From: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
To: zohar@linux.ibm.com, stephen.smalley.work@gmail.com,
casey@schaufler-ca.com
Cc: jmorris@namei.org, linux-integrity@vger.kernel.org,
selinux@vger.kernel.org, linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: [PATCH v3 5/5] LSM: Define workqueue for measuring security module state
Date: Fri, 17 Jul 2020 15:28:19 -0700 [thread overview]
Message-ID: <20200717222819.26198-6-nramas@linux.microsoft.com> (raw)
In-Reply-To: <20200717222819.26198-1-nramas@linux.microsoft.com>
Data structures critical to the functioning of a security module could
be tampered with by malware or changed inadvertently at runtime
thereby disabling or reducing the security guarantees provided by
the security module. Such critical data need to be periodically checked
and measured, if there is any change. This would enable an attestation
service, for instance, to verify that the security modules are operating
with the configuration and policy setup by the system administrator.
Define a workqueue in the LSM and invoke the security modules in
the workqueue handler to check their data and measure.
Note that the data given by the security module would be measured by
the IMA subsystem only if it has changed since the last time it was
measured.
Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
---
security/security.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/security/security.c b/security/security.c
index 88ce1b780ffd..6e746a024ed5 100644
--- a/security/security.c
+++ b/security/security.c
@@ -89,6 +89,11 @@ static __initdata struct lsm_info *exclusive;
static struct lsm_info *security_state_lsms;
static int security_state_lsms_count;
+static long security_state_timeout = 300000; /* 5 Minutes */
+static void security_state_handler(struct work_struct *work);
+static DECLARE_DELAYED_WORK(security_state_delayed_work,
+ security_state_handler);
+
static __initdata bool debug;
#define init_debug(...) \
do { \
@@ -277,6 +282,26 @@ static void __init initialize_security_state_lsms(void)
security_state_lsms_count = count;
}
+static void initialize_security_state_monitor(void)
+{
+ if (security_state_lsms_count == 0)
+ return;
+
+ schedule_delayed_work(&security_state_delayed_work,
+ msecs_to_jiffies(security_state_timeout));
+}
+
+static void security_state_handler(struct work_struct *work)
+{
+ int inx;
+
+ for (inx = 0; inx < security_state_lsms_count; inx++)
+ measure_security_state(&(security_state_lsms[inx]));
+
+ schedule_delayed_work(&security_state_delayed_work,
+ msecs_to_jiffies(security_state_timeout));
+}
+
/* Populate ordered LSMs list from comma-separated LSM name list. */
static void __init ordered_lsm_parse(const char *order, const char *origin)
{
@@ -400,6 +425,7 @@ static void __init ordered_lsm_init(void)
}
initialize_security_state_lsms();
+ initialize_security_state_monitor();
kfree(ordered_lsms);
}
--
2.27.0
prev parent reply other threads:[~2020-07-17 22:28 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-17 22:28 [PATCH v3 0/5] LSM: Measure security module state Lakshmi Ramasubramanian
2020-07-17 22:28 ` [PATCH v3 1/5] IMA: Add LSM_STATE func to measure LSM data Lakshmi Ramasubramanian
2020-07-17 22:28 ` [PATCH v3 2/5] IMA: Define an IMA hook " Lakshmi Ramasubramanian
2020-07-17 22:28 ` [PATCH v3 3/5] LSM: Add security_measure_data in lsm_info struct Lakshmi Ramasubramanian
2020-07-17 22:28 ` [PATCH v3 4/5] LSM: Define SELinux function to measure security state Lakshmi Ramasubramanian
2020-07-18 3:14 ` kernel test robot
2020-07-18 3:14 ` kernel test robot
2020-07-20 2:04 ` Lakshmi Ramasubramanian
2020-07-18 3:38 ` kernel test robot
2020-07-18 3:38 ` kernel test robot
2020-07-18 15:31 ` kernel test robot
2020-07-18 15:31 ` kernel test robot
2020-07-18 15:31 ` [RFC PATCH] LSM: security_read_selinux_policy() can be static kernel test robot
2020-07-18 15:31 ` kernel test robot
2020-07-20 14:31 ` [PATCH v3 4/5] LSM: Define SELinux function to measure security state Stephen Smalley
2020-07-20 15:17 ` Lakshmi Ramasubramanian
2020-07-20 17:06 ` Stephen Smalley
2020-07-20 17:26 ` Mimi Zohar
2020-07-20 17:34 ` Lakshmi Ramasubramanian
2020-07-20 17:40 ` Stephen Smalley
2020-07-20 17:49 ` Stephen Smalley
2020-07-20 18:27 ` Lakshmi Ramasubramanian
2020-07-20 18:44 ` Stephen Smalley
2020-07-20 18:59 ` Lakshmi Ramasubramanian
2020-07-17 22:28 ` Lakshmi Ramasubramanian [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200717222819.26198-6-nramas@linux.microsoft.com \
--to=nramas@linux.microsoft.com \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=selinux@vger.kernel.org \
--cc=stephen.smalley.work@gmail.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.