aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-07-03 17:04:58 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2013-07-03 17:04:58 -0400
commitf39d420f672f99ad9a0fe7deb951a0030d4f0d9e (patch)
tree450e229a4305362f72cc5461aab8af4f2f5d023e /security/integrity
parentfe489bf4505ae26d3c6d6a1f1d3064c2a9c5cd85 (diff)
parent572e5b018ba68d634f30aef71cf04d85c884aa05 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "In this update, Smack learns to love IPv6 and to mount a filesystem with a transmutable hierarchy (i.e. security labels are inherited from parent directory upon creation rather than creating process). The rest of the changes are maintenance" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (37 commits) tpm/tpm_i2c_infineon: Remove unused header file tpm: tpm_i2c_infinion: Don't modify i2c_client->driver evm: audit integrity metadata failures integrity: move integrity_audit_msg() evm: calculate HMAC after initializing posix acl on tmpfs maintainers: add Dmitry Kasatkin Smack: Fix the bug smackcipso can't set CIPSO correctly Smack: Fix possible NULL pointer dereference at smk_netlbl_mls() Smack: Add smkfstransmute mount option Smack: Improve access check performance Smack: Local IPv6 port based controls tpm: fix regression caused by section type conflict of tpm_dev_release() in ppc builds maintainers: Remove Kent from maintainers tpm: move TPM_DIGEST_SIZE defintion tpm_tis: missing platform_driver_unregister() on error in init_tis() security: clarify cap_inode_getsecctx description apparmor: no need to delay vfree() apparmor: fix fully qualified name parsing apparmor: fix setprocattr arg processing for onexec apparmor: localize getting the security context to a few macros ...
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/Kconfig15
-rw-r--r--security/integrity/Makefile1
-rw-r--r--security/integrity/evm/evm_main.c15
-rw-r--r--security/integrity/ima/Kconfig12
-rw-r--r--security/integrity/ima/Makefile1
-rw-r--r--security/integrity/ima/ima.h14
-rw-r--r--security/integrity/integrity.h14
-rw-r--r--security/integrity/integrity_audit.c (renamed from security/integrity/ima/ima_audit.c)12
8 files changed, 50 insertions, 34 deletions
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 4bb3a775a996..245c6d92065b 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,6 +17,21 @@ config INTEGRITY_SIGNATURE
17 This is useful for evm and module keyrings, when keys are 17 This is useful for evm and module keyrings, when keys are
18 usually only added from initramfs. 18 usually only added from initramfs.
19 19
20config INTEGRITY_AUDIT
21 bool "Enables integrity auditing support "
22 depends on INTEGRITY && AUDIT
23 default y
24 help
25 In addition to enabling integrity auditing support, this
26 option adds a kernel parameter 'integrity_audit', which
27 controls the level of integrity auditing messages.
28 0 - basic integrity auditing messages (default)
29 1 - additional integrity auditing messages
30
31 Additional informational integrity auditing messages would
32 be enabled by specifying 'integrity_audit=1' on the kernel
33 command line.
34
20config INTEGRITY_ASYMMETRIC_KEYS 35config INTEGRITY_ASYMMETRIC_KEYS
21 boolean "Enable asymmetric keys support" 36 boolean "Enable asymmetric keys support"
22 depends on INTEGRITY_SIGNATURE 37 depends on INTEGRITY_SIGNATURE
diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index ebb6409b3fcb..0f9cffb1f9ad 100644
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -3,6 +3,7 @@
3# 3#
4 4
5obj-$(CONFIG_INTEGRITY) += integrity.o 5obj-$(CONFIG_INTEGRITY) += integrity.o
6obj-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
6obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o 7obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
7obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o 8obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
8 9
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index cdbde1762189..df0fa451a871 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -16,6 +16,7 @@
16 16
17#include <linux/module.h> 17#include <linux/module.h>
18#include <linux/crypto.h> 18#include <linux/crypto.h>
19#include <linux/audit.h>
19#include <linux/xattr.h> 20#include <linux/xattr.h>
20#include <linux/integrity.h> 21#include <linux/integrity.h>
21#include <linux/evm.h> 22#include <linux/evm.h>
@@ -24,6 +25,9 @@
24 25
25int evm_initialized; 26int evm_initialized;
26 27
28static char *integrity_status_msg[] = {
29 "pass", "fail", "no_label", "no_xattrs", "unknown"
30};
27char *evm_hmac = "hmac(sha1)"; 31char *evm_hmac = "hmac(sha1)";
28char *evm_hash = "sha1"; 32char *evm_hash = "sha1";
29int evm_hmac_version = CONFIG_EVM_HMAC_VERSION; 33int evm_hmac_version = CONFIG_EVM_HMAC_VERSION;
@@ -262,9 +266,15 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name,
262 if ((evm_status == INTEGRITY_PASS) || 266 if ((evm_status == INTEGRITY_PASS) ||
263 (evm_status == INTEGRITY_NOXATTRS)) 267 (evm_status == INTEGRITY_NOXATTRS))
264 return 0; 268 return 0;
265 return -EPERM; 269 goto out;
266 } 270 }
267 evm_status = evm_verify_current_integrity(dentry); 271 evm_status = evm_verify_current_integrity(dentry);
272out:
273 if (evm_status != INTEGRITY_PASS)
274 integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
275 dentry->d_name.name, "appraise_metadata",
276 integrity_status_msg[evm_status],
277 -EPERM, 0);
268 return evm_status == INTEGRITY_PASS ? 0 : -EPERM; 278 return evm_status == INTEGRITY_PASS ? 0 : -EPERM;
269} 279}
270 280
@@ -357,6 +367,9 @@ int evm_inode_setattr(struct dentry *dentry, struct iattr *attr)
357 if ((evm_status == INTEGRITY_PASS) || 367 if ((evm_status == INTEGRITY_PASS) ||
358 (evm_status == INTEGRITY_NOXATTRS)) 368 (evm_status == INTEGRITY_NOXATTRS))
359 return 0; 369 return 0;
370 integrity_audit_msg(AUDIT_INTEGRITY_METADATA, dentry->d_inode,
371 dentry->d_name.name, "appraise_metadata",
372 integrity_status_msg[evm_status], -EPERM, 0);
360 return -EPERM; 373 return -EPERM;
361} 374}
362 375
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index d232c73647ae..39196abaff0d 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -38,18 +38,6 @@ config IMA_MEASURE_PCR_IDX
38 that IMA uses to maintain the integrity aggregate of the 38 that IMA uses to maintain the integrity aggregate of the
39 measurement list. If unsure, use the default 10. 39 measurement list. If unsure, use the default 10.
40 40
41config IMA_AUDIT
42 bool "Enables auditing support"
43 depends on IMA
44 depends on AUDIT
45 default y
46 help
47 This option adds a kernel parameter 'ima_audit', which
48 allows informational auditing messages to be enabled
49 at boot. If this option is selected, informational integrity
50 auditing messages can be enabled with 'ima_audit=1' on
51 the kernel command line.
52
53config IMA_LSM_RULES 41config IMA_LSM_RULES
54 bool 42 bool
55 depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK) 43 depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK)
diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile
index 3f2ca6bdc384..56dfee7cbf61 100644
--- a/security/integrity/ima/Makefile
+++ b/security/integrity/ima/Makefile
@@ -7,5 +7,4 @@ obj-$(CONFIG_IMA) += ima.o
7 7
8ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \ 8ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
9 ima_policy.o 9 ima_policy.o
10ima-$(CONFIG_IMA_AUDIT) += ima_audit.o
11ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o 10ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index a41c9c18e5e0..b3dd616560f7 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -62,20 +62,6 @@ struct ima_queue_entry {
62}; 62};
63extern struct list_head ima_measurements; /* list of all measurements */ 63extern struct list_head ima_measurements; /* list of all measurements */
64 64
65#ifdef CONFIG_IMA_AUDIT
66/* declarations */
67void integrity_audit_msg(int audit_msgno, struct inode *inode,
68 const unsigned char *fname, const char *op,
69 const char *cause, int result, int info);
70#else
71static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
72 const unsigned char *fname,
73 const char *op, const char *cause,
74 int result, int info)
75{
76}
77#endif
78
79/* Internal IMA function definitions */ 65/* Internal IMA function definitions */
80int ima_init(void); 66int ima_init(void);
81void ima_cleanup(void); 67void ima_cleanup(void);
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 84c37c4db914..c42fb7a70dee 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -113,5 +113,19 @@ static inline int asymmetric_verify(struct key *keyring, const char *sig,
113} 113}
114#endif 114#endif
115 115
116#ifdef CONFIG_INTEGRITY_AUDIT
117/* declarations */
118void integrity_audit_msg(int audit_msgno, struct inode *inode,
119 const unsigned char *fname, const char *op,
120 const char *cause, int result, int info);
121#else
122static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
123 const unsigned char *fname,
124 const char *op, const char *cause,
125 int result, int info)
126{
127}
128#endif
129
116/* set during initialization */ 130/* set during initialization */
117extern int iint_initialized; 131extern int iint_initialized;
diff --git a/security/integrity/ima/ima_audit.c b/security/integrity/integrity_audit.c
index c586faae8fd6..d7efb30404aa 100644
--- a/security/integrity/ima/ima_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -13,20 +13,20 @@
13#include <linux/fs.h> 13#include <linux/fs.h>
14#include <linux/gfp.h> 14#include <linux/gfp.h>
15#include <linux/audit.h> 15#include <linux/audit.h>
16#include "ima.h" 16#include "integrity.h"
17 17
18static int ima_audit; 18static int integrity_audit_info;
19 19
20/* ima_audit_setup - enable informational auditing messages */ 20/* ima_audit_setup - enable informational auditing messages */
21static int __init ima_audit_setup(char *str) 21static int __init integrity_audit_setup(char *str)
22{ 22{
23 unsigned long audit; 23 unsigned long audit;
24 24
25 if (!strict_strtoul(str, 0, &audit)) 25 if (!strict_strtoul(str, 0, &audit))
26 ima_audit = audit ? 1 : 0; 26 integrity_audit_info = audit ? 1 : 0;
27 return 1; 27 return 1;
28} 28}
29__setup("ima_audit=", ima_audit_setup); 29__setup("integrity_audit=", integrity_audit_setup);
30 30
31void integrity_audit_msg(int audit_msgno, struct inode *inode, 31void integrity_audit_msg(int audit_msgno, struct inode *inode,
32 const unsigned char *fname, const char *op, 32 const unsigned char *fname, const char *op,
@@ -34,7 +34,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
34{ 34{
35 struct audit_buffer *ab; 35 struct audit_buffer *ab;
36 36
37 if (!ima_audit && audit_info == 1) /* Skip informational messages */ 37 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */
38 return; 38 return;
39 39
40 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); 40 ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno);
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-01 02:44:39 -0400