api.c | 7 | ||||
-rw-r--r-- | security/integrity/ima/ima_iint.c | 169 | ||||
-rw-r--r-- | security/integrity/ima/ima_main.c | 12 | ||||
-rw-r--r-- | security/integrity/integrity.h | 35 | ||||
-rw-r--r-- | security/security.c | 3 |
15 files changed, 277 insertions, 216 deletions
diff --git a/include/linux/ima.h b/include/linux/ima.h index 09e6e62f9953..6ac8e50c6cf5 100644 --- a/include/linux/ima.h +++ b/include/linux/ima.h | |||
@@ -15,8 +15,6 @@ struct linux_binprm; | |||
15 | 15 | ||
16 | #ifdef CONFIG_IMA | 16 | #ifdef CONFIG_IMA |
17 | extern int ima_bprm_check(struct linux_binprm *bprm); | 17 | extern int ima_bprm_check(struct linux_binprm *bprm); |
18 | extern int ima_inode_alloc(struct inode *inode); | ||
19 | extern void ima_inode_free(struct inode *inode); | ||
20 | extern int ima_file_check(struct file *file, int mask); | 18 | extern int ima_file_check(struct file *file, int mask); |
21 | extern void ima_file_free(struct file *file); | 19 | extern void ima_file_free(struct file *file); |
22 | extern int ima_file_mmap(struct file *file, unsigned long prot); | 20 | extern int ima_file_mmap(struct file *file, unsigned long prot); |
@@ -27,16 +25,6 @@ static inline int ima_bprm_check(struct linux_binprm *bprm) | |||
27 | return 0; | 25 | return 0; |
28 | } | 26 | } |
29 | 27 | ||
30 | static inline int ima_inode_alloc(struct inode *inode) | ||
31 | { | ||
32 | return 0; | ||
33 | } | ||
34 | |||
35 | static inline void ima_inode_free(struct inode *inode) | ||
36 | { | ||
37 | return; | ||
38 | } | ||
39 | |||
40 | static inline int ima_file_check(struct file *file, int mask) | 28 | static inline int ima_file_check(struct file *file, int mask) |
41 | { | 29 | { |
42 | return 0; | 30 | return 0; |
@@ -51,6 +39,5 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot) | |||
51 | { | 39 | { |
52 | return 0; | 40 | return 0; |
53 | } | 41 | } |
54 | |||
55 | #endif /* CONFIG_IMA_H */ | 42 | #endif /* CONFIG_IMA_H */ |
56 | #endif /* _LINUX_IMA_H */ | 43 | #endif /* _LINUX_IMA_H */ |
diff --git a/include/linux/integrity.h b/include/linux/integrity.h new file mode 100644 index 000000000000..905981247327 --- /dev/null +++ b/include/linux/integrity.h | |||
@@ -0,0 +1,30 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2009 IBM Corporation | ||
3 | * Author: Mimi Zohar <zohar@us.ibm.com> | ||
4 | * | ||
5 | * This program is free software; you can redistribute it and/or modify | ||
6 | * it under the terms of the GNU General Public License as published by | ||
7 | * the Free Software Foundation, version 2 of the License. | ||
8 | */ | ||
9 | |||
10 | #ifndef _LINUX_INTEGRITY_H | ||
11 | #define _LINUX_INTEGRITY_H | ||
12 | |||
13 | #include <linux/fs.h> | ||
14 | |||
15 | #ifdef CONFIG_INTEGRITY | ||
16 | extern int integrity_inode_alloc(struct inode *inode); | ||
17 | extern void integrity_inode_free(struct inode *inode); | ||
18 | |||
19 | #else | ||
20 | static inline int integrity_inode_alloc(struct inode *inode) | ||
21 | { | ||
22 | return 0; | ||
23 | } | ||
24 | |||
25 | static inline void integrity_inode_free(struct inode *inode) | ||
26 | { | ||
27 | return; | ||
28 | } | ||
29 | #endif /* CONFIG_INTEGRITY_H */ | ||
30 | #endif /* _LINUX_INTEGRITY_H */ | ||
diff --git a/security/Kconfig b/security/Kconfig index e0f08b52e4ab..22847a889081 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
@@ -186,7 +186,7 @@ source security/smack/Kconfig | |||
186 | source security/tomoyo/Kconfig | 186 | source security/tomoyo/Kconfig |
187 | source security/apparmor/Kconfig | 187 | source security/apparmor/Kconfig |
188 | 188 | ||
189 | source security/integrity/ima/Kconfig | 189 | source security/integrity/Kconfig |
190 | 190 | ||
191 | choice | 191 | choice |
192 | prompt "Default security module" | 192 | prompt "Default security module" |
diff --git a/security/Makefile b/security/Makefile index 8bb0fe9e1ca9..a5e502f8a05b 100644 --- a/security/Makefile +++ b/security/Makefile | |||
@@ -24,5 +24,5 @@ obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/built-in.o | |||
24 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o | 24 | obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o |
25 | 25 | ||
26 | # Object integrity file lists | 26 | # Object integrity file lists |
27 | subdir-$(CONFIG_IMA) += integrity/ima | 27 | subdir-$(CONFIG_INTEGRITY) += integrity |
28 | obj-$(CONFIG_IMA) += integrity/ima/built-in.o | 28 | obj-$(CONFIG_INTEGRITY) += integrity/built-in.o |
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig new file mode 100644 index 000000000000..270469155681 --- /dev/null +++ b/security/integrity/Kconfig | |||
@@ -0,0 +1,6 @@ | |||
1 | # | ||
2 | config INTEGRITY | ||
3 | def_bool y | ||
4 | depends on IMA | ||
5 | |||
6 | source security/integrity/ima/Kconfig | ||
diff --git a/security/integrity/Makefile b/security/integrity/Makefile new file mode 100644 index 000000000000..6eddd61b84e8 --- /dev/null +++ b/security/integrity/Makefile | |||
@@ -0,0 +1,10 @@ | |||
1 | # | ||
2 | # Makefile for caching inode integrity data (iint) | ||
3 | # | ||
4 | |||
5 | obj-$(CONFIG_INTEGRITY) += integrity.o | ||
6 | |||
7 | integrity-y := iint.o | ||
8 | |||
9 | subdir-$(CONFIG_IMA) += ima | ||
10 | obj-$(CONFIG_IMA) += ima/built-in.o | ||
diff --git a/security/integrity/iint.c b/security/integrity/iint.c new file mode 100644 index 000000000000..d17de48bd6cc --- /dev/null +++ b/security/integrity/iint.c | |||
@@ -0,0 +1,170 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2008 IBM Corporation | ||
3 | * | ||
4 | * Authors: | ||
5 | * Mimi Zohar <zohar@us.ibm.com> | ||
6 | * | ||
7 | * This program is free software; you can redistribute it and/or | ||
8 | * modify it under the terms of the GNU General Public License as | ||
9 | * published by the Free Software Foundation, version 2 of the | ||
10 | * License. | ||
11 | * | ||
12 | * File: integrity_iint.c | ||
13 | * - implements the integrity hooks: integrity_inode_alloc, | ||
14 | * integrity_inode_free | ||
15 | * - cache integrity information associated with an inode | ||
16 | * using a rbtree tree. | ||
17 | */ | ||
18 | #include <linux/slab.h> | ||
19 | #include <linux/module.h> | ||
20 | #include <linux/spinlock.h> | ||
21 | #include <linux/rbtree.h> | ||
22 | #include "integrity.h" | ||
23 | |||
24 | static struct rb_root integrity_iint_tree = RB_ROOT; | ||
25 | static DEFINE_SPINLOCK(integrity_iint_lock); | ||
26 | static struct kmem_cache *iint_cache __read_mostly; | ||
27 | |||
28 | int iint_initialized; | ||
29 | |||
30 | /* | ||
31 | * __integrity_iint_find - return the iint associated with an inode | ||
32 | */ | ||
33 | static struct integrity_iint_cache *__integrity_iint_find(struct inode *inode) | ||
34 | { | ||
35 | struct integrity_iint_cache *iint; | ||
36 | struct rb_node *n = integrity_iint_tree.rb_node; | ||
37 | |||
38 | assert_spin_locked(&integrity_iint_lock); | ||
39 | |||
40 | while (n) { | ||
41 | iint = rb_entry(n, struct integrity_iint_cache, rb_node); | ||
42 | |||
43 | if (inode < iint->inode) | ||
44 | n = n->rb_left; | ||
45 | else if (inode > iint->inode) | ||
46 | n = n->rb_right; | ||
47 | else | ||
48 | break; | ||
49 | } | ||
50 | if (!n) | ||
51 | return NULL; | ||
52 | |||
53 | return iint; | ||
54 | } | ||
55 | |||
56 | /* | ||
57 | * integrity_iint_find - return the iint associated with an inode | ||
58 | */ | ||
59 | struct integrity_iint_cache *integrity_iint_find(struct inode *inode) | ||
60 | { | ||
61 | struct integrity_iint_cache *iint; | ||
62 | |||
63 | if (!IS_IMA(inode)) | ||
64 | return NULL; | ||
65 | |||
66 | spin_lock(&integrity_iint_lock); | ||
67 | iint = __integrity_iint_find(inode); | ||
68 | spin_unlock(&integrity_iint_lock); | ||
69 | |||
70 | return iint; | ||
71 | } | ||
72 | |||
73 | static void iint_free(struct integrity_iint_cache *iint) | ||
74 | { | ||
75 | iint->version = 0; | ||
76 | iint->flags = 0UL; | ||
77 | kmem_cache_free(iint_cache, iint); | ||
78 | } | ||
79 | |||
80 | /** | ||
81 | * integrity_inode_alloc - allocate an iint associated with an inode | ||
82 | * @inode: pointer to the inode | ||
83 | */ | ||
84 | int integrity_inode_alloc(struct inode *inode) | ||
85 | { | ||
86 | struct rb_node **p; | ||
87 | struct rb_node *new_node, *parent = NULL; | ||
88 | struct integrity_iint_cache *new_iint, *test_iint; | ||
89 | int rc; | ||
90 | |||
91 | new_iint = kmem_cache_alloc(iint_cache, GFP_NOFS); | ||
92 | if (!new_iint) | ||
93 | return -ENOMEM; | ||
94 | |||
95 | new_iint->inode = inode; | ||
96 | new_node = &new_iint->rb_node; | ||
97 | |||
98 | mutex_lock(&inode->i_mutex); /* i_flags */ | ||
99 | spin_lock(&integrity_iint_lock); | ||
100 | |||
101 | p = &integrity_iint_tree.rb_node; | ||
102 | while (*p) { | ||
103 | parent = *p; | ||
104 | test_iint = rb_entry(parent, struct integrity_iint_cache, | ||
105 | rb_node); | ||
106 | rc = -EEXIST; | ||
107 | if (inode < test_iint->inode) | ||
108 | p = &(*p)->rb_left; | ||
109 | else if (inode > test_iint->inode) | ||
110 | p = &(*p)->rb_right; | ||
111 | else | ||
112 | goto out_err; | ||
113 | } | ||
114 | |||
115 | inode->i_flags |= S_IMA; | ||
116 | rb_link_node(new_node, parent, p); | ||
117 | rb_insert_color(new_node, &integrity_iint_tree); | ||
118 | |||
119 | spin_unlock(&integrity_iint_lock); | ||
120 | mutex_unlock(&inode->i_mutex); /* i_flags */ | ||
121 | |||
122 | return 0; | ||
123 | out_err: | ||
124 | spin_unlock(&integrity_iint_lock); | ||
125 | mutex_unlock(&inode->i_mutex); /* i_flags */ | ||
126 | iint_free(new_iint); | ||
127 | |||
128 | return rc; | ||
129 | } | ||
130 | |||
131 | /** | ||
132 | * integrity_inode_free - called on security_inode_free | ||
133 | * @inode: pointer to the inode | ||
134 | * | ||
135 | * Free the integrity information(iint) associated with an inode. | ||
136 | */ | ||
137 | void integrity_inode_free(struct inode *inode) | ||
138 | { | ||
139 | struct integrity_iint_cache *iint; | ||
140 | |||
141 | if (!IS_IMA(inode)) | ||
142 | return; | ||
143 | |||
144 | spin_lock(&integrity_iint_lock); | ||
145 | iint = __integrity_iint_find(inode); | ||
146 | rb_erase(&iint->rb_node, &integrity_iint_tree); | ||
147 | spin_unlock(&integrity_iint_lock); | ||
148 | |||
149 | iint_free(iint); | ||
150 | } | ||
151 | |||
152 | static void init_once(void *foo) | ||
153 | { | ||
154 | struct integrity_iint_cache *iint = foo; | ||
155 | |||
156 | memset(iint, 0, sizeof *iint); | ||
157 | iint->version = 0; | ||
158 | iint->flags = 0UL; | ||
159 | mutex_init(&iint->mutex); | ||
160 | } | ||
161 | |||
162 | static int __init integrity_iintcache_init(void) | ||
163 | { | ||
164 | iint_cache = | ||
165 | kmem_cache_create("iint_cache", sizeof(struct integrity_iint_cache), | ||
166 | 0, SLAB_PANIC, init_once); | ||
167 | iint_initialized = 1; | ||
168 | return 0; | ||
169 | } | ||
170 | security_initcall(integrity_iintcache_init); | ||
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index b6ecfd4d8d78..19c053b82303 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig | |||
@@ -3,6 +3,7 @@ | |||
3 | config IMA | 3 | config IMA |
4 | bool "Integrity Measurement Architecture(IMA)" | 4 | bool "Integrity Measurement Architecture(IMA)" |
5 | depends on SECURITY | 5 | depends on SECURITY |
6 | select INTEGRITY | ||
6 | select SECURITYFS | 7 | select SECURITYFS |
7 | select CRYPTO | 8 | select CRYPTO |
8 | select CRYPTO_HMAC | 9 | select CRYPTO_HMAC |
diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile index 787c4cb916cd..5690c021de8f 100644 --- a/security/integrity/ima/Makefile +++ b/security/integrity/ima/Makefile | |||
@@ -6,4 +6,4 @@ | |||
6 | obj-$(CONFIG_IMA) += ima.o | 6 | obj-$(CONFIG_IMA) += ima.o |
7 | 7 | ||
8 | ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ | 8 | ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ |
9 | ima_policy.o ima_iint.o ima_audit.o | 9 | ima_policy.o ima_audit.o |
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 08408bd71462..29d97af5e9a4 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h | |||
@@ -24,11 +24,13 @@ | |||
24 | #include <linux/tpm.h> | 24 | #include <linux/tpm.h> |
25 | #include <linux/audit.h> | 25 | #include <linux/audit.h> |
26 | 26 | ||
27 | #include "../integrity.h" | ||
28 | |||
27 | enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_ASCII }; | 29 | enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_ASCII }; |
28 | enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 }; | 30 | enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 }; |
29 | 31 | ||
30 | /* digest size for IMA, fits SHA1 or MD5 */ | 32 | /* digest size for IMA, fits SHA1 or MD5 */ |
31 | #define IMA_DIGEST_SIZE 20 | 33 | #define IMA_DIGEST_SIZE SHA1_DIGEST_SIZE |
32 | #define IMA_EVENT_NAME_LEN_MAX 255 | 34 | #define IMA_EVENT_NAME_LEN_MAX 255 |
33 | 35 | ||
34 | #define IMA_HASH_BITS 9 | 36 | #define IMA_HASH_BITS 9 |
@@ -96,34 +98,21 @@ static inline unsigned long ima_hash_key(u8 *digest) | |||
96 | return hash_long(*digest, IMA_HASH_BITS); | 98 | return hash_long(*digest, IMA_HASH_BITS); |
97 | } | 99 | } |
98 | 100 | ||
99 | /* iint cache flags */ | ||
100 | #define IMA_MEASURED 0x01 | ||
101 | |||
102 | /* integrity data associated with an inode */ | ||
103 | struct ima_iint_cache { | ||
104 | struct rb_node rb_node; /* rooted in ima_iint_tree */ | ||
105 | struct inode *inode; /* back pointer to inode in question */ | ||
106 | u64 version; /* track inode changes */ | ||
107 | unsigned char flags; | ||
108 | u8 digest[IMA_DIGEST_SIZE]; | ||
109 | struct mutex mutex; /* protects: version, flags, digest */ | ||
110 | }; | ||
111 | |||
112 | /* LIM API function definitions */ | 101 | /* LIM API function definitions */ |
113 | int ima_must_measure(struct inode *inode, int mask, int function); | 102 | int ima_must_measure(struct inode *inode, int mask, int function); |
114 | int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file); | 103 | int ima_collect_measurement(struct integrity_iint_cache *iint, |
115 | void ima_store_measurement(struct ima_iint_cache *iint, struct file *file, | 104 | struct file *file); |
105 | void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, | ||
116 | const unsigned char *filename); | 106 | const unsigned char *filename); |
117 | int ima_store_template(struct ima_template_entry *entry, int violation, | 107 | int ima_store_template(struct ima_template_entry *entry, int violation, |
118 | struct inode *inode); | 108 | struct inode *inode); |
119 | void ima_template_show(struct seq_file *m, void *e, | 109 | void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show); |
120 | enum ima_show_type show); | ||
121 | 110 | ||
122 | /* rbtree tree calls to lookup, insert, delete | 111 | /* rbtree tree calls to lookup, insert, delete |
123 | * integrity data associated with an inode. | 112 | * integrity data associated with an inode. |
124 | */ | 113 | */ |
125 | struct ima_iint_cache *ima_iint_insert(struct inode *inode); | 114 | struct integrity_iint_cache *integrity_iint_insert(struct inode *inode); |
126 | struct ima_iint_cache *ima_iint_find(struct inode *inode); | 115 | struct integrity_iint_cache *integrity_iint_find(struct inode *inode); |
127 | 116 | ||
128 | /* IMA policy related functions */ | 117 | /* IMA policy related functions */ |
129 | enum ima_hooks { FILE_CHECK = 1, FILE_MMAP, BPRM_CHECK }; | 118 | enum ima_hooks { FILE_CHECK = 1, FILE_MMAP, BPRM_CHECK }; |
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index da36d2c085a4..0d50df04ccc4 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c | |||
@@ -126,7 +126,8 @@ int ima_must_measure(struct inode *inode, int mask, int function) | |||
126 | * | 126 | * |
127 | * Return 0 on success, error code otherwise | 127 | * Return 0 on success, error code otherwise |
128 | */ | 128 | */ |
129 | int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file) | 129 | int ima_collect_measurement(struct integrity_iint_cache *iint, |
130 | struct file *file) | ||
130 | { | 131 | { |
131 | int result = -EEXIST; | 132 | int result = -EEXIST; |
132 | 133 | ||
@@ -156,8 +157,8 @@ int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file) | |||
156 | * | 157 | * |
157 | * Must be called with iint->mutex held. | 158 | * Must be called with iint->mutex held. |
158 | */ | 159 | */ |
159 | void ima_store_measurement(struct ima_iint_cache *iint, struct file *file, | 160 | void ima_store_measurement(struct integrity_iint_cache *iint, |
160 | const unsigned char *filename) | 161 | struct file *file, const unsigned char *filename) |
161 | { | 162 | { |
162 | const char *op = "add_template_measure"; | 163 | const char *op = "add_template_measure"; |
163 | const char *audit_cause = "ENOMEM"; | 164 | const char *audit_cause = "ENOMEM"; |
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c deleted file mode 100644 index 4ae73040ab7b..000000000000 --- a/security/integrity/ima/ima_iint.c +++ /dev/null | |||
@@ -1,169 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2008 IBM Corporation | ||
3 | * | ||
4 | * Authors: | ||
5 | * Mimi Zohar <zohar@us.ibm.com> | ||
6 | * | ||
7 | * This program is free software; you can redistribute it and/or | ||
8 | * modify it under the terms of the GNU General Public License as | ||
9 | * published by the Free Software Foundation, version 2 of the | ||
10 | * License. | ||
11 | * | ||
12 | * File: ima_iint.c | ||
13 | * - implements the IMA hooks: ima_inode_alloc, ima_inode_free | ||
14 | * - cache integrity information associated with an inode | ||
15 | * using a rbtree tree. | ||
16 | */ | ||
17 | #include <linux/slab.h> | ||
18 | #include <linux/module.h> | ||
19 | #include <linux/spinlock.h> | ||
20 | #include <linux/rbtree.h> | ||
21 | #include "ima.h" | ||
22 | |||
23 | static struct rb_root ima_iint_tree = RB_ROOT; | ||
24 | static DEFINE_SPINLOCK(ima_iint_lock); | ||
25 | static struct kmem_cache *iint_cache __read_mostly; | ||
26 | |||
27 | int iint_initialized = 0; | ||
28 | |||
29 | /* | ||
30 | * __ima_iint_find - return the iint associated with an inode | ||
31 | */ | ||
32 | static struct ima_iint_cache *__ima_iint_find(struct inode *inode) | ||
33 | { | ||
34 | struct ima_iint_cache *iint; | ||
35 | struct rb_node *n = ima_iint_tree.rb_node; | ||
36 | |||
37 | assert_spin_locked(&ima_iint_lock); | ||
38 | |||
39 | while (n) { | ||
40 | iint = rb_entry(n, struct ima_iint_cache, rb_node); | ||
41 | |||
42 | if (inode < iint->inode) | ||
43 | n = n->rb_left; | ||
44 | else if (inode > iint->inode) | ||
45 | n = n->rb_right; | ||
46 | else | ||
47 | break; | ||
48 | } | ||
49 | if (!n) | ||
50 | return NULL; | ||
51 | |||
52 | return iint; | ||
53 | } | ||
54 | |||
55 | /* | ||
56 | * ima_iint_find - return the iint associated with an inode | ||
57 | */ | ||
58 | struct ima_iint_cache *ima_iint_find(struct inode *inode) | ||
59 | { | ||
60 | struct ima_iint_cache *iint; | ||
61 | |||
62 | if (!IS_IMA(inode)) | ||
63 | return NULL; | ||
64 | |||
65 | spin_lock(&ima_iint_lock); | ||
66 | iint = __ima_iint_find(inode); | ||
67 | spin_unlock(&ima_iint_lock); | ||
68 | |||
69 | return iint; | ||
70 | } | ||
71 | |||
72 | static void iint_free(struct ima_iint_cache *iint) | ||
73 | { | ||
74 | iint->version = 0; | ||
75 | iint->flags = 0UL; | ||
76 | kmem_cache_free(iint_cache, iint); | ||
77 | } | ||
78 | |||
79 | /** | ||
80 | * ima_inode_alloc - allocate an iint associated with an inode | ||
81 | * @inode: pointer to the inode | ||
82 | */ | ||
83 | int ima_inode_alloc(struct inode *inode) | ||
84 | { | ||
85 | struct rb_node **p; | ||
86 | struct rb_node *new_node, *parent = NULL; | ||
87 | struct ima_iint_cache *new_iint, *test_iint; | ||
88 | int rc; | ||
89 | |||
90 | new_iint = kmem_cache_alloc(iint_cache, GFP_NOFS); | ||
91 | if (!new_iint) | ||
92 | return -ENOMEM; | ||
93 | |||
94 | new_iint->inode = inode; | ||
95 | new_node = &new_iint->rb_node; | ||
96 | |||
97 | mutex_lock(&inode->i_mutex); /* i_flags */ | ||
98 | spin_lock(&ima_iint_lock); | ||
99 | |||
100 | p = &ima_iint_tree.rb_node; | ||
101 | while (*p) { | ||
102 | parent = *p; | ||
103 | test_iint = rb_entry(parent, struct ima_iint_cache, rb_node); | ||
104 | |||
105 | rc = -EEXIST; | ||
106 | if (inode < test_iint->inode) | ||
107 | p = &(*p)->rb_left; | ||
108 | else if (inode > test_iint->inode) | ||
109 | p = &(*p)->rb_right; | ||
110 | else | ||
111 | goto out_err; | ||
112 | } | ||
113 | |||
114 | inode->i_flags |= S_IMA; | ||
115 | rb_link_node(new_node, parent, p); | ||
116 | rb_insert_color(new_node, &ima_iint_tree); | ||
117 | |||
118 | spin_unlock(&ima_iint_lock); | ||
119 | mutex_unlock(&inode->i_mutex); /* i_flags */ | ||
120 | |||
121 | return 0; | ||
122 | out_err: | ||
123 | spin_unlock(&ima_iint_lock); | ||
124 | mutex_unlock(&inode->i_mutex); /* i_flags */ | ||
125 | iint_free(new_iint); | ||
126 | |||
127 | return rc; | ||
128 | } | ||
129 | |||
130 | /** | ||
131 | * ima_inode_free - called on security_inode_free | ||
132 | * @inode: pointer to the inode | ||
133 | * | ||
134 | * Free the integrity information(iint) associated with an inode. | ||
135 | */ | ||
136 | void ima_inode_free(struct inode *inode) | ||
137 | { | ||
138 | struct ima_iint_cache *iint; | ||
139 | |||
140 | if (!IS_IMA(inode)) | ||
141 | return; | ||
142 | |||
143 | spin_lock(&ima_iint_lock); | ||
144 | iint = __ima_iint_find(inode); | ||
145 | rb_erase(&iint->rb_node, &ima_iint_tree); | ||
146 | spin_unlock(&ima_iint_lock); | ||
147 | |||
148 | iint_free(iint); | ||
149 | } | ||
150 | |||
151 | static void init_once(void *foo) | ||
152 | { | ||
153 | struct ima_iint_cache *iint = foo; | ||
154 | |||
155 | memset(iint, 0, sizeof *iint); | ||
156 | iint->version = 0; | ||
157 | iint->flags = 0UL; | ||
158 | mutex_init(&iint->mutex); | ||
159 | } | ||
160 | |||
161 | static int __init ima_iintcache_init(void) | ||
162 | { | ||
163 | iint_cache = | ||
164 | kmem_cache_create("iint_cache", sizeof(struct ima_iint_cache), 0, | ||
165 | SLAB_PANIC, init_once); | ||
166 | iint_initialized = 1; | ||
167 | return 0; | ||
168 | } | ||
169 | security_initcall(ima_iintcache_init); | ||
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 39d66dc2b8e9..25f9fe762896 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
@@ -82,7 +82,7 @@ out: | |||
82 | "open_writers"); | 82 | "open_writers"); |
83 | } | 83 | } |
84 | 84 | ||
85 | static void ima_check_last_writer(struct ima_iint_cache *iint, | 85 | static void ima_check_last_writer(struct integrity_iint_cache *iint, |
86 | struct inode *inode, | 86 | struct inode *inode, |
87 | struct file *file) | 87 | struct file *file) |
88 | { | 88 | { |
@@ -105,12 +105,12 @@ static void ima_check_last_writer(struct ima_iint_cache *iint, | |||
105 | void ima_file_free(struct file *file) | 105 | void ima_file_free(struct file *file) |
106 | { | 106 | { |
107 | struct inode *inode = file->f_dentry->d_inode; | 107 | struct inode *inode = file->f_dentry->d_inode; |
108 | struct ima_iint_cache *iint; | 108 | struct integrity_iint_cache *iint; |
109 | 109 | ||
110 | if (!iint_initialized || !S_ISREG(inode->i_mode)) | 110 | if (!iint_initialized || !S_ISREG(inode->i_mode)) |
111 | return; | 111 | return; |
112 | 112 | ||
113 | iint = ima_iint_find(inode); | 113 | iint = integrity_iint_find(inode); |
114 | if (!iint) | 114 | if (!iint) |
115 | return; | 115 | return; |
116 | 116 | ||
@@ -121,7 +121,7 @@ static int process_measurement(struct file *file, const unsigned char *filename, | |||
121 | int mask, int function) | 121 | int mask, int function) |
122 | { | 122 | { |
123 | struct inode *inode = file->f_dentry->d_inode; | 123 | struct inode *inode = file->f_dentry->d_inode; |
124 | struct ima_iint_cache *iint; | 124 | struct integrity_iint_cache *iint; |
125 | int rc = 0; | 125 | int rc = 0; |
126 | 126 | ||
127 | if (!ima_initialized || !S_ISREG(inode->i_mode)) | 127 | if (!ima_initialized || !S_ISREG(inode->i_mode)) |
@@ -131,9 +131,9 @@ static int process_measurement(struct file *file, const unsigned char *filename, | |||
131 | if (rc != 0) | 131 | if (rc != 0) |
132 | return rc; | 132 | return rc; |
133 | retry: | 133 | retry: |
134 | iint = ima_iint_find(inode); | 134 | iint = integrity_iint_find(inode); |
135 | if (!iint) { | 135 | if (!iint) { |
136 | rc = ima_inode_alloc(inode); | 136 | rc = integrity_inode_alloc(inode); |
137 | if (!rc || rc == -EEXIST) | 137 | if (!rc || rc == -EEXIST) |
138 | goto retry; | 138 | goto retry; |
139 | return rc; | 139 | return rc; |
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h new file mode 100644 index 000000000000..7351836325a8 --- /dev/null +++ b/security/integrity/integrity.h | |||
@@ -0,0 +1,35 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2009-2010 IBM Corporation | ||
3 | * | ||
4 | * Authors: | ||
5 | * Mimi Zohar <zohar@us.ibm.com> | ||
6 | * | ||
7 | * This program is free software; you can redistribute it and/or | ||
8 | * modify it under the terms of the GNU General Public License as | ||
9 | * published by the Free Software Foundation, version 2 of the | ||
10 | * License. | ||
11 | * | ||
12 | */ | ||
13 | |||
14 | #include <linux/types.h> | ||
15 | #include <linux/integrity.h> | ||
16 | #include <crypto/sha.h> | ||
17 | |||
18 | /* iint cache flags */ | ||
19 | #define IMA_MEASURED 0x01 | ||
20 | |||
21 | /* integrity data associated with an inode */ | ||
22 | struct integrity_iint_cache { | ||
23 | struct rb_node rb_node; /* rooted in integrity_iint_tree */ | ||
24 | struct inode *inode; /* back pointer to inode in question */ | ||
25 | u64 version; /* track inode changes */ | ||
26 | unsigned char flags; | ||
27 | u8 digest[SHA1_DIGEST_SIZE]; | ||
28 | struct mutex mutex; /* protects: version, flags, digest */ | ||
29 | }; | ||
30 | |||
31 | /* rbtree tree calls to lookup, insert, delete | ||
32 | * integrity data associated with an inode. | ||
33 | */ | ||
34 | struct integrity_iint_cache *integrity_iint_insert(struct inode *inode); | ||
35 | struct integrity_iint_cache *integrity_iint_find(struct inode *inode); | ||
diff --git a/security/security.c b/security/security.c index 3464d58a5766..947fdcfbc83e 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -16,6 +16,7 @@ | |||
16 | #include <linux/init.h> | 16 | #include <linux/init.h> |
17 | #include <linux/kernel.h> | 17 | #include <linux/kernel.h> |
18 | #include <linux/security.h> | 18 | #include <linux/security.h> |
19 | #include <linux/integrity.h> | ||
19 | #include <linux/ima.h> | 20 | #include <linux/ima.h> |
20 | 21 | ||
21 | #define MAX_LSM_XATTR 1 | 22 | #define MAX_LSM_XATTR 1 |
@@ -336,7 +337,7 @@ int security_inode_alloc(struct inode *inode) | |||
336 | 337 | ||
337 | void security_inode_free(struct inode *inode) | 338 | void security_inode_free(struct inode *inode) |
338 | { | 339 | { |
339 | ima_inode_free(inode); | 340 | integrity_inode_free(inode); |
340 | security_ops->inode_free_security(inode); | 341 | security_ops->inode_free_security(inode); |
341 | } | 342 | } |
342 | 343 | ||