diff options
author | Dmitry Kasatkin <dmitry.kasatkin@intel.com> | 2012-09-27 08:57:10 -0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-01-16 17:49:44 -0500 |
commit | 750943a30714b7e9a5a2b0e08eeef7a808b5a869 (patch) | |
tree | a75f963abc43a13e3d1a558b2f8c3d47b018b63d /security/integrity | |
parent | def3e8b9ee23cb69036910e48ec4e3eff40e04cb (diff) |
ima: remove enforce checking duplication
Based on the IMA appraisal policy, files are appraised. For those
files appraised, the IMA hooks return the integrity appraisal result,
assuming IMA-appraisal is in enforcing mode. This patch combines
both of these criteria (in policy and enforcing file integrity),
removing the checking duplication.
Changelog v1:
- Update hook comments
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r-- | security/integrity/ima/ima_main.c | 52 |
1 files changed, 20 insertions, 32 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 45de18e9a6f2..1cd4eb2c3b90 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
@@ -208,7 +208,9 @@ static int process_measurement(struct file *file, const unsigned char *filename, | |||
208 | kfree(pathbuf); | 208 | kfree(pathbuf); |
209 | out: | 209 | out: |
210 | mutex_unlock(&inode->i_mutex); | 210 | mutex_unlock(&inode->i_mutex); |
211 | return (rc && must_appraise) ? -EACCES : 0; | 211 | if ((rc && must_appraise) && (ima_appraise & IMA_APPRAISE_ENFORCE)) |
212 | return -EACCES; | ||
213 | return 0; | ||
212 | } | 214 | } |
213 | 215 | ||
214 | /** | 216 | /** |
@@ -219,19 +221,15 @@ out: | |||
219 | * Measure files being mmapped executable based on the ima_must_measure() | 221 | * Measure files being mmapped executable based on the ima_must_measure() |
220 | * policy decision. | 222 | * policy decision. |
221 | * | 223 | * |
222 | * Return 0 on success, an error code on failure. | 224 | * On success return 0. On integrity appraisal error, assuming the file |
223 | * (Based on the results of appraise_measurement().) | 225 | * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. |
224 | */ | 226 | */ |
225 | int ima_file_mmap(struct file *file, unsigned long prot) | 227 | int ima_file_mmap(struct file *file, unsigned long prot) |
226 | { | 228 | { |
227 | int rc = 0; | 229 | if (file && (prot & PROT_EXEC)) |
228 | 230 | return process_measurement(file, file->f_dentry->d_name.name, | |
229 | if (!file) | 231 | MAY_EXEC, FILE_MMAP); |
230 | return 0; | 232 | return 0; |
231 | if (prot & PROT_EXEC) | ||
232 | rc = process_measurement(file, file->f_dentry->d_name.name, | ||
233 | MAY_EXEC, FILE_MMAP); | ||
234 | return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0; | ||
235 | } | 233 | } |
236 | 234 | ||
237 | /** | 235 | /** |
@@ -244,18 +242,15 @@ int ima_file_mmap(struct file *file, unsigned long prot) | |||
244 | * So we can be certain that what we verify and measure here is actually | 242 | * So we can be certain that what we verify and measure here is actually |
245 | * what is being executed. | 243 | * what is being executed. |
246 | * | 244 | * |
247 | * Return 0 on success, an error code on failure. | 245 | * On success return 0. On integrity appraisal error, assuming the file |
248 | * (Based on the results of appraise_measurement().) | 246 | * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. |
249 | */ | 247 | */ |
250 | int ima_bprm_check(struct linux_binprm *bprm) | 248 | int ima_bprm_check(struct linux_binprm *bprm) |
251 | { | 249 | { |
252 | int rc; | 250 | return process_measurement(bprm->file, |
253 | |||
254 | rc = process_measurement(bprm->file, | ||
255 | (strcmp(bprm->filename, bprm->interp) == 0) ? | 251 | (strcmp(bprm->filename, bprm->interp) == 0) ? |
256 | bprm->filename : bprm->interp, | 252 | bprm->filename : bprm->interp, |
257 | MAY_EXEC, BPRM_CHECK); | 253 | MAY_EXEC, BPRM_CHECK); |
258 | return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0; | ||
259 | } | 254 | } |
260 | 255 | ||
261 | /** | 256 | /** |
@@ -265,18 +260,15 @@ int ima_bprm_check(struct linux_binprm *bprm) | |||
265 | * | 260 | * |
266 | * Measure files based on the ima_must_measure() policy decision. | 261 | * Measure files based on the ima_must_measure() policy decision. |
267 | * | 262 | * |
268 | * Always return 0 and audit dentry_open failures. | 263 | * On success return 0. On integrity appraisal error, assuming the file |
269 | * (Return code will be based upon measurement appraisal.) | 264 | * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. |
270 | */ | 265 | */ |
271 | int ima_file_check(struct file *file, int mask) | 266 | int ima_file_check(struct file *file, int mask) |
272 | { | 267 | { |
273 | int rc; | ||
274 | |||
275 | ima_rdwr_violation_check(file); | 268 | ima_rdwr_violation_check(file); |
276 | rc = process_measurement(file, file->f_dentry->d_name.name, | 269 | return process_measurement(file, file->f_dentry->d_name.name, |
277 | mask & (MAY_READ | MAY_WRITE | MAY_EXEC), | 270 | mask & (MAY_READ | MAY_WRITE | MAY_EXEC), |
278 | FILE_CHECK); | 271 | FILE_CHECK); |
279 | return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0; | ||
280 | } | 272 | } |
281 | EXPORT_SYMBOL_GPL(ima_file_check); | 273 | EXPORT_SYMBOL_GPL(ima_file_check); |
282 | 274 | ||
@@ -286,19 +278,15 @@ EXPORT_SYMBOL_GPL(ima_file_check); | |||
286 | * | 278 | * |
287 | * Measure/appraise kernel modules based on policy. | 279 | * Measure/appraise kernel modules based on policy. |
288 | * | 280 | * |
289 | * Always return 0 and audit dentry_open failures. | 281 | * On success return 0. On integrity appraisal error, assuming the file |
290 | * Return code is based upon measurement appraisal. | 282 | * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. |
291 | */ | 283 | */ |
292 | int ima_module_check(struct file *file) | 284 | int ima_module_check(struct file *file) |
293 | { | 285 | { |
294 | int rc; | ||
295 | |||
296 | if (!file) | 286 | if (!file) |
297 | rc = INTEGRITY_UNKNOWN; | 287 | return -EACCES; /* INTEGRITY_UNKNOWN */ |
298 | else | 288 | return process_measurement(file, file->f_dentry->d_name.name, |
299 | rc = process_measurement(file, file->f_dentry->d_name.name, | 289 | MAY_EXEC, MODULE_CHECK); |
300 | MAY_EXEC, MODULE_CHECK); | ||
301 | return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0; | ||
302 | } | 290 | } |
303 | 291 | ||
304 | static int __init init_ima(void) | 292 | static int __init init_ima(void) |