diff options
author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2014-11-05 10:01:12 -0500 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2014-11-17 23:09:18 -0500 |
commit | e3c4abbfa97ed0b7aed36f18b32911ccf76d52c2 (patch) | |
tree | 2dabccd9c08945c45c701bb42c02959644011066 /security/integrity | |
parent | c2426d2ad5027397342107b7ff094aa9b234acb8 (diff) |
integrity: define a new function integrity_read_file()
This patch defines a new function called integrity_read_file()
to read file from the kernel into a buffer. Subsequent patches
will read a file containing the public keys and load them onto
the IMA keyring.
This patch moves and renames ima_kernel_read(), the non-security
checking version of kernel_read(), to integrity_kernel_read().
Changes in v3:
* Patch descriptions improved (Mimi)
* Add missing cast (kbuild test robot)
Changes in v2:
* configuration option removed
* function declared as '__init'
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r-- | security/integrity/iint.c | 78 | ||||
-rw-r--r-- | security/integrity/ima/ima_crypto.c | 35 | ||||
-rw-r--r-- | security/integrity/integrity.h | 4 |
3 files changed, 85 insertions, 32 deletions
diff --git a/security/integrity/iint.c b/security/integrity/iint.c index cc3eb4de18a1..dbee618526b6 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c | |||
@@ -19,6 +19,8 @@ | |||
19 | #include <linux/module.h> | 19 | #include <linux/module.h> |
20 | #include <linux/spinlock.h> | 20 | #include <linux/spinlock.h> |
21 | #include <linux/rbtree.h> | 21 | #include <linux/rbtree.h> |
22 | #include <linux/file.h> | ||
23 | #include <linux/uaccess.h> | ||
22 | #include "integrity.h" | 24 | #include "integrity.h" |
23 | 25 | ||
24 | static struct rb_root integrity_iint_tree = RB_ROOT; | 26 | static struct rb_root integrity_iint_tree = RB_ROOT; |
@@ -167,3 +169,79 @@ static int __init integrity_iintcache_init(void) | |||
167 | return 0; | 169 | return 0; |
168 | } | 170 | } |
169 | security_initcall(integrity_iintcache_init); | 171 | security_initcall(integrity_iintcache_init); |
172 | |||
173 | |||
174 | /* | ||
175 | * integrity_kernel_read - read data from the file | ||
176 | * | ||
177 | * This is a function for reading file content instead of kernel_read(). | ||
178 | * It does not perform locking checks to ensure it cannot be blocked. | ||
179 | * It does not perform security checks because it is irrelevant for IMA. | ||
180 | * | ||
181 | */ | ||
182 | int integrity_kernel_read(struct file *file, loff_t offset, | ||
183 | char *addr, unsigned long count) | ||
184 | { | ||
185 | mm_segment_t old_fs; | ||
186 | char __user *buf = (char __user *)addr; | ||
187 | ssize_t ret = -EINVAL; | ||
188 | |||
189 | if (!(file->f_mode & FMODE_READ)) | ||
190 | return -EBADF; | ||
191 | |||
192 | old_fs = get_fs(); | ||
193 | set_fs(get_ds()); | ||
194 | if (file->f_op->read) | ||
195 | ret = file->f_op->read(file, buf, count, &offset); | ||
196 | else if (file->f_op->aio_read) | ||
197 | ret = do_sync_read(file, buf, count, &offset); | ||
198 | else if (file->f_op->read_iter) | ||
199 | ret = new_sync_read(file, buf, count, &offset); | ||
200 | set_fs(old_fs); | ||
201 | return ret; | ||
202 | } | ||
203 | |||
204 | /* | ||
205 | * integrity_read_file - read entire file content into the buffer | ||
206 | * | ||
207 | * This is function opens a file, allocates the buffer of required | ||
208 | * size, read entire file content to the buffer and closes the file | ||
209 | * | ||
210 | * It is used only by init code. | ||
211 | * | ||
212 | */ | ||
213 | int __init integrity_read_file(const char *path, char **data) | ||
214 | { | ||
215 | struct file *file; | ||
216 | loff_t size; | ||
217 | char *buf; | ||
218 | int rc = -EINVAL; | ||
219 | |||
220 | file = filp_open(path, O_RDONLY, 0); | ||
221 | if (IS_ERR(file)) { | ||
222 | rc = PTR_ERR(file); | ||
223 | pr_err("Unable to open file: %s (%d)", path, rc); | ||
224 | return rc; | ||
225 | } | ||
226 | |||
227 | size = i_size_read(file_inode(file)); | ||
228 | if (size <= 0) | ||
229 | goto out; | ||
230 | |||
231 | buf = kmalloc(size, GFP_KERNEL); | ||
232 | if (!buf) { | ||
233 | rc = -ENOMEM; | ||
234 | goto out; | ||
235 | } | ||
236 | |||
237 | rc = integrity_kernel_read(file, 0, buf, size); | ||
238 | if (rc < 0) | ||
239 | kfree(buf); | ||
240 | else if (rc != size) | ||
241 | rc = -EIO; | ||
242 | else | ||
243 | *data = buf; | ||
244 | out: | ||
245 | fput(file); | ||
246 | return rc; | ||
247 | } | ||
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index d34e7dfc1118..5df4d960d4dc 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c | |||
@@ -67,36 +67,6 @@ MODULE_PARM_DESC(ahash_bufsize, "Maximum ahash buffer size"); | |||
67 | static struct crypto_shash *ima_shash_tfm; | 67 | static struct crypto_shash *ima_shash_tfm; |
68 | static struct crypto_ahash *ima_ahash_tfm; | 68 | static struct crypto_ahash *ima_ahash_tfm; |
69 | 69 | ||
70 | /** | ||
71 | * ima_kernel_read - read file content | ||
72 | * | ||
73 | * This is a function for reading file content instead of kernel_read(). | ||
74 | * It does not perform locking checks to ensure it cannot be blocked. | ||
75 | * It does not perform security checks because it is irrelevant for IMA. | ||
76 | * | ||
77 | */ | ||
78 | static int ima_kernel_read(struct file *file, loff_t offset, | ||
79 | char *addr, unsigned long count) | ||
80 | { | ||
81 | mm_segment_t old_fs; | ||
82 | char __user *buf = addr; | ||
83 | ssize_t ret = -EINVAL; | ||
84 | |||
85 | if (!(file->f_mode & FMODE_READ)) | ||
86 | return -EBADF; | ||
87 | |||
88 | old_fs = get_fs(); | ||
89 | set_fs(get_ds()); | ||
90 | if (file->f_op->read) | ||
91 | ret = file->f_op->read(file, buf, count, &offset); | ||
92 | else if (file->f_op->aio_read) | ||
93 | ret = do_sync_read(file, buf, count, &offset); | ||
94 | else if (file->f_op->read_iter) | ||
95 | ret = new_sync_read(file, buf, count, &offset); | ||
96 | set_fs(old_fs); | ||
97 | return ret; | ||
98 | } | ||
99 | |||
100 | int __init ima_init_crypto(void) | 70 | int __init ima_init_crypto(void) |
101 | { | 71 | { |
102 | long rc; | 72 | long rc; |
@@ -324,7 +294,8 @@ static int ima_calc_file_hash_atfm(struct file *file, | |||
324 | } | 294 | } |
325 | /* read buffer */ | 295 | /* read buffer */ |
326 | rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]); | 296 | rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]); |
327 | rc = ima_kernel_read(file, offset, rbuf[active], rbuf_len); | 297 | rc = integrity_kernel_read(file, offset, rbuf[active], |
298 | rbuf_len); | ||
328 | if (rc != rbuf_len) | 299 | if (rc != rbuf_len) |
329 | goto out3; | 300 | goto out3; |
330 | 301 | ||
@@ -417,7 +388,7 @@ static int ima_calc_file_hash_tfm(struct file *file, | |||
417 | while (offset < i_size) { | 388 | while (offset < i_size) { |
418 | int rbuf_len; | 389 | int rbuf_len; |
419 | 390 | ||
420 | rbuf_len = ima_kernel_read(file, offset, rbuf, PAGE_SIZE); | 391 | rbuf_len = integrity_kernel_read(file, offset, rbuf, PAGE_SIZE); |
421 | if (rbuf_len < 0) { | 392 | if (rbuf_len < 0) { |
422 | rc = rbuf_len; | 393 | rc = rbuf_len; |
423 | break; | 394 | break; |
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index f51ad65c894d..20d220481025 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h | |||
@@ -119,6 +119,10 @@ struct integrity_iint_cache { | |||
119 | */ | 119 | */ |
120 | struct integrity_iint_cache *integrity_iint_find(struct inode *inode); | 120 | struct integrity_iint_cache *integrity_iint_find(struct inode *inode); |
121 | 121 | ||
122 | int integrity_kernel_read(struct file *file, loff_t offset, | ||
123 | char *addr, unsigned long count); | ||
124 | int __init integrity_read_file(const char *path, char **data); | ||
125 | |||
122 | #define INTEGRITY_KEYRING_EVM 0 | 126 | #define INTEGRITY_KEYRING_EVM 0 |
123 | #define INTEGRITY_KEYRING_MODULE 1 | 127 | #define INTEGRITY_KEYRING_MODULE 1 |
124 | #define INTEGRITY_KEYRING_IMA 2 | 128 | #define INTEGRITY_KEYRING_IMA 2 |