From: Matthias Kaehlcke <mka@chromium.org> To: Kees Cook <keescook@chromium.org> Cc: Alasdair Kergon <agk@redhat.com>, Mike Snitzer <snitzer@kernel.org>, James Morris <jmorris@namei.org>, "Serge E . Hallyn" <serge@hallyn.com>, dm-devel@redhat.com, linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org, Song Liu <song@kernel.org>, Douglas Anderson <dianders@chromium.org>, linux-security-module@vger.kernel.org Subject: Re: [PATCH v3 1/3] dm: Add verity helpers for LoadPin Date: Mon, 16 May 2022 11:51:54 -0700 [thread overview] Message-ID: <YoKdSrjVf/tHGoa5@google.com> (raw) In-Reply-To: <02028CEA-5704-4A51-8CAD-BEE53CEF7CCA@chromium.org> On Fri, May 13, 2022 at 03:15:53PM -0700, Kees Cook wrote: > > > On May 4, 2022 12:54:17 PM PDT, Matthias Kaehlcke <mka@chromium.org> wrote: > >LoadPin limits loading of kernel modules, firmware and certain > >other files to a 'pinned' file system (typically a read-only > >rootfs). To provide more flexibility LoadPin is being extended > >to also allow loading these files from trusted dm-verity > >devices. For that purpose LoadPin can be provided with a list > >of verity root digests that it should consider as trusted. > > > >Add a bunch of helpers to allow LoadPin to check whether a DM > >device is a trusted verity device. The new functions broadly > >fall in two categories: those that need access to verity > >internals (like the root digest), and the 'glue' between > >LoadPin and verity. The new file dm-verity-loadpin.c contains > >the glue functions. > > > >Signed-off-by: Matthias Kaehlcke <mka@chromium.org> > > [...] > >diff --git a/drivers/md/dm-verity-loadpin.c b/drivers/md/dm-verity-loadpin.c > >new file mode 100644 > >index 000000000000..972ca93a2231 > >--- /dev/null > >+++ b/drivers/md/dm-verity-loadpin.c > >@@ -0,0 +1,80 @@ > >+// SPDX-License-Identifier: GPL-2.0-only > >+ > >+#include <linux/list.h> > >+#include <linux/kernel.h> > >+#include <linux/dm-verity-loadpin.h> > >+ > >+#include "dm.h" > >+#include "dm-verity.h" > >+ > >+static struct list_head *trusted_root_digests; > > Does this need to exist in two places? (i.e. why can't dm and loadpin share > this instead of needing dm_verity_loadpin_set_trusted_digests()?) We could share it. Probably it should then be defined here, since this is the first patch of the series, we could add an extern declaration to dm-verity-loadpin.h. > >+ > >+/* > >+ * Sets the root digests of verity devices which LoadPin considers as trusted. > >+ * > >+ * This function must only be called once. > >+ */ > >+void dm_verity_loadpin_set_trusted_root_digests(struct list_head *digests) > >+{ > >+ if (!trusted_root_digests) > >+ trusted_root_digests = digests; > >+ else > >+ pr_warn("verity root digests trusted by LoadPin are already set!!!\n"); > >+} > >+ > >+static bool is_trusted_verity_target(struct dm_target *ti) > >+{ > >+ u8 *root_digest; > >+ unsigned int digest_size; > >+ struct trusted_root_digest *trd; > >+ bool trusted = false; > >+ > >+ if (!dm_is_verity_target(ti)) > >+ return false; > >+ > >+ if (dm_verity_get_root_digest(ti, &root_digest, &digest_size)) > >+ return false; > >+ > >+ list_for_each_entry(trd, trusted_root_digests, node) { > >+ if ((trd->len == digest_size) && > >+ !memcmp(trd->data, root_digest, digest_size)) { > >+ trusted = true; > >+ break; > >+ } > >+ } > >+ > >+ kfree(root_digest); > >+ > >+ return trusted; > >+} > >+ > >+/* > >+ * Determines whether a mapped device is a verity device that is trusted > >+ * by LoadPin. > >+ */ > >+bool dm_verity_loadpin_is_md_trusted(struct mapped_device *md) > >+{ > >+ int srcu_idx; > >+ struct dm_table *table; > >+ unsigned int num_targets; > >+ bool trusted = false; > >+ int i; > >+ > >+ if (!trusted_root_digests || list_empty(trusted_root_digests)) > >+ return false; > >+ > >+ table = dm_get_live_table(md, &srcu_idx); > >+ num_targets = dm_table_get_num_targets(table); > >+ for (i = 0; i < num_targets; i++) { > >+ struct dm_target *ti = dm_table_get_target(table, i); > >+ > >+ if (is_trusted_verity_target(ti)) { > >+ trusted = true; > >+ break; > >+ } > >+ } > > Pardon my lack of dm vocabulary, but what is "target" vs "table" here? > I was only thinking of "whole device", so I must not understand what this is > examining. 'targets' are different types of DM mappings like 'linear' or 'verity'. A device mapper table contains has one or more targets that define the mapping of the blocks of the mapped device. Having spelled that out I realize that the above check is wrong. It would consider a device like this trusted: 0 10000000 linear 8:1 10000000 10001000 verity <params> In the above case only a small part of the DM device would be backed by verity. I think we want a table with a single entry that is a verity target. > > [...] > >diff --git a/include/linux/dm-verity-loadpin.h b/include/linux/dm-verity-loadpin.h > >new file mode 100644 > >index 000000000000..12a86911d05a > >--- /dev/null > >+++ b/include/linux/dm-verity-loadpin.h > >@@ -0,0 +1,27 @@ > >+/* SPDX-License-Identifier: GPL-2.0 */ > >+ > >+#ifndef __LINUX_DM_VERITY_LOADPIN_H > >+#define __LINUX_DM_VERITY_LOADPIN_H > >+ > >+#include <linux/list.h> > >+ > >+struct mapped_device; > >+ > >+struct trusted_root_digest { > >+ u8 *data; > >+ unsigned int len; > >+ struct list_head node; > >+}; > > To avoid the double-alloc in patch 2 (and save 1 pointer size of memory), this could just be: > > struct trusted_root_digest { > struct list_head node; > unsigned int len; > u8 data[]; > }; Looks good to me, will change > Otherwise, looks good to me! Excellent, thanks for the review!
WARNING: multiple messages have this Message-ID (diff)
From: Matthias Kaehlcke <mka@chromium.org> To: Kees Cook <keescook@chromium.org> Cc: linux-security-module@vger.kernel.org, Douglas Anderson <dianders@chromium.org>, Mike Snitzer <snitzer@kernel.org>, linux-kernel@vger.kernel.org, James Morris <jmorris@namei.org>, linux-raid@vger.kernel.org, Song Liu <song@kernel.org>, dm-devel@redhat.com, Alasdair Kergon <agk@redhat.com>, "Serge E . Hallyn" <serge@hallyn.com> Subject: Re: [dm-devel] [PATCH v3 1/3] dm: Add verity helpers for LoadPin Date: Mon, 16 May 2022 11:51:54 -0700 [thread overview] Message-ID: <YoKdSrjVf/tHGoa5@google.com> (raw) In-Reply-To: <02028CEA-5704-4A51-8CAD-BEE53CEF7CCA@chromium.org> On Fri, May 13, 2022 at 03:15:53PM -0700, Kees Cook wrote: > > > On May 4, 2022 12:54:17 PM PDT, Matthias Kaehlcke <mka@chromium.org> wrote: > >LoadPin limits loading of kernel modules, firmware and certain > >other files to a 'pinned' file system (typically a read-only > >rootfs). To provide more flexibility LoadPin is being extended > >to also allow loading these files from trusted dm-verity > >devices. For that purpose LoadPin can be provided with a list > >of verity root digests that it should consider as trusted. > > > >Add a bunch of helpers to allow LoadPin to check whether a DM > >device is a trusted verity device. The new functions broadly > >fall in two categories: those that need access to verity > >internals (like the root digest), and the 'glue' between > >LoadPin and verity. The new file dm-verity-loadpin.c contains > >the glue functions. > > > >Signed-off-by: Matthias Kaehlcke <mka@chromium.org> > > [...] > >diff --git a/drivers/md/dm-verity-loadpin.c b/drivers/md/dm-verity-loadpin.c > >new file mode 100644 > >index 000000000000..972ca93a2231 > >--- /dev/null > >+++ b/drivers/md/dm-verity-loadpin.c > >@@ -0,0 +1,80 @@ > >+// SPDX-License-Identifier: GPL-2.0-only > >+ > >+#include <linux/list.h> > >+#include <linux/kernel.h> > >+#include <linux/dm-verity-loadpin.h> > >+ > >+#include "dm.h" > >+#include "dm-verity.h" > >+ > >+static struct list_head *trusted_root_digests; > > Does this need to exist in two places? (i.e. why can't dm and loadpin share > this instead of needing dm_verity_loadpin_set_trusted_digests()?) We could share it. Probably it should then be defined here, since this is the first patch of the series, we could add an extern declaration to dm-verity-loadpin.h. > >+ > >+/* > >+ * Sets the root digests of verity devices which LoadPin considers as trusted. > >+ * > >+ * This function must only be called once. > >+ */ > >+void dm_verity_loadpin_set_trusted_root_digests(struct list_head *digests) > >+{ > >+ if (!trusted_root_digests) > >+ trusted_root_digests = digests; > >+ else > >+ pr_warn("verity root digests trusted by LoadPin are already set!!!\n"); > >+} > >+ > >+static bool is_trusted_verity_target(struct dm_target *ti) > >+{ > >+ u8 *root_digest; > >+ unsigned int digest_size; > >+ struct trusted_root_digest *trd; > >+ bool trusted = false; > >+ > >+ if (!dm_is_verity_target(ti)) > >+ return false; > >+ > >+ if (dm_verity_get_root_digest(ti, &root_digest, &digest_size)) > >+ return false; > >+ > >+ list_for_each_entry(trd, trusted_root_digests, node) { > >+ if ((trd->len == digest_size) && > >+ !memcmp(trd->data, root_digest, digest_size)) { > >+ trusted = true; > >+ break; > >+ } > >+ } > >+ > >+ kfree(root_digest); > >+ > >+ return trusted; > >+} > >+ > >+/* > >+ * Determines whether a mapped device is a verity device that is trusted > >+ * by LoadPin. > >+ */ > >+bool dm_verity_loadpin_is_md_trusted(struct mapped_device *md) > >+{ > >+ int srcu_idx; > >+ struct dm_table *table; > >+ unsigned int num_targets; > >+ bool trusted = false; > >+ int i; > >+ > >+ if (!trusted_root_digests || list_empty(trusted_root_digests)) > >+ return false; > >+ > >+ table = dm_get_live_table(md, &srcu_idx); > >+ num_targets = dm_table_get_num_targets(table); > >+ for (i = 0; i < num_targets; i++) { > >+ struct dm_target *ti = dm_table_get_target(table, i); > >+ > >+ if (is_trusted_verity_target(ti)) { > >+ trusted = true; > >+ break; > >+ } > >+ } > > Pardon my lack of dm vocabulary, but what is "target" vs "table" here? > I was only thinking of "whole device", so I must not understand what this is > examining. 'targets' are different types of DM mappings like 'linear' or 'verity'. A device mapper table contains has one or more targets that define the mapping of the blocks of the mapped device. Having spelled that out I realize that the above check is wrong. It would consider a device like this trusted: 0 10000000 linear 8:1 10000000 10001000 verity <params> In the above case only a small part of the DM device would be backed by verity. I think we want a table with a single entry that is a verity target. > > [...] > >diff --git a/include/linux/dm-verity-loadpin.h b/include/linux/dm-verity-loadpin.h > >new file mode 100644 > >index 000000000000..12a86911d05a > >--- /dev/null > >+++ b/include/linux/dm-verity-loadpin.h > >@@ -0,0 +1,27 @@ > >+/* SPDX-License-Identifier: GPL-2.0 */ > >+ > >+#ifndef __LINUX_DM_VERITY_LOADPIN_H > >+#define __LINUX_DM_VERITY_LOADPIN_H > >+ > >+#include <linux/list.h> > >+ > >+struct mapped_device; > >+ > >+struct trusted_root_digest { > >+ u8 *data; > >+ unsigned int len; > >+ struct list_head node; > >+}; > > To avoid the double-alloc in patch 2 (and save 1 pointer size of memory), this could just be: > > struct trusted_root_digest { > struct list_head node; > unsigned int len; > u8 data[]; > }; Looks good to me, will change > Otherwise, looks good to me! Excellent, thanks for the review! -- dm-devel mailing list dm-devel@redhat.com https://listman.redhat.com/mailman/listinfo/dm-devel
next prev parent reply other threads:[~2022-05-16 18:52 UTC|newest] Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-05-04 19:54 [PATCH v3 0/3] LoadPin: Enable loading from trusted dm-verity devices Matthias Kaehlcke 2022-05-04 19:54 ` [dm-devel] " Matthias Kaehlcke 2022-05-04 19:54 ` [PATCH v3 1/3] dm: Add verity helpers for LoadPin Matthias Kaehlcke 2022-05-04 19:54 ` [dm-devel] " Matthias Kaehlcke 2022-05-11 20:54 ` Matthias Kaehlcke 2022-05-11 20:54 ` [dm-devel] " Matthias Kaehlcke 2022-05-12 17:19 ` Mike Snitzer 2022-05-12 17:19 ` [dm-devel] " Mike Snitzer 2022-05-12 18:14 ` Matthias Kaehlcke 2022-05-12 18:14 ` [dm-devel] " Matthias Kaehlcke 2022-05-12 20:44 ` Matthias Kaehlcke 2022-05-12 20:44 ` [dm-devel] " Matthias Kaehlcke 2022-05-13 16:29 ` Mike Snitzer 2022-05-13 16:29 ` [dm-devel] " Mike Snitzer 2022-05-13 16:53 ` Matthias Kaehlcke 2022-05-13 16:53 ` Matthias Kaehlcke 2022-05-13 22:15 ` Kees Cook 2022-05-13 22:15 ` [dm-devel] " Kees Cook 2022-05-16 18:51 ` Matthias Kaehlcke [this message] 2022-05-16 18:51 ` Matthias Kaehlcke 2022-05-17 3:38 ` Kees Cook 2022-05-17 3:38 ` [dm-devel] " Kees Cook 2022-05-04 19:54 ` [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices Matthias Kaehlcke 2022-05-04 19:54 ` [dm-devel] " Matthias Kaehlcke 2022-05-04 22:26 ` kernel test robot 2022-05-04 22:26 ` [dm-devel] " kernel test robot 2022-05-13 16:32 ` Mike Snitzer 2022-05-13 16:32 ` [dm-devel] " Mike Snitzer 2022-05-13 17:01 ` Matthias Kaehlcke 2022-05-13 17:01 ` [dm-devel] " Matthias Kaehlcke 2022-05-13 18:26 ` Kees Cook 2022-05-13 18:26 ` [dm-devel] " Kees Cook 2022-05-13 22:36 ` Kees Cook 2022-05-13 22:36 ` [dm-devel] " Kees Cook 2022-05-16 18:17 ` Matthias Kaehlcke 2022-05-16 18:17 ` [dm-devel] " Matthias Kaehlcke 2022-05-17 3:44 ` Kees Cook 2022-05-17 3:44 ` [dm-devel] " Kees Cook 2022-05-17 19:28 ` Matthias Kaehlcke 2022-05-17 19:28 ` [dm-devel] " Matthias Kaehlcke 2022-05-04 19:54 ` [PATCH v3 3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation Matthias Kaehlcke 2022-05-04 19:54 ` [dm-devel] " Matthias Kaehlcke
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=YoKdSrjVf/tHGoa5@google.com \ --to=mka@chromium.org \ --cc=agk@redhat.com \ --cc=dianders@chromium.org \ --cc=dm-devel@redhat.com \ --cc=jmorris@namei.org \ --cc=keescook@chromium.org \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-raid@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=serge@hallyn.com \ --cc=snitzer@kernel.org \ --cc=song@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.