diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2009-02-11 11:12:28 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-02-11 17:40:14 -0500 |
commit | 523979adfa0b79d4e3aa053220c37a9233294206 (patch) | |
tree | 15ff42f935f9d443220edb118f3980432f924360 | |
parent | ed850a52af971528b048812c4215cef298af0d3b (diff) |
integrity: audit update
Based on discussions on linux-audit, as per Steve Grubb's request
http://lkml.org/lkml/2009/2/6/269, the following changes were made:
- forced audit result to be either 0 or 1.
- made template names const
- Added new stand-alone message type: AUDIT_INTEGRITY_RULE
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | include/linux/audit.h | 4 | ||||
-rw-r--r-- | security/integrity/ima/ima.h | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima_api.c | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima_audit.c | 21 | ||||
-rw-r--r-- | security/integrity/ima/ima_fs.c | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima_init.c | 2 | ||||
-rw-r--r-- | security/integrity/ima/ima_policy.c | 17 |
7 files changed, 28 insertions, 22 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 930939abfbc6..4fa2810b675e 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h | |||
@@ -36,7 +36,8 @@ | |||
36 | * 1500 - 1599 kernel LSPP events | 36 | * 1500 - 1599 kernel LSPP events |
37 | * 1600 - 1699 kernel crypto events | 37 | * 1600 - 1699 kernel crypto events |
38 | * 1700 - 1799 kernel anomaly records | 38 | * 1700 - 1799 kernel anomaly records |
39 | * 1800 - 1999 future kernel use (maybe integrity labels and related events) | 39 | * 1800 - 1899 kernel integrity events |
40 | * 1900 - 1999 future kernel use | ||
40 | * 2000 is for otherwise unclassified kernel audit messages (legacy) | 41 | * 2000 is for otherwise unclassified kernel audit messages (legacy) |
41 | * 2001 - 2099 unused (kernel) | 42 | * 2001 - 2099 unused (kernel) |
42 | * 2100 - 2199 user space anomaly records | 43 | * 2100 - 2199 user space anomaly records |
@@ -130,6 +131,7 @@ | |||
130 | #define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */ | 131 | #define AUDIT_INTEGRITY_STATUS 1802 /* Integrity enable status */ |
131 | #define AUDIT_INTEGRITY_HASH 1803 /* Integrity HASH type */ | 132 | #define AUDIT_INTEGRITY_HASH 1803 /* Integrity HASH type */ |
132 | #define AUDIT_INTEGRITY_PCR 1804 /* PCR invalidation msgs */ | 133 | #define AUDIT_INTEGRITY_PCR 1804 /* PCR invalidation msgs */ |
134 | #define AUDIT_INTEGRITY_RULE 1805 /* policy rule */ | ||
133 | 135 | ||
134 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ | 136 | #define AUDIT_KERNEL 2000 /* Asynchronous audit record. NOT A REQUEST. */ |
135 | 137 | ||
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index e3c16a21a38e..165eb5397ea5 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h | |||
@@ -47,7 +47,7 @@ struct ima_template_data { | |||
47 | 47 | ||
48 | struct ima_template_entry { | 48 | struct ima_template_entry { |
49 | u8 digest[IMA_DIGEST_SIZE]; /* sha1 or md5 measurement hash */ | 49 | u8 digest[IMA_DIGEST_SIZE]; /* sha1 or md5 measurement hash */ |
50 | char *template_name; | 50 | const char *template_name; |
51 | int template_len; | 51 | int template_len; |
52 | struct ima_template_data template; | 52 | struct ima_template_data template; |
53 | }; | 53 | }; |
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index a148a25804f6..3cd58b60afd2 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c | |||
@@ -15,7 +15,7 @@ | |||
15 | #include <linux/module.h> | 15 | #include <linux/module.h> |
16 | 16 | ||
17 | #include "ima.h" | 17 | #include "ima.h" |
18 | static char *IMA_TEMPLATE_NAME = "ima"; | 18 | static const char *IMA_TEMPLATE_NAME = "ima"; |
19 | 19 | ||
20 | /* | 20 | /* |
21 | * ima_store_template - store ima template measurements | 21 | * ima_store_template - store ima template measurements |
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/ima/ima_audit.c index 8a0f1e23ccf1..1e082bb987be 100644 --- a/security/integrity/ima/ima_audit.c +++ b/security/integrity/ima/ima_audit.c | |||
@@ -22,16 +22,18 @@ static int ima_audit; | |||
22 | static int __init ima_audit_setup(char *str) | 22 | static int __init ima_audit_setup(char *str) |
23 | { | 23 | { |
24 | unsigned long audit; | 24 | unsigned long audit; |
25 | int rc; | 25 | int rc, result = 0; |
26 | char *op; | 26 | char *op = "ima_audit"; |
27 | char *cause; | ||
27 | 28 | ||
28 | rc = strict_strtoul(str, 0, &audit); | 29 | rc = strict_strtoul(str, 0, &audit); |
29 | if (rc || audit > 1) | 30 | if (rc || audit > 1) |
30 | printk(KERN_INFO "ima: invalid ima_audit value\n"); | 31 | result = 1; |
31 | else | 32 | else |
32 | ima_audit = audit; | 33 | ima_audit = audit; |
33 | op = ima_audit ? "ima_audit_enabled" : "ima_audit_not_enabled"; | 34 | cause = ima_audit ? "enabled" : "not_enabled"; |
34 | integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, NULL, op, 0, 0); | 35 | integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, |
36 | op, cause, result, 0); | ||
35 | return 1; | 37 | return 1; |
36 | } | 38 | } |
37 | __setup("ima_audit=", ima_audit_setup); | 39 | __setup("ima_audit=", ima_audit_setup); |
@@ -47,20 +49,21 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, | |||
47 | return; | 49 | return; |
48 | 50 | ||
49 | ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); | 51 | ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); |
50 | audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u", | 52 | audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u ses=%u", |
51 | current->pid, current->cred->uid, | 53 | current->pid, current->cred->uid, |
52 | audit_get_loginuid(current)); | 54 | audit_get_loginuid(current), |
55 | audit_get_sessionid(current)); | ||
53 | audit_log_task_context(ab); | 56 | audit_log_task_context(ab); |
54 | switch (audit_msgno) { | 57 | switch (audit_msgno) { |
55 | case AUDIT_INTEGRITY_DATA: | 58 | case AUDIT_INTEGRITY_DATA: |
56 | case AUDIT_INTEGRITY_METADATA: | 59 | case AUDIT_INTEGRITY_METADATA: |
57 | case AUDIT_INTEGRITY_PCR: | 60 | case AUDIT_INTEGRITY_PCR: |
61 | case AUDIT_INTEGRITY_STATUS: | ||
58 | audit_log_format(ab, " op=%s cause=%s", op, cause); | 62 | audit_log_format(ab, " op=%s cause=%s", op, cause); |
59 | break; | 63 | break; |
60 | case AUDIT_INTEGRITY_HASH: | 64 | case AUDIT_INTEGRITY_HASH: |
61 | audit_log_format(ab, " op=%s hash=%s", op, cause); | 65 | audit_log_format(ab, " op=%s hash=%s", op, cause); |
62 | break; | 66 | break; |
63 | case AUDIT_INTEGRITY_STATUS: | ||
64 | default: | 67 | default: |
65 | audit_log_format(ab, " op=%s", op); | 68 | audit_log_format(ab, " op=%s", op); |
66 | } | 69 | } |
@@ -73,6 +76,6 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, | |||
73 | if (inode) | 76 | if (inode) |
74 | audit_log_format(ab, " dev=%s ino=%lu", | 77 | audit_log_format(ab, " dev=%s ino=%lu", |
75 | inode->i_sb->s_id, inode->i_ino); | 78 | inode->i_sb->s_id, inode->i_ino); |
76 | audit_log_format(ab, " res=%d", result); | 79 | audit_log_format(ab, " res=%d", !result ? 0 : 1); |
77 | audit_log_end(ab); | 80 | audit_log_end(ab); |
78 | } | 81 | } |
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 573780c76f1f..ffbe259700b1 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c | |||
@@ -137,7 +137,7 @@ static int ima_measurements_show(struct seq_file *m, void *v) | |||
137 | ima_putc(m, &namelen, sizeof namelen); | 137 | ima_putc(m, &namelen, sizeof namelen); |
138 | 138 | ||
139 | /* 4th: template name */ | 139 | /* 4th: template name */ |
140 | ima_putc(m, e->template_name, namelen); | 140 | ima_putc(m, (void *)e->template_name, namelen); |
141 | 141 | ||
142 | /* 5th: template specific data */ | 142 | /* 5th: template specific data */ |
143 | ima_template_show(m, (struct ima_template_data *)&e->template, | 143 | ima_template_show(m, (struct ima_template_data *)&e->template, |
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index cf227dbfac2c..0b0bb8c978cc 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c | |||
@@ -20,7 +20,7 @@ | |||
20 | #include "ima.h" | 20 | #include "ima.h" |
21 | 21 | ||
22 | /* name for boot aggregate entry */ | 22 | /* name for boot aggregate entry */ |
23 | static char *boot_aggregate_name = "boot_aggregate"; | 23 | static const char *boot_aggregate_name = "boot_aggregate"; |
24 | int ima_used_chip; | 24 | int ima_used_chip; |
25 | 25 | ||
26 | /* Add the boot aggregate to the IMA measurement list and extend | 26 | /* Add the boot aggregate to the IMA measurement list and extend |
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 23810e0bfc68..b5291ad5ef56 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c | |||
@@ -12,7 +12,6 @@ | |||
12 | */ | 12 | */ |
13 | #include <linux/module.h> | 13 | #include <linux/module.h> |
14 | #include <linux/list.h> | 14 | #include <linux/list.h> |
15 | #include <linux/audit.h> | ||
16 | #include <linux/security.h> | 15 | #include <linux/security.h> |
17 | #include <linux/magic.h> | 16 | #include <linux/magic.h> |
18 | #include <linux/parser.h> | 17 | #include <linux/parser.h> |
@@ -239,8 +238,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) | |||
239 | char *p; | 238 | char *p; |
240 | int result = 0; | 239 | int result = 0; |
241 | 240 | ||
242 | ab = audit_log_start(current->audit_context, GFP_KERNEL, | 241 | ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE); |
243 | AUDIT_INTEGRITY_STATUS); | ||
244 | 242 | ||
245 | entry->action = -1; | 243 | entry->action = -1; |
246 | while ((p = strsep(&rule, " \n")) != NULL) { | 244 | while ((p = strsep(&rule, " \n")) != NULL) { |
@@ -345,15 +343,14 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) | |||
345 | AUDIT_SUBJ_TYPE); | 343 | AUDIT_SUBJ_TYPE); |
346 | break; | 344 | break; |
347 | case Opt_err: | 345 | case Opt_err: |
348 | printk(KERN_INFO "%s: unknown token: %s\n", | 346 | audit_log_format(ab, "UNKNOWN=%s ", p); |
349 | __FUNCTION__, p); | ||
350 | break; | 347 | break; |
351 | } | 348 | } |
352 | } | 349 | } |
353 | if (entry->action == UNKNOWN) | 350 | if (entry->action == UNKNOWN) |
354 | result = -EINVAL; | 351 | result = -EINVAL; |
355 | 352 | ||
356 | audit_log_format(ab, "res=%d", result); | 353 | audit_log_format(ab, "res=%d", !result ? 0 : 1); |
357 | audit_log_end(ab); | 354 | audit_log_end(ab); |
358 | return result; | 355 | return result; |
359 | } | 356 | } |
@@ -367,7 +364,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) | |||
367 | */ | 364 | */ |
368 | int ima_parse_add_rule(char *rule) | 365 | int ima_parse_add_rule(char *rule) |
369 | { | 366 | { |
370 | const char *op = "add_rule"; | 367 | const char *op = "update_policy"; |
371 | struct ima_measure_rule_entry *entry; | 368 | struct ima_measure_rule_entry *entry; |
372 | int result = 0; | 369 | int result = 0; |
373 | int audit_info = 0; | 370 | int audit_info = 0; |
@@ -394,8 +391,12 @@ int ima_parse_add_rule(char *rule) | |||
394 | mutex_lock(&ima_measure_mutex); | 391 | mutex_lock(&ima_measure_mutex); |
395 | list_add_tail(&entry->list, &measure_policy_rules); | 392 | list_add_tail(&entry->list, &measure_policy_rules); |
396 | mutex_unlock(&ima_measure_mutex); | 393 | mutex_unlock(&ima_measure_mutex); |
397 | } else | 394 | } else { |
398 | kfree(entry); | 395 | kfree(entry); |
396 | integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, | ||
397 | NULL, op, "invalid policy", result, | ||
398 | audit_info); | ||
399 | } | ||
399 | return result; | 400 | return result; |
400 | } | 401 | } |
401 | 402 | ||