* [RFC PATCH] integrity : Preserve i_flags of inode in signature hash
@ 2020-04-06 11:25 Lev Olshvang
0 siblings, 0 replies; only message in thread
From: Lev Olshvang @ 2020-04-06 11:25 UTC (permalink / raw)
To: Dmitry Kasatkin, Vitaly Chikunov, linux-integrity
From af94cf8c8e0976dfc7889d7f3d83dd1c9db96e59 Mon Sep 17 00:00:00 2001
From: Lev Olshvang <levonshe@gmail.com>
Date: Mon, 30 Mar 2020 16:00:27 +0300
Subject: [RFC PATCH v1] integrity - add inode's i_flags to signature
Add more inode fields to inode HMAC : attributes [i_flags].
Naming is a but confusing - chattr, lsattr utilities uses
attributes term, while inside inode they are stored in i_flags.
File/directory attributes define (affect) how User space and
filesystem behaves and should be considered therefore as
file metadata content.
For example immutable flag preserve file from removal or change.
Files in ext4 filesystem might have encrypted attribute and
in ubifs filesystem compressed attribute might be used.
In a total 32 attributes might be in use.
It is important to verify these attributes were not changed.
Function hmac_add_misc() ignored errors from crypto functions
This patch changes hmac_add_misc() not to be silent about errors
Signed-off-by: Lev Olshvang <levonshe@gmail.com>
---
security/integrity/evm/evm_crypto.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index d485f6fc908e..927fab54c67c 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -139,15 +139,17 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo)
* (Additional directory/file metadata needs to be added for more complete
* protection.)
*/
-static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
+static int hmac_add_misc(struct shash_desc *desc, struct inode *inode,
char type, char *digest)
{
+ int rc = 0;
struct h_misc {
unsigned long ino;
__u32 generation;
uid_t uid;
gid_t gid;
umode_t mode;
+ __u32 flags;
} hmac_misc;
memset(&hmac_misc, 0, sizeof(hmac_misc));
@@ -169,11 +171,18 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
hmac_misc.mode = inode->i_mode;
- crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
+ hmac_misc.flags = inode->i_flags;
+ rc = crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
+ if (unlikely(!rc))
+ return rc;
if ((evm_hmac_attrs & EVM_ATTR_FSUUID) &&
- type != EVM_XATTR_PORTABLE_DIGSIG)
- crypto_shash_update(desc, (u8 *)&inode->i_sb->s_uuid, UUID_SIZE);
- crypto_shash_final(desc, digest);
+ type != EVM_XATTR_PORTABLE_DIGSIG) {
+ rc = crypto_shash_update(desc, (u8 *)&inode->i_sb->s_uuid, UUID_SIZE);
+ if (unlikely(!rc))
+ return rc;
+ }
+ rc = crypto_shash_final(desc, digest);
+ return rc;
}
/*
@@ -239,7 +248,9 @@ static int evm_calc_hmac_or_hash(struct dentry *dentry,
if (is_ima)
ima_present = true;
}
- hmac_add_misc(desc, inode, type, data->digest);
+ error = hmac_add_misc(desc, inode, type, data->digest);
+ if (error < 0)
+ return error;
/* Portable EVM signatures must include an IMA hash */
if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present)
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2020-04-06 11:25 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-06 11:25 [RFC PATCH] integrity : Preserve i_flags of inode in signature hash Lev Olshvang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.