diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-03-09 14:38:26 -0500 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-07-18 12:29:42 -0400 |
commit | 3e1be52d6c6b21d9080dd886c0e609e009831562 (patch) | |
tree | 2947250698b89eed0149af2d69a33b303c4d6be4 | |
parent | 6be5cc5246f807fd8ede9f5f1bb2826f2c598658 (diff) |
security: imbed evm calls in security hooks
Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(),
evm_inode_removexattr() in the security hooks. evm_inode_setxattr()
protects security.evm xattr. evm_inode_post_setxattr() and
evm_inode_removexattr() updates the hmac associated with an inode.
(Assumes an LSM module protects the setting/removing of xattr.)
Changelog:
- Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled.
- xattr_name is a 'const', value is 'void *'
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-rw-r--r-- | include/linux/evm.h | 56 | ||||
-rw-r--r-- | security/integrity/evm/evm_main.c | 1 | ||||
-rw-r--r-- | security/security.c | 16 |
3 files changed, 71 insertions, 2 deletions
diff --git a/include/linux/evm.h b/include/linux/evm.h new file mode 100644 index 000000000000..8b4e9e3b395e --- /dev/null +++ b/include/linux/evm.h | |||
@@ -0,0 +1,56 @@ | |||
1 | /* | ||
2 | * evm.h | ||
3 | * | ||
4 | * Copyright (c) 2009 IBM Corporation | ||
5 | * Author: Mimi Zohar <zohar@us.ibm.com> | ||
6 | */ | ||
7 | |||
8 | #ifndef _LINUX_EVM_H | ||
9 | #define _LINUX_EVM_H | ||
10 | |||
11 | #include <linux/integrity.h> | ||
12 | |||
13 | #ifdef CONFIG_EVM | ||
14 | extern enum integrity_status evm_verifyxattr(struct dentry *dentry, | ||
15 | const char *xattr_name, | ||
16 | void *xattr_value, | ||
17 | size_t xattr_value_len); | ||
18 | extern int evm_inode_setxattr(struct dentry *dentry, const char *name, | ||
19 | const void *value, size_t size); | ||
20 | extern void evm_inode_post_setxattr(struct dentry *dentry, | ||
21 | const char *xattr_name, | ||
22 | const void *xattr_value, | ||
23 | size_t xattr_value_len); | ||
24 | extern int evm_inode_removexattr(struct dentry *dentry, const char *xattr_name); | ||
25 | #else | ||
26 | #ifdef CONFIG_INTEGRITY | ||
27 | static inline enum integrity_status evm_verifyxattr(struct dentry *dentry, | ||
28 | const char *xattr_name, | ||
29 | void *xattr_value, | ||
30 | size_t xattr_value_len) | ||
31 | { | ||
32 | return INTEGRITY_UNKNOWN; | ||
33 | } | ||
34 | #endif | ||
35 | |||
36 | static inline int evm_inode_setxattr(struct dentry *dentry, const char *name, | ||
37 | const void *value, size_t size) | ||
38 | { | ||
39 | return 0; | ||
40 | } | ||
41 | |||
42 | static inline void evm_inode_post_setxattr(struct dentry *dentry, | ||
43 | const char *xattr_name, | ||
44 | const void *xattr_value, | ||
45 | size_t xattr_value_len) | ||
46 | { | ||
47 | return; | ||
48 | } | ||
49 | |||
50 | static inline int evm_inode_removexattr(struct dentry *dentry, | ||
51 | const char *xattr_name) | ||
52 | { | ||
53 | return 0; | ||
54 | } | ||
55 | #endif /* CONFIG_EVM_H */ | ||
56 | #endif /* LINUX_EVM_H */ | ||
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index c0580dd15ec0..1746c3669c6f 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c | |||
@@ -18,6 +18,7 @@ | |||
18 | #include <linux/crypto.h> | 18 | #include <linux/crypto.h> |
19 | #include <linux/xattr.h> | 19 | #include <linux/xattr.h> |
20 | #include <linux/integrity.h> | 20 | #include <linux/integrity.h> |
21 | #include <linux/evm.h> | ||
21 | #include "evm.h" | 22 | #include "evm.h" |
22 | 23 | ||
23 | int evm_initialized; | 24 | int evm_initialized; |
diff --git a/security/security.c b/security/security.c index 947fdcfbc83e..21a79b3d1e8e 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -18,6 +18,7 @@ | |||
18 | #include <linux/security.h> | 18 | #include <linux/security.h> |
19 | #include <linux/integrity.h> | 19 | #include <linux/integrity.h> |
20 | #include <linux/ima.h> | 20 | #include <linux/ima.h> |
21 | #include <linux/evm.h> | ||
21 | 22 | ||
22 | #define MAX_LSM_XATTR 1 | 23 | #define MAX_LSM_XATTR 1 |
23 | 24 | ||
@@ -580,9 +581,14 @@ int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry) | |||
580 | int security_inode_setxattr(struct dentry *dentry, const char *name, | 581 | int security_inode_setxattr(struct dentry *dentry, const char *name, |
581 | const void *value, size_t size, int flags) | 582 | const void *value, size_t size, int flags) |
582 | { | 583 | { |
584 | int ret; | ||
585 | |||
583 | if (unlikely(IS_PRIVATE(dentry->d_inode))) | 586 | if (unlikely(IS_PRIVATE(dentry->d_inode))) |
584 | return 0; | 587 | return 0; |
585 | return security_ops->inode_setxattr(dentry, name, value, size, flags); | 588 | ret = security_ops->inode_setxattr(dentry, name, value, size, flags); |
589 | if (ret) | ||
590 | return ret; | ||
591 | return evm_inode_setxattr(dentry, name, value, size); | ||
586 | } | 592 | } |
587 | 593 | ||
588 | void security_inode_post_setxattr(struct dentry *dentry, const char *name, | 594 | void security_inode_post_setxattr(struct dentry *dentry, const char *name, |
@@ -591,6 +597,7 @@ void security_inode_post_setxattr(struct dentry *dentry, const char *name, | |||
591 | if (unlikely(IS_PRIVATE(dentry->d_inode))) | 597 | if (unlikely(IS_PRIVATE(dentry->d_inode))) |
592 | return; | 598 | return; |
593 | security_ops->inode_post_setxattr(dentry, name, value, size, flags); | 599 | security_ops->inode_post_setxattr(dentry, name, value, size, flags); |
600 | evm_inode_post_setxattr(dentry, name, value, size); | ||
594 | } | 601 | } |
595 | 602 | ||
596 | int security_inode_getxattr(struct dentry *dentry, const char *name) | 603 | int security_inode_getxattr(struct dentry *dentry, const char *name) |
@@ -609,9 +616,14 @@ int security_inode_listxattr(struct dentry *dentry) | |||
609 | 616 | ||
610 | int security_inode_removexattr(struct dentry *dentry, const char *name) | 617 | int security_inode_removexattr(struct dentry *dentry, const char *name) |
611 | { | 618 | { |
619 | int ret; | ||
620 | |||
612 | if (unlikely(IS_PRIVATE(dentry->d_inode))) | 621 | if (unlikely(IS_PRIVATE(dentry->d_inode))) |
613 | return 0; | 622 | return 0; |
614 | return security_ops->inode_removexattr(dentry, name); | 623 | ret = security_ops->inode_removexattr(dentry, name); |
624 | if (ret) | ||
625 | return ret; | ||
626 | return evm_inode_removexattr(dentry, name); | ||
615 | } | 627 | } |
616 | 628 | ||
617 | int security_inode_need_killpriv(struct dentry *dentry) | 629 | int security_inode_need_killpriv(struct dentry *dentry) |