All of lore.kernel.org
 help / color / mirror / Atom feed
From: Kees Cook <keescook@chromium.org>
To: Matthias Kaehlcke <mka@chromium.org>,
	Alasdair Kergon <agk@redhat.com>,
	Mike Snitzer <snitzer@kernel.org>,
	James Morris <jmorris@namei.org>,
	"Serge E . Hallyn" <serge@hallyn.com>
Cc: dm-devel@redhat.com, linux-kernel@vger.kernel.org,
	linux-raid@vger.kernel.org, Song Liu <song@kernel.org>,
	Douglas Anderson <dianders@chromium.org>,
	linux-security-module@vger.kernel.org
Subject: Re: [PATCH v3 1/3] dm: Add verity helpers for LoadPin
Date: Fri, 13 May 2022 15:15:53 -0700	[thread overview]
Message-ID: <02028CEA-5704-4A51-8CAD-BEE53CEF7CCA@chromium.org> (raw)
In-Reply-To: <20220504125404.v3.1.I3e928575a23481121e73286874c4c2bdb403355d@changeid>



On May 4, 2022 12:54:17 PM PDT, Matthias Kaehlcke <mka@chromium.org> wrote:
>LoadPin limits loading of kernel modules, firmware and certain
>other files to a 'pinned' file system (typically a read-only
>rootfs). To provide more flexibility LoadPin is being extended
>to also allow loading these files from trusted dm-verity
>devices. For that purpose LoadPin can be provided with a list
>of verity root digests that it should consider as trusted.
>
>Add a bunch of helpers to allow LoadPin to check whether a DM
>device is a trusted verity device. The new functions broadly
>fall in two categories: those that need access to verity
>internals (like the root digest), and the 'glue' between
>LoadPin and verity. The new file dm-verity-loadpin.c contains
>the glue functions.
>
>Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
> [...]
>diff --git a/drivers/md/dm-verity-loadpin.c b/drivers/md/dm-verity-loadpin.c
>new file mode 100644
>index 000000000000..972ca93a2231
>--- /dev/null
>+++ b/drivers/md/dm-verity-loadpin.c
>@@ -0,0 +1,80 @@
>+// SPDX-License-Identifier: GPL-2.0-only
>+
>+#include <linux/list.h>
>+#include <linux/kernel.h>
>+#include <linux/dm-verity-loadpin.h>
>+
>+#include "dm.h"
>+#include "dm-verity.h"
>+
>+static struct list_head *trusted_root_digests;

Does this need to exist in two places? (i.e. why can't dm and loadpin share this instead of needing dm_verity_loadpin_set_trusted_digests()?)

>+
>+/*
>+ * Sets the root digests of verity devices which LoadPin considers as trusted.
>+ *
>+ * This function must only be called once.
>+ */
>+void dm_verity_loadpin_set_trusted_root_digests(struct list_head *digests)
>+{
>+	if (!trusted_root_digests)
>+		trusted_root_digests = digests;
>+	else
>+		pr_warn("verity root digests trusted by LoadPin are already set!!!\n");
>+}
>+
>+static bool is_trusted_verity_target(struct dm_target *ti)
>+{
>+	u8 *root_digest;
>+	unsigned int digest_size;
>+	struct trusted_root_digest *trd;
>+	bool trusted = false;
>+
>+	if (!dm_is_verity_target(ti))
>+		return false;
>+
>+	if (dm_verity_get_root_digest(ti, &root_digest, &digest_size))
>+		return false;
>+
>+	list_for_each_entry(trd, trusted_root_digests, node) {
>+		if ((trd->len == digest_size) &&
>+		    !memcmp(trd->data, root_digest, digest_size)) {
>+			trusted = true;
>+			break;
>+		}
>+	}
>+
>+	kfree(root_digest);
>+
>+	return trusted;
>+}
>+
>+/*
>+ * Determines whether a mapped device is a verity device that is trusted
>+ * by LoadPin.
>+ */
>+bool dm_verity_loadpin_is_md_trusted(struct mapped_device *md)
>+{
>+	int srcu_idx;
>+	struct dm_table *table;
>+	unsigned int num_targets;
>+	bool trusted = false;
>+	int i;
>+
>+	if (!trusted_root_digests || list_empty(trusted_root_digests))
>+		return false;
>+
>+	table = dm_get_live_table(md, &srcu_idx);
>+	num_targets = dm_table_get_num_targets(table);
>+	for (i = 0; i < num_targets; i++) {
>+		struct dm_target *ti = dm_table_get_target(table, i);
>+
>+		if (is_trusted_verity_target(ti)) {
>+			trusted = true;
>+			break;
>+		}
>+	}

Pardon my lack of dm vocabulary, but what is "target" vs "table" here? I was only thinking of "whole device", so I must not understand what this is examining.

> [...]
>diff --git a/include/linux/dm-verity-loadpin.h b/include/linux/dm-verity-loadpin.h
>new file mode 100644
>index 000000000000..12a86911d05a
>--- /dev/null
>+++ b/include/linux/dm-verity-loadpin.h
>@@ -0,0 +1,27 @@
>+/* SPDX-License-Identifier: GPL-2.0 */
>+
>+#ifndef __LINUX_DM_VERITY_LOADPIN_H
>+#define __LINUX_DM_VERITY_LOADPIN_H
>+
>+#include <linux/list.h>
>+
>+struct mapped_device;
>+
>+struct trusted_root_digest {
>+	u8 *data;
>+	unsigned int len;
>+	struct list_head node;
>+};

To avoid the double-alloc in patch 2 (and save 1 pointer size of memory), this could just be:

struct trusted_root_digest {
	struct list_head node;
	unsigned int len;
	u8 data[];
};

Otherwise, looks good to me!

-- 
Kees Cook

WARNING: multiple messages have this Message-ID
From: Kees Cook <keescook@chromium.org>
To: Matthias Kaehlcke <mka@chromium.org>,
	Alasdair Kergon <agk@redhat.com>,
	Mike Snitzer <snitzer@kernel.org>,
	James Morris <jmorris@namei.org>,
	"Serge E . Hallyn" <serge@hallyn.com>
Cc: Douglas Anderson <dianders@chromium.org>,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
	Song Liu <song@kernel.org>,
	dm-devel@redhat.com
Subject: Re: [dm-devel] [PATCH v3 1/3] dm: Add verity helpers for LoadPin
Date: Fri, 13 May 2022 15:15:53 -0700	[thread overview]
Message-ID: <02028CEA-5704-4A51-8CAD-BEE53CEF7CCA@chromium.org> (raw)
In-Reply-To: <20220504125404.v3.1.I3e928575a23481121e73286874c4c2bdb403355d@changeid>



On May 4, 2022 12:54:17 PM PDT, Matthias Kaehlcke <mka@chromium.org> wrote:
>LoadPin limits loading of kernel modules, firmware and certain
>other files to a 'pinned' file system (typically a read-only
>rootfs). To provide more flexibility LoadPin is being extended
>to also allow loading these files from trusted dm-verity
>devices. For that purpose LoadPin can be provided with a list
>of verity root digests that it should consider as trusted.
>
>Add a bunch of helpers to allow LoadPin to check whether a DM
>device is a trusted verity device. The new functions broadly
>fall in two categories: those that need access to verity
>internals (like the root digest), and the 'glue' between
>LoadPin and verity. The new file dm-verity-loadpin.c contains
>the glue functions.
>
>Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
> [...]
>diff --git a/drivers/md/dm-verity-loadpin.c b/drivers/md/dm-verity-loadpin.c
>new file mode 100644
>index 000000000000..972ca93a2231
>--- /dev/null
>+++ b/drivers/md/dm-verity-loadpin.c
>@@ -0,0 +1,80 @@
>+// SPDX-License-Identifier: GPL-2.0-only
>+
>+#include <linux/list.h>
>+#include <linux/kernel.h>
>+#include <linux/dm-verity-loadpin.h>
>+
>+#include "dm.h"
>+#include "dm-verity.h"
>+
>+static struct list_head *trusted_root_digests;

Does this need to exist in two places? (i.e. why can't dm and loadpin share this instead of needing dm_verity_loadpin_set_trusted_digests()?)

>+
>+/*
>+ * Sets the root digests of verity devices which LoadPin considers as trusted.
>+ *
>+ * This function must only be called once.
>+ */
>+void dm_verity_loadpin_set_trusted_root_digests(struct list_head *digests)
>+{
>+	if (!trusted_root_digests)
>+		trusted_root_digests = digests;
>+	else
>+		pr_warn("verity root digests trusted by LoadPin are already set!!!\n");
>+}
>+
>+static bool is_trusted_verity_target(struct dm_target *ti)
>+{
>+	u8 *root_digest;
>+	unsigned int digest_size;
>+	struct trusted_root_digest *trd;
>+	bool trusted = false;
>+
>+	if (!dm_is_verity_target(ti))
>+		return false;
>+
>+	if (dm_verity_get_root_digest(ti, &root_digest, &digest_size))
>+		return false;
>+
>+	list_for_each_entry(trd, trusted_root_digests, node) {
>+		if ((trd->len == digest_size) &&
>+		    !memcmp(trd->data, root_digest, digest_size)) {
>+			trusted = true;
>+			break;
>+		}
>+	}
>+
>+	kfree(root_digest);
>+
>+	return trusted;
>+}
>+
>+/*
>+ * Determines whether a mapped device is a verity device that is trusted
>+ * by LoadPin.
>+ */
>+bool dm_verity_loadpin_is_md_trusted(struct mapped_device *md)
>+{
>+	int srcu_idx;
>+	struct dm_table *table;
>+	unsigned int num_targets;
>+	bool trusted = false;
>+	int i;
>+
>+	if (!trusted_root_digests || list_empty(trusted_root_digests))
>+		return false;
>+
>+	table = dm_get_live_table(md, &srcu_idx);
>+	num_targets = dm_table_get_num_targets(table);
>+	for (i = 0; i < num_targets; i++) {
>+		struct dm_target *ti = dm_table_get_target(table, i);
>+
>+		if (is_trusted_verity_target(ti)) {
>+			trusted = true;
>+			break;
>+		}
>+	}

Pardon my lack of dm vocabulary, but what is "target" vs "table" here? I was only thinking of "whole device", so I must not understand what this is examining.

> [...]
>diff --git a/include/linux/dm-verity-loadpin.h b/include/linux/dm-verity-loadpin.h
>new file mode 100644
>index 000000000000..12a86911d05a
>--- /dev/null
>+++ b/include/linux/dm-verity-loadpin.h
>@@ -0,0 +1,27 @@
>+/* SPDX-License-Identifier: GPL-2.0 */
>+
>+#ifndef __LINUX_DM_VERITY_LOADPIN_H
>+#define __LINUX_DM_VERITY_LOADPIN_H
>+
>+#include <linux/list.h>
>+
>+struct mapped_device;
>+
>+struct trusted_root_digest {
>+	u8 *data;
>+	unsigned int len;
>+	struct list_head node;
>+};

To avoid the double-alloc in patch 2 (and save 1 pointer size of memory), this could just be:

struct trusted_root_digest {
	struct list_head node;
	unsigned int len;
	u8 data[];
};

Otherwise, looks good to me!

-- 
Kees Cook

--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel


  parent reply	other threads:[~2022-05-13 22:16 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-04 19:54 [PATCH v3 0/3] LoadPin: Enable loading from trusted dm-verity devices Matthias Kaehlcke
2022-05-04 19:54 ` [dm-devel] " Matthias Kaehlcke
2022-05-04 19:54 ` [PATCH v3 1/3] dm: Add verity helpers for LoadPin Matthias Kaehlcke
2022-05-04 19:54   ` [dm-devel] " Matthias Kaehlcke
2022-05-11 20:54   ` Matthias Kaehlcke
2022-05-11 20:54     ` [dm-devel] " Matthias Kaehlcke
2022-05-12 17:19     ` Mike Snitzer
2022-05-12 17:19       ` [dm-devel] " Mike Snitzer
2022-05-12 18:14       ` Matthias Kaehlcke
2022-05-12 18:14         ` [dm-devel] " Matthias Kaehlcke
2022-05-12 20:44       ` Matthias Kaehlcke
2022-05-12 20:44         ` [dm-devel] " Matthias Kaehlcke
2022-05-13 16:29         ` Mike Snitzer
2022-05-13 16:29           ` [dm-devel] " Mike Snitzer
2022-05-13 16:53           ` Matthias Kaehlcke
2022-05-13 16:53             ` Matthias Kaehlcke
2022-05-13 22:15   ` Kees Cook [this message]
2022-05-13 22:15     ` [dm-devel] " Kees Cook
2022-05-16 18:51     ` Matthias Kaehlcke
2022-05-16 18:51       ` [dm-devel] " Matthias Kaehlcke
2022-05-17  3:38       ` Kees Cook
2022-05-17  3:38         ` [dm-devel] " Kees Cook
2022-05-04 19:54 ` [PATCH v3 2/3] LoadPin: Enable loading from trusted dm-verity devices Matthias Kaehlcke
2022-05-04 19:54   ` [dm-devel] " Matthias Kaehlcke
2022-05-04 22:26   ` kernel test robot
2022-05-04 22:26     ` [dm-devel] " kernel test robot
2022-05-13 16:32   ` Mike Snitzer
2022-05-13 16:32     ` [dm-devel] " Mike Snitzer
2022-05-13 17:01     ` Matthias Kaehlcke
2022-05-13 17:01       ` [dm-devel] " Matthias Kaehlcke
2022-05-13 18:26     ` Kees Cook
2022-05-13 18:26       ` [dm-devel] " Kees Cook
2022-05-13 22:36   ` Kees Cook
2022-05-13 22:36     ` [dm-devel] " Kees Cook
2022-05-16 18:17     ` Matthias Kaehlcke
2022-05-16 18:17       ` [dm-devel] " Matthias Kaehlcke
2022-05-17  3:44       ` Kees Cook
2022-05-17  3:44         ` [dm-devel] " Kees Cook
2022-05-17 19:28         ` Matthias Kaehlcke
2022-05-17 19:28           ` [dm-devel] " Matthias Kaehlcke
2022-05-04 19:54 ` [PATCH v3 3/3] dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation Matthias Kaehlcke
2022-05-04 19:54   ` [dm-devel] " Matthias Kaehlcke

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=02028CEA-5704-4A51-8CAD-BEE53CEF7CCA@chromium.org \
    --to=keescook@chromium.org \
    --cc=agk@redhat.com \
    --cc=dianders@chromium.org \
    --cc=dm-devel@redhat.com \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-raid@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mka@chromium.org \
    --cc=serge@hallyn.com \
    --cc=snitzer@kernel.org \
    --cc=song@kernel.org \
    --subject='Re: [PATCH v3 1/3] dm: Add verity helpers for LoadPin' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.