Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/security/integrity/ima/ima_fs.c
10817 views
1
/*

2
 * Copyright (C) 2005,2006,2007,2008 IBM Corporation

3
 *

4
 * Authors:

5
 * Kylene Hall <[email protected]>

6
 * Reiner Sailer <[email protected]>

7
 * Mimi Zohar <[email protected]>

8
 *

9
 * This program is free software; you can redistribute it and/or

10
 * modify it under the terms of the GNU General Public License as

11
 * published by the Free Software Foundation, version 2 of the

12
 * License.

13
 *

14
 * File: ima_fs.c

15
 *	implemenents security file system for reporting

16
 *	current measurement list and IMA statistics

17
 */

18
#include <linux/fcntl.h>

19
#include <linux/slab.h>

20
#include <linux/module.h>

21
#include <linux/seq_file.h>

22
#include <linux/rculist.h>

23
#include <linux/rcupdate.h>

24
#include <linux/parser.h>

25


26
#include "ima.h"

27


28
static int valid_policy = 1;

29
#define TMPBUFLEN 12

30
static ssize_t ima_show_htable_value(char __user *buf, size_t count,

31
				     loff_t *ppos, atomic_long_t *val)

32
{

33
	char tmpbuf[TMPBUFLEN];

34
	ssize_t len;

35


36
	len = scnprintf(tmpbuf, TMPBUFLEN, "%li\n", atomic_long_read(val));

37
	return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);

38
}

39


40
static ssize_t ima_show_htable_violations(struct file *filp,

41
					  char __user *buf,

42
					  size_t count, loff_t *ppos)

43
{

44
	return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);

45
}

46


47
static const struct file_operations ima_htable_violations_ops = {

48
	.read = ima_show_htable_violations,

49
	.llseek = generic_file_llseek,

50
};

51


52
static ssize_t ima_show_measurements_count(struct file *filp,

53
					   char __user *buf,

54
					   size_t count, loff_t *ppos)

55
{

56
	return ima_show_htable_value(buf, count, ppos, &ima_htable.len);

57


58
}

59


60
static const struct file_operations ima_measurements_count_ops = {

61
	.read = ima_show_measurements_count,

62
	.llseek = generic_file_llseek,

63
};

64


65
/* returns pointer to hlist_node */

66
static void *ima_measurements_start(struct seq_file *m, loff_t *pos)

67
{

68
	loff_t l = *pos;

69
	struct ima_queue_entry *qe;

70


71
	/* we need a lock since pos could point beyond last element */

72
	rcu_read_lock();

73
	list_for_each_entry_rcu(qe, &ima_measurements, later) {

74
		if (!l--) {

75
			rcu_read_unlock();

76
			return qe;

77
		}

78
	}

79
	rcu_read_unlock();

80
	return NULL;

81
}

82


83
static void *ima_measurements_next(struct seq_file *m, void *v, loff_t *pos)

84
{

85
	struct ima_queue_entry *qe = v;

86


87
	/* lock protects when reading beyond last element

88
	 * against concurrent list-extension

89
	 */

90
	rcu_read_lock();

91
	qe = list_entry_rcu(qe->later.next,

92
			    struct ima_queue_entry, later);

93
	rcu_read_unlock();

94
	(*pos)++;

95


96
	return (&qe->later == &ima_measurements) ? NULL : qe;

97
}

98


99
static void ima_measurements_stop(struct seq_file *m, void *v)

100
{

101
}

102


103
static void ima_putc(struct seq_file *m, void *data, int datalen)

104
{

105
	while (datalen--)

106
		seq_putc(m, *(char *)data++);

107
}

108


109
/* print format:

110
 *       32bit-le=pcr#

111
 *       char[20]=template digest

112
 *       32bit-le=template name size

113
 *       char[n]=template name

114
 *       eventdata[n]=template specific data

115
 */

116
static int ima_measurements_show(struct seq_file *m, void *v)

117
{

118
	/* the list never shrinks, so we don't need a lock here */

119
	struct ima_queue_entry *qe = v;

120
	struct ima_template_entry *e;

121
	int namelen;

122
	u32 pcr = CONFIG_IMA_MEASURE_PCR_IDX;

123


124
	/* get entry */

125
	e = qe->entry;

126
	if (e == NULL)

127
		return -1;

128


129
	/*

130
	 * 1st: PCRIndex

131
	 * PCR used is always the same (config option) in

132
	 * little-endian format

133
	 */

134
	ima_putc(m, &pcr, sizeof pcr);

135


136
	/* 2nd: template digest */

137
	ima_putc(m, e->digest, IMA_DIGEST_SIZE);

138


139
	/* 3rd: template name size */

140
	namelen = strlen(e->template_name);

141
	ima_putc(m, &namelen, sizeof namelen);

142


143
	/* 4th:  template name */

144
	ima_putc(m, (void *)e->template_name, namelen);

145


146
	/* 5th:  template specific data */

147
	ima_template_show(m, (struct ima_template_data *)&e->template,

148
			  IMA_SHOW_BINARY);

149
	return 0;

150
}

151


152
static const struct seq_operations ima_measurments_seqops = {

153
	.start = ima_measurements_start,

154
	.next = ima_measurements_next,

155
	.stop = ima_measurements_stop,

156
	.show = ima_measurements_show

157
};

158


159
static int ima_measurements_open(struct inode *inode, struct file *file)

160
{

161
	return seq_open(file, &ima_measurments_seqops);

162
}

163


164
static const struct file_operations ima_measurements_ops = {

165
	.open = ima_measurements_open,

166
	.read = seq_read,

167
	.llseek = seq_lseek,

168
	.release = seq_release,

169
};

170


171
static void ima_print_digest(struct seq_file *m, u8 *digest)

172
{

173
	int i;

174


175
	for (i = 0; i < IMA_DIGEST_SIZE; i++)

176
		seq_printf(m, "%02x", *(digest + i));

177
}

178


179
void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show)

180
{

181
	struct ima_template_data *entry = e;

182
	int namelen;

183


184
	switch (show) {

185
	case IMA_SHOW_ASCII:

186
		ima_print_digest(m, entry->digest);

187
		seq_printf(m, " %s\n", entry->file_name);

188
		break;

189
	case IMA_SHOW_BINARY:

190
		ima_putc(m, entry->digest, IMA_DIGEST_SIZE);

191


192
		namelen = strlen(entry->file_name);

193
		ima_putc(m, &namelen, sizeof namelen);

194
		ima_putc(m, entry->file_name, namelen);

195
	default:

196
		break;

197
	}

198
}

199


200
/* print in ascii */

201
static int ima_ascii_measurements_show(struct seq_file *m, void *v)

202
{

203
	/* the list never shrinks, so we don't need a lock here */

204
	struct ima_queue_entry *qe = v;

205
	struct ima_template_entry *e;

206


207
	/* get entry */

208
	e = qe->entry;

209
	if (e == NULL)

210
		return -1;

211


212
	/* 1st: PCR used (config option) */

213
	seq_printf(m, "%2d ", CONFIG_IMA_MEASURE_PCR_IDX);

214


215
	/* 2nd: SHA1 template hash */

216
	ima_print_digest(m, e->digest);

217


218
	/* 3th:  template name */

219
	seq_printf(m, " %s ", e->template_name);

220


221
	/* 4th:  template specific data */

222
	ima_template_show(m, (struct ima_template_data *)&e->template,

223
			  IMA_SHOW_ASCII);

224
	return 0;

225
}

226


227
static const struct seq_operations ima_ascii_measurements_seqops = {

228
	.start = ima_measurements_start,

229
	.next = ima_measurements_next,

230
	.stop = ima_measurements_stop,

231
	.show = ima_ascii_measurements_show

232
};

233


234
static int ima_ascii_measurements_open(struct inode *inode, struct file *file)

235
{

236
	return seq_open(file, &ima_ascii_measurements_seqops);

237
}

238


239
static const struct file_operations ima_ascii_measurements_ops = {

240
	.open = ima_ascii_measurements_open,

241
	.read = seq_read,

242
	.llseek = seq_lseek,

243
	.release = seq_release,

244
};

245


246
static ssize_t ima_write_policy(struct file *file, const char __user *buf,

247
				size_t datalen, loff_t *ppos)

248
{

249
	char *data = NULL;

250
	ssize_t result;

251


252
	if (datalen >= PAGE_SIZE)

253
		datalen = PAGE_SIZE - 1;

254


255
	/* No partial writes. */

256
	result = -EINVAL;

257
	if (*ppos != 0)

258
		goto out;

259


260
	result = -ENOMEM;

261
	data = kmalloc(datalen + 1, GFP_KERNEL);

262
	if (!data)

263
		goto out;

264


265
	*(data + datalen) = '\0';

266


267
	result = -EFAULT;

268
	if (copy_from_user(data, buf, datalen))

269
		goto out;

270


271
	result = ima_parse_add_rule(data);

272
out:

273
	if (result < 0)

274
		valid_policy = 0;

275
	kfree(data);

276
	return result;

277
}

278


279
static struct dentry *ima_dir;

280
static struct dentry *binary_runtime_measurements;

281
static struct dentry *ascii_runtime_measurements;

282
static struct dentry *runtime_measurements_count;

283
static struct dentry *violations;

284
static struct dentry *ima_policy;

285


286
static atomic_t policy_opencount = ATOMIC_INIT(1);

287
/*

288
 * ima_open_policy: sequentialize access to the policy file

289
 */

290
int ima_open_policy(struct inode * inode, struct file * filp)

291
{

292
	/* No point in being allowed to open it if you aren't going to write */

293
	if (!(filp->f_flags & O_WRONLY))

294
		return -EACCES;

295
	if (atomic_dec_and_test(&policy_opencount))

296
		return 0;

297
	return -EBUSY;

298
}

299


300
/*

301
 * ima_release_policy - start using the new measure policy rules.

302
 *

303
 * Initially, ima_measure points to the default policy rules, now

304
 * point to the new policy rules, and remove the securityfs policy file,

305
 * assuming a valid policy.

306
 */

307
static int ima_release_policy(struct inode *inode, struct file *file)

308
{

309
	if (!valid_policy) {

310
		ima_delete_rules();

311
		valid_policy = 1;

312
		atomic_set(&policy_opencount, 1);

313
		return 0;

314
	}

315
	ima_update_policy();

316
	securityfs_remove(ima_policy);

317
	ima_policy = NULL;

318
	return 0;

319
}

320


321
static const struct file_operations ima_measure_policy_ops = {

322
	.open = ima_open_policy,

323
	.write = ima_write_policy,

324
	.release = ima_release_policy,

325
	.llseek = generic_file_llseek,

326
};

327


328
int __init ima_fs_init(void)

329
{

330
	ima_dir = securityfs_create_dir("ima", NULL);

331
	if (IS_ERR(ima_dir))

332
		return -1;

333


334
	binary_runtime_measurements =

335
	    securityfs_create_file("binary_runtime_measurements",

336
				   S_IRUSR | S_IRGRP, ima_dir, NULL,

337
				   &ima_measurements_ops);

338
	if (IS_ERR(binary_runtime_measurements))

339
		goto out;

340


341
	ascii_runtime_measurements =

342
	    securityfs_create_file("ascii_runtime_measurements",

343
				   S_IRUSR | S_IRGRP, ima_dir, NULL,

344
				   &ima_ascii_measurements_ops);

345
	if (IS_ERR(ascii_runtime_measurements))

346
		goto out;

347


348
	runtime_measurements_count =

349
	    securityfs_create_file("runtime_measurements_count",

350
				   S_IRUSR | S_IRGRP, ima_dir, NULL,

351
				   &ima_measurements_count_ops);

352
	if (IS_ERR(runtime_measurements_count))

353
		goto out;

354


355
	violations =

356
	    securityfs_create_file("violations", S_IRUSR | S_IRGRP,

357
				   ima_dir, NULL, &ima_htable_violations_ops);

358
	if (IS_ERR(violations))

359
		goto out;

360


361
	ima_policy = securityfs_create_file("policy",

362
					    S_IWUSR,

363
					    ima_dir, NULL,

364
					    &ima_measure_policy_ops);

365
	if (IS_ERR(ima_policy))

366
		goto out;

367


368
	return 0;

369
out:

370
	securityfs_remove(runtime_measurements_count);

371
	securityfs_remove(ascii_runtime_measurements);

372
	securityfs_remove(binary_runtime_measurements);

373
	securityfs_remove(ima_dir);

374
	securityfs_remove(ima_policy);

375
	return -1;

376
}

377


378
void __exit ima_fs_cleanup(void)

379
{

380
	securityfs_remove(violations);

381
	securityfs_remove(runtime_measurements_count);

382
	securityfs_remove(ascii_runtime_measurements);

383
	securityfs_remove(binary_runtime_measurements);

384
	securityfs_remove(ima_dir);

385
	securityfs_remove(ima_policy);

386
}

387


388