1 files changed, 216 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
new file mode 100644
index 000000000000..5dd5b140242c
--- /dev/null
+++ b/security/integrity/evm/evm_crypto.c
@@ -0,0 +1,216 @@
+/*
+ * Copyright (C) 2005-2010 IBM Corporation
+ *
+ * Authors:
+ * Mimi Zohar <zohar@us.ibm.com>
+ * Kylene Hall <kjhall@us.ibm.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 2 of the License.
+ *
+ * File: evm_crypto.c
+ *       Using root's kernel master key (kmk), calculate the HMAC
+ */
+#include <linux/module.h>
+#include <linux/crypto.h>
+#include <linux/xattr.h>
+#include <keys/encrypted-type.h>
+#include <crypto/hash.h>
+#include "evm.h"
+#define EVMKEY "evm-key"
+#define MAX_KEY_SIZE 128
+static unsigned char evmkey[MAX_KEY_SIZE];
+static int evmkey_len = MAX_KEY_SIZE;
+struct crypto_shash *hmac_tfm;
+static struct shash_desc *init_desc(void)
+{
+        int rc;
+        struct shash_desc *desc;
+        if (hmac_tfm == NULL) {
+                hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC);
+                if (IS_ERR(hmac_tfm)) {
+                        pr_err("Can not allocate %s (reason: %ld)\n",
+                               evm_hmac, PTR_ERR(hmac_tfm));
+                        rc = PTR_ERR(hmac_tfm);
+                        hmac_tfm = NULL;
+                        return ERR_PTR(rc);
+                }
+        }
+        desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm),
+                        GFP_KERNEL);
+        if (!desc)
+                return ERR_PTR(-ENOMEM);
+        desc->tfm = hmac_tfm;
+        desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+        rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
+        if (rc)
+                goto out;
+        rc = crypto_shash_init(desc);
+out:
+        if (rc) {
+                kfree(desc);
+                return ERR_PTR(rc);
+        }
+        return desc;
+}
+/* Protect against 'cutting & pasting' security.evm xattr, include inode
+ * specific info.
+ *
+ * (Additional directory/file metadata needs to be added for more complete
+ * protection.)
+ */
+static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
+                          char *digest)
+{
+        struct h_misc {
+                unsigned long ino;
+                __u32 generation;
+                uid_t uid;
+                gid_t gid;
+                umode_t mode;
+        } hmac_misc;
+        memset(&hmac_misc, 0, sizeof hmac_misc);
+        hmac_misc.ino = inode->i_ino;
+        hmac_misc.generation = inode->i_generation;
+        hmac_misc.uid = inode->i_uid;
+        hmac_misc.gid = inode->i_gid;
+        hmac_misc.mode = inode->i_mode;
+        crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc);
+        crypto_shash_final(desc, digest);
+}
+/*
+ * Calculate the HMAC value across the set of protected security xattrs.
+ *
+ * Instead of retrieving the requested xattr, for performance, calculate
+ * the hmac using the requested xattr value. Don't alloc/free memory for
+ * each xattr, but attempt to re-use the previously allocated memory.
+ */
+int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
+                  const char *req_xattr_value, size_t req_xattr_value_len,
+                  char *digest)
+{
+        struct inode *inode = dentry->d_inode;
+        struct shash_desc *desc;
+        char **xattrname;
+        size_t xattr_size = 0;
+        char *xattr_value = NULL;
+        int error;
+        int size;
+        if (!inode->i_op || !inode->i_op->getxattr)
+                return -EOPNOTSUPP;
+        desc = init_desc();
+        if (IS_ERR(desc))
+                return PTR_ERR(desc);
+        error = -ENODATA;
+        for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {
+                if ((req_xattr_name && req_xattr_value)
+                    && !strcmp(*xattrname, req_xattr_name)) {
+                        error = 0;
+                        crypto_shash_update(desc, (const u8 *)req_xattr_value,
+                                             req_xattr_value_len);
+                        continue;
+                }
+                size = vfs_getxattr_alloc(dentry, *xattrname,
+                                          &xattr_value, xattr_size, GFP_NOFS);
+                if (size == -ENOMEM) {
+                        error = -ENOMEM;
+                        goto out;
+                }
+                if (size < 0)
+                        continue;
+                error = 0;
+                xattr_size = size;
+                crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size);
+        }
+        hmac_add_misc(desc, inode, digest);
+out:
+        kfree(xattr_value);
+        kfree(desc);
+        return error;
+}
+/*
+ * Calculate the hmac and update security.evm xattr
+ *
+ * Expects to be called with i_mutex locked.
+ */
+int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name,
+                        const char *xattr_value, size_t xattr_value_len)
+{
+        struct inode *inode = dentry->d_inode;
+        struct evm_ima_xattr_data xattr_data;
+        int rc = 0;
+        rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
+                           xattr_value_len, xattr_data.digest);
+        if (rc == 0) {
+                xattr_data.type = EVM_XATTR_HMAC;
+                rc = __vfs_setxattr_noperm(dentry, XATTR_NAME_EVM,
+                                           &xattr_data,
+                                           sizeof(xattr_data), 0);
+        }
+        else if (rc == -ENODATA)
+                rc = inode->i_op->removexattr(dentry, XATTR_NAME_EVM);
+        return rc;
+}
+int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
+                  char *hmac_val)
+{
+        struct shash_desc *desc;
+        desc = init_desc();
+        if (IS_ERR(desc)) {
+                printk(KERN_INFO "init_desc failed\n");
+                return PTR_ERR(desc);
+        }
+        crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len);
+        hmac_add_misc(desc, inode, hmac_val);
+        kfree(desc);
+        return 0;
+}
+/*
+ * Get the key from the TPM for the SHA1-HMAC
+ */
+int evm_init_key(void)
+{
+        struct key *evm_key;
+        struct encrypted_key_payload *ekp;
+        int rc = 0;
+        evm_key = request_key(&key_type_encrypted, EVMKEY, NULL);
+        if (IS_ERR(evm_key))
+                return -ENOENT;
+        down_read(&evm_key->sem);
+        ekp = evm_key->payload.data;
+        if (ekp->decrypted_datalen > MAX_KEY_SIZE) {
+                rc = -EINVAL;
+                goto out;
+        }
+        memcpy(evmkey, ekp->decrypted_data, ekp->decrypted_datalen);
+out:
+        /* burn the original key contents */
+        memset(ekp->decrypted_data, 0, ekp->decrypted_datalen);
+        up_read(&evm_key->sem);
+        key_put(evm_key);
+        return rc;
+}

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c new file mode 100644 index 000000000000..5dd5b140242c --- /dev/null +++ b/security/integrity/evm/evm_crypto.c
@@ -0,0 +1,216 @@
	1	/*
	2	* Copyright (C) 2005-2010 IBM Corporation
	3	*
	4	* Authors:
	5	* Mimi Zohar <zohar@us.ibm.com>
	6	* Kylene Hall <kjhall@us.ibm.com>
	7	*
	8	* This program is free software; you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, version 2 of the License.
	11	*
	12	* File: evm_crypto.c
	13	* Using root's kernel master key (kmk), calculate the HMAC
	14	*/
	15
	16	#include <linux/module.h>
	17	#include <linux/crypto.h>
	18	#include <linux/xattr.h>
	19	#include <keys/encrypted-type.h>
	20	#include <crypto/hash.h>
	21	#include "evm.h"
	22
	23	#define EVMKEY "evm-key"
	24	#define MAX_KEY_SIZE 128
	25	static unsigned char evmkey[MAX_KEY_SIZE];
	26	static int evmkey_len = MAX_KEY_SIZE;
	27
	28	struct crypto_shash *hmac_tfm;
	29
	30	static struct shash_desc *init_desc(void)
	31	{
	32	int rc;
	33	struct shash_desc *desc;
	34
	35	if (hmac_tfm == NULL) {
	36	hmac_tfm = crypto_alloc_shash(evm_hmac, 0, CRYPTO_ALG_ASYNC);
	37	if (IS_ERR(hmac_tfm)) {
	38	pr_err("Can not allocate %s (reason: %ld)\n",
	39	evm_hmac, PTR_ERR(hmac_tfm));
	40	rc = PTR_ERR(hmac_tfm);
	41	hmac_tfm = NULL;
	42	return ERR_PTR(rc);
	43	}
	44	}
	45
	46	desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(hmac_tfm),
	47	GFP_KERNEL);
	48	if (!desc)
	49	return ERR_PTR(-ENOMEM);
	50
	51	desc->tfm = hmac_tfm;
	52	desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
	53
	54	rc = crypto_shash_setkey(hmac_tfm, evmkey, evmkey_len);
	55	if (rc)
	56	goto out;
	57	rc = crypto_shash_init(desc);
	58	out:
	59	if (rc) {
	60	kfree(desc);
	61	return ERR_PTR(rc);
	62	}
	63	return desc;
	64	}
	65
	66	/* Protect against 'cutting & pasting' security.evm xattr, include inode
	67	* specific info.
	68	*
	69	* (Additional directory/file metadata needs to be added for more complete
	70	* protection.)
	71	*/
	72	static void hmac_add_misc(struct shash_desc desc, struct inode inode,
	73	char *digest)
	74	{
	75	struct h_misc {
	76	unsigned long ino;
	77	__u32 generation;
	78	uid_t uid;
	79	gid_t gid;
	80	umode_t mode;
	81	} hmac_misc;
	82
	83	memset(&hmac_misc, 0, sizeof hmac_misc);
	84	hmac_misc.ino = inode->i_ino;
	85	hmac_misc.generation = inode->i_generation;
	86	hmac_misc.uid = inode->i_uid;
	87	hmac_misc.gid = inode->i_gid;
	88	hmac_misc.mode = inode->i_mode;
	89	crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc);
	90	crypto_shash_final(desc, digest);
	91	}
	92
	93	/*
	94	* Calculate the HMAC value across the set of protected security xattrs.
	95	*
	96	* Instead of retrieving the requested xattr, for performance, calculate
	97	* the hmac using the requested xattr value. Don't alloc/free memory for
	98	* each xattr, but attempt to re-use the previously allocated memory.
	99	*/
	100	int evm_calc_hmac(struct dentry dentry, const char req_xattr_name,
	101	const char *req_xattr_value, size_t req_xattr_value_len,
	102	char *digest)
	103	{
	104	struct inode *inode = dentry->d_inode;
	105	struct shash_desc *desc;
	106	char **xattrname;
	107	size_t xattr_size = 0;
	108	char *xattr_value = NULL;
	109	int error;
	110	int size;
	111
	112	if (!inode->i_op \|\| !inode->i_op->getxattr)
	113	return -EOPNOTSUPP;
	114	desc = init_desc();
	115	if (IS_ERR(desc))
	116	return PTR_ERR(desc);
	117
	118	error = -ENODATA;
	119	for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {
	120	if ((req_xattr_name && req_xattr_value)
	121	&& !strcmp(*xattrname, req_xattr_name)) {
	122	error = 0;
	123	crypto_shash_update(desc, (const u8 *)req_xattr_value,
	124	req_xattr_value_len);
	125	continue;
	126	}
	127	size = vfs_getxattr_alloc(dentry, *xattrname,
	128	&xattr_value, xattr_size, GFP_NOFS);
	129	if (size == -ENOMEM) {
	130	error = -ENOMEM;
	131	goto out;
	132	}
	133	if (size < 0)
	134	continue;
	135
	136	error = 0;
	137	xattr_size = size;
	138	crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size);
	139	}
	140	hmac_add_misc(desc, inode, digest);
	141
	142	out:
	143	kfree(xattr_value);
	144	kfree(desc);
	145	return error;
	146	}
	147
	148	/*
	149	* Calculate the hmac and update security.evm xattr
	150	*
	151	* Expects to be called with i_mutex locked.
	152	*/
	153	int evm_update_evmxattr(struct dentry dentry, const char xattr_name,
	154	const char *xattr_value, size_t xattr_value_len)
	155	{
	156	struct inode *inode = dentry->d_inode;
	157	struct evm_ima_xattr_data xattr_data;
	158	int rc = 0;
	159
	160	rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
	161	xattr_value_len, xattr_data.digest);
	162	if (rc == 0) {
	163	xattr_data.type = EVM_XATTR_HMAC;
	164	rc = __vfs_setxattr_noperm(dentry, XATTR_NAME_EVM,
	165	&xattr_data,
	166	sizeof(xattr_data), 0);
	167	}
	168	else if (rc == -ENODATA)
	169	rc = inode->i_op->removexattr(dentry, XATTR_NAME_EVM);
	170	return rc;
	171	}
	172
	173	int evm_init_hmac(struct inode inode, const struct xattr lsm_xattr,
	174	char *hmac_val)
	175	{
	176	struct shash_desc *desc;
	177
	178	desc = init_desc();
	179	if (IS_ERR(desc)) {
	180	printk(KERN_INFO "init_desc failed\n");
	181	return PTR_ERR(desc);
	182	}
	183
	184	crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len);
	185	hmac_add_misc(desc, inode, hmac_val);
	186	kfree(desc);
	187	return 0;
	188	}
	189
	190	/*
	191	* Get the key from the TPM for the SHA1-HMAC
	192	*/
	193	int evm_init_key(void)
	194	{
	195	struct key *evm_key;
	196	struct encrypted_key_payload *ekp;
	197	int rc = 0;
	198
	199	evm_key = request_key(&key_type_encrypted, EVMKEY, NULL);
	200	if (IS_ERR(evm_key))
	201	return -ENOENT;
	202
	203	down_read(&evm_key->sem);
	204	ekp = evm_key->payload.data;
	205	if (ekp->decrypted_datalen > MAX_KEY_SIZE) {
	206	rc = -EINVAL;
	207	goto out;
	208	}
	209	memcpy(evmkey, ekp->decrypted_data, ekp->decrypted_datalen);
	210	out:
	211	/* burn the original key contents */
	212	memset(ekp->decrypted_data, 0, ekp->decrypted_datalen);
	213	up_read(&evm_key->sem);
	214	key_put(evm_key);
	215	return rc;
	216	}