integrity: define a new function integrity_read_file()

This patch defines a new function called integrity_read_file() to read file from the kernel into a buffer. Subsequent patches will read a file containing the public keys and load them onto the IMA keyring. This patch moves and renames ima_kernel_read(), the non-security checking version of kernel_read(), to integrity_kernel_read(). Changes in v3: * Patch descriptions improved (Mimi) * Add missing cast (kbuild test robot) Changes in v2: * configuration option removed * function declared as '__init' Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Dmitry Kasatkin <d.kasatkin@samsung.com> 2014-11-05 10:01:12 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2014-11-17 23:09:18 -0500
commit: e3c4abbfa97ed0b7aed36f18b32911ccf76d52c2 (patch)
tree: 2dabccd9c08945c45c701bb42c02959644011066
parent: c2426d2ad5027397342107b7ff094aa9b234acb8 (diff)
3 files changed, 85 insertions, 32 deletions
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index cc3eb4de18a1..dbee618526b6 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -19,6 +19,8 @@
 #include <linux/module.h>
 #include <linux/spinlock.h>
 #include <linux/rbtree.h>
+#include <linux/file.h>
+#include <linux/uaccess.h>
 #include "integrity.h"
 static struct rb_root integrity_iint_tree = RB_ROOT;
@@ -167,3 +169,79 @@ static int __init integrity_iintcache_init(void)
        return 0;
 }
 security_initcall(integrity_iintcache_init);
+/*
+ * integrity_kernel_read - read data from the file
+ *
+ * This is a function for reading file content instead of kernel_read().
+ * It does not perform locking checks to ensure it cannot be blocked.
+ * It does not perform security checks because it is irrelevant for IMA.
+ *
+ */
+int integrity_kernel_read(struct file *file, loff_t offset,
+                          char *addr, unsigned long count)
+{
+        mm_segment_t old_fs;
+        char __user *buf = (char __user *)addr;
+        ssize_t ret = -EINVAL;
+        if (!(file->f_mode & FMODE_READ))
+                return -EBADF;
+        old_fs = get_fs();
+        set_fs(get_ds());
+        if (file->f_op->read)
+                ret = file->f_op->read(file, buf, count, &offset);
+        else if (file->f_op->aio_read)
+                ret = do_sync_read(file, buf, count, &offset);
+        else if (file->f_op->read_iter)
+                ret = new_sync_read(file, buf, count, &offset);
+        set_fs(old_fs);
+        return ret;
+}
+/*
+ * integrity_read_file - read entire file content into the buffer
+ *
+ * This is function opens a file, allocates the buffer of required
+ * size, read entire file content to the buffer and closes the file
+ *
+ * It is used only by init code.
+ *
+ */
+int __init integrity_read_file(const char *path, char **data)
+{
+        struct file *file;
+        loff_t size;
+        char *buf;
+        int rc = -EINVAL;
+        file = filp_open(path, O_RDONLY, 0);
+        if (IS_ERR(file)) {
+                rc = PTR_ERR(file);
+                pr_err("Unable to open file: %s (%d)", path, rc);
+                return rc;
+        }
+        size = i_size_read(file_inode(file));
+        if (size <= 0)
+                goto out;
+        buf = kmalloc(size, GFP_KERNEL);
+        if (!buf) {
+                rc = -ENOMEM;
+                goto out;
+        }
+        rc = integrity_kernel_read(file, 0, buf, size);
+        if (rc < 0)
+                kfree(buf);
+        else if (rc != size)
+                rc = -EIO;
+        else
+                *data = buf;
+out:
+        fput(file);
+        return rc;
+}
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index d34e7dfc1118..5df4d960d4dc 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -67,36 +67,6 @@ MODULE_PARM_DESC(ahash_bufsize, "Maximum ahash buffer size");
 static struct crypto_shash *ima_shash_tfm;
 static struct crypto_ahash *ima_ahash_tfm;
-/**
- * ima_kernel_read - read file content
- *
- * This is a function for reading file content instead of kernel_read().
- * It does not perform locking checks to ensure it cannot be blocked.
- * It does not perform security checks because it is irrelevant for IMA.
- *
- */
-static int ima_kernel_read(struct file *file, loff_t offset,
-                           char *addr, unsigned long count)
-{
-        mm_segment_t old_fs;
-        char __user *buf = addr;
-        ssize_t ret = -EINVAL;
-        if (!(file->f_mode & FMODE_READ))
-                return -EBADF;
-        old_fs = get_fs();
-        set_fs(get_ds());
-        if (file->f_op->read)
-                ret = file->f_op->read(file, buf, count, &offset);
-        else if (file->f_op->aio_read)
-                ret = do_sync_read(file, buf, count, &offset);
-        else if (file->f_op->read_iter)
-                ret = new_sync_read(file, buf, count, &offset);
-        set_fs(old_fs);
-        return ret;
-}
 int __init ima_init_crypto(void)
 {
        long rc;
@@ -324,7 +294,8 @@ static int ima_calc_file_hash_atfm(struct file *file,
                }
                /* read buffer */
                rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]);
-                rc = ima_kernel_read(file, offset, rbuf[active], rbuf_len);
+                rc = integrity_kernel_read(file, offset, rbuf[active],
+                                           rbuf_len);
                if (rc != rbuf_len)
                        goto out3;
@@ -417,7 +388,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
        while (offset < i_size) {
                int rbuf_len;
-                rbuf_len = ima_kernel_read(file, offset, rbuf, PAGE_SIZE);
+                rbuf_len = integrity_kernel_read(file, offset, rbuf, PAGE_SIZE);
                if (rbuf_len < 0) {
                        rc = rbuf_len;
                        break;
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index f51ad65c894d..20d220481025 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -119,6 +119,10 @@ struct integrity_iint_cache {
 */
 struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
+int integrity_kernel_read(struct file *file, loff_t offset,
+                          char *addr, unsigned long count);
+int __init integrity_read_file(const char *path, char **data);
 #define INTEGRITY_KEYRING_EVM           0
 #define INTEGRITY_KEYRING_MODULE        1
 #define INTEGRITY_KEYRING_IMA           2
author	Dmitry Kasatkin <d.kasatkin@samsung.com>	2014-11-05 10:01:12 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2014-11-17 23:09:18 -0500
commit	e3c4abbfa97ed0b7aed36f18b32911ccf76d52c2 (patch)
tree	2dabccd9c08945c45c701bb42c02959644011066
parent	c2426d2ad5027397342107b7ff094aa9b234acb8 (diff)

diff --git a/security/integrity/iint.c b/security/integrity/iint.c index cc3eb4de18a1..dbee618526b6 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c
@@ -19,6 +19,8 @@
19	#include <linux/module.h>	19	#include <linux/module.h>
20	#include <linux/spinlock.h>	20	#include <linux/spinlock.h>
21	#include <linux/rbtree.h>	21	#include <linux/rbtree.h>
		22	#include <linux/file.h>
		23	#include <linux/uaccess.h>
22	#include "integrity.h"	24	#include "integrity.h"
23		25
24	static struct rb_root integrity_iint_tree = RB_ROOT;	26	static struct rb_root integrity_iint_tree = RB_ROOT;
@@ -167,3 +169,79 @@ static int __init integrity_iintcache_init(void)
167	return 0;	169	return 0;
168	}	170	}
169	security_initcall(integrity_iintcache_init);	171	security_initcall(integrity_iintcache_init);
		172
		173
		174	/*
		175	* integrity_kernel_read - read data from the file
		176	*
		177	* This is a function for reading file content instead of kernel_read().
		178	* It does not perform locking checks to ensure it cannot be blocked.
		179	* It does not perform security checks because it is irrelevant for IMA.
		180	*
		181	*/
		182	int integrity_kernel_read(struct file *file, loff_t offset,
		183	char *addr, unsigned long count)
		184	{
		185	mm_segment_t old_fs;
		186	char __user buf = (char __user )addr;
		187	ssize_t ret = -EINVAL;
		188
		189	if (!(file->f_mode & FMODE_READ))
		190	return -EBADF;
		191
		192	old_fs = get_fs();
		193	set_fs(get_ds());
		194	if (file->f_op->read)
		195	ret = file->f_op->read(file, buf, count, &offset);
		196	else if (file->f_op->aio_read)
		197	ret = do_sync_read(file, buf, count, &offset);
		198	else if (file->f_op->read_iter)
		199	ret = new_sync_read(file, buf, count, &offset);
		200	set_fs(old_fs);
		201	return ret;
		202	}
		203
		204	/*
		205	* integrity_read_file - read entire file content into the buffer
		206	*
		207	* This is function opens a file, allocates the buffer of required
		208	* size, read entire file content to the buffer and closes the file
		209	*
		210	* It is used only by init code.
		211	*
		212	*/
		213	int __init integrity_read_file(const char path, char *data)
		214	{
		215	struct file *file;
		216	loff_t size;
		217	char *buf;
		218	int rc = -EINVAL;
		219
		220	file = filp_open(path, O_RDONLY, 0);
		221	if (IS_ERR(file)) {
		222	rc = PTR_ERR(file);
		223	pr_err("Unable to open file: %s (%d)", path, rc);
		224	return rc;
		225	}
		226
		227	size = i_size_read(file_inode(file));
		228	if (size <= 0)
		229	goto out;
		230
		231	buf = kmalloc(size, GFP_KERNEL);
		232	if (!buf) {
		233	rc = -ENOMEM;
		234	goto out;
		235	}
		236
		237	rc = integrity_kernel_read(file, 0, buf, size);
		238	if (rc < 0)
		239	kfree(buf);
		240	else if (rc != size)
		241	rc = -EIO;
		242	else
		243	*data = buf;
		244	out:
		245	fput(file);
		246	return rc;
		247	}


diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index d34e7dfc1118..5df4d960d4dc 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c
@@ -67,36 +67,6 @@ MODULE_PARM_DESC(ahash_bufsize, "Maximum ahash buffer size");
67	static struct crypto_shash *ima_shash_tfm;	67	static struct crypto_shash *ima_shash_tfm;
68	static struct crypto_ahash *ima_ahash_tfm;	68	static struct crypto_ahash *ima_ahash_tfm;
69		69
70	/**
71	* ima_kernel_read - read file content
72	*
73	* This is a function for reading file content instead of kernel_read().
74	* It does not perform locking checks to ensure it cannot be blocked.
75	* It does not perform security checks because it is irrelevant for IMA.
76	*
77	*/
78	static int ima_kernel_read(struct file *file, loff_t offset,
79	char *addr, unsigned long count)
80	{
81	mm_segment_t old_fs;
82	char __user *buf = addr;
83	ssize_t ret = -EINVAL;
84
85	if (!(file->f_mode & FMODE_READ))
86	return -EBADF;
87
88	old_fs = get_fs();
89	set_fs(get_ds());
90	if (file->f_op->read)
91	ret = file->f_op->read(file, buf, count, &offset);
92	else if (file->f_op->aio_read)
93	ret = do_sync_read(file, buf, count, &offset);
94	else if (file->f_op->read_iter)
95	ret = new_sync_read(file, buf, count, &offset);
96	set_fs(old_fs);
97	return ret;
98	}
99
100	int __init ima_init_crypto(void)	70	int __init ima_init_crypto(void)
101	{	71	{
102	long rc;	72	long rc;
@@ -324,7 +294,8 @@ static int ima_calc_file_hash_atfm(struct file *file,
324	}	294	}
325	/* read buffer */	295	/* read buffer */
326	rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]);	296	rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]);
327	rc = ima_kernel_read(file, offset, rbuf[active], rbuf_len);	297	rc = integrity_kernel_read(file, offset, rbuf[active],
		298	rbuf_len);
328	if (rc != rbuf_len)	299	if (rc != rbuf_len)
329	goto out3;	300	goto out3;
330		301
@@ -417,7 +388,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
417	while (offset < i_size) {	388	while (offset < i_size) {
418	int rbuf_len;	389	int rbuf_len;
419		390
420	rbuf_len = ima_kernel_read(file, offset, rbuf, PAGE_SIZE);	391	rbuf_len = integrity_kernel_read(file, offset, rbuf, PAGE_SIZE);
421	if (rbuf_len < 0) {	392	if (rbuf_len < 0) {
422	rc = rbuf_len;	393	rc = rbuf_len;
423	break;	394	break;


diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index f51ad65c894d..20d220481025 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h
@@ -119,6 +119,10 @@ struct integrity_iint_cache {
119	*/	119	*/
120	struct integrity_iint_cache integrity_iint_find(struct inode inode);	120	struct integrity_iint_cache integrity_iint_find(struct inode inode);
121		121
		122	int integrity_kernel_read(struct file *file, loff_t offset,
		123	char *addr, unsigned long count);
		124	int __init integrity_read_file(const char path, char *data);
		125
122	#define INTEGRITY_KEYRING_EVM 0	126	#define INTEGRITY_KEYRING_EVM 0
123	#define INTEGRITY_KEYRING_MODULE 1	127	#define INTEGRITY_KEYRING_MODULE 1
124	#define INTEGRITY_KEYRING_IMA 2	128	#define INTEGRITY_KEYRING_IMA 2