Merge remote-tracking branch 'linus/master' into testing

author: Sage Weil <sage@inktank.com> 2013-08-15 14:11:45 -0400
committer: Sage Weil <sage@inktank.com> 2013-08-15 14:11:45 -0400
commit: ee3e542fec6e69bc9fb668698889a37d93950ddf (patch)
tree: e74ee766a4764769ef1d3d45d266b4dea64101d3 /security/integrity
parent: fe2a801b50c0bb8039d627e5ae1fec249d10ff39 (diff)
parent: f1d6e17f540af37bb1891480143669ba7636c4cf (diff)
9 files changed, 51 insertions, 35 deletions
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 4bb3a775a996..245c6d92065b 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,6 +17,21 @@ config INTEGRITY_SIGNATURE
          This is useful for evm and module keyrings, when keys are
          usually only added from initramfs.
+config INTEGRITY_AUDIT
+        bool "Enables integrity auditing support "
+        depends on INTEGRITY && AUDIT
+        default y
+        help
+          In addition to enabling integrity auditing support, this
+          option adds a kernel parameter 'integrity_audit', which
+          controls the level of integrity auditing messages.
+          0 - basic integrity auditing messages (default)
+          1 - additional integrity auditing messages
+          Additional informational integrity auditing messages would
+          be enabled by specifying 'integrity_audit=1' on the kernel
+          command line.
 config INTEGRITY_ASYMMETRIC_KEYS
        boolean "Enable asymmetric keys support"
        depends on INTEGRITY_SIGNATURE
diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index ebb6409b3fcb..0f9cffb1f9ad 100644
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -3,6 +3,7 @@
 #
 obj-$(CONFIG_INTEGRITY) += integrity.o
+obj-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
 obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
 obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index cdbde1762189..df0fa451a871 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -16,6 +16,7 @@
 #include <linux/module.h>
 #include <linux/crypto.h>
+#include <linux/audit.h>
 #include <linux/xattr.h>
 #include <linux/integrity.h>
 #include <linux/evm.h>
@@ -24,6 +25,9 @@
 int evm_initialized;
+static char *integrity_status_msg[] = {
+        "pass", "fail", "no_label", "no_xattrs", "unknown"
+};
 char *evm_hmac = "hmac(sha1)";
 char *evm_hash = "sha1";
 int evm_hmac_version = CONFIG_EVM_HMAC_VERSION;
@@ -262,9 +266,15 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name,
                if ((evm_status == INTEGRITY_PASS) ||
                    (evm_status == INTEGRITY_NOXATTRS))
                        return 0;
-                return -EPERM;
+                goto out;
        }
        evm_status = evm_verify_current_integrity(dentry);
+out:
+        if (evm_status != INTEGRITY_PASS)
+                integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
+                                    dentry->d_name.name, "appraise_metadata",
+                                    integrity_status_msg[evm_status],
+                                    -EPERM, 0);
        return evm_status == INTEGRITY_PASS ? 0 : -EPERM;
 }
@@ -357,6 +367,9 @@ int evm_inode_setattr(struct dentry *dentry, struct iattr *attr)
        if ((evm_status == INTEGRITY_PASS) ||
            (evm_status == INTEGRITY_NOXATTRS))
                return 0;
+        integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
+                            dentry->d_name.name, "appraise_metadata",
+                            integrity_status_msg[evm_status], -EPERM, 0);
        return -EPERM;
 }
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index d232c73647ae..39196abaff0d 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -38,18 +38,6 @@ config IMA_MEASURE_PCR_IDX
          that IMA uses to maintain the integrity aggregate of the
          measurement list.  If unsure, use the default 10.
-config IMA_AUDIT
-        bool "Enables auditing support"
-        depends on IMA
-        depends on AUDIT
-        default y
-        help
-          This option adds a kernel parameter 'ima_audit', which
-          allows informational auditing messages to be enabled
-          at boot.  If this option is selected, informational integrity
-          auditing messages can be enabled with 'ima_audit=1' on
-          the kernel command line.
 config IMA_LSM_RULES
        bool
        depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK)
diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile
index 3f2ca6bdc384..56dfee7cbf61 100644
--- a/security/integrity/ima/Makefile
+++ b/security/integrity/ima/Makefile
@@ -7,5 +7,4 @@ obj-$(CONFIG_IMA) += ima.o
 ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
         ima_policy.o
-ima-$(CONFIG_IMA_AUDIT) += ima_audit.o
 ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index a41c9c18e5e0..b3dd616560f7 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -62,20 +62,6 @@ struct ima_queue_entry {
 };
 extern struct list_head ima_measurements;       /* list of all measurements */
-#ifdef CONFIG_IMA_AUDIT
-/* declarations */
-void integrity_audit_msg(int audit_msgno, struct inode *inode,
-                         const unsigned char *fname, const char *op,
-                         const char *cause, int result, int info);
-#else
-static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
-                                       const unsigned char *fname,
-                                       const char *op, const char *cause,
-                                       int result, int info)
-{
-}
-#endif
 /* Internal IMA function definitions */
 int ima_init(void);
 void ima_cleanup(void);
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 6c491a63128e..e9508d5bbfcf 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -57,7 +57,7 @@ __setup("ima_hash=", hash_setup);
 static void ima_rdwr_violation_check(struct file *file)
 {
        struct dentry *dentry = file->f_path.dentry;
-        struct inode *inode = dentry->d_inode;
+        struct inode *inode = file_inode(file);
        fmode_t mode = file->f_mode;
        int must_measure;
        bool send_tomtou = false, send_writers = false;
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 84c37c4db914..c42fb7a70dee 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -113,5 +113,19 @@ static inline int asymmetric_verify(struct key *keyring, const char *sig,
 }
 #endif
+#ifdef CONFIG_INTEGRITY_AUDIT
+/* declarations */
+void integrity_audit_msg(int audit_msgno, struct inode *inode,
+                         const unsigned char *fname, const char *op,
+                         const char *cause, int result, int info);
+#else
+static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
+                                       const unsigned char *fname,
+                                       const char *op, const char *cause,
+                                       int result, int info)
+{
+}
+#endif
 /* set during initialization */
 extern int iint_initialized;
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/integrity_audit.c
index c586faae8fd6..d7efb30404aa 100644
--- a/security/integrity/ima/ima_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -13,20 +13,20 @@
 #include <linux/fs.h>
 #include <linux/gfp.h>
 #include <linux/audit.h>
-#include "ima.h"
+#include "integrity.h"
-static int ima_audit;
+static int integrity_audit_info;
 /* ima_audit_setup - enable informational auditing messages */
-static int __init ima_audit_setup(char *str)
+static int __init integrity_audit_setup(char *str)
 {
        unsigned long audit;
        if (!strict_strtoul(str, 0, &audit))
-                ima_audit = audit ? 1 : 0;
+                integrity_audit_info = audit ? 1 : 0;
        return 1;
 }
-__setup("ima_audit=", ima_audit_setup);
+__setup("integrity_audit=", integrity_audit_setup);
 void integrity_audit_msg(int audit_msgno, struct inode *inode,
                         const unsigned char *fname, const char *op,
@@ -34,7 +34,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
 {
        struct audit_buffer *ab;
-        if (!ima_audit && audit_info == 1) /* Skip informational messages */
+        if (!integrity_audit_info && audit_info == 1)   /* Skip info messages */
                return;
        ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
author	Sage Weil <sage@inktank.com>	2013-08-15 14:11:45 -0400
committer	Sage Weil <sage@inktank.com>	2013-08-15 14:11:45 -0400
commit	ee3e542fec6e69bc9fb668698889a37d93950ddf (patch)
tree	e74ee766a4764769ef1d3d45d266b4dea64101d3 /security/integrity
parent	fe2a801b50c0bb8039d627e5ae1fec249d10ff39 (diff)
parent	f1d6e17f540af37bb1891480143669ba7636c4cf (diff)