linux-block.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
@ 2021-10-13 19:06 deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 01/16] security: add ipe lsm & initial context creation deven.desai
                   ` (16 more replies)
  0 siblings, 17 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Overview:
---------

IPE is a Linux Security Module which takes a complimentary approach to
access control. Whereas existing systems approach use labels or paths
which control access to a resource, IPE controls access to a resource
based on the system's trust of said resource.

Trust requirements are established via IPE's policy, sourcing multiple
different implementations within the kernel to build a cohesive trust
model, based on how the system was built.

Trust, with respect to computing, is a concept that designates a set
of entities who will endorse a set of resources as non-malicious.
Traditionally, this is done via signatures, which is the act of endorsing
a resource.

Integrity, on the other hand, is the concept of ensuring that a resource
has not been modified since a point of time. This is typically done through
cryptographic hashes or signatures.

Trust and integrity are very closely tied together concepts, as integrity
is the way you can prove trust for a resource; otherwise it could have
been modified by an entity who is untrusted.

IPE provides a way for a user to express trust requirements of resources,
by using pre-existing systems which provide the integrity half of the
equation.

IPE is compiled under CONFIG_SECURITY_IPE.

Use Cases
---------

IPE works best in fixed-function devices: Devices in which their purpose
is clearly defined and not supposed to be changed (e.g. network firewall
device in a data center, an IoT device, etcetera), where all software and
configuration is built and provisioned by the system owner.

IPE is a long-way off for use in general-purpose computing:
the Linux community as a whole tends to follow a decentralized trust
model, known as the Web of Trust, which IPE has no support for as of yet.
Instead, IPE supports the PKI Trust Model, which generally designates a
set of entities that provide a measure absolute trust.

Additionally, while most packages are signed today, the files inside
the packages (for instance, the executables), tend to be unsigned. This
makes it difficult to utilize IPE in systems where a package manager is
expected to be functional, without major changes to the package manager
and ecosystem behind it.

Policy:
-------

IPE policy is a plain-text [#]_ policy composed of multiple statements
over several lines. There is one required line, at the top of the
policy, indicating the policy name, and the policy version, for
instance:

  policy_name="Ex Policy" policy_version=0.0.0

The policy version indicates the current version of the policy (NOT the
policy syntax version). This is used to prevent roll-back of policy to
potentially insecure previous versions of the policy.

The next portion of IPE policy, are rules. Rules are formed by key=value
pairs, known as properties. IPE rules require two properties: "action",
which determines what IPE does when it encounters a match against the
policy, and "op", which determines when that rule should be evaluated.
Thus, a minimal rule is:

  op=EXECUTE action=ALLOW

This example will allow any execution. Additional properties are used to
restrict attributes about the files being evaluated. These properties are
intended to be deterministic attributes that are resident in the kernel.
Available properties for IPE described in the documentation patch of this
series.

A rule is required to have the "op" property as the first token of a rule,
and the "action" as the last token of the rule. Rules are evaluated
top-to-bottom. As a result, any revocation rules, or denies should be
placed early in the file to ensure that these rules are evaluated before
a rule with "action=ALLOW" is hit.

Any unknown syntax in IPE policy will result in a fatal error to parse
the policy. User mode can interrogate the kernel to understand what
properties and the associated versions through the securityfs node,
$securityfs/ipe/config, which will return a string of form:

  key1=version1
  key2=version2
  .
  .
  .
  keyN=versionN

User-mode should correlate these versions with the supported values
identified in the documentation to determine whether a policy should
be accepted by the system without actually trying to deploy the policy.

Additionally, a DEFAULT operation must be set for all understood
operations within IPE. For policies to remain completely forwards
compatible, it is recommended that users add a "DEFAULT action=ALLOW"
and override the defaults on a per-operation basis.

For more information about the policy syntax, the kernel documentation
page.

Early Usermode Protection:
--------------------------

IPE can be provided with a policy at startup to load and enforce.
This is intended to be a minimal policy to get the system to a state
where userland is setup and ready to receive commands, at which
point a policy can be deployed via securityfs. This "boot policy" can be
specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
to a plain-text version of the IPE policy to apply. This policy will be
compiled into the kernel. If not specified, IPE will be disabled until a
policy is deployed and activated through the method above.

Policy Examples:
----------------

Allow all:

  policy_name="Allow All" policy_version=0.0.0
  DEFAULT action=ALLOW

Allow only initial superblock:

  policy_name="Allow All Initial SB" policy_version=0.0.0
  DEFAULT action=DENY

  op=EXECUTE boot_verified=TRUE action=ALLOW

Allow any signed dm-verity volume and the initial superblock:

  policy_name="AllowSignedAndInitial" policy_version=0.0.0
  DEFAULT action=DENY

  op=EXECUTE boot_verified=TRUE action=ALLOW
  op=EXECUTE dmverity_signature=TRUE action=ALLOW

Prohibit execution from a specific dm-verity volume:

  policy_name="AllowSignedAndInitial" policy_version=0.0.0
  DEFAULT action=DENY

  op=EXECUTE dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=DENY
  op=EXECUTE boot_verified=TRUE action=ALLOW
  op=EXECUTE dmverity_signature=TRUE action=ALLOW

Allow only a specific dm-verity volume:

  policy_name="AllowSignedAndInitial" policy_version=0.0.0
  DEFAULT action=DENY

  op=EXECUTE dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW

Deploying Policies:
-------------------

First sign a plain text policy, with a certificate that is present in
the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
signing can be done via:

  openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
    -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
    -out "$MY_POLICY.p7s"

Then, simply cat the file into the IPE's "new_policy" securityfs node:

  cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy

The policy should now be present under the policies/ subdirectory, under
its "policy_name" attribute.

The policy is now present in the kernel and can be marked as active,
via the securityfs node:

  echo "1" > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"

This will now mark the policy as active and the system will be enforcing
$MY_POLICY_NAME.

There is one requirement when marking a policy as active, the policy_version
attribute must either increase, or remain the same as the currently running
policy.

Policies can be updated via:

  cat "$MY_UPDATED_POLICY.p7s" > \
    "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"

Additionally, policies can be deleted via the "delete" securityfs
node. Simply write "1" to the corresponding node in the policy folder:

  echo "1" > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"

There is only one requirement to delete policies, the policy being
deleted must not be the active policy.

NOTE: The securityfs commands will require CAP_MAC_ADMIN.

Integrations:
-------------

This patch series adds support for fsverity via digest and signature
(fsverity_signature and fsverity_digest), dm-verity by digest and
signature (dmverity_signature and dmverity_roothash), and trust for
the initramfs (boot_verified).

Please see the documentation patch for more information about the
integrations available.

Testing:
--------

KUnit Tests are available. Recommended kunitconfig:

    CONFIG_KUNIT=y
    CONFIG_SECURITY=y
    CONFIG_SECURITYFS=y
    CONFIG_PKCS7_MESSAGE_PARSER=y
    CONFIG_SYSTEM_DATA_VERIFICATION=y
    CONFIG_FS_VERITY=y
    CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
    CONFIG_BLOCK=y
    CONFIG_MD=y
    CONFIG_BLK_DEV_DM=y
    CONFIG_DM_VERITY=y
    CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y

    CONFIG_SECURITY_IPE=y
    CONFIG_SECURITY_IPE_KUNIT_TEST=y
    CONFIG_IPE_PROP_BOOT_VERIFIED=y
    CONFIG_IPE_PROP_DM_VERITY_SIGNATURE=y
    CONFIG_IPE_PROP_DM_VERITY_ROOTHASH=y
    CONFIG_IPE_PROP_FS_VERITY_SIGNATURE=y
    CONFIG_IPE_PROP_FS_VERITY_DIGEST=y

Simply run:

    make ARCH=um mrproper 
    ./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>

And the tests will execute and report the result. For more indepth testing,
it will require you to create and mount a dm-verity volume or fs-verity
enabled file.

Documentation:
--------------

There is both documentation available on github at
https://microsoft.github.io/ipe, and Documentation in this patch series,
to be added in-tree. This includes architectural block diagrams.

Known Gaps:
-----------

IPE has two known gaps:

1. IPE cannot verify the integrity of anonymous executable memory, such as
  the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
  Unfortunately, as this is dynamically generated code, there is no way
  for IPE to ensure the integrity of this code to form a trust basis. In all
  cases, the return result for these operations will be whatever the admin
  configures the DEFAULT action for "EXECUTE".

2. IPE cannot verify the integrity of interpreted languages' programs when
  these scripts invoked via ``<interpreter> <file>``. This is because the
  way interpreters execute these files, the scripts themselves are not
  evaluated as executable code through one of IPE's hooks. Interpreters
  can be enlightened to the usage of IPE by trying to mmap a file into
  executable memory (+X), after opening the file and responding to the
  error code appropriately. This also applies to included files, or high
  value files, such as configuration files of critical system components.
  However, there is a patchset that is looking to address this gap [1].

Appendix:
---------

A. IPE Github Repository: https://github.com/microsoft/ipe
B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst

References:
-----------

[1] https://lore.kernel.org/all/20211012192410.2356090-1-mic@digikod.net/

FAQ:
----

Q: What's the difference between other LSMs which provide trust-based
  access control, for instance, IMA?

A: IMA is a fantastic option when needing measurement in addition to the
  trust-based access model. All of IMA is centered around their measurement
  hashes, so you save time when doing both actions. IPE, on the other hand,
  is a highly performant system that does not rely (and explicitly prohibits),
  generating its own integrity mechanisms - separating measurement and access
  control. Simply put, IPE provides only the enforcement of trust, while other
  subsystems provide the integrity guarantee that IPE needs to determine the
  trust of a resource. IMA provides both the integrity guarantee, the
  enforcement of trust, and a whole host of other features that may not be
  needed.

Changelog:
----------

Changes since v1:
  Split the second patch of the previous series into two.
  Minor corrections in the cover-letter and documentation
  comments regarding CAP_MAC_ADMIN checks in IPE.

Changes since v2:
  Address various comments by Jann Horn. Highlights:
    Switch various audit allocators to GFP_KERNEL.
    Utilize rcu_access_pointer() in various locations.
    Strip out the caching system for properties
    Strip comments from headers
    Move functions around in patches
    Remove kernel command line parameters
    Reconcile the race condition on the delete node for policy by
      expanding the policy critical section.

  Address a few comments by Jonathan Corbet around the documentation
    pages for IPE.

  Fix an issue with the initialization of IPE policy with a "-0"
    version, caused by not initializing the hlist entries before
    freeing.

Changes since v3:
  Address a concern around IPE's behavior with unknown syntax.
    Specifically, make any unknown syntax a fatal error instead of a
    warning, as suggested by Mickaël Salaün.
  Introduce a new securityfs node, $securityfs/ipe/property_config,
    which provides a listing of what properties are enabled by the
    kernel and their versions. This allows usermode to predict what
    policies should be allowed.
  Strip some comments from c files that I missed.
  Clarify some documentation comments around 'boot_verified'.
    While this currently does not functionally change the property
    itself, the distinction is important when IPE can enforce verified
    reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
    This has been corrected.
  Change SecurityFS and SHA1 to a reverse dependency.
  Update the cover-letter with the updated behavior of unknown syntax.
  Remove all sysctls, making an equivalent function in securityfs.
  Rework the active/delete mechanism to be a node under the policy in
    $securityfs/ipe/policies.
  The kernel command line parameters ipe.enforce and ipe.success_audit
    have returned as this functionality is no longer exposed through
    sysfs.

Changes since v4:
  Correct some grammatical errors reported by Randy Dunlap.
  Fix some warnings reported by kernel test bot.
  Change convention around security_bdev_setsecurity. -ENOSYS
    is now expected if an LSM does not implement a particular @name,
    as suggested by Casey Schaufler.
  Minor string corrections related to the move from sysfs to securityfs
  Correct a spelling of an #ifdef for the permissive argument.
  Add the kernel parameters re-added to the documentation.
  Fix a minor bug where the mode being audited on permissive switch
    was the original mode, not the mode being swapped to.
  Cleanup doc comments, fix some whitespace alignment issues.

Changes since v5:
  Change if statement condition in security_bdev_setsecurity to be
    more concise, as suggested by Casey Schaufler and Al Viro
  Drop the 6th patch in the series, "dm-verity move signature check..."
    due to numerous issues, and it ultimately providing no real value.
  Fix the patch tree - the previous iteration appears to have been in a
    torn state (patches 8+9 were merged). This has since been corrected.

Changes since v6:
  * Reword cover letter to more accurate convey IPE's purpose
    and latest updates.
  * Refactor series to:
      1. Support a context structure, enabling:
          1. Easier Testing via KUNIT
          2. A better architecture for future designs
      2. Make parser code cleaner
  * Move patch 01/12 to [14/16] of the series
  * Split up patch 02/12 into four parts:
      1. context creation [01/16]
      2. audit [07/16]
      3. evaluation loop [03/16]
      4. access control hooks [05/16]
      5. permissive mode [08/16]
  * Split up patch 03/12 into two parts:
      1. parser [02/16]
      2. userspace interface [04/16]
  * Reword and refactor patch 04/12 to [09/16]
  * Squash patch 05/12, 07/12, 09/12 to [10/16]
  * Squash patch 08/12, 10/12 to [11/16]
  * Change audit records to MAC region (14XX) from Integrity region (18XX)
  * Add FSVerity Support
  * Interface changes:
      1. "raw" was renamed to "pkcs7" and made read only
      2. "raw"'s write functionality (update a policy) moved to "update"
      3. introduced "version", "policy_name" nodes.
      4. "content" renamed to "policy"
      5. The boot policy can now be updated like any other policy.
  * Add additional developer-level documentation
  * Update admin-guide docs to reflect changes.
  * Kunit tests
  * Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
    easily come later with a small patch.
  * Use partition0 for block_device for dm-verity patch

Deven Bowers (14):
  security: add ipe lsm & initial context creation
  ipe: add policy parser
  ipe: add evaluation loop
  ipe: add userspace interface
  ipe: add LSM hooks on execution and kernel read
  uapi|audit: add trust audit message definitions
  ipe: add auditing support
  ipe: add permissive toggle
  ipe: introduce 'boot_verified' as a trust provider
  fs|dm-verity: add block_dev LSM blob and submit dm-verity data
  ipe: add support for dm-verity as a trust provider
  scripts: add boot policy generation program
  ipe: kunit tests
  documentation: add ipe documentation

Fan Wu (2):
  fsverity|security: add security hooks to fsverity digest and signature
  ipe: enable support for fs-verity as a trust provider

 Documentation/admin-guide/LSM/index.rst       |    1 +
 Documentation/admin-guide/LSM/ipe.rst         |  587 ++++++++++
 .../admin-guide/kernel-parameters.txt         |   12 +
 Documentation/security/index.rst              |    1 +
 Documentation/security/ipe.rst                |  339 ++++++
 MAINTAINERS                                   |    9 +
 block/bdev.c                                  |    7 +
 drivers/md/dm-verity-target.c                 |   20 +-
 drivers/md/dm-verity-verify-sig.c             |   16 +-
 drivers/md/dm-verity-verify-sig.h             |   10 +-
 fs/verity/open.c                              |   12 +
 fs/verity/signature.c                         |    5 +-
 include/asm-generic/vmlinux.lds.h             |   16 +
 include/linux/blk_types.h                     |    1 +
 include/linux/device-mapper.h                 |    3 +
 include/linux/fsverity.h                      |    3 +
 include/linux/lsm_hook_defs.h                 |    5 +
 include/linux/lsm_hooks.h                     |   12 +
 include/linux/security.h                      |   22 +
 include/uapi/linux/audit.h                    |    4 +
 scripts/Makefile                              |    1 +
 scripts/ipe/Makefile                          |    2 +
 scripts/ipe/polgen/.gitignore                 |    1 +
 scripts/ipe/polgen/Makefile                   |    6 +
 scripts/ipe/polgen/polgen.c                   |  145 +++
 security/Kconfig                              |   11 +-
 security/Makefile                             |    1 +
 security/ipe/.gitignore                       |    1 +
 security/ipe/Kconfig                          |  100 ++
 security/ipe/Makefile                         |   39 +
 security/ipe/audit.c                          |  304 +++++
 security/ipe/audit.h                          |   41 +
 security/ipe/ctx.c                            |  381 ++++++
 security/ipe/ctx.h                            |   43 +
 security/ipe/ctx_test.c                       |  732 ++++++++++++
 security/ipe/eval.c                           |  237 ++++
 security/ipe/eval.h                           |   57 +
 security/ipe/fs.c                             |  327 ++++++
 security/ipe/fs.h                             |   13 +
 security/ipe/hooks.c                          |  328 ++++++
 security/ipe/hooks.h                          |   56 +
 security/ipe/ipe.c                            |  143 +++
 security/ipe/ipe.h                            |   27 +
 security/ipe/ipe_parser.h                     |   59 +
 security/ipe/modules.c                        |  134 +++
 security/ipe/modules.h                        |   17 +
 security/ipe/modules/Kconfig                  |   66 ++
 security/ipe/modules/Makefile                 |   12 +
 security/ipe/modules/boot_verified.c          |   24 +
 security/ipe/modules/dmverity_roothash.c      |   80 ++
 security/ipe/modules/dmverity_signature.c     |   25 +
 security/ipe/modules/fsverity_digest.c        |   80 ++
 security/ipe/modules/fsverity_signature.c     |   33 +
 security/ipe/modules/ipe_module.h             |   40 +
 security/ipe/parsers.c                        |  139 +++
 security/ipe/parsers/Makefile                 |   12 +
 security/ipe/parsers/default.c                |  106 ++
 security/ipe/parsers/policy_header.c          |  126 ++
 security/ipe/policy.c                         | 1037 +++++++++++++++++
 security/ipe/policy.h                         |  113 ++
 security/ipe/policy_parser_tests.c            |  299 +++++
 security/ipe/policyfs.c                       |  528 +++++++++
 security/security.c                           |   76 +-
 63 files changed, 7069 insertions(+), 18 deletions(-)
 create mode 100644 Documentation/admin-guide/LSM/ipe.rst
 create mode 100644 Documentation/security/ipe.rst
 create mode 100644 scripts/ipe/Makefile
 create mode 100644 scripts/ipe/polgen/.gitignore
 create mode 100644 scripts/ipe/polgen/Makefile
 create mode 100644 scripts/ipe/polgen/polgen.c
 create mode 100644 security/ipe/.gitignore
 create mode 100644 security/ipe/Kconfig
 create mode 100644 security/ipe/Makefile
 create mode 100644 security/ipe/audit.c
 create mode 100644 security/ipe/audit.h
 create mode 100644 security/ipe/ctx.c
 create mode 100644 security/ipe/ctx.h
 create mode 100644 security/ipe/ctx_test.c
 create mode 100644 security/ipe/eval.c
 create mode 100644 security/ipe/eval.h
 create mode 100644 security/ipe/fs.c
 create mode 100644 security/ipe/fs.h
 create mode 100644 security/ipe/hooks.c
 create mode 100644 security/ipe/hooks.h
 create mode 100644 security/ipe/ipe.c
 create mode 100644 security/ipe/ipe.h
 create mode 100644 security/ipe/ipe_parser.h
 create mode 100644 security/ipe/modules.c
 create mode 100644 security/ipe/modules.h
 create mode 100644 security/ipe/modules/Kconfig
 create mode 100644 security/ipe/modules/Makefile
 create mode 100644 security/ipe/modules/boot_verified.c
 create mode 100644 security/ipe/modules/dmverity_roothash.c
 create mode 100644 security/ipe/modules/dmverity_signature.c
 create mode 100644 security/ipe/modules/fsverity_digest.c
 create mode 100644 security/ipe/modules/fsverity_signature.c
 create mode 100644 security/ipe/modules/ipe_module.h
 create mode 100644 security/ipe/parsers.c
 create mode 100644 security/ipe/parsers/Makefile
 create mode 100644 security/ipe/parsers/default.c
 create mode 100644 security/ipe/parsers/policy_header.c
 create mode 100644 security/ipe/policy.c
 create mode 100644 security/ipe/policy.h
 create mode 100644 security/ipe/policy_parser_tests.c
 create mode 100644 security/ipe/policyfs.c

-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 01/16] security: add ipe lsm & initial context creation
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 02/16] ipe: add policy parser deven.desai
                   ` (15 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Integrity Policy Enforcement (IPE) is an LSM that provides an
complimentary approach to Mandatory Access Control than existing LSMs
today.

Existing LSMs have centered around the concept of access to a resource
should be controlled by the current user's credentials. IPE's approach,
is that access to a resource should be controlled by the system's trust
of a current resource.

The basis of this approach is that every process in the kernel is
associated with a context that determines the policy for what is
trusted by said process and its descendents, starting with 'init'.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Split up patch 02/11 into three parts:
      1. context creation (new) [this patch]
      2. parser (refactored)
      3. evaluation loop
  * Refactor series to:
      1. Support a context structure, enabling easier testing

---
 MAINTAINERS           |   6 ++
 security/Kconfig      |  11 +--
 security/Makefile     |   1 +
 security/ipe/Kconfig  |  19 +++++
 security/ipe/Makefile |  11 +++
 security/ipe/ctx.c    | 161 ++++++++++++++++++++++++++++++++++++++++++
 security/ipe/ctx.h    |  28 ++++++++
 security/ipe/hooks.c  |  58 +++++++++++++++
 security/ipe/hooks.h  |  16 +++++
 security/ipe/ipe.c    |  57 +++++++++++++++
 security/ipe/ipe.h    |  19 +++++
 11 files changed, 382 insertions(+), 5 deletions(-)
 create mode 100644 security/ipe/Kconfig
 create mode 100644 security/ipe/Makefile
 create mode 100644 security/ipe/ctx.c
 create mode 100644 security/ipe/ctx.h
 create mode 100644 security/ipe/hooks.c
 create mode 100644 security/ipe/hooks.h
 create mode 100644 security/ipe/ipe.c
 create mode 100644 security/ipe/ipe.h

diff --git a/MAINTAINERS b/MAINTAINERS
index e0bca0de0df7..f1e76f791d47 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9279,6 +9279,12 @@ S:	Supported
 T:	git git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
 F:	security/integrity/ima/
 
+INTEGRITY POLICY ENFORCEMENT (IPE)
+M:	Deven Bowers <deven.desai@linux.microsoft.com>
+M:	Fan Wu <wufan@linux.microsoft.com>
+S:	Supported
+F:	security/ipe/
+
 INTEL 810/815 FRAMEBUFFER DRIVER
 M:	Antonino Daplas <adaplas@gmail.com>
 L:	linux-fbdev@vger.kernel.org
diff --git a/security/Kconfig b/security/Kconfig
index 0ced7fd33e4d..6ed9b3b5a75c 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -239,6 +239,7 @@ source "security/yama/Kconfig"
 source "security/safesetid/Kconfig"
 source "security/lockdown/Kconfig"
 source "security/landlock/Kconfig"
+source "security/ipe/Kconfig"
 
 source "security/integrity/Kconfig"
 
@@ -278,11 +279,11 @@ endchoice
 
 config LSM
 	string "Ordered list of enabled LSMs"
-	default "landlock,lockdown,yama,loadpin,safesetid,integrity,smack,selinux,tomoyo,apparmor,bpf" if DEFAULT_SECURITY_SMACK
-	default "landlock,lockdown,yama,loadpin,safesetid,integrity,apparmor,selinux,smack,tomoyo,bpf" if DEFAULT_SECURITY_APPARMOR
-	default "landlock,lockdown,yama,loadpin,safesetid,integrity,tomoyo,bpf" if DEFAULT_SECURITY_TOMOYO
-	default "landlock,lockdown,yama,loadpin,safesetid,integrity,bpf" if DEFAULT_SECURITY_DAC
-	default "landlock,lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor,bpf"
+	default "landlock,lockdown,yama,loadpin,safesetid,integrity,smack,selinux,tomoyo,apparmor,bpf,ipe" if DEFAULT_SECURITY_SMACK
+	default "landlock,lockdown,yama,loadpin,safesetid,integrity,apparmor,selinux,smack,tomoyo,bpf,ipe" if DEFAULT_SECURITY_APPARMOR
+	default "landlock,lockdown,yama,loadpin,safesetid,integrity,tomoyo,bpf,ipe" if DEFAULT_SECURITY_TOMOYO
+	default "landlock,lockdown,yama,loadpin,safesetid,integrity,bpf,ipe" if DEFAULT_SECURITY_DAC
+	default "landlock,lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor,bpf,ipe"
 	help
 	  A comma-separated list of LSMs, in initialization order.
 	  Any LSMs left off this list will be ignored. This can be
diff --git a/security/Makefile b/security/Makefile
index 18121f8f85cd..527b1864d96c 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -24,6 +24,7 @@ obj-$(CONFIG_SECURITY_LOCKDOWN_LSM)	+= lockdown/
 obj-$(CONFIG_CGROUPS)			+= device_cgroup.o
 obj-$(CONFIG_BPF_LSM)			+= bpf/
 obj-$(CONFIG_SECURITY_LANDLOCK)		+= landlock/
+obj-$(CONFIG_SECURITY_IPE)		+= ipe/
 
 # Object integrity file lists
 obj-$(CONFIG_INTEGRITY)			+= integrity/
diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
new file mode 100644
index 000000000000..c4503083e92d
--- /dev/null
+++ b/security/ipe/Kconfig
@@ -0,0 +1,19 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Integrity Policy Enforcement (IPE) configuration
+#
+
+menuconfig SECURITY_IPE
+	bool "Integrity Policy Enforcement (IPE)"
+	depends on SECURITY && SECURITYFS
+	select PKCS7_MESSAGE_PARSER
+	select SYSTEM_DATA_VERIFICATION
+	help
+	  This option enables the Integrity Policy Enforcement subsystem
+	  allowing systems to enforce integrity having no dependencies
+	  on filesystem metadata, making its decisions based off of kernel-
+	  resident features and data structures. A key feature of IPE is a
+	  customizable policy to allow admins to reconfigure integrity
+	  requirements on the fly.
+
+	  If unsure, answer N.
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
new file mode 100644
index 000000000000..ba3df729e252
--- /dev/null
+++ b/security/ipe/Makefile
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (C) Microsoft Corporation. All rights reserved.
+#
+# Makefile for building the IPE module as part of the kernel tree.
+#
+
+obj-$(CONFIG_SECURITY_IPE) += \
+	ctx.o \
+	hooks.o \
+	ipe.o \
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
new file mode 100644
index 000000000000..c24f5d1d41bd
--- /dev/null
+++ b/security/ipe/ctx.c
@@ -0,0 +1,161 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "ctx.h"
+
+#include <linux/slab.h>
+#include <linux/types.h>
+#include <linux/parser.h>
+#include <linux/refcount.h>
+#include <linux/spinlock.h>
+
+/**
+ * ipe_current_ctx: Helper to retrieve the ipe_context for the current task.
+ *
+ * Return:
+ *	See ipe_get_ctx_rcu
+ */
+struct ipe_context *ipe_current_ctx(void)
+{
+	return ipe_get_ctx_rcu(*ipe_tsk_ctx(current));
+}
+
+/**
+ * ipe_tsk_ctx: Retrieve the RCU-protected address of the task
+ *		that contains the ipe_context.
+ * @tsk: Task to retrieve the address from.
+ *
+ * Callers need to use the rcu* family functions to interact with
+ * the ipe_context, or ipe_get_ctx_rcu.
+ *
+ * Return:
+ *	Valid Address to a location containing an RCU-protected ipe_context.
+ */
+struct ipe_context __rcu **ipe_tsk_ctx(struct task_struct *tsk)
+{
+	return tsk->security + ipe_blobs.lbs_task;
+}
+
+/**
+ * ipe_get_ctx_rcu: Retrieve the underlying ipe_context in an rcu protected
+ *		    address space.
+ * @ctx: Context to dereference.
+ *
+ * This function will increment the reference count of the dereferenced
+ * ctx, ensuring that it is valid outside of the rcu_read_lock.
+ *
+ * However, if a context has a reference count of 0 (and thus being)
+ * freed, this API will return NULL.
+ *
+ * Return:
+ *	!NULL - Valid context
+ *	NULL - the dereferenced context will not exist outside after the
+ *	       next grace period.
+ */
+struct ipe_context *ipe_get_ctx_rcu(struct ipe_context __rcu *ctx)
+{
+	struct ipe_context *rv = NULL;
+
+	rcu_read_lock();
+
+	rv = rcu_dereference(ctx);
+	if (!rv || !refcount_inc_not_zero(&rv->refcount))
+		rv = NULL;
+
+	rcu_read_unlock();
+
+	return rv;
+}
+
+/**
+ * free_ctx_work: Worker function to deallocate a context structure.
+ * @work: work_struct passed to schedule_work
+ */
+static void free_ctx_work(struct work_struct *const work)
+{
+	struct ipe_context *ctx = NULL;
+
+	ctx = container_of(work, struct ipe_context, free_work);
+
+	kfree(ctx);
+}
+
+/**
+ * create_ctx: Allocate a context structure.
+ *
+ * The reference count at this point will be set to 1.
+ *
+ * Return:
+ * !IS_ERR - OK
+ * ERR_PTR(-ENOMEM) - Lack of memory.
+ */
+static struct ipe_context *create_ctx(void)
+{
+	int rc = 0;
+	struct ipe_context *ctx = NULL;
+
+	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
+	if (!ctx) {
+		rc = -ENOMEM;
+		goto err;
+	}
+
+	INIT_WORK(&ctx->free_work, free_ctx_work);
+	refcount_set(&ctx->refcount, 1);
+	spin_lock_init(&ctx->lock);
+
+	return ctx;
+
+err:
+	ipe_put_ctx(ctx);
+	return ERR_PTR(rc);
+}
+
+/**
+ * ipe_put_ns: Decrement the reference of an ipe_context structure,
+ *	       scheduling a free as necessary.s
+ * @ctx: Structure to free
+ *
+ * This function no-ops on error and null values for @ctx, and the
+ * deallocation will only occur if the refcount is 0.
+ */
+void ipe_put_ctx(struct ipe_context *ctx)
+{
+	if (IS_ERR_OR_NULL(ctx) || !refcount_dec_and_test(&ctx->refcount))
+		return;
+
+	schedule_work(&ctx->free_work);
+}
+
+/**
+ * ipe_init_ctx: Initialize the init context.
+ *
+ * This is called at LSM init, and marks the kernel init process
+ * with a context. All processes descendent from kernel
+ * init will inherit this context.
+ *
+ * Return:
+ * 0 - OK
+ * -ENOMEM: Not enough memory to allocate the init context.
+ */
+int __init ipe_init_ctx(void)
+{
+	int rc = 0;
+	struct ipe_context *lns = NULL;
+
+	lns = create_ctx();
+	if (IS_ERR(lns)) {
+		rc = PTR_ERR(lns);
+		goto err;
+	}
+
+	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
+
+	return 0;
+err:
+	ipe_put_ctx(lns);
+	return rc;
+}
diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
new file mode 100644
index 000000000000..69a2c92c0a8c
--- /dev/null
+++ b/security/ipe/ctx.h
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_CONTEXT_H
+#define IPE_CONTEXT_H
+
+#include <linux/sched.h>
+#include <linux/types.h>
+#include <linux/refcount.h>
+#include <linux/spinlock.h>
+#include <linux/workqueue.h>
+
+struct ipe_context {
+	refcount_t refcount;
+	/* Protects concurrent writers */
+	spinlock_t lock;
+
+	struct work_struct free_work;
+};
+
+int __init ipe_init_ctx(void);
+struct ipe_context __rcu **ipe_tsk_ctx(struct task_struct *tsk);
+struct ipe_context *ipe_current_ctx(void);
+struct ipe_context *ipe_get_ctx_rcu(struct ipe_context __rcu *ctx);
+void ipe_put_ctx(struct ipe_context *ctx);
+
+#endif /* IPE_CONTEXT_H */
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
new file mode 100644
index 000000000000..ed0c886eaa5a
--- /dev/null
+++ b/security/ipe/hooks.c
@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "ctx.h"
+#include "hooks.h"
+
+#include <linux/sched.h>
+#include <linux/types.h>
+#include <linux/refcount.h>
+#include <linux/rcupdate.h>
+
+/**
+ * ipe_task_alloc: Assign a new context for an associated task structure.
+ * @task: Supplies the task structure to assign a context to.
+ * @clone_flags: unused.
+ *
+ * The context assigned is always the context of the current task.
+ * Reference counts are dropped by ipe_task_free
+ *
+ * Return:
+ * 0 - OK
+ * -ENOMEM - Out of Memory
+ */
+int ipe_task_alloc(struct task_struct *task, unsigned long clone_flags)
+{
+	struct ipe_context __rcu **ctx = NULL;
+	struct ipe_context *current_ctx = NULL;
+
+	current_ctx = ipe_current_ctx();
+	ctx = ipe_tsk_ctx(task);
+	rcu_assign_pointer(*ctx, current_ctx);
+	refcount_inc(&current_ctx->refcount);
+
+	ipe_put_ctx(current_ctx);
+	return 0;
+}
+
+/**
+ * ipe_task_free: Drop a reference to an ipe_context associated with @task.
+ *		  If there are no tasks remaining, the context is freed.
+ * @task: Supplies the task to drop an ipe_context reference to.
+ */
+void ipe_task_free(struct task_struct *task)
+{
+	struct ipe_context *ctx;
+
+	/*
+	 * This reference was the initial creation, no need to increment
+	 * refcount
+	 */
+	rcu_read_lock();
+	ctx = rcu_dereference(*ipe_tsk_ctx(task));
+	ipe_put_ctx(ctx);
+	rcu_read_unlock();
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
new file mode 100644
index 000000000000..e0ae3c7dfb5b
--- /dev/null
+++ b/security/ipe/hooks.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_HOOKS_H
+#define IPE_HOOKS_H
+
+#include <linux/types.h>
+#include <linux/sched.h>
+
+int ipe_task_alloc(struct task_struct *task,
+		   unsigned long clone_flags);
+
+void ipe_task_free(struct task_struct *task);
+
+#endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
new file mode 100644
index 000000000000..d600346702e5
--- /dev/null
+++ b/security/ipe/ipe.c
@@ -0,0 +1,57 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "ctx.h"
+#include "hooks.h"
+
+#include <linux/fs.h>
+#include <linux/sched.h>
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/security.h>
+#include <linux/rcupdate.h>
+#include <linux/lsm_hooks.h>
+
+struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
+	.lbs_task = sizeof(struct ipe_context __rcu *),
+};
+
+static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
+	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
+	LSM_HOOK_INIT(task_free, ipe_task_free),
+};
+
+/**
+ * ipe_init: Entry point of IPE.
+ *
+ * This is called at LSM init, which happens occurs early during kernel
+ * start up. During this phase, IPE loads the properties compiled into
+ * the kernel, and register's IPE's hooks. The boot policy is loaded
+ * later, during securityfs init, at which point IPE will start
+ * enforcing its policy.
+ *
+ * Return:
+ * 0 - OK
+ * -ENOMEM - Context creation failed.
+ */
+static int __init ipe_init(void)
+{
+	int rc = 0;
+
+	rc = ipe_init_ctx();
+	if (rc)
+		return rc;
+
+	security_add_hooks(ipe_hooks, ARRAY_SIZE(ipe_hooks), "ipe");
+
+	return rc;
+}
+
+DEFINE_LSM(ipe) = {
+	.name = "ipe",
+	.init = ipe_init,
+	.blobs = &ipe_blobs,
+};
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
new file mode 100644
index 000000000000..09c492b8fd03
--- /dev/null
+++ b/security/ipe/ipe.h
@@ -0,0 +1,19 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_H
+#define IPE_H
+
+#define pr_fmt(fmt) "IPE " fmt "\n"
+
+#include "ctx.h"
+
+#include <linux/types.h>
+#include <linux/sched.h>
+#include <linux/lsm_hooks.h>
+
+extern struct lsm_blob_sizes ipe_blobs;
+
+#endif /* IPE_H */
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 02/16] ipe: add policy parser
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 01/16] security: add ipe lsm & initial context creation deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 03/16] ipe: add evaluation loop deven.desai
                   ` (14 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

IPE's interpretation of the what the user trusts is accomplished through
its policy. IPE's design is to not provide support for a single trust
provider, but to support multiple providers to enable the end-user to
choose the best one to seek their needs.

This requires the policy to be rather flexible and modular so that
trust/integrity providers, like fs-verity or dm-verity, can plug
into the policy with minimal code changes.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Refactor policy parser to make code cleaner via introducing
    clearly defined passes, with specific goal states.
  * Split up patch 03/12 into two parts:
      1. parser [02/16] (this patch)
      2. userspace interface [04/16]

---
 include/asm-generic/vmlinux.lds.h    |  16 +
 security/ipe/Makefile                |   6 +
 security/ipe/ipe.c                   |  63 ++
 security/ipe/ipe.h                   |   4 +
 security/ipe/ipe_parser.h            |  59 ++
 security/ipe/modules.c               | 109 +++
 security/ipe/modules.h               |  17 +
 security/ipe/modules/ipe_module.h    |  33 +
 security/ipe/parsers.c               | 139 ++++
 security/ipe/parsers/Makefile        |  12 +
 security/ipe/parsers/default.c       | 106 +++
 security/ipe/parsers/policy_header.c | 126 ++++
 security/ipe/policy.c                | 946 +++++++++++++++++++++++++++
 security/ipe/policy.h                |  97 +++
 14 files changed, 1733 insertions(+)
 create mode 100644 security/ipe/ipe_parser.h
 create mode 100644 security/ipe/modules.c
 create mode 100644 security/ipe/modules.h
 create mode 100644 security/ipe/modules/ipe_module.h
 create mode 100644 security/ipe/parsers.c
 create mode 100644 security/ipe/parsers/Makefile
 create mode 100644 security/ipe/parsers/default.c
 create mode 100644 security/ipe/parsers/policy_header.c
 create mode 100644 security/ipe/policy.c
 create mode 100644 security/ipe/policy.h

diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index f2984af2b85b..91abbacbaf8d 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -278,6 +278,20 @@
 #define EARLY_LSM_TABLE()
 #endif
 
+#ifdef CONFIG_SECURITY_IPE
+#define IPE_PARSER_TABLE()	. = ALIGN(8);				\
+				__start_ipe_parsers = .;		\
+				KEEP(*(.ipe_parsers))		\
+				__end_ipe_parsers = .;
+#define IPE_MODULE_TABLE()	. = ALIGN(8);				\
+				__start_ipe_modules = .;		\
+				KEEP(*(.ipe_modules))			\
+				__end_ipe_modules = .;
+#else
+#define IPE_PARSER_TABLE()
+#define IPE_MODULE_TABLE()
+#endif
+
 #define ___OF_TABLE(cfg, name)	_OF_TABLE_##cfg(name)
 #define __OF_TABLE(cfg, name)	___OF_TABLE(cfg, name)
 #define OF_TABLE(cfg, name)	__OF_TABLE(IS_ENABLED(cfg), name)
@@ -436,6 +450,8 @@
 		KEEP(*(__tracepoints_ptrs)) /* Tracepoints: pointer array */ \
 		__stop___tracepoints_ptrs = .;				\
 		*(__tracepoints_strings)/* Tracepoints: strings */	\
+		IPE_PARSER_TABLE()					\
+		IPE_MODULE_TABLE()					\
 	}								\
 									\
 	.rodata1          : AT(ADDR(.rodata1) - LOAD_OFFSET) {		\
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index ba3df729e252..9a97efd8a190 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -5,7 +5,13 @@
 # Makefile for building the IPE module as part of the kernel tree.
 #
 
+ccflags-y := -I$(srctree)/security/ipe/modules
+
 obj-$(CONFIG_SECURITY_IPE) += \
 	ctx.o \
 	hooks.o \
 	ipe.o \
+	modules.o \
+	parsers/ \
+	parsers.o \
+	policy.o \
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index d600346702e5..b58b372327a1 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -6,6 +6,9 @@
 #include "ipe.h"
 #include "ctx.h"
 #include "hooks.h"
+#include "ipe_parser.h"
+#include "modules/ipe_module.h"
+#include "modules.h"
 
 #include <linux/fs.h>
 #include <linux/sched.h>
@@ -24,6 +27,58 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(task_free, ipe_task_free),
 };
 
+/**
+ * load_parsers: Load all the parsers compiled into IPE. This needs
+ *		 to be called prior to the boot policy being loaded.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+static int load_parsers(void)
+{
+	int rc = 0;
+	struct ipe_parser *parser;
+
+	for (parser = __start_ipe_parsers; parser < __end_ipe_parsers; ++parser) {
+		rc = ipe_register_parser(parser);
+		if (rc) {
+			pr_err("failed to initialize '%s'", parser->first_token);
+			return rc;
+		}
+
+		pr_info("initialized parser module '%s'", parser->first_token);
+	}
+
+	return 0;
+}
+
+/**
+ * load_modules: Load all the modules compiled into IPE. This needs
+ *		 to be called prior to the boot policy being loaded.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+static int load_modules(void)
+{
+	int rc = 0;
+	struct ipe_module *m;
+
+	for (m = __start_ipe_modules; m < __end_ipe_modules; ++m) {
+		rc = ipe_register_module(m);
+		if (rc) {
+			pr_err("failed to initialize '%s'", m->name);
+			return rc;
+		}
+
+		pr_info("initialized module '%s'", m->name);
+	}
+
+	return 0;
+}
+
 /**
  * ipe_init: Entry point of IPE.
  *
@@ -41,6 +96,14 @@ static int __init ipe_init(void)
 {
 	int rc = 0;
 
+	rc = load_parsers();
+	if (rc)
+		return rc;
+
+	rc = load_modules();
+	if (rc)
+		return rc;
+
 	rc = ipe_init_ctx();
 	if (rc)
 		return rc;
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index 09c492b8fd03..ad16d2bebfec 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -9,11 +9,15 @@
 #define pr_fmt(fmt) "IPE " fmt "\n"
 
 #include "ctx.h"
+#include "ipe_parser.h"
+#include "modules/ipe_module.h"
 
 #include <linux/types.h>
 #include <linux/sched.h>
 #include <linux/lsm_hooks.h>
 
 extern struct lsm_blob_sizes ipe_blobs;
+extern struct ipe_parser __start_ipe_parsers[], __end_ipe_parsers[];
+extern struct ipe_module __start_ipe_modules[], __end_ipe_modules[];
 
 #endif /* IPE_H */
diff --git a/security/ipe/ipe_parser.h b/security/ipe/ipe_parser.h
new file mode 100644
index 000000000000..f7c5c11bde44
--- /dev/null
+++ b/security/ipe/ipe_parser.h
@@ -0,0 +1,59 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_PARSER_H
+#define IPE_PARSER_H
+
+#include "policy.h"
+
+#include <linux/list.h>
+#include <linux/types.h>
+
+/*
+ * Struct used to define internal parsers that effect the policy,
+ * but do not belong as policy modules, as they are not used to make
+ * decisions in the event loop, and only effect the internal workings
+ * of IPE.
+ *
+ * These structures are used in pass2, and policy deallocation.
+ */
+struct ipe_parser {
+	u8 version;
+	const char *first_token;
+
+	int (*parse)(const struct ipe_policy_line *line,
+		     struct ipe_parsed_policy *pol);
+	int (*free)(struct ipe_parsed_policy *pol);
+	int (*validate)(const struct ipe_parsed_policy *pol);
+};
+
+int ipe_parse_op(const struct ipe_policy_token *tok,
+		 enum ipe_operation *op);
+
+int ipe_parse_action(const struct ipe_policy_token *tok,
+		     enum ipe_action *action);
+
+/*
+ * Optional struct to make structured parsers easier.
+ */
+struct ipe_token_parser {
+	const char *key;
+	int (*parse_token)(const struct ipe_policy_token *t,
+			   struct ipe_parsed_policy *p);
+};
+
+const struct ipe_parser *ipe_lookup_parser(const char *first_token);
+
+int ipe_for_each_parser(int (*view)(const struct ipe_parser *parser,
+				    void *ctx),
+			void *ctx);
+
+int ipe_register_parser(struct ipe_parser *p);
+
+#define IPE_PARSER(parser)				\
+	static struct ipe_parser __ipe_parser_##parser	\
+		__used __section(".ipe_parsers")	\
+		__aligned(sizeof(unsigned long))
+
+#endif /* IPE_PARSER_MODULE_H */
diff --git a/security/ipe/modules.c b/security/ipe/modules.c
new file mode 100644
index 000000000000..fb100c14cce5
--- /dev/null
+++ b/security/ipe/modules.c
@@ -0,0 +1,109 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "modules.h"
+
+#include <linux/slab.h>
+#include <linux/types.h>
+#include <linux/rbtree.h>
+
+static struct rb_root module_root = RB_ROOT;
+
+struct module_container {
+	struct rb_node node;
+	const struct ipe_module *mod;
+};
+
+/**
+ * cmp_node: Comparator for a node in the module lookup tree.
+ * @n: First node to compare
+ * @nn: Second node to compare
+ *
+ * Return:
+ * <0 - @n's key is lexigraphically before @nn.
+ * 0 - n's key is identical to @nn
+ * >0 - n's key is legxigraphically after @nn
+ */
+static int cmp_node(struct rb_node *n, const struct rb_node *nn)
+{
+	const struct module_container *c1;
+	const struct module_container *c2;
+
+	c1 = container_of(n, struct module_container, node);
+	c2 = container_of(nn, struct module_container, node);
+
+	return strcmp(c1->mod->name, c2->mod->name);
+}
+
+/**
+ * cmp_key: Comparator to find a module in the tree by key.
+ * @key: Supplies a pointer to a null-terminated string key
+ * @n: Node to compare @key against
+ *
+ * Return:
+ * <0 - Desired node is to the left of @n
+ * 0  - @n is the desired node
+ * >0 - Desired node is to the right of @n
+ */
+static int cmp_key(const void *key, const struct rb_node *n)
+{
+	struct module_container *mod;
+
+	mod = container_of(n, struct module_container, node);
+
+	return strcmp((const char *)key, mod->mod->name);
+}
+
+/**
+ * ipe_lookup_module: Attempt to find a ipe_pmodule structure by @key.
+ * @key: The key to look for in the tree.
+ *
+ * Return:
+ * !NULL - OK
+ * NULL - No property exists under @key
+ */
+const struct ipe_module *ipe_lookup_module(const char *key)
+{
+	struct rb_node *n;
+
+	n = rb_find(key, &module_root, cmp_key);
+	if (!n)
+		return NULL;
+
+	return container_of(n, struct module_container, node)->mod;
+}
+
+/**
+ * ipe_register_module: Register a policy module to be used in IPE's policy.
+ * @m: Module to register.
+ *
+ * This function allows parsers (policy constructs that represent integrations
+ * with other subsystems, to be leveraged in rules) to be leveraged in IPE policy.
+ * This must be called prior to any policies being loaded.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_register_module(struct ipe_module *m)
+{
+	struct rb_node *n = NULL;
+	struct module_container *c = NULL;
+
+	c = kzalloc(sizeof(*c), GFP_KERNEL);
+	if (!c)
+		return -ENOMEM;
+
+	c->mod = m;
+
+	n = rb_find_add(&c->node, &module_root, cmp_node);
+	if (n) {
+		kfree(c);
+		return -EEXIST;
+	}
+
+	return 0;
+}
diff --git a/security/ipe/modules.h b/security/ipe/modules.h
new file mode 100644
index 000000000000..7b897bdd870b
--- /dev/null
+++ b/security/ipe/modules.h
@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_MODULES_H
+#define IPE_MODULES_H
+
+#include "ipe.h"
+#include "ipe_module.h"
+
+#include <linux/types.h>
+#include <linux/rbtree.h>
+
+const struct ipe_module *ipe_lookup_module(const char *key);
+int ipe_register_module(struct ipe_module *m);
+
+#endif /* IPE_MODULES_H */
diff --git a/security/ipe/modules/ipe_module.h b/security/ipe/modules/ipe_module.h
new file mode 100644
index 000000000000..397a54cbc4db
--- /dev/null
+++ b/security/ipe/modules/ipe_module.h
@@ -0,0 +1,33 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_MODULE_H
+#define IPE_MODULE_H
+
+#include <linux/types.h>
+
+/**
+ * ipe_module: definition of an extensible module for IPE properties.
+ *	       These structures are used to implement 'key=value' pairs
+ *	       in IPE policy, which will be evaluated on every IPE policy
+ *	       evaluation.
+ *
+ *	       Integrity mechanisms should be define as a module, and modules
+ *	       should manage their own dependencies via KConfig. @name is both
+ *	       the key half of the key=value pair in the policy, and the unique
+ *	       identifier for the module.
+ */
+struct ipe_module {
+	const char			*const name;	/* required */
+	u16				version;	/* required */
+	int (*parse)(const char *valstr, void **value);	/* required */
+	int (*free)(void **value);			/* optional */
+};
+
+#define IPE_MODULE(parser)				\
+	static struct ipe_module __ipe_module_##parser	\
+		__used __section(".ipe_modules")	\
+		__aligned(sizeof(unsigned long))
+
+#endif /* IPE_MODULE_H */
diff --git a/security/ipe/parsers.c b/security/ipe/parsers.c
new file mode 100644
index 000000000000..80dc4704ae40
--- /dev/null
+++ b/security/ipe/parsers.c
@@ -0,0 +1,139 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "policy.h"
+#include "ipe_parser.h"
+
+#include <linux/slab.h>
+#include <linux/types.h>
+#include <linux/rbtree.h>
+
+static struct rb_root ipe_parser_root = RB_ROOT;
+
+struct parser_container {
+	struct rb_node node;
+	const struct ipe_parser *parser;
+};
+
+/**
+ * cmp_key: Comparator for the nodes within the parser tree by key
+ * @key: Supplies a the key to evaluate nodes against
+ * @n: Supplies a pointer to the node to compare.
+ *
+ * Return:
+ * <0 - @key is to the left of @n
+ * 0 - @key identifies @n
+ * >0 - @key is to the right of @n
+ */
+static int cmp_key(const void *key, const struct rb_node *n)
+{
+	const struct parser_container *node;
+
+	node = container_of(n, struct parser_container, node);
+
+	return strcmp((const char *)key, node->parser->first_token);
+}
+
+/**
+ * cmp_node: Comparator for the nodes within the parser tree
+ * @n: Supplies a pointer to the node to compare
+ * @nn: Supplies a pointer to the another node to compare.
+ *
+ * Return:
+ * <0 - @n is lexigraphically before @nn
+ * 0 - @n is identical @nn
+ * >0 - @n is lexigraphically after @nn
+ */
+static int cmp_node(struct rb_node *n, const struct rb_node *nn)
+{
+	const struct parser_container *c1;
+	const struct parser_container *c2;
+
+	c1 = container_of(n, struct parser_container, node);
+	c2 = container_of(nn, struct parser_container, node);
+
+	return strcmp(c1->parser->first_token, c2->parser->first_token);
+}
+
+/**
+ * ipe_lookup_parser: Attempt to find a ipe_property structure by @first_token.
+ * @first_token: The key to look for in the tree.
+ *
+ * Return:
+ * !NULL - OK
+ * NULL - No property exists under @key
+ */
+const struct ipe_parser *ipe_lookup_parser(const char *first_token)
+{
+	struct rb_node *n;
+
+	n = rb_find(first_token, &ipe_parser_root, cmp_key);
+	if (!n)
+		return NULL;
+
+	return container_of(n, struct parser_container, node)->parser;
+}
+
+/**
+ * ipe_for_each_parser: Iterate over all currently-registered parsers
+ *			calling @fn on the values, and providing @view @ctx.
+ * @view: The function to call for each property. This is given the property
+ *	  structure as the first argument, and @ctx as the second.
+ * @ctx: caller-specified context that is passed to the function. Can be NULL.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Proper errno as returned by @view.
+ */
+int ipe_for_each_parser(int (*view)(const struct ipe_parser *parser,
+				    void *ctx),
+			void *ctx)
+{
+	int rc = 0;
+	struct rb_node *node;
+	struct parser_container *val;
+
+	for (node = rb_first(&ipe_parser_root); node; node = rb_next(node)) {
+		val = container_of(node, struct parser_container, node);
+
+		rc = view(val->parser, ctx);
+		if (rc)
+			return rc;
+	}
+
+	return rc;
+}
+
+/**
+ * ipe_register_parser: Register a parser to be used in IPE's policy.
+ * @p: Parser to register.
+ *
+ * This function allows parsers (policy constructs that effect IPE's
+ * internal functionality) to be leveraged in IPE policy. This must
+ * be called prior to any policies being loaded.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_register_parser(struct ipe_parser *p)
+{
+	struct rb_node *n = NULL;
+	struct parser_container *c = NULL;
+
+	c = kzalloc(sizeof(*c), GFP_KERNEL);
+	if (!c)
+		return -ENOMEM;
+
+	c->parser = p;
+
+	n = rb_find_add(&c->node, &ipe_parser_root, cmp_node);
+	if (n) {
+		kfree(c);
+		return -EEXIST;
+	}
+
+	return 0;
+}
diff --git a/security/ipe/parsers/Makefile b/security/ipe/parsers/Makefile
new file mode 100644
index 000000000000..1a19a094724f
--- /dev/null
+++ b/security/ipe/parsers/Makefile
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (C) Microsoft Corporation. All rights reserved.
+#
+# Makefile for building the IPE module as part of the kernel tree.
+#
+
+ccflags-y := -I$(srctree)/security/ipe
+
+obj-$(CONFIG_SECURITY_IPE) += \
+	default.o \
+	policy_header.o \
diff --git a/security/ipe/parsers/default.c b/security/ipe/parsers/default.c
new file mode 100644
index 000000000000..30181d2cc4ed
--- /dev/null
+++ b/security/ipe/parsers/default.c
@@ -0,0 +1,106 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include <linux/slab.h>
+#include <linux/list.h>
+#include <linux/errno.h>
+#include <linux/string.h>
+
+#include "ipe_parser.h"
+
+static int set_op_default(enum ipe_operation op, enum ipe_action act,
+			  struct ipe_parsed_policy *pol)
+{
+	size_t i, remap_len;
+	const enum ipe_operation *remap;
+
+	if (!ipe_is_op_alias(op, &remap, &remap_len)) {
+		if (pol->rules[op].default_action != ipe_action_max)
+			return -EBADMSG;
+
+		pol->rules[op].default_action = act;
+		return 0;
+	}
+
+	for (i = 0; i < remap_len; ++i) {
+		if (pol->rules[remap[i]].default_action != ipe_action_max)
+			return -EBADMSG;
+
+		pol->rules[remap[i]].default_action = act;
+	}
+
+	return 0;
+}
+
+static int parse_default(const struct ipe_policy_line *line,
+			 struct ipe_parsed_policy *pol)
+{
+	int rc = 0;
+	size_t idx = 0;
+	struct ipe_policy_token *tok = NULL;
+	enum ipe_operation op = ipe_operation_max;
+	enum ipe_action act = ipe_action_max;
+
+	list_for_each_entry(tok, &line->tokens, next) {
+		switch (idx) {
+		case 0:
+			if (strcmp("DEFAULT", tok->key) || tok->value)
+				return -EBADMSG;
+			break;
+		case 1:
+			/* schema 1 - operation, followed by action */
+			rc = ipe_parse_op(tok, &op);
+			if (!rc) {
+				++idx;
+				continue;
+			}
+
+			if (pol->global_default != ipe_action_max)
+				return -EBADMSG;
+
+			/* schema 2 - action */
+			rc = ipe_parse_action(tok, &pol->global_default);
+			if (!rc)
+				return rc;
+
+			return -EBADMSG;
+		case 2:
+			rc = ipe_parse_action(tok, &act);
+			if (rc)
+				return rc;
+
+			return set_op_default(op, act, pol);
+		default:
+			return -EBADMSG;
+		}
+		++idx;
+	}
+
+	/* met no schema */
+	return -EBADMSG;
+}
+
+static int validate_defaults(const struct ipe_parsed_policy *p)
+{
+	size_t i = 0;
+
+	if (p->global_default != ipe_action_max)
+		return 0;
+
+	for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
+		if (p->rules[i].default_action == ipe_action_max)
+			return -EBADMSG;
+	}
+
+	return 0;
+}
+
+IPE_PARSER(default_decl) = {
+	.first_token = "DEFAULT",
+	.version = 1,
+	.parse = parse_default,
+	.free = NULL,
+	.validate = validate_defaults,
+};
diff --git a/security/ipe/parsers/policy_header.c b/security/ipe/parsers/policy_header.c
new file mode 100644
index 000000000000..4d3c1a42c915
--- /dev/null
+++ b/security/ipe/parsers/policy_header.c
@@ -0,0 +1,126 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "ipe_parser.h"
+
+#include <linux/slab.h>
+#include <linux/list.h>
+#include <linux/errno.h>
+#include <linux/string.h>
+
+#include "ipe_parser.h"
+
+static int parse_name(const struct ipe_policy_token *t,
+		      struct ipe_parsed_policy *p)
+{
+	if (p->name)
+		return -EBADMSG;
+
+	p->name = kstrdup_const(t->value, GFP_KERNEL);
+	if (!p->name)
+		return -ENOMEM;
+
+	return 0;
+}
+
+static int parse_ver(const struct ipe_policy_token *t,
+		     struct ipe_parsed_policy *p)
+{
+	int rc = 0;
+	char *dup = NULL;
+	char *dup2 = NULL;
+	char *token = NULL;
+	size_t sep_count = 0;
+	u16 *const cv[] = { &p->version.major, &p->version.minor, &p->version.rev };
+
+	dup = kstrdup(t->value, GFP_KERNEL);
+	if (!dup) {
+		rc = -ENOMEM;
+		goto err;
+	}
+
+	dup2 = dup;
+
+	while ((token = strsep(&dup, ".\n")) != NULL) {
+		/* prevent overflow */
+		if (sep_count >= ARRAY_SIZE(cv)) {
+			rc = -EBADMSG;
+			goto err;
+		}
+
+		rc = kstrtou16(token, 10, cv[sep_count]);
+		if (rc)
+			goto err;
+
+		++sep_count;
+	}
+
+	/* prevent underflow */
+	if (sep_count != ARRAY_SIZE(cv))
+		rc = -EBADMSG;
+
+err:
+	kfree(dup2);
+	return rc;
+}
+
+static const struct ipe_token_parser parsers[] = {
+	{ .key = "policy_name", .parse_token = parse_name },
+	{ .key = "policy_version", .parse_token = parse_ver },
+};
+
+static int parse_policy_hdr(const struct ipe_policy_line *line,
+			    struct ipe_parsed_policy *pol)
+{
+	int rc = 0;
+	size_t idx = 0;
+	struct ipe_policy_token *tok = NULL;
+	const struct ipe_token_parser *p = NULL;
+
+	list_for_each_entry(tok, &line->tokens, next) {
+		if (!tok->value || idx >= sizeof(parsers)) {
+			rc = -EBADMSG;
+			goto err;
+		}
+
+		p = &parsers[idx];
+
+		if (strcmp(p->key, tok->key)) {
+			rc = -EBADMSG;
+			goto err;
+		}
+
+		rc = p->parse_token(tok, pol);
+		if (rc)
+			goto err;
+
+		++idx;
+	}
+
+	return 0;
+
+err:
+	return rc;
+}
+
+static int free_policy_hdr(struct ipe_parsed_policy *pol)
+{
+	kfree(pol->name);
+	return 0;
+}
+
+static int validate_policy_hdr(const struct ipe_parsed_policy *p)
+{
+	return !p->name ? -EBADMSG : 0;
+}
+
+IPE_PARSER(policy_header) = {
+	.first_token = "policy_name",
+	.version = 1,
+	.parse = parse_policy_hdr,
+	.free = free_policy_hdr,
+	.validate = validate_policy_hdr,
+};
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
new file mode 100644
index 000000000000..9dd60dd34477
--- /dev/null
+++ b/security/ipe/policy.c
@@ -0,0 +1,946 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "policy.h"
+#include "ipe_parser.h"
+#include "modules.h"
+
+#include <linux/slab.h>
+#include <linux/list.h>
+#include <linux/ctype.h>
+#include <linux/types.h>
+#include <linux/parser.h>
+#include <linux/verification.h>
+
+#define START_COMMENT	'#'
+#define KEYVAL_DELIMIT	'='
+
+static inline bool is_quote(char ch)
+{
+	return ch == '\'' || ch == '\"';
+}
+
+/**
+ * is_key_char: Determine whether @ch is an acceptable character for a
+ *		key type
+ * @ch: Supplies the character to evaluate.
+ *
+ * Return:
+ * true - Character is acceptable.
+ * false - Character is not acceptable.
+ */
+static inline bool is_key_char(char ch)
+{
+	return isalnum(ch) || ch == '_';
+}
+
+/**
+ * is_val_char: Determine whether @ch is an acceptable character for a
+ *		value type
+ * @ch: Supplies the character to evaluate.
+ *
+ * Return:
+ * true - Character is acceptable.
+ * false - Character is not acceptable.
+ */
+static inline bool is_val_char(char ch)
+{
+	return isgraph(ch) || ch == ' ' || ch == '\t';
+}
+
+/**
+ * free_parser: Callback to invoke, freeing data allocated by parsers.
+ * @parser: parser to free data.
+ * @ctx: ctx object passed to ipe_for_each_parser.
+ *
+ * This function is intended to be used with ipe_for_each_parser only.
+ *
+ * Return:
+ * 0 - Always
+ */
+static int free_parser(const struct ipe_parser *parser, void *ctx)
+{
+	struct ipe_parsed_policy *pol = ctx;
+
+	if (parser->free)
+		parser->free(pol);
+
+	return 0;
+}
+
+/**
+ * free_rule: free an ipe_rule.
+ * @r: Supplies the rule to free.
+ *
+ * This function is safe to call if @r is NULL or ERR_PTR.
+ */
+static void free_rule(struct ipe_rule *r)
+{
+	struct ipe_policy_mod *p, *t;
+
+	if (IS_ERR_OR_NULL(r))
+		return;
+
+	list_for_each_entry_safe(p, t, &r->modules, next) {
+		if (p->mod->free)
+			p->mod->free(p->mod_value);
+
+		kfree(p);
+	}
+
+	kfree(r);
+}
+
+static void free_parsed_policy(struct ipe_parsed_policy *p)
+{
+	size_t i = 0;
+	struct ipe_rule *pp, *t;
+
+	if (IS_ERR_OR_NULL(p))
+		return;
+
+	for (i = 0; i < ARRAY_SIZE(p->rules); ++i)
+		list_for_each_entry_safe(pp, t, &p->rules[i].rules, next)
+			free_rule(pp);
+
+	(void)ipe_for_each_parser(free_parser, p);
+	kfree(p);
+}
+
+/**
+ * free_parsed_line: free a single parsed line of tokens.
+ * @line: Supplies the line to free.
+ *
+ * This function is safe to call if @line is NULL or ERR_PTR.
+ */
+static void free_parsed_line(struct ipe_policy_line *line)
+{
+	struct ipe_policy_token *p, *t;
+
+	if (IS_ERR_OR_NULL(line))
+		return;
+
+	list_for_each_entry_safe(p, t, &line->tokens, next)
+		kfree(p);
+}
+
+/**
+ * free_parsed_text: free a 2D list representing a tokenized policy.
+ * @parsed: Supplies the policy to free.
+ *
+ * This function is safe to call if @parsed is NULL or ERR_PTR.
+ */
+static void free_parsed_text(struct list_head *parsed)
+{
+	struct ipe_policy_line *p, *t;
+
+	if (IS_ERR_OR_NULL(parsed))
+		return;
+
+	list_for_each_entry_safe(p, t, parsed, next)
+		free_parsed_line(p);
+}
+
+/**
+ * trim_quotes: Edit @str to remove a single instance of a trailing and
+ *		leading quotes.
+ * @str: Supplies the string to edit.
+ *
+ * If the string is not quoted, @str will be returned. This function is
+ * safe to call if @str is NULL.
+ *
+ * Return:
+ * !0 - OK
+ * ERR_PTR(-EBADMSG) - Quote mismatch.
+ */
+static char *trim_quotes(char *str)
+{
+	char s;
+	size_t len;
+
+	if (!str)
+		return str;
+
+	s = *str;
+
+	if (is_quote(s)) {
+		len = strlen(str) - 1;
+
+		if (str[len] != s)
+			return ERR_PTR(-EBADMSG);
+
+		str[len] = '\0';
+		++str;
+	}
+
+	return str;
+}
+
+/**
+ * parse_token: Parse a string into a proper token representation.
+ * @token: Supplies the token string to parse.
+ *
+ * @token will be edited destructively. Pass a copy if you wish to retain
+ * the state of the original.
+ *
+ * This function will emit an error to pr_err when a parsing error occurs.
+ *
+ * Return:
+ * !0 - OK
+ * ERR_PTR(-EBADMSG) - An invalid character was encountered while parsing.
+ * ERR_PTR(-ENOMEM) - No Memory
+ */
+static struct ipe_policy_token *parse_token(char *token)
+{
+	size_t i, len = 0;
+	char *key = token;
+	char *value = NULL;
+	struct ipe_policy_token *local = NULL;
+
+	len = strlen(token);
+
+	for (i = 0; (i < len) && token[i] != KEYVAL_DELIMIT; ++i)
+		if (!is_key_char(token[i]))
+			return ERR_PTR(-EBADMSG);
+
+	token[i] = '\0';
+	++i;
+
+	/* there is a value */
+	if (i < len) {
+		value = trim_quotes(&token[i]);
+		if (IS_ERR(value))
+			return ERR_PTR(-EBADMSG);
+
+		len = strlen(value);
+
+		for (i = 0; i < len; ++i)
+			if (!is_val_char(value[i]))
+				return ERR_PTR(-EBADMSG);
+	}
+
+	local = kzalloc(sizeof(*local), GFP_KERNEL);
+	if (!local)
+		return ERR_PTR(-ENOMEM);
+
+	INIT_LIST_HEAD(&local->next);
+	local->key = key;
+	local->value = value;
+
+	return local;
+}
+
+/**
+ * append_token: Parse and append a token into an ipe_policy_line structure.
+ * @p: Supplies the ipe_policy_line structure to append to.
+ * @token: Supplies the token to parse and append to.
+ *
+ * @token will be edited during the parsing destructively. Pass a copy if you
+ * wish to retain the original.
+ *
+ * Return:
+ * 0 - OK
+ * -EBADMSG - Parsing error of @token
+ */
+static int append_token(struct ipe_policy_line *p, char *token)
+{
+	struct ipe_policy_token *t = NULL;
+
+	t = parse_token(token);
+	if (IS_ERR(t))
+		return PTR_ERR(t);
+
+	list_add_tail(&t->next, &p->tokens);
+
+	return 0;
+}
+
+/**
+ * alloc_line: Allocate an ipe_policy_line structure.
+ *
+ * Return:
+ * !0 - OK
+ * -EBADMSG - Parsing error of @token
+ */
+static struct ipe_policy_line *alloc_line(void)
+{
+	struct ipe_policy_line *l = NULL;
+
+	l = kzalloc(sizeof(*l), GFP_KERNEL);
+	if (!l)
+		return ERR_PTR(-ENOMEM);
+
+	INIT_LIST_HEAD(&l->next);
+	INIT_LIST_HEAD(&l->tokens);
+
+	return l;
+}
+
+/**
+ * insert_token: Append a token to @line.
+ * @token: Supplies the token to append to @line.
+ * @line: Supplies a pointer to the ipe_policy_line structure to append to.
+ *
+ * If @line is NULL, it will be allocated on behalf of the caller.
+ *
+ * Return:
+ * 0 - OK
+ * -ENOMEM - No Memory
+ * -EBADMSG - Parsing error of @token
+ */
+static int insert_token(char *token, struct ipe_policy_line **line)
+{
+	int rc = 0;
+	struct ipe_policy_line *local = *line;
+
+	if (!local) {
+		local = alloc_line();
+		if (IS_ERR(local))
+			return PTR_ERR(local);
+
+		*line = local;
+	}
+
+	rc = append_token(local, token);
+	if (rc)
+		return rc;
+
+	return 0;
+}
+
+/**
+ * ipe_tokenize_line: Parse a line of text into a list of token structures.
+ * @line: Supplies the line to parse.
+ *
+ * The final result can be NULL, which represents no tokens were parsed.
+ *
+ * Return:
+ * !0 - OK
+ * NULL - OK, no tokens were parsed.
+ * ERR_PTR(-EBADMSG) - Invalid policy syntax
+ * ERR_PTR(-ENOMEM) - No Memory
+ */
+static struct ipe_policy_line *tokenize_line(char *line)
+{
+	int rc = 0;
+	size_t i = 0;
+	size_t len = 0;
+	char *tok = NULL;
+	char quote = '\0';
+	struct ipe_policy_line *p = NULL;
+
+	/* nullterm guaranteed by strsep */
+	len = strlen(line);
+
+	for (i = 0; i < len; ++i) {
+		if (quote == '\0' && is_quote(line[i])) {
+			quote = line[i];
+			continue;
+		}
+
+		if (quote != '\0' && line[i] == quote) {
+			quote = '\0';
+			continue;
+		}
+
+		if (quote == '\0' && line[i] == START_COMMENT) {
+			tok = NULL;
+			break;
+		}
+
+		if (isgraph(line[i]) && !tok)
+			tok = &line[i];
+
+		if (quote == '\0' && isspace(line[i])) {
+			line[i] = '\0';
+
+			if (!tok)
+				continue;
+
+			rc = insert_token(tok, &p);
+			if (rc)
+				goto err;
+
+			tok = NULL;
+		}
+	}
+
+	if (quote != '\0') {
+		rc = -EBADMSG;
+		goto err;
+	}
+
+	if (tok) {
+		rc = insert_token(tok, &p);
+		if (rc)
+			goto err;
+	}
+
+	return p;
+
+err:
+	free_parsed_line(p);
+	return ERR_PTR(rc);
+}
+
+/**
+ * parse_pass1: parse @policy into a 2D list, representing tokens on each line.
+ * @policy: Supplies the policy to parse. Must be nullterminated, and is
+ *	    edited.
+ *
+ * In pass1 of the parser, the policy is tokenized. Minor structure checks
+ * are done (mismatching quotes, invalid characters).
+ *
+ * Caller must maintain the lifetime of @policy while the return value is
+ * alive.
+ *
+ * Return:
+ * !0 - OK
+ * ERR_PTR(-ENOMEM) - Out of Memory
+ * ERR_PTR(-EBADMSG) - Parsing Error
+ */
+static int parse_pass1(char *policy, struct list_head *tokens)
+{
+	int rc = 0;
+	char *p = NULL;
+
+	while ((p = strsep(&policy, "\n\0")) != NULL) {
+		struct ipe_policy_line *t = NULL;
+
+		t = tokenize_line(p);
+		if (IS_ERR(t)) {
+			rc = PTR_ERR(t);
+			goto err_free_parsed;
+		}
+
+		if (!t)
+			continue;
+
+		list_add_tail(&t->next, tokens);
+	}
+
+	return 0;
+
+err_free_parsed:
+	free_parsed_text(tokens);
+	return rc;
+}
+
+/**
+ * parse_pass2: Take the 2D list of tokens generated from pass1, and transform
+ *		it into a partial ipe_policy.
+ * @parsed: Supplies the list of tokens generated from pass1.
+ * @p: Policy to manipulate with parsed tokens.
+ *
+ * This function is where various declarations and references are parsed into
+ * policy. All declarations and references required to parse rules should be
+ * done here as a parser, and then in pass3 these can be utilized.
+ *
+ * Return:
+ * !0 - OK
+ * -EBADMSG - Syntax Parsing Errors
+ * -ENOENT - No handler for a token.
+ * -ENOMEM - Out of memory
+ */
+static int parse_pass2(struct list_head *parsed, struct ipe_parsed_policy *pol)
+{
+	int rc = 0;
+	const struct ipe_parser *p = NULL;
+	struct ipe_policy_line *line = NULL;
+	const struct ipe_policy_token *token = NULL;
+
+	list_for_each_entry(line, parsed, next) {
+		token = list_first_entry(&line->tokens, struct ipe_policy_token, next);
+		p = ipe_lookup_parser(token->key);
+		if (!p)
+			continue;
+
+		rc = p->parse(line, pol);
+		if (rc)
+			return rc;
+
+		line->consumed = true;
+	}
+
+	return rc;
+}
+
+/**
+ * ipe_parse_op: parse a token to an operation value.
+ * @tok: Token to parse
+ * @op: Operation Parsed.
+ *
+ * Return:
+ * 0 - OK
+ * -EINVAL - Invalid key or value.
+ */
+int ipe_parse_op(const struct ipe_policy_token *tok,
+		 enum ipe_operation *op)
+{
+	substring_t match[MAX_OPT_ARGS] = { 0 };
+	const match_table_t ops = {
+		{ ipe_op_alias_max, NULL },
+	};
+
+	if (strcmp(tok->key, "op") || !tok->value)
+		return -EINVAL;
+
+	*op = match_token((char *)tok->value, ops, match);
+	if ((*op) == (int)ipe_op_alias_max)
+		return -ENOENT;
+
+	return 0;
+}
+
+/**
+ * ipe_parse_action: parse a token to an operation value.
+ * @tok: Token to parse
+ * @action: action parsed.
+ *
+ * Return:
+ * 0 - OK
+ * -EINVAL - Invalid key or value.
+ */
+int ipe_parse_action(const struct ipe_policy_token *tok,
+		     enum ipe_action *action)
+{
+	substring_t match[MAX_OPT_ARGS] = { 0 };
+	const match_table_t actions = {
+		{ ipe_action_allow, "ALLOW" },
+		{ ipe_action_deny, "DENY" },
+		{ ipe_action_max, NULL },
+	};
+
+	if (strcmp(tok->key, "action") || !tok->value)
+		return -EINVAL;
+
+	*action = match_token((char *)tok->value, actions, match);
+
+	if (*action == ipe_action_max)
+		return -EINVAL;
+
+	return 0;
+}
+
+/**
+ * parse_mod_to_rule: Parse a module token and append the values to the
+ *		      provided rule.
+ * @t: Supplies the token to parse.
+ * @r: Supplies the rule to modify with the result.
+ *
+ * Return:
+ * 0 - OK
+ * -ENOENT - No such module to handle @t.
+ * -ENOMEM - No memory.
+ * Others - Module defined errors.
+ */
+static int parse_mod_to_rule(const struct ipe_policy_token *t, struct ipe_rule *r)
+{
+	int rc = 0;
+	struct ipe_policy_mod *p = NULL;
+	const struct ipe_module *m = NULL;
+
+	m = ipe_lookup_module(t->key);
+	if (IS_ERR_OR_NULL(m)) {
+		rc = (m) ? PTR_ERR(m) : -ENOENT;
+		goto err;
+	}
+
+	p = kzalloc(sizeof(*p), GFP_KERNEL);
+	if (!p) {
+		rc = -ENOMEM;
+		goto err;
+	}
+	INIT_LIST_HEAD(&p->next);
+	p->mod = m;
+
+	rc = m->parse(t->value, &p->mod_value);
+	if (rc)
+		goto err2;
+
+	list_add_tail(&p->next, &r->modules);
+	return 0;
+err2:
+	kfree(p);
+err:
+	return rc;
+}
+
+/**
+ * parse_rule: Parse a policy line into an ipe_rule structure.
+ * @line: Supplies the line to parse.
+ *
+ * Return:
+ * Valid ipe_rule - OK
+ * ERR_PTR(-ENOMEM) - Out of Memory
+ * ERR_PTR(-ENOENT) - No such module to handle a token
+ * ERR_PTR(-EINVAL) - An unacceptable value has been encountered.
+ * ERR_PTR(...) - Module defined errors.
+ */
+static struct ipe_rule *parse_rule(const struct ipe_policy_line *line)
+{
+	int rc = 0;
+	struct ipe_rule *r = NULL;
+	const struct list_head *node = NULL;
+
+	r = kzalloc(sizeof(*r), GFP_KERNEL);
+	if (!r) {
+		rc = -ENOMEM;
+		goto err;
+	}
+
+	INIT_LIST_HEAD(&r->next);
+	INIT_LIST_HEAD(&r->modules);
+	r->op = (int)ipe_op_alias_max;
+	r->action = ipe_action_max;
+
+	list_for_each(node, &line->tokens) {
+		const struct ipe_policy_token *token = NULL;
+
+		token = container_of(node, struct ipe_policy_token, next);
+
+		if (list_is_first(node, &line->tokens)) {
+			enum ipe_operation op;
+
+			rc = ipe_parse_op(token, &op);
+			if (rc)
+				goto err;
+
+			r->op = op;
+			continue;
+		}
+
+		if (list_is_last(node, &line->tokens)) {
+			enum ipe_action action;
+
+			rc = ipe_parse_action(token, &action);
+			if (rc)
+				goto err;
+
+			r->action = action;
+			continue;
+		}
+
+		rc = parse_mod_to_rule(token, r);
+		if (rc)
+			goto err;
+	}
+
+	if (r->action == ipe_action_max || r->op == (int)ipe_op_alias_max) {
+		rc = -EBADMSG;
+		goto err;
+	}
+
+	return r;
+err:
+	free_rule(r);
+	return ERR_PTR(rc);
+}
+
+/**
+ * parse_pass3: Take the partially parsed list of tokens from pass 1 and the
+ *		parial policy from pass 2, and finalize the policy.
+ * @parsed: Supplies the tokens parsed from pass 1.
+ * @p: Supplies the partial policy from pass 2.
+ *
+ * This function finalizes the IPE policy by parsing all rules in the
+ * policy. This must occur in pass3, as in pass2, references are resolved
+ * that can be used in pass3.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Standard errno
+ */
+static int parse_pass3(struct list_head *parsed,
+		       struct ipe_parsed_policy *p)
+{
+	int rc = 0;
+	size_t i = 0;
+	size_t remap_len = 0;
+	struct ipe_rule *rule = NULL;
+	struct ipe_policy_line *line = NULL;
+	const enum ipe_operation *remap;
+
+	list_for_each_entry(line, parsed, next) {
+		if (line->consumed)
+			continue;
+
+		rule = parse_rule(line);
+		if (IS_ERR(rule)) {
+			rc = PTR_ERR(rule);
+			goto err;
+		}
+
+		if (ipe_is_op_alias(rule->op, &remap, &remap_len)) {
+			for (i = 0; i < remap_len; ++i) {
+				rule->op = remap[i];
+				list_add_tail(&rule->next, &p->rules[rule->op].rules);
+				rule = parse_rule(line);
+			}
+
+			free_rule(rule);
+		} else {
+			list_add_tail(&rule->next, &p->rules[rule->op].rules);
+		}
+
+		line->consumed = true;
+	}
+
+	return 0;
+err:
+	free_rule(rule);
+	return rc;
+}
+
+/**
+ * parser_validate: Callback to invoke, validating parsers as necessary
+ * @parser: parser to call to validate data.
+ * @ctx: ctx object passed to ipe_for_each_parser.
+ *
+ * This function is intended to be used with ipe_for_each_parser only.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Validation failed.
+ */
+static int parser_validate(const struct ipe_parser *parser, void *ctx)
+{
+	int rc = 0;
+	const struct ipe_parsed_policy *pol = ctx;
+
+	if (parser->validate)
+		rc = parser->validate(pol);
+
+	return rc;
+}
+
+/**
+ * validate_policy: Given a policy structure that was just parsed, validate
+ *		    that all necessary fields are present, initialized
+ *		    correctly, and all lines parsed are have been consumed.
+ * @parsed: Supplies the policy lines that were parsed in pass1.
+ * @policy: Supplies the fully parsed policy.
+ *
+ * A parsed policy can be an invalid state for use (a default was undefined,
+ * a header was undefined) by just parsing the policy.
+ *
+ * Return:
+ * 0 - OK
+ * -EBADMSG - Policy is invalid.
+ */
+static int validate_policy(const struct list_head *parsed,
+			   const struct ipe_parsed_policy *p)
+{
+	int rc = 0;
+	const struct ipe_policy_line *line = NULL;
+
+	list_for_each_entry(line, parsed, next) {
+		if (!line->consumed)
+			return -EBADMSG;
+	}
+
+	rc = ipe_for_each_parser(parser_validate,
+				 (struct ipe_parsed_policy *)p);
+
+	return rc;
+}
+
+/**
+ * new_parsed_policy: Allocate and initialize a parsed policy to its default
+ *		      values.
+ *
+ * Return:
+ * !IS_ERR - OK
+ */
+static struct ipe_parsed_policy *new_parsed_policy(void)
+{
+	size_t i = 0;
+	struct ipe_parsed_policy *p = NULL;
+	struct ipe_operation_table *t = NULL;
+
+	p = kzalloc(sizeof(*p), GFP_KERNEL);
+	if (!p)
+		return ERR_PTR(-ENOMEM);
+
+	p->global_default = ipe_action_max;
+
+	for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
+		t = &p->rules[i];
+
+		t->default_action = ipe_action_max;
+		INIT_LIST_HEAD(&t->rules);
+	}
+
+	return p;
+}
+
+/**
+ * parse_policy: Given a string, parse the string into an IPE policy
+ *		     structure.
+ * @p: partially filled ipe_policy structure to populate with the result.
+ *
+ * @p must have text and textlen set.
+ *
+ * Return:
+ * Valid ipe_policy structure - OK
+ * ERR_PTR(-EBADMSG) - Invalid Policy Syntax (Unrecoverable)
+ * ERR_PTR(-ENOMEM) - Out of Memory
+ */
+static int parse_policy(struct ipe_policy *p)
+{
+	int rc = 0;
+	char *dup = NULL;
+	LIST_HEAD(parsed);
+	struct ipe_parsed_policy *pp = NULL;
+
+	if (!p->textlen)
+		return -EBADMSG;
+
+	dup = kmemdup_nul(p->text, p->textlen, GFP_KERNEL);
+	if (!dup)
+		return -ENOMEM;
+
+	pp = new_parsed_policy();
+	if (IS_ERR(pp)) {
+		rc = PTR_ERR(pp);
+		goto out;
+	}
+
+	rc = parse_pass1(dup, &parsed);
+	if (rc)
+		goto err;
+
+	rc = parse_pass2(&parsed, pp);
+	if (rc)
+		goto err;
+
+	rc = parse_pass3(&parsed, pp);
+	if (rc)
+		goto err;
+
+	rc = validate_policy(&parsed, pp);
+	if (rc)
+		goto err;
+
+	p->parsed = pp;
+
+	goto out;
+err:
+	free_parsed_policy(pp);
+out:
+	free_parsed_text(&parsed);
+	kfree(dup);
+
+	return rc;
+}
+
+/**
+ * ipe_is_op_alias: Determine if @op is an alias for one or more operations
+ * @op: Supplies the operation to check. Should be either ipe_operation or
+ *	ipe_op_alias.
+ * @map: Supplies a pointer to populate with the mapping if @op is an alias
+ * @size: Supplies the size of @map if @op is an alias.
+ *
+ * Return:
+ * true - @op is an alias
+ * false - @op is not an alias
+ */
+bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
+{
+	switch (op) {
+	default:
+		return false;
+	}
+}
+
+/**
+ * ipe_free_policy: Deallocate a given IPE policy.
+ * @p: Supplies the policy to free.
+ *
+ * Safe to call on IS_ERR/NULL.
+ */
+void ipe_put_policy(struct ipe_policy *p)
+{
+	if (IS_ERR_OR_NULL(p) || !refcount_dec_and_test(&p->refcount))
+		return;
+
+	free_parsed_policy(p->parsed);
+	if (!p->pkcs7)
+		kfree(p->text);
+	kfree(p->pkcs7);
+	kfree(p);
+}
+
+static int set_pkcs7_data(void *ctx, const void *data, size_t len,
+			  size_t asn1hdrlen)
+{
+	struct ipe_policy *p = ctx;
+
+	p->text = (const char *)data;
+	p->textlen = len;
+
+	return 0;
+}
+
+/**
+ * ipe_new_policy: allocate and parse an ipe_policy structure.
+ *
+ * @text: Supplies a pointer to the plain-text policy to parse.
+ * @textlen: Supplies the length of @text.
+ * @pkcs7: Supplies a pointer to a pkcs7-signed IPE policy.
+ * @pkcs7len: Supplies the length of @pkcs7.
+ *
+ * @text/@textlen Should be NULL/0 if @pkcs7/@pkcs7len is set.
+ *
+ * The result will still need to be associated with a context via
+ * ipe_add_policy.
+ *
+ * Return:
+ * !IS_ERR - Success
+ */
+struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
+				  const char *pkcs7, size_t pkcs7len)
+{
+	int rc = 0;
+	struct ipe_policy *new = NULL;
+
+	new = kzalloc(sizeof(*new), GFP_KERNEL);
+	if (!new)
+		return ERR_PTR(-ENOMEM);
+
+	refcount_set(&new->refcount, 1);
+
+	if (!text) {
+		new->pkcs7len = pkcs7len;
+		new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL);
+		if (!new->pkcs7) {
+			rc = -ENOMEM;
+			goto err;
+		}
+
+		rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, NULL,
+					    VERIFYING_UNSPECIFIED_SIGNATURE,
+					    set_pkcs7_data, new);
+		if (rc)
+			goto err;
+	} else {
+		new->textlen = textlen;
+		new->text = kstrndup(text, textlen, GFP_KERNEL);
+		if (!new->text) {
+			rc = -ENOMEM;
+			goto err;
+		}
+	}
+
+	rc = parse_policy(new);
+	if (rc)
+		goto err;
+
+	return new;
+err:
+	ipe_put_policy(new);
+	return ERR_PTR(rc);
+}
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
new file mode 100644
index 000000000000..d78788db238c
--- /dev/null
+++ b/security/ipe/policy.h
@@ -0,0 +1,97 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_POLICY_H
+#define IPE_POLICY_H
+
+#include <linux/list.h>
+#include <linux/types.h>
+#include <linux/refcount.h>
+
+struct ipe_policy_token {
+	struct list_head next;		/* type: policy_token */
+
+	const char *key;
+	const char *value;
+};
+
+struct ipe_policy_line {
+	struct list_head next;		/* type: policy_line */
+	struct list_head tokens;	/* type: policy_token */
+
+	bool consumed;
+};
+
+struct ipe_module;
+
+enum ipe_operation {
+	ipe_operation_max = 0,
+};
+
+/*
+ * Extension to ipe_operation, representing operations
+ * that are just one or more operations under the hood
+ */
+enum ipe_op_alias {
+	ipe_op_alias_max = ipe_operation_max,
+};
+
+enum ipe_action {
+	ipe_action_allow = 0,
+	ipe_action_deny,
+	ipe_action_max,
+};
+
+struct ipe_policy_mod {
+	const struct ipe_module *mod;
+	void			*mod_value;
+
+	struct list_head next;
+};
+
+struct ipe_rule {
+	enum ipe_operation op;
+	enum ipe_action action;
+
+	struct list_head modules;
+
+	struct list_head next;
+};
+
+struct ipe_operation_table {
+	struct list_head rules;
+	enum ipe_action default_action;
+};
+
+struct ipe_parsed_policy {
+	const char *name;
+	struct {
+		u16 major;
+		u16 minor;
+		u16 rev;
+	} version;
+
+	enum ipe_action global_default;
+
+	struct ipe_operation_table rules[ipe_operation_max];
+};
+
+struct ipe_policy {
+	const char     *pkcs7;
+	size_t		pkcs7len;
+
+	const char     *text;
+	size_t		textlen;
+
+	struct ipe_parsed_policy *parsed;
+
+	refcount_t	refcount;
+};
+
+struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
+				  const char *pkcs7, size_t pkcs7len);
+void ipe_put_policy(struct ipe_policy *pol);
+bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size);
+
+#endif /* IPE_POLICY_H */
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 03/16] ipe: add evaluation loop
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 01/16] security: add ipe lsm & initial context creation deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 02/16] ipe: add policy parser deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 04/16] ipe: add userspace interface deven.desai
                   ` (13 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

IPE must have a centralized function to evaluate incoming callers
against IPE's policy. This iteration of the policy for against the rules
for that specific caller is known as the evaluation loop.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Refactor patch to support a context structure,
    enabling easier testing
  * Split up patch 02/12 into four parts:
      1. context creation [01/16]
      2. audit [07/16]
      3. evaluation loop [03/16] (this patch)
      4. access control hooks [05/16]

---
 security/ipe/Makefile             |   1 +
 security/ipe/ctx.c                |  57 ++++++++++++
 security/ipe/ctx.h                |   6 ++
 security/ipe/eval.c               | 142 ++++++++++++++++++++++++++++++
 security/ipe/eval.h               |  26 ++++++
 security/ipe/hooks.h              |   4 +
 security/ipe/modules/ipe_module.h |   3 +
 security/ipe/policy.c             |  27 ++++++
 security/ipe/policy.h             |   4 +
 9 files changed, 270 insertions(+)
 create mode 100644 security/ipe/eval.c
 create mode 100644 security/ipe/eval.h

diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 9a97efd8a190..0db69f13e82a 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -9,6 +9,7 @@ ccflags-y := -I$(srctree)/security/ipe/modules
 
 obj-$(CONFIG_SECURITY_IPE) += \
 	ctx.o \
+	eval.o \
 	hooks.o \
 	ipe.o \
 	modules.o \
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
index c24f5d1d41bd..9274e51eff52 100644
--- a/security/ipe/ctx.c
+++ b/security/ipe/ctx.c
@@ -5,6 +5,7 @@
 
 #include "ipe.h"
 #include "ctx.h"
+#include "policy.h"
 
 #include <linux/slab.h>
 #include <linux/types.h>
@@ -76,10 +77,25 @@ struct ipe_context *ipe_get_ctx_rcu(struct ipe_context __rcu *ctx)
  */
 static void free_ctx_work(struct work_struct *const work)
 {
+	struct ipe_policy *p = NULL;
 	struct ipe_context *ctx = NULL;
 
 	ctx = container_of(work, struct ipe_context, free_work);
 
+	/* Make p->ctx no longer have any references */
+	spin_lock(&ctx->lock);
+	list_for_each_entry(p, &ctx->policies, next)
+		rcu_assign_pointer(p->ctx, NULL);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	/*
+	 * locking no longer necessary - nothing can get a reference to ctx,
+	 * so list is guaranteed stable.
+	 */
+	list_for_each_entry(p, &ctx->policies, next)
+		ipe_put_policy(p);
+
 	kfree(ctx);
 }
 
@@ -104,6 +120,7 @@ static struct ipe_context *create_ctx(void)
 	}
 
 	INIT_WORK(&ctx->free_work, free_ctx_work);
+	INIT_LIST_HEAD(&ctx->policies);
 	refcount_set(&ctx->refcount, 1);
 	spin_lock_init(&ctx->lock);
 
@@ -114,6 +131,46 @@ static struct ipe_context *create_ctx(void)
 	return ERR_PTR(rc);
 }
 
+/**
+ * remove_policy: Remove a policy from its context
+ * @p: Supplies a pointer to a policy that will be removed from its context
+ *
+ * Decrements @p's reference by 1.
+ */
+void ipe_remove_policy(struct ipe_policy *p)
+{
+	struct ipe_context *ctx;
+
+	ctx = ipe_get_ctx_rcu(p->ctx);
+	if (!ctx)
+		return;
+
+	spin_lock(&ctx->lock);
+	list_del_init(&p->next);
+	rcu_assign_pointer(p->ctx, NULL);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	ipe_put_ctx(ctx);
+	/* drop the reference representing the list */
+	ipe_put_policy(p);
+}
+
+/**
+ * ipe_add_policy: Associate @p with @ctx
+ * @ctx: Supplies a pointer to the ipe_context structure to associate @p with.
+ * @p: Supplies a pointer to the ipe_policy structure to associate.
+ */
+void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p)
+{
+	spin_lock(&ctx->lock);
+	rcu_assign_pointer(p->ctx, ctx);
+	list_add_tail(&p->next, &ctx->policies);
+	refcount_inc(&p->refcount);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+}
+
 /**
  * ipe_put_ns: Decrement the reference of an ipe_context structure,
  *	       scheduling a free as necessary.s
diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
index 69a2c92c0a8c..a0da92da818c 100644
--- a/security/ipe/ctx.h
+++ b/security/ipe/ctx.h
@@ -12,10 +12,14 @@
 #include <linux/workqueue.h>
 
 struct ipe_context {
+	struct ipe_policy __rcu *active_policy;
+
 	refcount_t refcount;
 	/* Protects concurrent writers */
 	spinlock_t lock;
 
+	struct list_head policies; /* type: ipe_policy */
+
 	struct work_struct free_work;
 };
 
@@ -24,5 +28,7 @@ struct ipe_context __rcu **ipe_tsk_ctx(struct task_struct *tsk);
 struct ipe_context *ipe_current_ctx(void);
 struct ipe_context *ipe_get_ctx_rcu(struct ipe_context __rcu *ctx);
 void ipe_put_ctx(struct ipe_context *ctx);
+void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p);
+void ipe_remove_policy(struct ipe_policy *p);
 
 #endif /* IPE_CONTEXT_H */
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
new file mode 100644
index 000000000000..b732f76cfd05
--- /dev/null
+++ b/security/ipe/eval.c
@@ -0,0 +1,142 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "ctx.h"
+#include "eval.h"
+#include "hooks.h"
+#include "policy.h"
+#include "modules/ipe_module.h"
+
+#include <linux/slab.h>
+#include <linux/file.h>
+#include <linux/sched.h>
+#include <linux/rcupdate.h>
+
+/**
+ * build_ctx: Build an evaluation context.
+ * @file: Supplies a pointer to the file to associated with the evaluation
+ * @op: Supplies the IPE policy operation associated with the evaluation
+ * @hook: Supplies the LSM hook associated with the evaluation.
+ *
+ * The current IPE Context will have a reference count increased by one until
+ * this is deallocated.
+ *
+ * Return:
+ * !IS_ERR - OK
+ */
+static struct ipe_eval_ctx *build_ctx(const struct file *file,
+				      enum ipe_operation op,
+				      enum ipe_hook hook)
+{
+	struct ipe_eval_ctx *ctx = NULL;
+
+	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
+	if (!ctx)
+		return ERR_PTR(-ENOMEM);
+
+	ctx->file = file;
+	ctx->op = op;
+	ctx->hook = hook;
+	ctx->ci_ctx = ipe_current_ctx();
+
+	return ctx;
+}
+
+/**
+ * free_ctx: Deallocate a previously-allocated ipe_eval_ctx
+ * @ctx: Supplies a pointer to the evaluation context to free.
+ */
+static void free_ctx(struct ipe_eval_ctx *ctx)
+{
+	if (IS_ERR_OR_NULL(ctx))
+		return;
+
+	ipe_put_ctx(ctx->ci_ctx);
+	kfree(ctx);
+}
+
+/**
+ * evaluate: Analyze @ctx against the active policy and return the result.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ *
+ * This is the loop where all policy evaluation happens against IPE policy.
+ *
+ * Return:
+ * 0 - OK
+ * -EACCES - @ctx did not pass evaluation.
+ * !0 - Error
+ */
+static int evaluate(const struct ipe_eval_ctx *const ctx)
+{
+	int rc = 0;
+	bool match = false;
+	enum ipe_action action;
+	struct ipe_policy *pol = NULL;
+	const struct ipe_rule *rule = NULL;
+	const struct ipe_policy_mod *module = NULL;
+	const struct ipe_operation_table *rules = NULL;
+
+	pol = ipe_get_policy_rcu(ctx->ci_ctx->active_policy);
+	if (!pol)
+		goto out;
+
+	rules = &pol->parsed->rules[ctx->op];
+
+	list_for_each_entry(rule, &rules->rules, next) {
+		match = true;
+
+		list_for_each_entry(module, &rule->modules, next)
+			match = match && module->mod->eval(ctx, module->mod_value);
+
+		if (match)
+			break;
+	}
+
+	if (match) {
+		action = rule->action;
+	} else if (rules->default_action != ipe_action_max) {
+		action = rules->default_action;
+	} else {
+		action = pol->parsed->global_default;
+	}
+
+	if (action == ipe_action_deny)
+		rc = -EACCES;
+
+out:
+	ipe_put_policy(pol);
+	return rc;
+}
+
+/**
+ * ipe_process_event: Submit @file for verification against IPE's policy
+ * @file: Supplies an optional pointer to the file being submitted.
+ * @op: IPE Policy Operation to associate with @file
+ * @hook: LSM Hook to associate with @file
+ *
+ * @file can be NULL and will be submitted for evaluation like a non-NULL
+ * file.
+ *
+ * Return:
+ * 0 - OK
+ * -EACCES - @file did not pass verification
+ * !0 - Error
+ */
+int ipe_process_event(const struct file *file, enum ipe_operation op,
+		      enum ipe_hook hook)
+{
+	int rc = 0;
+	struct ipe_eval_ctx *ctx = NULL;
+
+	ctx = build_ctx(file, op, hook);
+	if (IS_ERR(ctx))
+		return PTR_ERR(ctx);
+
+	rc = evaluate(ctx);
+
+	free_ctx(ctx);
+	return rc;
+}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
new file mode 100644
index 000000000000..db6da2998a20
--- /dev/null
+++ b/security/ipe/eval.h
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_EVAL_H
+#define IPE_EVAL_H
+
+#include <linux/file.h>
+
+#include "ctx.h"
+#include "hooks.h"
+#include "policy.h"
+
+struct ipe_eval_ctx {
+	enum ipe_hook hook;
+	enum ipe_operation op;
+
+	const struct file *file;
+	struct ipe_context *ci_ctx;
+};
+
+int ipe_process_event(const struct file *file, enum ipe_operation op,
+		      enum ipe_hook hook);
+
+#endif /* IPE_EVAL_H */
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index e0ae3c7dfb5b..58ed4a612e26 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -8,6 +8,10 @@
 #include <linux/types.h>
 #include <linux/sched.h>
 
+enum ipe_hook {
+	ipe_hook_max = 0
+};
+
 int ipe_task_alloc(struct task_struct *task,
 		   unsigned long clone_flags);
 
diff --git a/security/ipe/modules/ipe_module.h b/security/ipe/modules/ipe_module.h
index 397a54cbc4db..b4f975e9218a 100644
--- a/security/ipe/modules/ipe_module.h
+++ b/security/ipe/modules/ipe_module.h
@@ -6,6 +6,7 @@
 #define IPE_MODULE_H
 
 #include <linux/types.h>
+#include "../eval.h"
 
 /**
  * ipe_module: definition of an extensible module for IPE properties.
@@ -23,6 +24,8 @@ struct ipe_module {
 	u16				version;	/* required */
 	int (*parse)(const char *valstr, void **value);	/* required */
 	int (*free)(void **value);			/* optional */
+	bool (*eval)(const struct ipe_eval_ctx *ctx,	/* required */
+		     const void *val);
 };
 
 #define IPE_MODULE(parser)				\
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index 9dd60dd34477..8970f96453d6 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -874,6 +874,32 @@ void ipe_put_policy(struct ipe_policy *p)
 	kfree(p);
 }
 
+/**
+ * ipe_get_policy_rcu: Dereference rcu-protected @p and increase the reference
+ *		       count.
+ * @p: rcu-protected pointer to dereference
+ *
+ * Not safe to call on IS_ERR.
+ *
+ * Return:
+ * !NULL - reference count of @p was valid, and increased by one.
+ * NULL - reference count of @p is not valid.
+ */
+struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
+{
+	struct ipe_policy *rv = NULL;
+
+	rcu_read_lock();
+
+	rv = rcu_dereference(p);
+	if (!rv || !refcount_inc_not_zero(&rv->refcount))
+		rv = NULL;
+
+	rcu_read_unlock();
+
+	return rv;
+}
+
 static int set_pkcs7_data(void *ctx, const void *data, size_t len,
 			  size_t asn1hdrlen)
 {
@@ -912,6 +938,7 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
 		return ERR_PTR(-ENOMEM);
 
 	refcount_set(&new->refcount, 1);
+	INIT_LIST_HEAD(&new->next);
 
 	if (!text) {
 		new->pkcs7len = pkcs7len;
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index d78788db238c..2b5041c5a75a 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -87,11 +87,15 @@ struct ipe_policy {
 	struct ipe_parsed_policy *parsed;
 
 	refcount_t	refcount;
+
+	struct list_head next;		/* type: ipe_policy */
+	struct ipe_context __rcu *ctx;
 };
 
 struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
 				  const char *pkcs7, size_t pkcs7len);
 void ipe_put_policy(struct ipe_policy *pol);
 bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size);
+struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
 
 #endif /* IPE_POLICY_H */
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 04/16] ipe: add userspace interface
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (2 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 03/16] ipe: add evaluation loop deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-11-03  9:42   ` Roberto Sassu
  2021-10-13 19:06 ` [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read deven.desai
                   ` (12 subsequent siblings)
  16 siblings, 1 reply; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

As is typical with LSMs, IPE uses securityfs as its interface with
userspace. for a complete list of the interfaces and the respective
inputs/outputs, please see the documentation under
admin-guide/LSM/ipe.rst

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Refactor series to:
      1. Support a context structure, enabling easier testing
  * Split up patch 03/12 into two parts:
      1. parser [02/16]
      2. userspace interface [04/16] (this patch)
  * Interface changes:
      1. "raw" was renamed to "pkcs7" and made read only
      2. "raw"'s write functionality (update a policy) moved to "update"
      3. introduced "version", "policy_name" nodes.
      4. "content" renamed to "policy"
      5. The boot policy can now be updated like any other policy.

---
 security/ipe/Makefile   |   2 +
 security/ipe/ctx.c      | 121 +++++++++
 security/ipe/ctx.h      |   6 +
 security/ipe/fs.c       | 170 +++++++++++++
 security/ipe/fs.h       |  13 +
 security/ipe/policy.c   |  41 ++++
 security/ipe/policy.h   |   4 +
 security/ipe/policyfs.c | 528 ++++++++++++++++++++++++++++++++++++++++
 8 files changed, 885 insertions(+)
 create mode 100644 security/ipe/fs.c
 create mode 100644 security/ipe/fs.h
 create mode 100644 security/ipe/policyfs.c

diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 0db69f13e82a..d5660a17364c 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -10,9 +10,11 @@ ccflags-y := -I$(srctree)/security/ipe/modules
 obj-$(CONFIG_SECURITY_IPE) += \
 	ctx.o \
 	eval.o \
+	fs.o \
 	hooks.o \
 	ipe.o \
 	modules.o \
 	parsers/ \
 	parsers.o \
 	policy.o \
+	policyfs.o \
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
index 9274e51eff52..664c671a4f9c 100644
--- a/security/ipe/ctx.c
+++ b/security/ipe/ctx.c
@@ -13,6 +13,29 @@
 #include <linux/refcount.h>
 #include <linux/spinlock.h>
 
+/**
+ * ver_to_u64: convert an internal ipe_policy_version to a u64
+ * @p: Policy to extract the version from
+ *
+ * Bits (LSB is index 0):
+ *	[48,32] -> Major
+ *	[32,16] -> Minor
+ *	[16, 0] -> Revision
+ *
+ * Return:
+ * u64 version of the embedded version structure.
+ */
+static inline u64 ver_to_u64(const struct ipe_policy *const p)
+{
+	u64 r = 0;
+
+	r = (((u64)p->parsed->version.major) << 32)
+	  | (((u64)p->parsed->version.minor) << 16)
+	  | ((u64)(p->parsed->version.rev));
+
+	return r;
+}
+
 /**
  * ipe_current_ctx: Helper to retrieve the ipe_context for the current task.
  *
@@ -96,6 +119,7 @@ static void free_ctx_work(struct work_struct *const work)
 	list_for_each_entry(p, &ctx->policies, next)
 		ipe_put_policy(p);
 
+	securityfs_remove(ctx->policy_root);
 	kfree(ctx);
 }
 
@@ -160,6 +184,9 @@ void ipe_remove_policy(struct ipe_policy *p)
  * ipe_add_policy: Associate @p with @ctx
  * @ctx: Supplies a pointer to the ipe_context structure to associate @p with.
  * @p: Supplies a pointer to the ipe_policy structure to associate.
+ *
+ * This will increase @p's reference count by one.
+ *
  */
 void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p)
 {
@@ -168,7 +195,101 @@ void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p)
 	list_add_tail(&p->next, &ctx->policies);
 	refcount_inc(&p->refcount);
 	spin_unlock(&ctx->lock);
+}
+
+/**
+ * ipe_replace_policy: Replace @old with @new in the list of policies in @ctx
+ * @ctx: Supplies the context object to manipulate.
+ * @old: Supplies a pointer to the ipe_policy to replace with @new
+ * @new: Supplies a pointer to the ipe_policy structure to replace @old with
+ */
+int ipe_replace_policy(struct ipe_policy *old, struct ipe_policy *new)
+{
+	int rc = -EINVAL;
+	struct ipe_context *ctx;
+	struct ipe_policy *cursor;
+	struct ipe_policy *p = NULL;
+
+	ctx = ipe_get_ctx_rcu(old->ctx);
+	if (!ctx)
+		return -ENOENT;
+
+	spin_lock(&ctx->lock);
+	list_for_each_entry(cursor, &ctx->policies, next) {
+		if (!strcmp(old->parsed->name, cursor->parsed->name)) {
+			if (ipe_is_policy_active(old)) {
+				if (ver_to_u64(old) > ver_to_u64(new))
+					break;
+				rcu_assign_pointer(ctx->active_policy, new);
+			}
+			list_replace_init(&cursor->next, &new->next);
+			refcount_inc(&new->refcount);
+			rcu_assign_pointer(new->ctx, old->ctx);
+			p = cursor;
+			rc = 0;
+			break;
+		}
+	}
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	ipe_put_policy(p);
+	ipe_put_ctx(ctx);
+	return rc;
+}
+
+/**
+ * ipe_set_active_pol: Make @p the active policy.
+ * @p: Supplies a pointer to the policy to make active.
+ */
+int ipe_set_active_pol(const struct ipe_policy *p)
+{
+	int rc = 0;
+	struct ipe_policy *ap = NULL;
+	struct ipe_context *ctx = NULL;
+
+	ctx = ipe_get_ctx_rcu(p->ctx);
+	if (!ctx) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	ap = ipe_get_policy_rcu(ctx->active_policy);
+	if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
+		rc = -EINVAL;
+		goto out;
+	}
+
+	spin_lock(&ctx->lock);
+	rcu_assign_pointer(ctx->active_policy, p);
+	spin_unlock(&ctx->lock);
 	synchronize_rcu();
+
+out:
+	ipe_put_policy(ap);
+	ipe_put_ctx(ctx);
+	return rc;
+}
+
+/**
+ * ipe_is_policy_active: Determine wehther @p is the active policy
+ * @p: Supplies a pointer to the policy to check.
+ *
+ * Return:
+ * true - @p is the active policy of @ctx
+ * false - @p is not the active policy of @ctx
+ */
+bool ipe_is_policy_active(const struct ipe_policy *p)
+{
+	bool rv;
+	struct ipe_context *ctx;
+
+	rcu_read_lock();
+	ctx = rcu_dereference(p->ctx);
+	rv = !IS_ERR_OR_NULL(ctx) && rcu_access_pointer(ctx->active_policy) == p;
+	rcu_read_unlock();
+
+	return rv;
 }
 
 /**
diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
index a0da92da818c..fe11fb767788 100644
--- a/security/ipe/ctx.h
+++ b/security/ipe/ctx.h
@@ -7,6 +7,7 @@
 
 #include <linux/sched.h>
 #include <linux/types.h>
+#include <linux/dcache.h>
 #include <linux/refcount.h>
 #include <linux/spinlock.h>
 #include <linux/workqueue.h>
@@ -20,6 +21,8 @@ struct ipe_context {
 
 	struct list_head policies; /* type: ipe_policy */
 
+	struct dentry *policy_root;
+
 	struct work_struct free_work;
 };
 
@@ -30,5 +33,8 @@ struct ipe_context *ipe_get_ctx_rcu(struct ipe_context __rcu *ctx);
 void ipe_put_ctx(struct ipe_context *ctx);
 void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p);
 void ipe_remove_policy(struct ipe_policy *p);
+int ipe_replace_policy(struct ipe_policy *old, struct ipe_policy *new);
+int ipe_set_active_pol(const struct ipe_policy *p);
+bool ipe_is_policy_active(const struct ipe_policy *p);
 
 #endif /* IPE_CONTEXT_H */
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
new file mode 100644
index 000000000000..10ad23f8bf92
--- /dev/null
+++ b/security/ipe/fs.c
@@ -0,0 +1,170 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#include "ipe.h"
+#include "fs.h"
+#include "policy.h"
+
+#include <linux/dcache.h>
+#include <linux/security.h>
+
+static struct dentry *np __ro_after_init;
+static struct dentry *root __ro_after_init;
+static struct dentry *config __ro_after_init;
+
+/**
+ * new_policy: Write handler for the securityfs node, "ipe/new_policy"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t new_policy(struct file *f, const char __user *data,
+			  size_t len, loff_t *offset)
+{
+	int rc = 0;
+	char *copy = NULL;
+	struct ipe_policy *p = NULL;
+	struct ipe_context *ctx = NULL;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	ctx = ipe_current_ctx();
+
+	copy = memdup_user_nul(data, len);
+	if (IS_ERR(copy)) {
+		rc = PTR_ERR(copy);
+		goto err;
+	}
+
+	p = ipe_new_policy(NULL, 0, copy, len);
+	if (IS_ERR(p)) {
+		rc = PTR_ERR(p);
+		goto err;
+	}
+
+	rc = ipe_new_policyfs_node(ctx, p);
+	if (rc)
+		goto err;
+
+	ipe_add_policy(ctx, p);
+err:
+	ipe_put_policy(p);
+	ipe_put_ctx(ctx);
+	return (rc < 0) ? rc : len;
+}
+
+/**
+ * get_config: Read handler for the securityfs node, "ipe/config"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the read syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t get_config(struct file *f, char __user *data, size_t len,
+			  loff_t *offset)
+{
+	int rc = 0;
+	char *buf = NULL;
+	size_t buflen = 0;
+	char tmp[30] = { 0 };
+	struct ipe_parser *p = NULL;
+	struct ipe_module *m = NULL;
+
+	for (p = __start_ipe_parsers; p < __end_ipe_parsers; ++p)
+		buflen += snprintf(NULL, 0, "%s=%d\n", p->first_token, p->version);
+	for (m = __start_ipe_modules; m < __end_ipe_modules; ++m)
+		buflen += snprintf(NULL, 0, "%s=%d\n", m->name, m->version);
+
+	++buflen;
+	buf = kzalloc(buflen, GFP_KERNEL);
+	if (!buf) {
+		rc = -ENOMEM;
+		goto out;
+	}
+
+	for (p = __start_ipe_parsers; p < __end_ipe_parsers; ++p) {
+		memset(tmp, 0x0, ARRAY_SIZE(tmp));
+		scnprintf(tmp, ARRAY_SIZE(tmp), "%s=%d\n", p->first_token, p->version);
+		strcat(buf, tmp);
+	}
+
+	for (m = __start_ipe_modules; m < __end_ipe_modules; ++m) {
+		memset(tmp, 0x0, ARRAY_SIZE(tmp));
+		scnprintf(tmp, ARRAY_SIZE(tmp), "%s=%d\n", m->name, m->version);
+		strcat(buf, tmp);
+	}
+
+	rc = simple_read_from_buffer(data, len, offset, buf, buflen);
+out:
+	kfree(buf);
+	return rc;
+}
+
+static const struct file_operations cfg_fops = {
+	.read = get_config,
+};
+
+static const struct file_operations np_fops = {
+	.write = new_policy,
+};
+
+/**
+ * ipe_init_securityfs: Initialize IPE's securityfs tree at fsinit
+ *
+ * Return:
+ * !0 - Error
+ * 0 - OK
+ */
+static int __init ipe_init_securityfs(void)
+{
+	int rc = 0;
+	struct ipe_context *ctx = NULL;
+
+	ctx = ipe_current_ctx();
+
+	root = securityfs_create_dir("ipe", NULL);
+	if (IS_ERR(root)) {
+		rc = PTR_ERR(root);
+		goto err;
+	}
+
+	np = securityfs_create_file("new_policy", 0200, root, NULL, &np_fops);
+	if (IS_ERR(np)) {
+		rc = PTR_ERR(np);
+		goto err;
+	}
+
+	config = securityfs_create_file("config", 0400, root, NULL,
+					&cfg_fops);
+	if (IS_ERR(config)) {
+		rc = PTR_ERR(config);
+		goto err;
+	}
+
+	ctx->policy_root = securityfs_create_dir("policies", root);
+	if (IS_ERR(ctx->policy_root)) {
+		rc = PTR_ERR(ctx->policy_root);
+		goto err;
+	}
+
+	return 0;
+err:
+	securityfs_remove(np);
+	securityfs_remove(root);
+	securityfs_remove(config);
+	securityfs_remove(ctx->policy_root);
+	return rc;
+}
+
+fs_initcall(ipe_init_securityfs);
diff --git a/security/ipe/fs.h b/security/ipe/fs.h
new file mode 100644
index 000000000000..4ab2f4e8c454
--- /dev/null
+++ b/security/ipe/fs.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_FS_H
+#define IPE_FS_H
+
+void ipe_soft_del_policyfs(struct ipe_policy *p);
+int ipe_new_policyfs_node(struct ipe_context *ctx, struct ipe_policy *p);
+void ipe_del_policyfs_node(struct ipe_policy *p);
+
+#endif /* IPE_FS_H */
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index 8970f96453d6..b766824cc08f 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -4,6 +4,7 @@
  */
 
 #include "ipe.h"
+#include "fs.h"
 #include "policy.h"
 #include "ipe_parser.h"
 #include "modules.h"
@@ -867,6 +868,8 @@ void ipe_put_policy(struct ipe_policy *p)
 	if (IS_ERR_OR_NULL(p) || !refcount_dec_and_test(&p->refcount))
 		return;
 
+	ipe_del_policyfs_node(p);
+	securityfs_remove(p->policyfs);
 	free_parsed_policy(p->parsed);
 	if (!p->pkcs7)
 		kfree(p->text);
@@ -911,6 +914,44 @@ static int set_pkcs7_data(void *ctx, const void *data, size_t len,
 	return 0;
 }
 
+/**
+ * ipe_update_policy: parse a new policy and replace @old with it.
+ * @old: Supplies a pointer to the policy to replace
+ * @text: Supplies a pointer to the plain text policy
+ * @textlen: Supplies the length of @text
+ * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
+ * @pkcs7len: Supplies the length of @pkcs7len
+ *
+ * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
+ * ipe_new_policy.
+ *
+ * Return:
+ * !IS_ERR - OK
+ */
+struct ipe_policy *ipe_update_policy(struct ipe_policy *old,
+				     const char *text, size_t textlen,
+				     const char *pkcs7, size_t pkcs7len)
+{
+	int rc = 0;
+	struct ipe_policy *new;
+
+	new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
+	if (IS_ERR(new)) {
+		rc = PTR_ERR(new);
+		goto err;
+	}
+
+	if (strcmp(new->parsed->name, old->parsed->name)) {
+		rc = -EINVAL;
+		goto err;
+	}
+
+	rc = ipe_replace_policy(old, new);
+err:
+	ipe_put_policy(new);
+	return (rc < 0) ? ERR_PTR(rc) : new;
+}
+
 /**
  * ipe_new_policy: allocate and parse an ipe_policy structure.
  *
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 2b5041c5a75a..6818f6405dd0 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -88,12 +88,16 @@ struct ipe_policy {
 
 	refcount_t	refcount;
 
+	struct dentry *policyfs;
 	struct list_head next;		/* type: ipe_policy */
 	struct ipe_context __rcu *ctx;
 };
 
 struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
 				  const char *pkcs7, size_t pkcs7len);
+struct ipe_policy *ipe_update_policy(struct ipe_policy *old, const char *text,
+				     size_t textlen, const char *pkcs7,
+				     size_t pkcs7len);
 void ipe_put_policy(struct ipe_policy *pol);
 bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size);
 struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
diff --git a/security/ipe/policyfs.c b/security/ipe/policyfs.c
new file mode 100644
index 000000000000..d34c22e99225
--- /dev/null
+++ b/security/ipe/policyfs.c
@@ -0,0 +1,528 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#include "ipe.h"
+#include "policy.h"
+#include "fs.h"
+
+#include <linux/fs.h>
+#include <linux/namei.h>
+#include <linux/types.h>
+#include <linux/dcache.h>
+#include <linux/security.h>
+
+#define MAX_VERSION_SIZE ARRAY_SIZE("65535.65535.65535")
+
+/**
+ * find_policy: Follow the i_private field of a dentry, returning the address
+ *		of the resulting policy structure.
+ * @f: Securityfs object that contains a link to the dentry containing the
+ *     policy structure.
+ *
+ * Return:
+ * Always-Valid Address Pointer
+ */
+static inline struct ipe_policy __rcu **find_policy(struct file *f)
+{
+	struct dentry *link;
+
+	link = d_inode(f->f_path.dentry)->i_private;
+
+	return (struct ipe_policy __rcu **)&(d_inode(link)->i_private);
+}
+
+/**
+ * ipefs_file: defines a file in securityfs
+ */
+struct ipefs_file {
+	const char	*name;
+	umode_t		access;
+	const struct	file_operations *fops;
+};
+
+/**
+ * read_pkcs7: Read handler for the securityfs node,
+ *	       "ipe/policies/$name/pkcs7"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * @data will be populated with the pkcs7 blob representing the policy
+ * on success. If the policy is unsigned (like the boot policy), this
+ * will return -ENOENT.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t read_pkcs7(struct file *f, char __user *data,
+			  size_t len, loff_t *offset)
+{
+	int rc = 0;
+	struct ipe_policy *p = NULL;
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p)
+		return -ENOENT;
+
+	if (!p->pkcs7) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	rc = simple_read_from_buffer(data, len, offset, p->pkcs7, p->pkcs7len);
+
+out:
+	ipe_put_policy(p);
+	return rc;
+}
+
+/**
+ * read_policy: Read handler for the securityfs node,
+ *		"ipe/policies/$name/policy"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * @data will be populated with the plain-text version of the policy
+ * on success.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t read_policy(struct file *f, char __user *data,
+			   size_t len, loff_t *offset)
+{
+	int rc = 0;
+	struct ipe_policy *p = NULL;
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p)
+		return -ENOENT;
+
+	rc = simple_read_from_buffer(data, len, offset, p->text, p->textlen);
+
+	ipe_put_policy(p);
+	return rc;
+}
+
+/**
+ * read_name: Read handler for the securityfs node,
+ *	      "ipe/policies/$name/name"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * @data will be populated with the policy_name attribute on success
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t read_name(struct file *f, char __user *data,
+			 size_t len, loff_t *offset)
+{
+	int rc = 0;
+	struct ipe_policy *p = NULL;
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p)
+		return -ENOENT;
+
+	rc = simple_read_from_buffer(data, len, offset, p->parsed->name,
+				     strlen(p->parsed->name));
+
+	ipe_put_policy(p);
+	return rc;
+}
+
+/**
+ * read_version: Read handler for the securityfs node,
+ *		 "ipe/policies/$name/version"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * @data will be populated with the version string on success.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t read_version(struct file *f, char __user *data,
+			    size_t len, loff_t *offset)
+{
+	ssize_t rc = 0;
+	size_t bufsize = 0;
+	struct ipe_policy *p = NULL;
+	char buffer[MAX_VERSION_SIZE] = { 0 };
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p)
+		return -ENOENT;
+
+	bufsize = scnprintf(buffer, ARRAY_SIZE(buffer), "%hu.%hu.%hu",
+			    p->parsed->version.major, p->parsed->version.minor,
+			    p->parsed->version.rev);
+
+	rc = simple_read_from_buffer(data, len, offset, buffer, bufsize);
+
+	ipe_put_policy(p);
+	return rc;
+}
+
+/**
+ * setactive: Write handler for the securityfs node,
+ *	      "ipe/policies/$name/active"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t setactive(struct file *f, const char __user *data,
+			 size_t len, loff_t *offset)
+{
+	int rc = 0;
+	bool value = false;
+	struct ipe_policy *p = NULL;
+	struct ipe_context *ctx = NULL;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	rc = kstrtobool_from_user(data, len, &value);
+	if (rc)
+		goto out;
+
+	if (!value) {
+		rc = -EINVAL;
+		goto out;
+	}
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	ctx = ipe_get_ctx_rcu(p->ctx);
+	if (!ctx) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	rc = ipe_set_active_pol(p);
+
+out:
+	ipe_put_ctx(ctx);
+	ipe_put_policy(p);
+	return (rc < 0) ? rc : len;
+}
+
+/**
+ * getactive: Read handler for the securityfs node,
+ *	      "ipe/policies/$name/active"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * @data will be populated with the 1 or 0 depending on if the
+ * corresponding policy is active.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t getactive(struct file *f, char __user *data,
+			 size_t len, loff_t *offset)
+{
+	int rc = 0;
+	const char *str;
+	struct ipe_policy *p = NULL;
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	str = ipe_is_policy_active(p) ? "1" : "0";
+	rc = simple_read_from_buffer(data, len, offset, str, 2);
+
+out:
+	ipe_put_policy(p);
+	return rc;
+}
+
+/**
+ * update_policy: Write handler for the securityfs node,
+ *		  "ipe/policies/$name/active"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * On success this updates the policy represented by $name,
+ * in-place.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t update_policy(struct file *f, const char __user *data,
+			     size_t len, loff_t *offset)
+{
+	int rc = 0;
+	char *copy = NULL;
+	struct ipe_policy *new = NULL;
+	struct ipe_policy *old = NULL;
+	struct ipe_context *ctx = NULL;
+	struct ipe_policy __rcu **addr = NULL;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	ctx = ipe_current_ctx();
+	if (!ctx)
+		return -ENOENT;
+
+	addr = find_policy(f);
+	old = ipe_get_policy_rcu(*addr);
+	if (!old) {
+		rc = -ENOENT;
+		goto err;
+	}
+
+	copy = memdup_user(data, len);
+	if (IS_ERR(copy)) {
+		rc = PTR_ERR(copy);
+		goto err;
+	}
+
+	new = ipe_update_policy(old, NULL, 0, copy, len);
+	if (IS_ERR(new)) {
+		rc = PTR_ERR(new);
+		goto err;
+	}
+
+	spin_lock(&ctx->lock);
+	rcu_assign_pointer(*addr, new);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	swap(new->policyfs, old->policyfs);
+
+	kfree(copy);
+	ipe_put_ctx(ctx);
+	ipe_put_policy(old);
+	return len;
+err:
+	kfree(copy);
+	ipe_put_ctx(ctx);
+	ipe_put_policy(new);
+	ipe_put_policy(old);
+	return rc;
+}
+
+/**
+ * delete_policy: write handler for securityfs dir, "ipe/policies/$name/delete"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * On success this deletes the policy represented by $name.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t delete_policy(struct file *f, const char __user *data,
+			     size_t len, loff_t *offset)
+{
+	int rc = 0;
+	bool value = false;
+	struct ipe_policy *p = NULL;
+	struct ipe_context *ctx = NULL;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	rc = kstrtobool_from_user(data, len, &value);
+	if (rc)
+		goto out;
+
+	if (!value) {
+		rc = -EINVAL;
+		goto out;
+	}
+
+	p = ipe_get_policy_rcu(*find_policy(f));
+	if (!p) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	if (ipe_is_policy_active(p)) {
+		rc = -EPERM;
+		goto out;
+	}
+
+	ctx = ipe_get_ctx_rcu(p->ctx);
+	if (!ctx) {
+		rc = -ENOENT;
+		goto out;
+	}
+
+	ipe_remove_policy(p);
+out:
+	ipe_put_ctx(ctx);
+	ipe_put_policy(p);
+	return (rc < 0) ? rc : len;
+}
+
+static const struct file_operations content_fops = {
+	.read = read_policy,
+};
+
+static const struct file_operations pkcs7_fops = {
+	.read = read_pkcs7,
+};
+
+static const struct file_operations name_fops = {
+	.read = read_name,
+};
+
+static const struct file_operations ver_fops = {
+	.read = read_version,
+};
+
+static const struct file_operations active_fops = {
+	.write = setactive,
+	.read = getactive,
+};
+
+static const struct file_operations update_fops = {
+	.write = update_policy,
+};
+
+static const struct file_operations delete_fops = {
+	.write = delete_policy,
+};
+
+/**
+ * policy_subdir: files under a policy subdirectory
+ */
+static const struct ipefs_file policy_subdir[] = {
+	{ "pkcs7", 0444, &pkcs7_fops },
+	{ "policy", 0444, &content_fops },
+	{ "name", 0444, &name_fops },
+	{ "version", 0444, &ver_fops },
+	{ "active", 0600, &active_fops },
+	{ "update", 0200, &update_fops },
+	{ "delete", 0200, &delete_fops },
+};
+
+/**
+ * soft_del_policyfs - soft delete the policyfs tree, preventing new
+ *		       accesses to the interfaces for this policy.
+ * @p - Policy to soft delete the tree for.
+ */
+static void soft_del_policyfs(struct ipe_policy *p)
+{
+	struct inode *ino = NULL;
+	struct ipe_policy __rcu **addr = NULL;
+
+	ino = d_inode(p->policyfs);
+	addr = (struct ipe_policy __rcu **)&ino->i_private;
+
+	inode_lock(ino);
+	rcu_assign_pointer(*addr, NULL);
+	inode_unlock(ino);
+	synchronize_rcu();
+}
+
+/**
+ * ipe_del_policyfs_node: Delete a securityfs entry for @p
+ * @p: Supplies a pointer to the policy to delete a securityfs entry for.
+ */
+void ipe_del_policyfs_node(struct ipe_policy *p)
+{
+	size_t i = 0;
+	struct dentry *d = NULL;
+	const struct ipefs_file *f = NULL;
+
+	if (IS_ERR_OR_NULL(p->policyfs))
+		return;
+
+	soft_del_policyfs(p);
+
+	for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
+		f = &policy_subdir[i];
+
+		d = lookup_positive_unlocked(f->name, p->policyfs,
+					     strlen(f->name));
+		if (IS_ERR(d))
+			continue;
+
+		securityfs_remove(d);
+		dput(d);
+	}
+
+	securityfs_remove(p->policyfs);
+}
+
+/**
+ * ipe_new_policyfs_node: Create a securityfs entry for @p
+ * @ctx: Supplies a pointer to a context structure that contains the root of
+ *	 the policy tree.
+ * @p: Supplies a pointer to the policy to create a securityfs entry for.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_new_policyfs_node(struct ipe_context *ctx, struct ipe_policy *p)
+{
+	int rc = 0;
+	size_t i = 0;
+	struct dentry *d = NULL;
+	struct ipe_policy **addr = NULL;
+	const struct ipefs_file *f = NULL;
+
+	p->policyfs = securityfs_create_dir(p->parsed->name, ctx->policy_root);
+	if (IS_ERR(p->policyfs)) {
+		rc = PTR_ERR(p->policyfs);
+		goto err;
+	}
+
+	addr = (struct ipe_policy **)&(d_inode(p->policyfs)->i_private);
+	*addr = p;
+
+	for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
+		f = &policy_subdir[i];
+
+		d = securityfs_create_file(f->name, f->access, p->policyfs, p->policyfs,
+					   f->fops);
+		if (IS_ERR(d)) {
+			rc = PTR_ERR(d);
+			goto err;
+		}
+	}
+
+	return 0;
+err:
+	ipe_del_policyfs_node(p);
+	return rc;
+}
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (3 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 04/16] ipe: add userspace interface deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 20:04   ` Casey Schaufler
  2021-10-25 12:22   ` Roberto Sassu
  2021-10-13 19:06 ` [RFC PATCH v7 06/16] uapi|audit: add trust audit message definitions deven.desai
                   ` (11 subsequent siblings)
  16 siblings, 2 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

IPE's initial goal is to control both execution and the loading of
kernel modules based on the system's definition of trust. It
accomplishes this by plugging into the security hooks for execve,
mprotect, mmap, kernel_load_data and kernel_read_data.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Split up patch 02/12 into four parts:
      1. context creation [01/16]
      2. audit [07/16]
      3. evaluation loop [03/16]
      4. access control hooks [05/16] (this patch)

---
 security/ipe/hooks.c  | 149 ++++++++++++++++++++++++++++++++++++++++++
 security/ipe/hooks.h  |  23 ++++++-
 security/ipe/ipe.c    |   5 ++
 security/ipe/policy.c |  23 +++++++
 security/ipe/policy.h |  12 +++-
 5 files changed, 209 insertions(+), 3 deletions(-)

diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index ed0c886eaa5a..216242408a80 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -6,11 +6,15 @@
 #include "ipe.h"
 #include "ctx.h"
 #include "hooks.h"
+#include "eval.h"
 
+#include <linux/fs.h>
 #include <linux/sched.h>
 #include <linux/types.h>
 #include <linux/refcount.h>
 #include <linux/rcupdate.h>
+#include <linux/binfmts.h>
+#include <linux/mman.h>
 
 /**
  * ipe_task_alloc: Assign a new context for an associated task structure.
@@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
 	ipe_put_ctx(ctx);
 	rcu_read_unlock();
 }
+
+/**
+ * ipe_on_exec: LSM hook called when a process is loaded through the exec
+ *		family of system calls.
+ * @bprm: Supplies a pointer to a linux_binprm structure to source the file
+ *	  being evaluated.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_on_exec(struct linux_binprm *bprm)
+{
+	return ipe_process_event(bprm->file, ipe_operation_exec, ipe_hook_exec);
+}
+
+/**
+ * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
+ *		family of system calls.
+ * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
+ * @reqprot: The requested protection on the mmap, passed from usermode.
+ * @prot: The effective protection on the mmap, resolved from reqprot and
+ *	  system configuration.
+ * @flags: Unused.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
+		unsigned long flags)
+{
+	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
+		return ipe_process_event(f, ipe_operation_exec, ipe_hook_mmap);
+
+	return 0;
+}
+
+/**
+ * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is changing
+ *		    its protections via mprotect.
+ * @vma: Existing virtual memory area created by mmap or similar
+ * @reqprot: The requested protection on the mmap, passed from usermode.
+ * @prot: The effective protection on the mmap, resolved from reqprot and
+ *	  system configuration.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
+		    unsigned long prot)
+{
+	/* Already Executable */
+	if (vma->vm_flags & VM_EXEC)
+		return 0;
+
+	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
+		return ipe_process_event(vma->vm_file, ipe_operation_exec,
+					 ipe_hook_mprotect);
+
+	return 0;
+}
+
+/**
+ * ipe_on_kernel_read: LSM hook called when a file is being read in from
+ *		       disk.
+ * @file: Supplies a pointer to the file structure being read in from disk
+ * @id: Supplies the enumeration identifying the purpose of the read.
+ * @contents: Unused.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
+		       bool contents)
+{
+	enum ipe_operation op;
+
+	switch (id) {
+	case READING_FIRMWARE:
+		op = ipe_operation_firmware;
+		break;
+	case READING_MODULE:
+		op = ipe_operation_kernel_module;
+		break;
+	case READING_KEXEC_INITRAMFS:
+		op = ipe_operation_kexec_initramfs;
+		break;
+	case READING_KEXEC_IMAGE:
+		op = ipe_operation_kexec_image;
+		break;
+	case READING_POLICY:
+		op = ipe_operation_ima_policy;
+		break;
+	case READING_X509_CERTIFICATE:
+		op = ipe_operation_ima_x509;
+		break;
+	default:
+		op = ipe_operation_max;
+	}
+
+	return ipe_process_event(file, op, ipe_hook_kernel_read);
+}
+
+/**
+ * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in from
+ *			    disk.
+ * @id: Supplies the enumeration identifying the purpose of the read.
+ * @contents: Unused.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
+{
+	enum ipe_operation op;
+
+	switch (id) {
+	case LOADING_FIRMWARE:
+		op = ipe_operation_firmware;
+		break;
+	case LOADING_MODULE:
+		op = ipe_operation_kernel_module;
+		break;
+	case LOADING_KEXEC_INITRAMFS:
+		op = ipe_operation_kexec_initramfs;
+		break;
+	case LOADING_KEXEC_IMAGE:
+		op = ipe_operation_kexec_image;
+		break;
+	case LOADING_POLICY:
+		op = ipe_operation_ima_policy;
+		break;
+	case LOADING_X509_CERTIFICATE:
+		op = ipe_operation_ima_x509;
+		break;
+	default:
+		op = ipe_operation_max;
+	}
+
+	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index 58ed4a612e26..c99a0b7f45f7 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -5,11 +5,19 @@
 #ifndef IPE_HOOKS_H
 #define IPE_HOOKS_H
 
+#include <linux/fs.h>
 #include <linux/types.h>
 #include <linux/sched.h>
+#include <linux/binfmts.h>
+#include <linux/security.h>
 
 enum ipe_hook {
-	ipe_hook_max = 0
+	ipe_hook_exec = 0,
+	ipe_hook_mmap,
+	ipe_hook_mprotect,
+	ipe_hook_kernel_read,
+	ipe_hook_kernel_load,
+	ipe_hook_max
 };
 
 int ipe_task_alloc(struct task_struct *task,
@@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
 
 void ipe_task_free(struct task_struct *task);
 
+int ipe_on_exec(struct linux_binprm *bprm);
+
+int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
+		unsigned long flags);
+
+int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
+		    unsigned long prot);
+
+int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
+		       bool contents);
+
+int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
+
 #endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index b58b372327a1..3f9d43783293 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
 static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
 	LSM_HOOK_INIT(task_free, ipe_task_free),
+	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
+	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
+	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
+	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
+	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
 };
 
 /**
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index b766824cc08f..048500229365 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -483,6 +483,14 @@ int ipe_parse_op(const struct ipe_policy_token *tok,
 {
 	substring_t match[MAX_OPT_ARGS] = { 0 };
 	const match_table_t ops = {
+		{ ipe_operation_exec,		 "EXECUTE" },
+		{ ipe_operation_firmware,	 "FIRMWARE" },
+		{ ipe_operation_kernel_module,	 "KMODULE" },
+		{ ipe_operation_kexec_image,	 "KEXEC_IMAGE" },
+		{ ipe_operation_kexec_initramfs, "KEXEC_INITRAMFS"},
+		{ ipe_operation_ima_policy,	 "IMA_POLICY" },
+		{ ipe_operation_ima_x509,	 "IMA_X509_CERT" },
+		{ ipe_op_alias_kernel_read,	 "KERNEL_READ" },
 		{ ipe_op_alias_max, NULL },
 	};
 
@@ -838,6 +846,15 @@ static int parse_policy(struct ipe_policy *p)
 	return rc;
 }
 
+static const enum ipe_operation alias_kread[] = {
+	ipe_operation_firmware,
+	ipe_operation_kernel_module,
+	ipe_operation_ima_policy,
+	ipe_operation_ima_x509,
+	ipe_operation_kexec_image,
+	ipe_operation_kexec_initramfs,
+};
+
 /**
  * ipe_is_op_alias: Determine if @op is an alias for one or more operations
  * @op: Supplies the operation to check. Should be either ipe_operation or
@@ -852,9 +869,15 @@ static int parse_policy(struct ipe_policy *p)
 bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
 {
 	switch (op) {
+	case ipe_op_alias_kernel_read:
+		*map = alias_kread;
+		*size = ARRAY_SIZE(alias_kread);
+		break;
 	default:
 		return false;
 	}
+
+	return true;
 }
 
 /**
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 6818f6405dd0..ca37af46e5af 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -26,7 +26,14 @@ struct ipe_policy_line {
 struct ipe_module;
 
 enum ipe_operation {
-	ipe_operation_max = 0,
+	ipe_operation_exec = 0,
+	ipe_operation_firmware,
+	ipe_operation_kernel_module,
+	ipe_operation_kexec_image,
+	ipe_operation_kexec_initramfs,
+	ipe_operation_ima_policy,
+	ipe_operation_ima_x509,
+	ipe_operation_max
 };
 
 /*
@@ -34,7 +41,8 @@ enum ipe_operation {
  * that are just one or more operations under the hood
  */
 enum ipe_op_alias {
-	ipe_op_alias_max = ipe_operation_max,
+	ipe_op_alias_kernel_read = ipe_operation_max,
+	ipe_op_alias_max,
 };
 
 enum ipe_action {
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 06/16] uapi|audit: add trust audit message definitions
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (4 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 07/16] ipe: add auditing support deven.desai
                   ` (10 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Introduce new definitions to audit.h centered around trust
decisions and policy loading and activation, as an extension
of the mandatory access control fields.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Change audit records to MAC region (14XX) from
    Integrity region (18XX), as IPE is an effectively a MAC system
    around trust versus an extension to the integrity subsystem.
  * Generalize the #defines to support the class of trust-based
    Access-Control LSMs.

---
 include/uapi/linux/audit.h | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index daa481729e9b..3a83b3605896 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -139,6 +139,10 @@
 #define AUDIT_MAC_UNLBL_STCDEL	1417	/* NetLabel: del a static label */
 #define AUDIT_MAC_CALIPSO_ADD	1418	/* NetLabel: add CALIPSO DOI entry */
 #define AUDIT_MAC_CALIPSO_DEL	1419	/* NetLabel: del CALIPSO DOI entry */
+#define AUDIT_TRUST_RESULT	1420	/* IPE Denial or Grant */
+#define AUDIT_TRUST_POLICY_LOAD 1421	/* IPE Policy Load */
+#define AUDIT_TRUST_POLICY_ACTIVATE 1422	/* IPE Policy Activate */
+#define AUDIT_TRUST_STATUS	1423	/* IPE enforcing,permissive */
 
 #define AUDIT_FIRST_KERN_ANOM_MSG   1700
 #define AUDIT_LAST_KERN_ANOM_MSG    1799
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (5 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 06/16] uapi|audit: add trust audit message definitions deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 20:02   ` Steve Grubb
  2021-10-13 22:54   ` Randy Dunlap
  2021-10-13 19:06 ` [RFC PATCH v7 08/16] ipe: add permissive toggle deven.desai
                   ` (9 subsequent siblings)
  16 siblings, 2 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Users of IPE require a way to identify when and why an operation fails,
allowing them to both respond to violations of policy and be notified
of potentially malicious actions on their systens with respect to IPE
itself.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Split up patch 02/12 into four parts:
      1. context creation [01/16]
      2. audit [07/16] (this patch)
      3. evaluation loop [03/16]
      4. access control hooks [05/16]

---
 security/ipe/Kconfig              |  52 ++++++
 security/ipe/Makefile             |   2 +
 security/ipe/audit.c              | 264 ++++++++++++++++++++++++++++++
 security/ipe/audit.h              |  36 ++++
 security/ipe/ctx.c                |  18 ++
 security/ipe/ctx.h                |   2 +
 security/ipe/eval.c               |   8 +
 security/ipe/eval.h               |   7 +
 security/ipe/fs.c                 |  79 +++++++++
 security/ipe/modules/ipe_module.h |   2 +
 10 files changed, 470 insertions(+)
 create mode 100644 security/ipe/audit.c
 create mode 100644 security/ipe/audit.h

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index c4503083e92d..ef556b66e674 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -17,3 +17,55 @@ menuconfig SECURITY_IPE
 	  requirements on the fly.
 
 	  If unsure, answer N.
+
+if SECURITY_IPE
+
+choice
+	prompt "Hash algorithm used in auditing policies"
+	default IPE_AUDIT_HASH_SHA1
+	depends on AUDIT
+	help
+		Specify the hash algorithm used when auditing policies.
+		The hash is used to uniquely identify a policy from other
+		policies on the system.
+
+		If unsure, leave default.
+
+	config IPE_AUDIT_HASH_SHA1
+		bool "sha1"
+		depends on CRYPTO_SHA1
+		help
+			Use the SHA128 algorithm to hash policies
+			in the audit records.
+
+	config IPE_AUDIT_HASH_SHA256
+		bool "sha256"
+		depends on CRYPTO_SHA256
+		help
+			Use the SHA256 algorithm to hash policies
+			in the audit records.
+
+	config IPE_AUDIT_HASH_SHA384
+		bool "sha384"
+		depends on CRYPTO_SHA512
+		help
+			Use the SHA384 algorithm to hash policies
+			in the audit records
+
+	config IPE_AUDIT_HASH_SHA512
+		bool "sha512"
+		depends on CRYPTO_SHA512
+		help
+			Use the SHA512 algorithm to hash policies
+			in the audit records
+endchoice
+
+config IPE_AUDIT_HASH_ALG
+	string
+	depends on AUDIT
+	default "sha1" if IPE_AUDIT_HASH_SHA1
+	default "sha256" if IPE_AUDIT_HASH_SHA256
+	default "sha384" if IPE_AUDIT_HASH_SHA384
+	default "sha512" if IPE_AUDIT_HASH_SHA512
+
+endif
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index d5660a17364c..6d9ac818e8c6 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -18,3 +18,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
 	parsers.o \
 	policy.o \
 	policyfs.o \
+
+obj-$(CONFIG_AUDIT) += audit.o
diff --git a/security/ipe/audit.c b/security/ipe/audit.c
new file mode 100644
index 000000000000..5f6c0a52b0cb
--- /dev/null
+++ b/security/ipe/audit.c
@@ -0,0 +1,264 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "eval.h"
+#include "hooks.h"
+#include "policy.h"
+#include "audit.h"
+#include "modules/ipe_module.h"
+
+#include <linux/slab.h>
+#include <linux/audit.h>
+#include <linux/types.h>
+#include <crypto/hash.h>
+
+#define NULLSTR(x) ((x) == NULL ? "NULL" : "!NULL")
+#define ACTSTR(x) ((x) == ipe_action_allow ? "ALLOW" : "DENY")
+
+#define POLICY_LOAD_FMT "IPE policy_name=%s policy_version=%hu.%hu.%hu "\
+			CONFIG_IPE_AUDIT_HASH_ALG "="
+
+static const char *const audit_hook_names[ipe_hook_max] = {
+	"EXECVE",
+	"MMAP",
+	"MPROTECT",
+	"KERNEL_READ",
+	"KERNEL_LOAD",
+};
+
+static const char *const audit_op_names[ipe_operation_max] = {
+	"EXECUTE",
+	"FIRMWARE",
+	"KMODULE",
+	"KEXEC_IMAGE",
+	"KEXEC_INITRAMFS",
+	"IMA_X509_CERT",
+	"IMA_POLICY",
+};
+
+/**
+ * audit_pathname: retrieve the absoute path to a file being evaluated.
+ * @f: File to retrieve the absolute path for.
+ *
+ * This function walks past symlinks and mounts.
+ *
+ * Return:
+ * !IS_ERR - OK
+ */
+static char *audit_pathname(const struct file *f)
+{
+	int rc = 0;
+	char *pos = NULL;
+	char *pathbuf = NULL;
+	char *temp_path = NULL;
+
+	if (IS_ERR_OR_NULL(f))
+		return ERR_PTR(-ENOENT);
+
+	pathbuf = __getname();
+	if (!pathbuf)
+		return ERR_PTR(-ENOMEM);
+
+	pos = d_absolute_path(&f->f_path, pathbuf, PATH_MAX);
+	if (IS_ERR(pos)) {
+		rc = PTR_ERR(pos);
+		goto err;
+	}
+
+	temp_path = __getname();
+	if (!temp_path) {
+		rc = -ENOMEM;
+		goto err;
+	}
+
+	strscpy(temp_path, pos, PATH_MAX);
+	__putname(pathbuf);
+
+	return temp_path;
+err:
+	__putname(pathbuf);
+	return ERR_PTR(rc);
+}
+
+/**
+ * audit_eval_ctx: audit an evaluation context structure.
+ * @ab: Supplies a poniter to the audit_buffer to append to.
+ * @ctx: Supplies a pointer to the evaluation context to audit
+ * @enforce: Supplies a boolean representing the enforcement state
+ */
+static void audit_eval_ctx(struct audit_buffer *ab,
+			   const struct ipe_eval_ctx *const ctx, bool enforce)
+{
+	char *abspath = NULL;
+
+	audit_log_format(ab, "ctx_pid=%d ", task_tgid_nr(current));
+	audit_log_format(ab, "ctx_op=%s ", audit_op_names[ctx->op]);
+	audit_log_format(ab, "ctx_hook=%s ", audit_hook_names[ctx->hook]);
+	audit_log_format(ab, "ctx_ns_enforce=%d ", enforce);
+	audit_log_format(ab, "ctx_comm=");
+	audit_log_n_untrustedstring(ab, current->comm, ARRAY_SIZE(current->comm));
+	audit_log_format(ab, " ");
+
+	/* best effort */
+	if (ctx->file) {
+		abspath = audit_pathname(ctx->file);
+		if (!IS_ERR(abspath)) {
+			audit_log_format(ab, "ctx_pathname=");
+			audit_log_n_untrustedstring(ab, abspath, PATH_MAX);
+			__putname(abspath);
+		}
+
+		audit_log_format(ab, " ctx_ino=%ld ctx_dev=%s",
+				 ctx->file->f_inode->i_ino,
+				 ctx->file->f_inode->i_sb->s_id);
+	}
+}
+
+/**
+ * audit_rule: audit an IPE policy rule approximation.
+ * @ab: Supplies a poniter to the audit_buffer to append to.
+ * @r: Supplies a pointer to the ipe_rule to approximate a string form for.
+ *
+ * This is an approximation because aliases like "KERNEL_READ" will be
+ * emitted in their expanded form.
+ */
+static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
+{
+	const struct ipe_policy_mod *ptr;
+
+	audit_log_format(ab, "rule=\"op=%s ", audit_op_names[r->op]);
+
+	list_for_each_entry(ptr, &r->modules, next) {
+		audit_log_format(ab, "%s=", ptr->mod->name);
+
+		ptr->mod->audit(ab, ptr->mod_value);
+
+		audit_log_format(ab, " ");
+	}
+
+	audit_log_format(ab, "action=%s\"", ACTSTR(r->action));
+}
+
+/**
+ * ipe_audit_match: audit a match for IPE policy.
+ * @ctx: Supplies a poniter to the evaluation context that was used in the
+ *	 evaluation.
+ * @match_type: Supplies the scope of the match: rule, operation default,
+ *		global default.
+ * @act: Supplies the IPE's evaluation decision, deny or allow.
+ * @r: Supplies a pointer to the rule that was matched, if possible.
+ * @enforce: Supplies the enforcement/permissive state at the point
+ *	     the enforcement decision was made.
+ */
+void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
+		     enum ipe_match match_type,
+		     enum ipe_action act, const struct ipe_rule *const r,
+		     bool enforce)
+{
+	struct audit_buffer *ab;
+	bool success_audit;
+
+	rcu_read_lock();
+	success_audit = READ_ONCE(ctx->ci_ctx->success_audit);
+	rcu_read_unlock();
+
+	if (act != ipe_action_deny && !success_audit)
+		return;
+
+	ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_TRUST_RESULT);
+	if (!ab)
+		return;
+
+	audit_log_format(ab, "IPE ");
+	audit_eval_ctx(ab, ctx, enforce);
+	audit_log_format(ab, " ");
+
+	if (match_type == ipe_match_rule)
+		audit_rule(ab, r);
+	else if (match_type == ipe_match_table)
+		audit_log_format(ab, "rule=\"DEFAULT op=%s action=%s\"",
+				 audit_op_names[ctx->op], ACTSTR(act));
+	else
+		audit_log_format(ab, "rule=\"DEFAULT action=%s\"",
+				 ACTSTR(act));
+
+	audit_log_end(ab);
+}
+
+/**
+ * audit_policy: Audit a policy's name, version and thumprint to @ab
+ * @ab: Supplies a pointer to the audit buffer to append to.
+ * @p: Supplies a pointer to the policy to audit
+ */
+static void audit_policy(struct audit_buffer *ab,
+			 const struct ipe_policy *const p)
+{
+	u8 *digest = NULL;
+	struct crypto_shash *tfm;
+	SHASH_DESC_ON_STACK(desc, tfm);
+
+	tfm = crypto_alloc_shash(CONFIG_IPE_AUDIT_HASH_ALG, 0, 0);
+	if (IS_ERR(tfm))
+		return;
+
+	desc->tfm = tfm;
+
+	digest = kzalloc(crypto_shash_digestsize(tfm), GFP_KERNEL);
+	if (!digest)
+		goto out;
+
+	if (crypto_shash_init(desc))
+		goto out;
+
+	if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len))
+		goto out;
+
+	if (crypto_shash_final(desc, digest))
+		goto out;
+
+	audit_log_format(ab, POLICY_LOAD_FMT, p->parsed->name,
+			 p->parsed->version.major, p->parsed->version.minor,
+			 p->parsed->version.rev);
+	audit_log_n_hex(ab, digest, crypto_shash_digestsize(tfm));
+
+out:
+	kfree(digest);
+	crypto_free_shash(tfm);
+}
+
+/**
+ * ipe_audit_policy_activation: Audit a policy being made the active policy.
+ * @p: Supplies a pointer to the policy to audit
+ */
+void ipe_audit_policy_activation(const struct ipe_policy *const p)
+{
+	struct audit_buffer *ab;
+
+	ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_TRUST_POLICY_ACTIVATE);
+	if (!ab)
+		return;
+
+	audit_policy(ab, p);
+
+	audit_log_end(ab);
+}
+
+/**
+ * ipe_audit_policy_load: Audit a policy being loaded into the kernel.
+ * @p: Supplies a pointer to the policy to audit
+ */
+void ipe_audit_policy_load(const struct ipe_policy *const p)
+{
+	struct audit_buffer *ab;
+
+	ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_TRUST_POLICY_LOAD);
+	if (!ab)
+		return;
+
+	audit_policy(ab, p);
+
+	audit_log_end(ab);
+}
diff --git a/security/ipe/audit.h b/security/ipe/audit.h
new file mode 100644
index 000000000000..6b6880f6e8e7
--- /dev/null
+++ b/security/ipe/audit.h
@@ -0,0 +1,36 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_AUDIT_H
+#define IPE_AUDIT_H
+
+#include "ipe.h"
+#include "eval.h"
+
+#ifdef CONFIG_AUDIT
+void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
+		     enum ipe_match match_type,
+		     enum ipe_action act, const struct ipe_rule *const r,
+		     bool enforce);
+void ipe_audit_policy_load(const struct ipe_policy *const p);
+void ipe_audit_policy_activation(const struct ipe_policy *const p);
+#else
+static inline void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
+				   enum ipe_match match_type,
+				   enum ipe_action act, const struct ipe_rule *const r,
+				   bool enforce)
+{
+}
+
+static inline void ipe_audit_policy_load(const struct ipe_policy *const p)
+{
+}
+
+static inline void ipe_audit_policy_activation(const struct ipe_policy *const p)
+{
+}
+#endif /* CONFIG_AUDIT */
+
+#endif /* IPE_AUDIT_H */
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
index 664c671a4f9c..77475aedbfe9 100644
--- a/security/ipe/ctx.c
+++ b/security/ipe/ctx.c
@@ -6,12 +6,16 @@
 #include "ipe.h"
 #include "ctx.h"
 #include "policy.h"
+#include "audit.h"
 
 #include <linux/slab.h>
 #include <linux/types.h>
 #include <linux/parser.h>
 #include <linux/refcount.h>
 #include <linux/spinlock.h>
+#include <linux/moduleparam.h>
+
+static bool success_audit;
 
 /**
  * ver_to_u64: convert an internal ipe_policy_version to a u64
@@ -265,6 +269,7 @@ int ipe_set_active_pol(const struct ipe_policy *p)
 	spin_unlock(&ctx->lock);
 	synchronize_rcu();
 
+	ipe_audit_policy_activation(p);
 out:
 	ipe_put_policy(ap);
 	ipe_put_ctx(ctx);
@@ -330,6 +335,10 @@ int __init ipe_init_ctx(void)
 		goto err;
 	}
 
+	spin_lock(&lns->lock);
+	WRITE_ONCE(lns->success_audit, success_audit);
+	spin_unlock(&lns->lock);
+
 	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
 
 	return 0;
@@ -337,3 +346,12 @@ int __init ipe_init_ctx(void)
 	ipe_put_ctx(lns);
 	return rc;
 }
+
+/* Set the right module name */
+#ifdef KBUILD_MODNAME
+#undef KBUILD_MODNAME
+#define KBUILD_MODNAME "ipe"
+#endif
+
+module_param(success_audit, bool, 0400);
+MODULE_PARM_DESC(success_audit, "Start IPE with success auditing enabled");
diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
index fe11fb767788..31aea2fb9e49 100644
--- a/security/ipe/ctx.h
+++ b/security/ipe/ctx.h
@@ -15,6 +15,8 @@
 struct ipe_context {
 	struct ipe_policy __rcu *active_policy;
 
+	bool __rcu success_audit;
+
 	refcount_t refcount;
 	/* Protects concurrent writers */
 	spinlock_t lock;
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index b732f76cfd05..dcb62179e4bf 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -9,6 +9,7 @@
 #include "hooks.h"
 #include "policy.h"
 #include "modules/ipe_module.h"
+#include "audit.h"
 
 #include <linux/slab.h>
 #include <linux/file.h>
@@ -73,7 +74,9 @@ static int evaluate(const struct ipe_eval_ctx *const ctx)
 {
 	int rc = 0;
 	bool match = false;
+	bool enforcing = true;
 	enum ipe_action action;
+	enum ipe_match match_type;
 	struct ipe_policy *pol = NULL;
 	const struct ipe_rule *rule = NULL;
 	const struct ipe_policy_mod *module = NULL;
@@ -97,12 +100,17 @@ static int evaluate(const struct ipe_eval_ctx *const ctx)
 
 	if (match) {
 		action = rule->action;
+		match_type = ipe_match_rule;
 	} else if (rules->default_action != ipe_action_max) {
 		action = rules->default_action;
+		match_type = ipe_match_table;
 	} else {
 		action = pol->parsed->global_default;
+		match_type = ipe_match_global;
 	}
 
+	ipe_audit_match(ctx, match_type, action, rule, enforcing);
+
 	if (action == ipe_action_deny)
 		rc = -EACCES;
 
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index db6da2998a20..8c08eed5af2b 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -20,6 +20,13 @@ struct ipe_eval_ctx {
 	struct ipe_context *ci_ctx;
 };
 
+enum ipe_match {
+	ipe_match_rule = 0,
+	ipe_match_table,
+	ipe_match_global,
+	ipe_match_max
+};
+
 int ipe_process_event(const struct file *file, enum ipe_operation op,
 		      enum ipe_hook hook);
 
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
index 10ad23f8bf92..c202c0753755 100644
--- a/security/ipe/fs.c
+++ b/security/ipe/fs.c
@@ -5,6 +5,7 @@
 #include "ipe.h"
 #include "fs.h"
 #include "policy.h"
+#include "audit.h"
 
 #include <linux/dcache.h>
 #include <linux/security.h>
@@ -12,6 +13,70 @@
 static struct dentry *np __ro_after_init;
 static struct dentry *root __ro_after_init;
 static struct dentry *config __ro_after_init;
+static struct dentry *success_audit __ro_after_init;
+
+/**
+ * setaudit: Write handler for the securityfs node, "ipe/success_audit"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t setaudit(struct file *f, const char __user *data,
+			size_t len, loff_t *offset)
+{
+	int rc = 0;
+	bool value;
+	struct ipe_context *ctx;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	rc = kstrtobool_from_user(data, len, &value);
+	if (rc)
+		return rc;
+
+	ctx = ipe_current_ctx();
+
+	spin_lock(&ctx->lock);
+	WRITE_ONCE(ctx->success_audit, value);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	ipe_put_ctx(ctx);
+	return len;
+}
+
+/**
+ * getaudit: Read handler for the securityfs node, "ipe/success_audit"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the read syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t getaudit(struct file *f, char __user *data,
+			size_t len, loff_t *offset)
+{
+	const char *result;
+	struct ipe_context *ctx;
+
+	ctx = ipe_current_ctx();
+
+	rcu_read_lock();
+	result = ((READ_ONCE(ctx->success_audit)) ? "1" : "0");
+	rcu_read_unlock();
+
+	ipe_put_ctx(ctx);
+	return simple_read_from_buffer(data, len, offset, result, 2);
+}
 
 /**
  * new_policy: Write handler for the securityfs node, "ipe/new_policy"
@@ -54,6 +119,7 @@ static ssize_t new_policy(struct file *f, const char __user *data,
 		goto err;
 
 	ipe_add_policy(ctx, p);
+	ipe_audit_policy_load(p);
 err:
 	ipe_put_policy(p);
 	ipe_put_ctx(ctx);
@@ -119,6 +185,11 @@ static const struct file_operations np_fops = {
 	.write = new_policy,
 };
 
+static const struct file_operations audit_fops = {
+	.write = setaudit,
+	.read = getaudit,
+};
+
 /**
  * ipe_init_securityfs: Initialize IPE's securityfs tree at fsinit
  *
@@ -152,6 +223,13 @@ static int __init ipe_init_securityfs(void)
 		goto err;
 	}
 
+	success_audit = securityfs_create_file("success_audit", 0600, root,
+					       NULL, &audit_fops);
+	if (IS_ERR(success_audit)) {
+		rc = PTR_ERR(success_audit);
+		goto err;
+	}
+
 	ctx->policy_root = securityfs_create_dir("policies", root);
 	if (IS_ERR(ctx->policy_root)) {
 		rc = PTR_ERR(ctx->policy_root);
@@ -163,6 +241,7 @@ static int __init ipe_init_securityfs(void)
 	securityfs_remove(np);
 	securityfs_remove(root);
 	securityfs_remove(config);
+	securityfs_remove(success_audit);
 	securityfs_remove(ctx->policy_root);
 	return rc;
 }
diff --git a/security/ipe/modules/ipe_module.h b/security/ipe/modules/ipe_module.h
index b4f975e9218a..6855815d72da 100644
--- a/security/ipe/modules/ipe_module.h
+++ b/security/ipe/modules/ipe_module.h
@@ -6,6 +6,7 @@
 #define IPE_MODULE_H
 
 #include <linux/types.h>
+#include <linux/audit.h>
 #include "../eval.h"
 
 /**
@@ -26,6 +27,7 @@ struct ipe_module {
 	int (*free)(void **value);			/* optional */
 	bool (*eval)(const struct ipe_eval_ctx *ctx,	/* required */
 		     const void *val);
+	void (*audit)(struct audit_buffer *ab, const void *val); /* required */
 };
 
 #define IPE_MODULE(parser)				\
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 08/16] ipe: add permissive toggle
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (6 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 07/16] ipe: add auditing support deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 09/16] ipe: introduce 'boot_verified' as a trust provider deven.desai
                   ` (8 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

IPE, like SELinux, supports a permissive mode. This mode allows policy
authors to test and evaluate IPE policy without it effecting their
programs.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Refactor series to:
      1. Support a context structure, enabling easier testing
      2. Make parser code cleaner
  * Split up patch 02/12 into four parts:
      1. context creation [01/16]
      2. audit [07/16]
      3. evaluation loop [03/16]
      4. access control hooks [05/16]
      5. permissive mode [08/16]

---
 security/ipe/audit.c | 40 +++++++++++++++++++++++
 security/ipe/audit.h |  5 +++
 security/ipe/ctx.c   |  6 ++++
 security/ipe/ctx.h   |  1 +
 security/ipe/eval.c  |  6 ++++
 security/ipe/fs.c    | 78 ++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 136 insertions(+)

diff --git a/security/ipe/audit.c b/security/ipe/audit.c
index 5f6c0a52b0cb..82bf94b83fe1 100644
--- a/security/ipe/audit.c
+++ b/security/ipe/audit.c
@@ -262,3 +262,43 @@ void ipe_audit_policy_load(const struct ipe_policy *const p)
 
 	audit_log_end(ab);
 }
+
+/**
+ * ipe_audit_enforce: Audit a change in IPE's enforcement state
+ * @ctx: Supplies a pointer to the contexts whose state changed.
+ */
+void ipe_audit_enforce(const struct ipe_context *const ctx)
+{
+	struct audit_buffer *ab;
+	bool enforcing = false;
+
+	ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_TRUST_STATUS);
+	if (!ab)
+		return;
+
+	rcu_read_lock();
+	enforcing = READ_ONCE(ctx->enforce);
+	rcu_read_unlock();
+
+	audit_log_format(ab, "IPE enforce=%d", enforcing);
+
+	audit_log_end(ab);
+}
+
+/**
+ * emit_enforcement: Emit the enforcement state of IPE started with.
+ *
+ * Return:
+ * 0 - Always
+ */
+static int emit_enforcement(void)
+{
+	struct ipe_context *ctx = NULL;
+
+	ctx = ipe_current_ctx();
+	ipe_audit_enforce(ctx);
+	ipe_put_ctx(ctx);
+	return 0;
+}
+
+late_initcall(emit_enforcement);
diff --git a/security/ipe/audit.h b/security/ipe/audit.h
index 6b6880f6e8e7..a9d16323a3c8 100644
--- a/security/ipe/audit.h
+++ b/security/ipe/audit.h
@@ -16,6 +16,7 @@ void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
 		     bool enforce);
 void ipe_audit_policy_load(const struct ipe_policy *const p);
 void ipe_audit_policy_activation(const struct ipe_policy *const p);
+void ipe_audit_enforce(const struct ipe_context *const ctx);
 #else
 static inline void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
 				   enum ipe_match match_type,
@@ -31,6 +32,10 @@ static inline void ipe_audit_policy_load(const struct ipe_policy *const p)
 static inline void ipe_audit_policy_activation(const struct ipe_policy *const p)
 {
 }
+
+static inline void ipe_audit_enforce(const struct ipe_context *const ctx)
+{
+}
 #endif /* CONFIG_AUDIT */
 
 #endif /* IPE_AUDIT_H */
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
index 77475aedbfe9..fc9b8e467bc9 100644
--- a/security/ipe/ctx.c
+++ b/security/ipe/ctx.c
@@ -16,6 +16,7 @@
 #include <linux/moduleparam.h>
 
 static bool success_audit;
+static bool enforce = true;
 
 /**
  * ver_to_u64: convert an internal ipe_policy_version to a u64
@@ -151,6 +152,7 @@ static struct ipe_context *create_ctx(void)
 	INIT_LIST_HEAD(&ctx->policies);
 	refcount_set(&ctx->refcount, 1);
 	spin_lock_init(&ctx->lock);
+	WRITE_ONCE(ctx->enforce, true);
 
 	return ctx;
 
@@ -337,6 +339,7 @@ int __init ipe_init_ctx(void)
 
 	spin_lock(&lns->lock);
 	WRITE_ONCE(lns->success_audit, success_audit);
+	WRITE_ONCE(lns->enforce, enforce);
 	spin_unlock(&lns->lock);
 
 	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
@@ -355,3 +358,6 @@ int __init ipe_init_ctx(void)
 
 module_param(success_audit, bool, 0400);
 MODULE_PARM_DESC(success_audit, "Start IPE with success auditing enabled");
+
+module_param(enforce, bool, 0400);
+MODULE_PARM_DESC(enforce, "Start IPE in enforce or permissive mode");
diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
index 31aea2fb9e49..d7bf9fc6426a 100644
--- a/security/ipe/ctx.h
+++ b/security/ipe/ctx.h
@@ -14,6 +14,7 @@
 
 struct ipe_context {
 	struct ipe_policy __rcu *active_policy;
+	bool __rcu enforce;
 
 	bool __rcu success_audit;
 
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index dcb62179e4bf..e520ce521c05 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -86,6 +86,10 @@ static int evaluate(const struct ipe_eval_ctx *const ctx)
 	if (!pol)
 		goto out;
 
+	rcu_read_lock();
+	enforcing = READ_ONCE(ctx->ci_ctx->enforce);
+	rcu_read_unlock();
+
 	rules = &pol->parsed->rules[ctx->op];
 
 	list_for_each_entry(rule, &rules->rules, next) {
@@ -114,6 +118,8 @@ static int evaluate(const struct ipe_eval_ctx *const ctx)
 	if (action == ipe_action_deny)
 		rc = -EACCES;
 
+	if (!enforcing)
+		rc = 0;
 out:
 	ipe_put_policy(pol);
 	return rc;
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
index c202c0753755..e6b36291e62f 100644
--- a/security/ipe/fs.c
+++ b/security/ipe/fs.c
@@ -13,8 +13,73 @@
 static struct dentry *np __ro_after_init;
 static struct dentry *root __ro_after_init;
 static struct dentry *config __ro_after_init;
+static struct dentry *enforce __ro_after_init;
 static struct dentry *success_audit __ro_after_init;
 
+/**
+ * setenforce: Write handler for the securityfs node, "ipe/enforce"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t setenforce(struct file *f, const char __user *data,
+			  size_t len, loff_t *offset)
+{
+	int rc = 0;
+	bool value;
+	struct ipe_context *ctx;
+
+	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+		return -EPERM;
+
+	rc = kstrtobool_from_user(data, len, &value);
+	if (rc)
+		return rc;
+
+	ctx = ipe_current_ctx();
+
+	spin_lock(&ctx->lock);
+	WRITE_ONCE(ctx->enforce, value);
+	spin_unlock(&ctx->lock);
+	synchronize_rcu();
+
+	ipe_audit_enforce(ctx);
+	ipe_put_ctx(ctx);
+	return len;
+}
+
+/**
+ * getenforce: Read handler for the securityfs node, "ipe/enforce"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the read syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * >0 - Success, Length of buffer written
+ * <0 - Error
+ */
+static ssize_t getenforce(struct file *f, char __user *data,
+			  size_t len, loff_t *offset)
+{
+	const char *result;
+	struct ipe_context *ctx;
+
+	ctx = ipe_current_ctx();
+
+	rcu_read_lock();
+	result = ((READ_ONCE(ctx->enforce)) ? "1" : "0");
+	rcu_read_unlock();
+
+	ipe_put_ctx(ctx);
+	return simple_read_from_buffer(data, len, offset, result, 2);
+}
+
 /**
  * setaudit: Write handler for the securityfs node, "ipe/success_audit"
  * @f: Supplies a file structure representing the securityfs node.
@@ -185,6 +250,11 @@ static const struct file_operations np_fops = {
 	.write = new_policy,
 };
 
+static const struct file_operations enforce_fops = {
+	.write = setenforce,
+	.read = getenforce,
+};
+
 static const struct file_operations audit_fops = {
 	.write = setaudit,
 	.read = getaudit,
@@ -230,6 +300,13 @@ static int __init ipe_init_securityfs(void)
 		goto err;
 	}
 
+	enforce = securityfs_create_file("enforce", 0600, root, NULL,
+					 &enforce_fops);
+	if (IS_ERR(enforce)) {
+		rc = PTR_ERR(enforce);
+		goto err;
+	}
+
 	ctx->policy_root = securityfs_create_dir("policies", root);
 	if (IS_ERR(ctx->policy_root)) {
 		rc = PTR_ERR(ctx->policy_root);
@@ -241,6 +318,7 @@ static int __init ipe_init_securityfs(void)
 	securityfs_remove(np);
 	securityfs_remove(root);
 	securityfs_remove(config);
+	securityfs_remove(enforce);
 	securityfs_remove(success_audit);
 	securityfs_remove(ctx->policy_root);
 	return rc;
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 09/16] ipe: introduce 'boot_verified' as a trust provider
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (7 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 08/16] ipe: add permissive toggle deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data deven.desai
                   ` (7 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

IPE is designed to provide system level trust guarantees, this usually
implies that trust starts from bootup with a hardware root of trust,
which validates the bootloader. After this, the bootloader verifies the
kernel and the initramfs.

As there's no currently supported integrity method for initramfs, and
it's typically already verified by the bootloader, introduce a property
that causes the first superblock to have an execution to be "pinned",
which is typically initramfs.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Reword and refactor patch 04/12 to [09/16]

---
 security/ipe/Kconfig                 |  2 +
 security/ipe/Makefile                |  1 +
 security/ipe/eval.c                  | 71 ++++++++++++++++++++++++++++
 security/ipe/eval.h                  |  5 ++
 security/ipe/hooks.c                 | 14 ++++++
 security/ipe/hooks.h                 |  2 +
 security/ipe/ipe.c                   |  1 +
 security/ipe/modules.c               | 25 ++++++++++
 security/ipe/modules/Kconfig         | 20 ++++++++
 security/ipe/modules/Makefile        |  8 ++++
 security/ipe/modules/boot_verified.c | 24 ++++++++++
 security/ipe/modules/ipe_module.h    |  2 +
 12 files changed, 175 insertions(+)
 create mode 100644 security/ipe/modules/Kconfig
 create mode 100644 security/ipe/modules/Makefile
 create mode 100644 security/ipe/modules/boot_verified.c

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index ef556b66e674..fcf82a8152ec 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -68,4 +68,6 @@ config IPE_AUDIT_HASH_ALG
 	default "sha384" if IPE_AUDIT_HASH_SHA384
 	default "sha512" if IPE_AUDIT_HASH_SHA512
 
+source "security/ipe/modules/Kconfig"
+
 endif
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 6d9ac818e8c6..1e7b2d7fcd9e 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -13,6 +13,7 @@ obj-$(CONFIG_SECURITY_IPE) += \
 	fs.o \
 	hooks.o \
 	ipe.o \
+	modules/ \
 	modules.o \
 	parsers/ \
 	parsers.o \
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index e520ce521c05..361efccebad4 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -11,10 +11,62 @@
 #include "modules/ipe_module.h"
 #include "audit.h"
 
+#include <linux/fs.h>
+#include <linux/types.h>
 #include <linux/slab.h>
 #include <linux/file.h>
 #include <linux/sched.h>
 #include <linux/rcupdate.h>
+#include <linux/spinlock.h>
+
+static struct super_block *pinned_sb;
+static DEFINE_SPINLOCK(pin_lock);
+
+#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
+
+/**
+ * pin_sb: pin the underlying superblock of @f, marking it as trusted
+ * @f: Supplies a file structure to source the super_block from.
+ */
+static void pin_sb(const struct file *f)
+{
+	if (!f)
+		return;
+
+	spin_lock(&pin_lock);
+
+	if (pinned_sb)
+		goto out;
+
+	pinned_sb = FILE_SUPERBLOCK(f);
+
+out:
+	spin_unlock(&pin_lock);
+}
+
+/**
+ * from_pinned: determine whether @f is source from the pinned super_block.
+ * @f: Supplies a file structure to check against the pinned super_block.
+ *
+ * Return:
+ * true - @f is sourced from the pinned super_block
+ * false - @f is not sourced from the pinned super_block
+ */
+static bool from_pinned(const struct file *f)
+{
+	bool rv;
+
+	if (!f)
+		return false;
+
+	spin_lock(&pin_lock);
+
+	rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
+
+	spin_unlock(&pin_lock);
+
+	return rv;
+}
 
 /**
  * build_ctx: Build an evaluation context.
@@ -42,6 +94,7 @@ static struct ipe_eval_ctx *build_ctx(const struct file *file,
 	ctx->op = op;
 	ctx->hook = hook;
 	ctx->ci_ctx = ipe_current_ctx();
+	ctx->from_init_sb = from_pinned(file);
 
 	return ctx;
 }
@@ -145,6 +198,9 @@ int ipe_process_event(const struct file *file, enum ipe_operation op,
 	int rc = 0;
 	struct ipe_eval_ctx *ctx = NULL;
 
+	if (op == ipe_operation_exec)
+		pin_sb(file);
+
 	ctx = build_ctx(file, op, hook);
 	if (IS_ERR(ctx))
 		return PTR_ERR(ctx);
@@ -154,3 +210,18 @@ int ipe_process_event(const struct file *file, enum ipe_operation op,
 	free_ctx(ctx);
 	return rc;
 }
+
+/**
+ * ipe_invalidate_pinned_sb: if @mnt_sb is the pinned superblock, ensure
+ *			     nothing can match it again.
+ * @mnt_sb: super_block to check against the pinned super_block
+ */
+void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
+{
+	spin_lock(&pin_lock);
+
+	if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
+		pinned_sb = ERR_PTR(-EIO);
+
+	spin_unlock(&pin_lock);
+}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 8c08eed5af2b..42fb7fdf2599 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -7,6 +7,7 @@
 #define IPE_EVAL_H
 
 #include <linux/file.h>
+#include <linux/types.h>
 
 #include "ctx.h"
 #include "hooks.h"
@@ -18,6 +19,8 @@ struct ipe_eval_ctx {
 
 	const struct file *file;
 	struct ipe_context *ci_ctx;
+
+	bool from_init_sb;
 };
 
 enum ipe_match {
@@ -30,4 +33,6 @@ enum ipe_match {
 int ipe_process_event(const struct file *file, enum ipe_operation op,
 		      enum ipe_hook hook);
 
+void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
+
 #endif /* IPE_EVAL_H */
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index 216242408a80..2d4a4f0eead0 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -205,3 +205,17 @@ int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
 
 	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
 }
+
+/**
+ * ipe_bdev_free_security: free nested structures within IPE's LSM blob
+ *			   in super_blocks
+ * @mnt_sb: Supplies a pointer to a super_block that contains the structure
+ *	    to free.
+ *
+ * IPE does not have any structures with mnt_sb, but uses this hook to
+ * invalidate a pinned super_block.
+ */
+void ipe_sb_free_security(struct super_block *mnt_sb)
+{
+	ipe_invalidate_pinned_sb(mnt_sb);
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index c99a0b7f45f7..e7f107ab5620 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -38,4 +38,6 @@ int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
 
 int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
 
+void ipe_sb_free_security(struct super_block *mnt_sb);
+
 #endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 3f9d43783293..1382d50078ec 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -30,6 +30,7 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
 	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
 	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
+	LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
 };
 
 /**
diff --git a/security/ipe/modules.c b/security/ipe/modules.c
index fb100c14cce5..3aa9a38fdc0d 100644
--- a/security/ipe/modules.c
+++ b/security/ipe/modules.c
@@ -107,3 +107,28 @@ int ipe_register_module(struct ipe_module *m)
 
 	return 0;
 }
+
+/**
+ * ipe_bool_parse: parse a boolean in IPE's policy and associate
+ *		   it as @value in IPE's policy.
+ * @valstr: Supplies the string parsed from the policy
+ * @value: Supplies a pointer to be populated with the result.
+ *
+ * Modules can use this function for simple true/false values
+ * instead of defining their own.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_bool_parse(const char *valstr, void **value)
+{
+	if (!strcmp(valstr, "TRUE"))
+		*value = (void *)true;
+	else if (!strcmp(valstr, "FALSE"))
+		*value = (void *)false;
+	else
+		return -EBADMSG;
+
+	return 0;
+}
diff --git a/security/ipe/modules/Kconfig b/security/ipe/modules/Kconfig
new file mode 100644
index 000000000000..fad96ba534e2
--- /dev/null
+++ b/security/ipe/modules/Kconfig
@@ -0,0 +1,20 @@
+
+menu "IPE Trust Providers"
+
+config IPE_PROP_BOOT_VERIFIED
+	bool "Enable trust for initramfs"
+	depends on SECURITY_IPE
+	default N
+	help
+	  This option enables the property 'boot_verified' in IPE policy.
+	  This property 'pins' the initial superblock when something
+	  is evaluated as an execution. This property will evaluate
+	  to true when the file being evaluated originates from this
+	  superblock.
+
+	  This property is useful to authorize a signed initramfs.
+
+	  If unsure, answer N.
+
+
+endmenu
diff --git a/security/ipe/modules/Makefile b/security/ipe/modules/Makefile
new file mode 100644
index 000000000000..e0045ec65434
--- /dev/null
+++ b/security/ipe/modules/Makefile
@@ -0,0 +1,8 @@
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (C) Microsoft Corporation. All rights reserved.
+#
+# Makefile for building the IPE module as part of the kernel tree.
+#
+
+obj-$(CONFIG_IPE_PROP_BOOT_VERIFIED) += boot_verified.o
diff --git a/security/ipe/modules/boot_verified.c b/security/ipe/modules/boot_verified.c
new file mode 100644
index 000000000000..3ab944a485c6
--- /dev/null
+++ b/security/ipe/modules/boot_verified.c
@@ -0,0 +1,24 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe_module.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+
+static bool bv_eval(const struct ipe_eval_ctx *ctx, const void *val)
+{
+	bool expect = (bool)val;
+
+	return expect == ctx->from_init_sb;
+}
+
+IPE_MODULE(bv) = {
+	.name = "boot_verified",
+	.version = 1,
+	.parse = ipe_bool_parse,
+	.free = NULL,
+	.eval = bv_eval,
+};
diff --git a/security/ipe/modules/ipe_module.h b/security/ipe/modules/ipe_module.h
index 6855815d72da..08835627bd72 100644
--- a/security/ipe/modules/ipe_module.h
+++ b/security/ipe/modules/ipe_module.h
@@ -9,6 +9,8 @@
 #include <linux/audit.h>
 #include "../eval.h"
 
+int ipe_bool_parse(const char *valstr, void **value);
+
 /**
  * ipe_module: definition of an extensible module for IPE properties.
  *	       These structures are used to implement 'key=value' pairs
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (8 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 09/16] ipe: introduce 'boot_verified' as a trust provider deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider deven.desai
                   ` (6 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

dm-verity operates on the block_device level. In order to allow IPE to
determine if a file is sourced from a dm-verity volume, and how that
dm-verity volume was created, create an LSM blob with the signature
data and roothash information, allowing IPE to make decisions about
controls to a resource based on dm-verity information.

Co-developed-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v5:
  * Change if statement condition in security_bdev_setsecurity to be
    more concise, as suggested by Casey Schaufler and Al Viro

Relevant changes since v6:
  * Squash patch 05/12, 07/12, 09/12 to [10/16]

---
 block/bdev.c                      |  7 ++++
 drivers/md/dm-verity-target.c     | 20 ++++++++-
 drivers/md/dm-verity-verify-sig.c | 16 +++++--
 drivers/md/dm-verity-verify-sig.h | 10 +++--
 include/linux/blk_types.h         |  1 +
 include/linux/device-mapper.h     |  3 ++
 include/linux/lsm_hook_defs.h     |  5 +++
 include/linux/lsm_hooks.h         | 12 ++++++
 include/linux/security.h          | 22 ++++++++++
 security/security.c               | 70 +++++++++++++++++++++++++++++++
 10 files changed, 157 insertions(+), 9 deletions(-)

diff --git a/block/bdev.c b/block/bdev.c
index 485a258b0ab3..4c0d6aaa1f08 100644
--- a/block/bdev.c
+++ b/block/bdev.c
@@ -23,6 +23,7 @@
 #include <linux/pseudo_fs.h>
 #include <linux/uio.h>
 #include <linux/namei.h>
+#include <linux/security.h>
 #include <linux/cleancache.h>
 #include <linux/part_stat.h>
 #include <linux/uaccess.h>
@@ -393,6 +394,11 @@ static struct inode *bdev_alloc_inode(struct super_block *sb)
 	if (!ei)
 		return NULL;
 	memset(&ei->bdev, 0, sizeof(ei->bdev));
+
+	if (unlikely(security_bdev_alloc(&ei->bdev))) {
+		kmem_cache_free(bdev_cachep, ei);
+		return NULL;
+	}
 	return &ei->vfs_inode;
 }
 
@@ -402,6 +408,7 @@ static void bdev_free_inode(struct inode *inode)
 
 	free_percpu(bdev->bd_stats);
 	kfree(bdev->bd_meta_info);
+	security_bdev_free(bdev);
 
 	if (!bdev_is_partition(bdev)) {
 		if (bdev->bd_disk && bdev->bd_disk->bdi)
diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c
index 22a5ac82446a..e62480803e56 100644
--- a/drivers/md/dm-verity-target.c
+++ b/drivers/md/dm-verity-target.c
@@ -13,11 +13,14 @@
  * access behavior.
  */
 
+#include "dm-core.h"
 #include "dm-verity.h"
 #include "dm-verity-fec.h"
 #include "dm-verity-verify-sig.h"
+#include "dm-core.h"
 #include <linux/module.h>
 #include <linux/reboot.h>
+#include <linux/security.h>
 
 #define DM_MSG_PREFIX			"verity"
 
@@ -1051,6 +1054,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
 	sector_t hash_position;
 	char dummy;
 	char *root_hash_digest_to_validate;
+	struct block_device *bdev;
 
 	v = kzalloc(sizeof(struct dm_verity), GFP_KERNEL);
 	if (!v) {
@@ -1084,6 +1088,13 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
 	}
 	v->version = num;
 
+	bdev = dm_table_get_md(ti->table)->disk->part0;
+	if (!bdev) {
+		ti->error = "Mapped device lookup failed";
+		r = -ENOMEM;
+		goto bad;
+	}
+
 	r = dm_get_device(ti, argv[1], FMODE_READ, &v->data_dev);
 	if (r) {
 		ti->error = "Data device lookup failed";
@@ -1216,7 +1227,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
 	}
 
 	/* Root hash signature is  a optional parameter*/
-	r = verity_verify_root_hash(root_hash_digest_to_validate,
+	r = verity_verify_root_hash(bdev, root_hash_digest_to_validate,
 				    strlen(root_hash_digest_to_validate),
 				    verify_args.sig,
 				    verify_args.sig_size);
@@ -1289,12 +1300,17 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
 	ti->per_io_data_size = roundup(ti->per_io_data_size,
 				       __alignof__(struct dm_verity_io));
 
+	r = security_bdev_setsecurity(bdev,
+				      DM_VERITY_ROOTHASH_SEC_NAME,
+				      v->root_digest, v->digest_size);
+	if (r)
+		goto bad;
+
 	verity_verify_sig_opts_cleanup(&verify_args);
 
 	return 0;
 
 bad:
-
 	verity_verify_sig_opts_cleanup(&verify_args);
 	verity_dtr(ti);
 
diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c
index db61a1f43ae9..1672a35f292b 100644
--- a/drivers/md/dm-verity-verify-sig.c
+++ b/drivers/md/dm-verity-verify-sig.c
@@ -8,7 +8,10 @@
 #include <linux/device-mapper.h>
 #include <linux/verification.h>
 #include <keys/user-type.h>
+#include <linux/security.h>
+#include <linux/list.h>
 #include <linux/module.h>
+#include "dm-core.h"
 #include "dm-verity.h"
 #include "dm-verity-verify-sig.h"
 
@@ -97,14 +100,17 @@ int verity_verify_sig_parse_opt_args(struct dm_arg_set *as,
  * verify_verify_roothash - Verify the root hash of the verity hash device
  *			     using builtin trusted keys.
  *
+ * @bdev: block_device representing the device-mapper created block device.
+ *	Used by the security hook, to set information about the block_device.
  * @root_hash: For verity, the roothash/data to be verified.
  * @root_hash_len: Size of the roothash/data to be verified.
  * @sig_data: The trusted signature that verifies the roothash/data.
  * @sig_len: Size of the signature.
  *
  */
-int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
-			    const void *sig_data, size_t sig_len)
+int verity_verify_root_hash(struct block_device *bdev, const void *root_hash,
+			    size_t root_hash_len, const void *sig_data,
+			    size_t sig_len)
 {
 	int ret;
 
@@ -126,8 +132,12 @@ int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
 				NULL,
 #endif
 				VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
+	if (ret)
+		return ret;
 
-	return ret;
+	return security_bdev_setsecurity(bdev,
+					 DM_VERITY_SIGNATURE_SEC_NAME,
+					 sig_data, sig_len);
 }
 
 void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts)
diff --git a/drivers/md/dm-verity-verify-sig.h b/drivers/md/dm-verity-verify-sig.h
index 3987c7141f79..31692fff92e4 100644
--- a/drivers/md/dm-verity-verify-sig.h
+++ b/drivers/md/dm-verity-verify-sig.h
@@ -20,8 +20,9 @@ struct dm_verity_sig_opts {
 
 #define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 2
 
-int verity_verify_root_hash(const void *data, size_t data_len,
-			    const void *sig_data, size_t sig_len);
+int verity_verify_root_hash(struct block_device *bdev, const void *data,
+			    size_t data_len, const void *sig_data,
+			    size_t sig_len);
 bool verity_verify_is_sig_opt_arg(const char *arg_name);
 
 int verity_verify_sig_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v,
@@ -34,8 +35,9 @@ void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts);
 
 #define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 0
 
-static inline int verity_verify_root_hash(const void *data, size_t data_len,
-					  const void *sig_data, size_t sig_len)
+int verity_verify_root_hash(struct block_device *bdev, const void *data,
+			    size_t data_len, const void *sig_data,
+			    size_t sig_len)
 {
 	return 0;
 }
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index be622b5a21ed..58def70aa653 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -49,6 +49,7 @@ struct block_device {
 #ifdef CONFIG_FAIL_MAKE_REQUEST
 	bool			bd_make_it_fail;
 #endif
+	void			*security;
 } __randomize_layout;
 
 #define bdev_whole(_bdev) \
diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h
index 114553b487ef..0f5bdcfcf337 100644
--- a/include/linux/device-mapper.h
+++ b/include/linux/device-mapper.h
@@ -665,4 +665,7 @@ static inline unsigned long to_bytes(sector_t n)
 	return (n << SECTOR_SHIFT);
 }
 
+#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME	".verity-sig"
+#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME	".verity-rh"
+
 #endif	/* _LINUX_DEVICE_MAPPER_H */
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index 2adeea44c0d5..b148a01b2cef 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -402,3 +402,8 @@ LSM_HOOK(void, LSM_RET_VOID, perf_event_free, struct perf_event *event)
 LSM_HOOK(int, 0, perf_event_read, struct perf_event *event)
 LSM_HOOK(int, 0, perf_event_write, struct perf_event *event)
 #endif /* CONFIG_PERF_EVENTS */
+
+LSM_HOOK(int, 0, bdev_alloc_security, struct block_device *bdev)
+LSM_HOOK(void, LSM_RET_VOID, bdev_free_security, struct block_device *bdev)
+LSM_HOOK(int, 0, bdev_setsecurity, struct block_device *bdev, const char *name,
+	 const void *value, size_t size)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 5c4c5c0602cb..43d357e6ab47 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1545,6 +1545,17 @@
  *
  *     @what: kernel feature being accessed
  *
+ * @bdev_alloc_security:
+ *	Initialize the security field inside a block_device structure.
+ *
+ * @bdev_free_security:
+ *	Cleanup the security information stored inside a block_device structure.
+ *
+ * @bdev_setsecurity:
+ *	Set a security property associated with @name for @bdev with
+ *	value @value. @size indicates the size of @value in bytes.
+ *	If a @name is not implemented, return -ENOSYS.
+ *
  * Security hooks for perf events
  *
  * @perf_event_open:
@@ -1592,6 +1603,7 @@ struct lsm_blob_sizes {
 	int	lbs_ipc;
 	int	lbs_msg_msg;
 	int	lbs_task;
+	int	lbs_bdev;
 };
 
 /*
diff --git a/include/linux/security.h b/include/linux/security.h
index 5b7288521300..98af3f645cb6 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -472,6 +472,11 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen);
 int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
 int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
 int security_locked_down(enum lockdown_reason what);
+int security_bdev_alloc(struct block_device *bdev);
+void security_bdev_free(struct block_device *bdev);
+int security_bdev_setsecurity(struct block_device *bdev,
+			      const char *name, const void *value,
+			      size_t size);
 #else /* CONFIG_SECURITY */
 
 static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data)
@@ -1348,6 +1353,23 @@ static inline int security_locked_down(enum lockdown_reason what)
 {
 	return 0;
 }
+
+static inline int security_bdev_alloc(struct block_device *bdev)
+{
+	return 0;
+}
+
+static inline void security_bdev_free(struct block_device *bdev)
+{
+}
+
+static inline int security_bdev_setsecurity(struct block_device *bdev,
+					    const char *name,
+					    const void *value, size_t size)
+{
+	return 0;
+}
+
 #endif	/* CONFIG_SECURITY */
 
 #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE)
diff --git a/security/security.c b/security/security.c
index 9ffa9e9c5c55..d7ac9f01500b 100644
--- a/security/security.c
+++ b/security/security.c
@@ -29,6 +29,7 @@
 #include <linux/string.h>
 #include <linux/msg.h>
 #include <net/flow.h>
+#include <linux/fs.h>
 
 #define MAX_LSM_EVM_XATTR	2
 
@@ -206,6 +207,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed)
 	lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg);
 	lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock);
 	lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task);
+	lsm_set_blob_size(&needed->lbs_bdev, &blob_sizes.lbs_bdev);
 }
 
 /* Prepare LSM for initialization. */
@@ -342,6 +344,7 @@ static void __init ordered_lsm_init(void)
 	init_debug("msg_msg blob size    = %d\n", blob_sizes.lbs_msg_msg);
 	init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock);
 	init_debug("task blob size       = %d\n", blob_sizes.lbs_task);
+	init_debug("bdev blob size       = %d\n", blob_sizes.lbs_bdev);
 
 	/*
 	 * Create any kmem_caches needed for blobs
@@ -659,6 +662,28 @@ static int lsm_msg_msg_alloc(struct msg_msg *mp)
 	return 0;
 }
 
+/**
+ * lsm_bdev_alloc - allocate a composite block_device blob
+ * @bdev: the block_device that needs a blob
+ *
+ * Allocate the block_device blob for all the modules
+ *
+ * Returns 0, or -ENOMEM if memory can't be allocated.
+ */
+static int lsm_bdev_alloc(struct block_device *bdev)
+{
+	if (blob_sizes.lbs_bdev == 0) {
+		bdev->security = NULL;
+		return 0;
+	}
+
+	bdev->security = kzalloc(blob_sizes.lbs_bdev, GFP_KERNEL);
+	if (!bdev->security)
+		return -ENOMEM;
+
+	return 0;
+}
+
 /**
  * lsm_early_task - during initialization allocate a composite task blob
  * @task: the task that needs a blob
@@ -2599,6 +2624,51 @@ int security_locked_down(enum lockdown_reason what)
 }
 EXPORT_SYMBOL(security_locked_down);
 
+int security_bdev_alloc(struct block_device *bdev)
+{
+	int rc = 0;
+
+	rc = lsm_bdev_alloc(bdev);
+	if (unlikely(rc))
+		return rc;
+
+	rc = call_int_hook(bdev_alloc_security, 0, bdev);
+	if (unlikely(rc))
+		security_bdev_free(bdev);
+
+	return 0;
+}
+EXPORT_SYMBOL(security_bdev_alloc);
+
+void security_bdev_free(struct block_device *bdev)
+{
+	if (!bdev->security)
+		return;
+
+	call_void_hook(bdev_free_security, bdev);
+
+	kfree(bdev->security);
+	bdev->security = NULL;
+}
+EXPORT_SYMBOL(security_bdev_free);
+
+int security_bdev_setsecurity(struct block_device *bdev,
+			      const char *name, const void *value,
+			      size_t size)
+{
+	int rc = 0;
+	struct security_hook_list *p;
+
+	hlist_for_each_entry(p, &security_hook_heads.bdev_setsecurity, list) {
+		rc = p->hook.bdev_setsecurity(bdev, name, value, size);
+		if (rc && rc != -ENOSYS)
+			return rc;
+	}
+
+	return 0;
+}
+EXPORT_SYMBOL(security_bdev_setsecurity);
+
 #ifdef CONFIG_PERF_EVENTS
 int security_perf_event_open(struct perf_event_attr *attr, int type)
 {
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (9 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-11-25  9:37   ` Roberto Sassu
  2021-10-13 19:06 ` [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature deven.desai
                   ` (5 subsequent siblings)
  16 siblings, 1 reply; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Allows author of IPE policy to indicate trust for a singular dm-verity
volume, identified by roothash, through "dmverity_roothash" and all
signed dm-verity volumes, through "dmverity_signature".

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Squash patch 08/12, 10/12 to [11/16]

---
 security/ipe/eval.c                       |  5 ++
 security/ipe/eval.h                       | 10 +++
 security/ipe/hooks.c                      | 48 ++++++++++++++
 security/ipe/hooks.h                      |  6 ++
 security/ipe/ipe.c                        |  9 +++
 security/ipe/ipe.h                        |  3 +
 security/ipe/modules/Kconfig              | 23 +++++++
 security/ipe/modules/Makefile             |  2 +
 security/ipe/modules/dmverity_roothash.c  | 80 +++++++++++++++++++++++
 security/ipe/modules/dmverity_signature.c | 25 +++++++
 10 files changed, 211 insertions(+)
 create mode 100644 security/ipe/modules/dmverity_roothash.c
 create mode 100644 security/ipe/modules/dmverity_signature.c

diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index 361efccebad4..facc05c753f4 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -23,6 +23,7 @@ static struct super_block *pinned_sb;
 static DEFINE_SPINLOCK(pin_lock);
 
 #define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
+#define FILE_BLOCK_DEV(f) (FILE_SUPERBLOCK(f)->s_bdev)
 
 /**
  * pin_sb: pin the underlying superblock of @f, marking it as trusted
@@ -95,6 +96,10 @@ static struct ipe_eval_ctx *build_ctx(const struct file *file,
 	ctx->hook = hook;
 	ctx->ci_ctx = ipe_current_ctx();
 	ctx->from_init_sb = from_pinned(file);
+	if (file) {
+		if (FILE_BLOCK_DEV(file))
+			ctx->ipe_bdev = ipe_bdev(FILE_BLOCK_DEV(file));
+	}
 
 	return ctx;
 }
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 42fb7fdf2599..25d2d8d55702 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -13,6 +13,14 @@
 #include "hooks.h"
 #include "policy.h"
 
+struct ipe_bdev {
+	const u8       *sigdata;
+	size_t		siglen;
+
+	const u8       *hash;
+	size_t		hashlen;
+};
+
 struct ipe_eval_ctx {
 	enum ipe_hook hook;
 	enum ipe_operation op;
@@ -20,6 +28,8 @@ struct ipe_eval_ctx {
 	const struct file *file;
 	struct ipe_context *ci_ctx;
 
+	const struct ipe_bdev *ipe_bdev;
+
 	bool from_init_sb;
 };
 
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index 2d4a4f0eead0..470fb48e490c 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -13,6 +13,7 @@
 #include <linux/types.h>
 #include <linux/refcount.h>
 #include <linux/rcupdate.h>
+#include <linux/blk_types.h>
 #include <linux/binfmts.h>
 #include <linux/mman.h>
 
@@ -219,3 +220,50 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
 {
 	ipe_invalidate_pinned_sb(mnt_sb);
 }
+
+/**
+ * ipe_bdev_free_security: free nested structures within IPE's LSM blob
+ *			   in block_devices
+ * @bdev: Supplies a pointer to a block_device that contains the structure
+ *	  to free.
+ */
+void ipe_bdev_free_security(struct block_device *bdev)
+{
+	struct ipe_bdev *blob = ipe_bdev(bdev);
+
+	kfree(blob->sigdata);
+}
+
+/**
+ * ipe_bdev_setsecurity: associate some data from the block device layer
+ *			 with IPE's LSM blob.
+ * @bdev: Supplies a pointer to a block_device that contains the LSM blob.
+ * @key: Supplies the string key that uniquely identifies the value.
+ * @value: Supplies the value to store.
+ * @len: The length of @value.
+ */
+int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
+			 const void *value, size_t len)
+{
+	struct ipe_bdev *blob = ipe_bdev(bdev);
+
+	if (!strcmp(key, DM_VERITY_SIGNATURE_SEC_NAME)) {
+		blob->siglen = len;
+		blob->sigdata = kmemdup(value, len, GFP_KERNEL);
+		if (!blob->sigdata)
+			return -ENOMEM;
+
+		return 0;
+	}
+
+	if (!strcmp(key, DM_VERITY_ROOTHASH_SEC_NAME)) {
+		blob->hashlen = len;
+		blob->hash = kmemdup(value, len, GFP_KERNEL);
+		if (!blob->hash)
+			return -ENOMEM;
+
+		return 0;
+	}
+
+	return -ENOSYS;
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index e7f107ab5620..285f35187188 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -10,6 +10,7 @@
 #include <linux/sched.h>
 #include <linux/binfmts.h>
 #include <linux/security.h>
+#include <linux/device-mapper.h>
 
 enum ipe_hook {
 	ipe_hook_exec = 0,
@@ -40,4 +41,9 @@ int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
 
 void ipe_sb_free_security(struct super_block *mnt_sb);
 
+void ipe_bdev_free_security(struct block_device *bdev);
+
+int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
+			 const void *value, size_t len);
+
 #endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 1382d50078ec..215936cb4574 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -9,6 +9,7 @@
 #include "ipe_parser.h"
 #include "modules/ipe_module.h"
 #include "modules.h"
+#include "eval.h"
 
 #include <linux/fs.h>
 #include <linux/sched.h>
@@ -20,8 +21,14 @@
 
 struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
 	.lbs_task = sizeof(struct ipe_context __rcu *),
+	.lbs_bdev = sizeof(struct ipe_bdev),
 };
 
+struct ipe_bdev *ipe_bdev(struct block_device *b)
+{
+	return b->security + ipe_blobs.lbs_bdev;
+}
+
 static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
 	LSM_HOOK_INIT(task_free, ipe_task_free),
@@ -31,6 +38,8 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
 	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
 	LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
+	LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
+	LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
 };
 
 /**
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index ad16d2bebfec..6b4c7e07f204 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -14,10 +14,13 @@
 
 #include <linux/types.h>
 #include <linux/sched.h>
+#include <linux/blk_types.h>
 #include <linux/lsm_hooks.h>
 
 extern struct lsm_blob_sizes ipe_blobs;
 extern struct ipe_parser __start_ipe_parsers[], __end_ipe_parsers[];
 extern struct ipe_module __start_ipe_modules[], __end_ipe_modules[];
 
+struct ipe_bdev *ipe_bdev(struct block_device *b);
+
 #endif /* IPE_H */
diff --git a/security/ipe/modules/Kconfig b/security/ipe/modules/Kconfig
index fad96ba534e2..a6ea06cf0737 100644
--- a/security/ipe/modules/Kconfig
+++ b/security/ipe/modules/Kconfig
@@ -16,5 +16,28 @@ config IPE_PROP_BOOT_VERIFIED
 
 	  If unsure, answer N.
 
+config IPE_PROP_DM_VERITY_SIGNATURE
+	bool "Enable support for signed dm-verity volumes"
+	depends on DM_VERITY_VERIFY_ROOTHASH_SIG
+	default Y
+	help
+	  This option enables the property 'dmverity_signature' in
+	  IPE policy. This property evaluates to TRUE when a file
+	  is evaluated against a dm-verity volume that was mounted
+	  with a signed root-hash.
+
+	  If unsure, answer Y.
+
+config IPE_PROP_DM_VERITY_ROOTHASH
+	bool "Enable support for dm-verity volumes"
+	depends on DM_VERITY
+	default Y
+	help
+	  This option enables the property 'dmverity_roothash' in
+	  IPE policy. This property evaluates to TRUE when a file
+	  is evaluated against a dm-verity volume whose root hash
+	  matches the supplied value.
+
+	  If unsure, answer Y.
 
 endmenu
diff --git a/security/ipe/modules/Makefile b/security/ipe/modules/Makefile
index e0045ec65434..84fadce85193 100644
--- a/security/ipe/modules/Makefile
+++ b/security/ipe/modules/Makefile
@@ -6,3 +6,5 @@
 #
 
 obj-$(CONFIG_IPE_PROP_BOOT_VERIFIED) += boot_verified.o
+obj-$(CONFIG_IPE_PROP_DM_VERITY_SIGNATURE) += dmverity_signature.o
+obj-$(CONFIG_IPE_PROP_DM_VERITY_ROOTHASH) += dmverity_roothash.o
diff --git a/security/ipe/modules/dmverity_roothash.c b/security/ipe/modules/dmverity_roothash.c
new file mode 100644
index 000000000000..0f82bec3b842
--- /dev/null
+++ b/security/ipe/modules/dmverity_roothash.c
@@ -0,0 +1,80 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe_module.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+
+struct counted_array {
+	size_t	len;
+	u8     *data;
+};
+
+static int dvrh_parse(const char *valstr, void **value)
+{
+	int rv = 0;
+	struct counted_array *arr;
+
+	arr = kzalloc(sizeof(*arr), GFP_KERNEL);
+	if (!arr) {
+		rv = -ENOMEM;
+		goto err;
+	}
+
+	arr->len = (strlen(valstr) / 2);
+
+	arr->data = kzalloc(arr->len, GFP_KERNEL);
+	if (!arr->data) {
+		rv = -ENOMEM;
+		goto err;
+	}
+
+	rv = hex2bin(arr->data, valstr, arr->len);
+	if (rv != 0)
+		goto err2;
+
+	*value = arr;
+	return rv;
+err2:
+	kfree(arr->data);
+err:
+	kfree(arr);
+	return rv;
+}
+
+static bool dvrh_eval(const struct ipe_eval_ctx *ctx, const void *val)
+{
+	const u8 *src;
+	struct counted_array *expect = (struct counted_array *)val;
+
+	if (!ctx->ipe_bdev)
+		return false;
+
+	if (ctx->ipe_bdev->hashlen != expect->len)
+		return false;
+
+	src = ctx->ipe_bdev->hash;
+
+	return !memcmp(expect->data, src, expect->len);
+}
+
+static int dvrh_free(void **val)
+{
+	struct counted_array *expect = (struct counted_array *)val;
+
+	kfree(expect->data);
+	kfree(expect);
+
+	return 0;
+}
+
+IPE_MODULE(dvrh) = {
+	.name = "dmverity_roothash",
+	.version = 1,
+	.parse = dvrh_parse,
+	.free = dvrh_free,
+	.eval = dvrh_eval,
+};
diff --git a/security/ipe/modules/dmverity_signature.c b/security/ipe/modules/dmverity_signature.c
new file mode 100644
index 000000000000..08746fcbcb3e
--- /dev/null
+++ b/security/ipe/modules/dmverity_signature.c
@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe_module.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+
+static bool dvv_eval(const struct ipe_eval_ctx *ctx, const void *val)
+{
+	bool expect = (bool)val;
+	bool eval = ctx->ipe_bdev && (!!ctx->ipe_bdev->sigdata);
+
+	return expect == eval;
+}
+
+IPE_MODULE(dvv) = {
+	.name = "dmverity_signature",
+	.version = 1,
+	.parse = ipe_bool_parse,
+	.free = NULL,
+	.eval = dvv_eval,
+};
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (10 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:24   ` Eric Biggers
  2021-10-13 19:06 ` [RFC PATCH v7 13/16] ipe: enable support for fs-verity as a trust provider deven.desai
                   ` (4 subsequent siblings)
  16 siblings, 1 reply; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Fan Wu <wufan@linux.microsoft.com>

Add security_inode_setsecurity to fsverity signature verification.
This can let LSMs save the signature data and digest hashes provided
by fsverity.

Also changes the implementaion inside the hook function to let
multiple LSMs can add hooks.

Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---
 fs/verity/open.c         | 12 ++++++++++++
 fs/verity/signature.c    |  5 ++++-
 include/linux/fsverity.h |  3 +++
 security/ipe/hooks.c     |  1 +
 security/security.c      |  6 +++---
 5 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/fs/verity/open.c b/fs/verity/open.c
index 92df87f5fa38..1f36dae01c22 100644
--- a/fs/verity/open.c
+++ b/fs/verity/open.c
@@ -7,6 +7,7 @@
 
 #include "fsverity_private.h"
 
+#include <linux/security.h>
 #include <linux/slab.h>
 
 static struct kmem_cache *fsverity_info_cachep;
@@ -177,6 +178,17 @@ struct fsverity_info *fsverity_create_info(const struct inode *inode,
 		fsverity_err(inode, "Error %d computing file digest", err);
 		goto out;
 	}
+
+	err = security_inode_setsecurity((struct inode *)inode,
+					 FS_VERITY_DIGEST_SEC_NAME,
+					 vi->file_digest,
+					 vi->tree_params.hash_alg->digest_size,
+					 0);
+	if (err) {
+		fsverity_err(inode, "Error %d inode setsecurity hook", err);
+		goto out;
+	}
+
 	pr_debug("Computed file digest: %s:%*phN\n",
 		 vi->tree_params.hash_alg->name,
 		 vi->tree_params.digest_size, vi->file_digest);
diff --git a/fs/verity/signature.c b/fs/verity/signature.c
index 143a530a8008..20e585d5fa6d 100644
--- a/fs/verity/signature.c
+++ b/fs/verity/signature.c
@@ -9,6 +9,7 @@
 
 #include <linux/cred.h>
 #include <linux/key.h>
+#include <linux/security.h>
 #include <linux/slab.h>
 #include <linux/verification.h>
 
@@ -84,7 +85,9 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
 
 	pr_debug("Valid signature for file digest %s:%*phN\n",
 		 hash_alg->name, hash_alg->digest_size, vi->file_digest);
-	return 0;
+	return security_inode_setsecurity((struct inode *)inode,
+					FS_VERITY_SIGNATURE_SEC_NAME,
+					signature, sig_size, 0);
 }
 
 #ifdef CONFIG_SYSCTL
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index b568b3c7d095..dfd7b5a85c67 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -233,4 +233,7 @@ static inline bool fsverity_active(const struct inode *inode)
 	return fsverity_get_info(inode) != NULL;
 }
 
+#define FS_VERITY_SIGNATURE_SEC_NAME "fsverity.verity-sig"
+#define FS_VERITY_DIGEST_SEC_NAME "fsverity.verity-digest"
+
 #endif	/* _LINUX_FSVERITY_H */
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index 470fb48e490c..d76e60a3f511 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -232,6 +232,7 @@ void ipe_bdev_free_security(struct block_device *bdev)
 	struct ipe_bdev *blob = ipe_bdev(bdev);
 
 	kfree(blob->sigdata);
+	kfree(blob->hash);
 }
 
 /**
diff --git a/security/security.c b/security/security.c
index d7ac9f01500b..81751a91f438 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1462,7 +1462,7 @@ int security_inode_getsecurity(struct user_namespace *mnt_userns,
 int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
 {
 	struct security_hook_list *hp;
-	int rc;
+	int rc = LSM_RET_DEFAULT(inode_setsecurity);
 
 	if (unlikely(IS_PRIVATE(inode)))
 		return LSM_RET_DEFAULT(inode_setsecurity);
@@ -1472,10 +1472,10 @@ int security_inode_setsecurity(struct inode *inode, const char *name, const void
 	hlist_for_each_entry(hp, &security_hook_heads.inode_setsecurity, list) {
 		rc = hp->hook.inode_setsecurity(inode, name, value, size,
 								flags);
-		if (rc != LSM_RET_DEFAULT(inode_setsecurity))
+		if (rc && rc != LSM_RET_DEFAULT(inode_setsecurity))
 			return rc;
 	}
-	return LSM_RET_DEFAULT(inode_setsecurity);
+	return rc;
 }
 
 int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 13/16] ipe: enable support for fs-verity as a trust provider
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (11 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 14/16] scripts: add boot policy generation program deven.desai
                   ` (3 subsequent siblings)
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Fan Wu <wufan@linux.microsoft.com>

Enable IPE policy authors to indicate trust for a singular fsverity
file, identified by the digest information, through "fsverity_digest"
and all fsverity signed by a key via "fsverity_signature".

Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Add FSVerity Support (Introduced)

---
 security/ipe/eval.c                       |  1 +
 security/ipe/eval.h                       |  9 +++
 security/ipe/hooks.c                      | 58 ++++++++++++++++
 security/ipe/hooks.h                      |  7 ++
 security/ipe/ipe.c                        |  8 +++
 security/ipe/ipe.h                        |  1 +
 security/ipe/modules/Kconfig              | 23 +++++++
 security/ipe/modules/Makefile             |  2 +
 security/ipe/modules/fsverity_digest.c    | 80 +++++++++++++++++++++++
 security/ipe/modules/fsverity_signature.c | 33 ++++++++++
 10 files changed, 222 insertions(+)
 create mode 100644 security/ipe/modules/fsverity_digest.c
 create mode 100644 security/ipe/modules/fsverity_signature.c

diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index facc05c753f4..8f8b91c714c2 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -97,6 +97,7 @@ static struct ipe_eval_ctx *build_ctx(const struct file *file,
 	ctx->ci_ctx = ipe_current_ctx();
 	ctx->from_init_sb = from_pinned(file);
 	if (file) {
+		ctx->ipe_inode = ipe_inode(file->f_inode);
 		if (FILE_BLOCK_DEV(file))
 			ctx->ipe_bdev = ipe_bdev(FILE_BLOCK_DEV(file));
 	}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 25d2d8d55702..d51280f0519f 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -21,6 +21,14 @@ struct ipe_bdev {
 	size_t		hashlen;
 };
 
+struct ipe_inode {
+	const u8       *sigdata;
+	size_t		siglen;
+
+	const u8       *hash;
+	size_t		hashlen;
+};
+
 struct ipe_eval_ctx {
 	enum ipe_hook hook;
 	enum ipe_operation op;
@@ -29,6 +37,7 @@ struct ipe_eval_ctx {
 	struct ipe_context *ci_ctx;
 
 	const struct ipe_bdev *ipe_bdev;
+	const struct ipe_inode *ipe_inode;
 
 	bool from_init_sb;
 };
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index d76e60a3f511..78bb3451220a 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -268,3 +268,61 @@ int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
 
 	return -ENOSYS;
 }
+
+/**
+ * ipe_inode_setsecurity: Sets the a certain field of a inode security
+ *			 blob, based on @key.
+ * @inode: The inode to source the security blob from.
+ * @name: The name representing the information to be stored.
+ * @value: The value to be stored.
+ * @size: The size of @value.
+ * @flags: unused
+ *
+ * Saves fsverity signature & digest into inode security blob
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_inode_setsecurity(struct inode *inode, const char *name,
+			  const void *value, size_t size,
+			  int flags)
+{
+	struct ipe_inode *inode_sec = ipe_inode(inode);
+
+	if (!strcmp(name, FS_VERITY_SIGNATURE_SEC_NAME)) {
+		inode_sec->siglen = size;
+		inode_sec->sigdata = kmemdup(value, size, GFP_KERNEL);
+		if (!inode_sec->sigdata)
+			return -ENOMEM;
+
+		return 0;
+	}
+
+	if (!strcmp(name, FS_VERITY_DIGEST_SEC_NAME)) {
+		inode_sec->hashlen = size;
+		inode_sec->hash = kmemdup(value, size, GFP_KERNEL);
+		if (!inode_sec->hash)
+			return -ENOMEM;
+
+		return 0;
+	}
+
+	return -EOPNOTSUPP;
+}
+
+/**
+ * ipe_node_free_security: Frees all fields of IPE's inode security blob.
+ * @inode: The inode structure to source the security blob from.
+ *
+ * The deallocation of the blob itself is performed later by the LSM
+ * infrastructure, (on behalf of all LSMs) in lsm_free_file.
+ *
+ */
+void ipe_inode_free_security(struct inode *inode)
+{
+	struct ipe_inode *inode_sec = ipe_inode(inode);
+
+	kfree(inode_sec->sigdata);
+	kfree(inode_sec->hash);
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index 285f35187188..d6f8c05a8011 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -10,6 +10,7 @@
 #include <linux/sched.h>
 #include <linux/binfmts.h>
 #include <linux/security.h>
+#include <linux/fsverity.h>
 #include <linux/device-mapper.h>
 
 enum ipe_hook {
@@ -46,4 +47,10 @@ void ipe_bdev_free_security(struct block_device *bdev);
 int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
 			 const void *value, size_t len);
 
+void ipe_inode_free_security(struct inode *inode);
+
+int ipe_inode_setsecurity(struct inode *inode, const char *name,
+			  const void *value, size_t size,
+			  int flags);
+
 #endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 215936cb4574..c7ecd542c317 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -22,6 +22,7 @@
 struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
 	.lbs_task = sizeof(struct ipe_context __rcu *),
 	.lbs_bdev = sizeof(struct ipe_bdev),
+	.lbs_inode = sizeof(struct ipe_inode),
 };
 
 struct ipe_bdev *ipe_bdev(struct block_device *b)
@@ -29,6 +30,11 @@ struct ipe_bdev *ipe_bdev(struct block_device *b)
 	return b->security + ipe_blobs.lbs_bdev;
 }
 
+struct ipe_inode *ipe_inode(const struct inode *inode)
+{
+	return inode->i_security + ipe_blobs.lbs_inode;
+}
+
 static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
 	LSM_HOOK_INIT(task_free, ipe_task_free),
@@ -40,6 +46,8 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
 	LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
 	LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
 	LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
+	LSM_HOOK_INIT(inode_setsecurity, ipe_inode_setsecurity),
+	LSM_HOOK_INIT(inode_free_security, ipe_inode_free_security),
 };
 
 /**
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index 6b4c7e07f204..16d843614fac 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -22,5 +22,6 @@ extern struct ipe_parser __start_ipe_parsers[], __end_ipe_parsers[];
 extern struct ipe_module __start_ipe_modules[], __end_ipe_modules[];
 
 struct ipe_bdev *ipe_bdev(struct block_device *b);
+struct ipe_inode *ipe_inode(const struct inode *inode);
 
 #endif /* IPE_H */
diff --git a/security/ipe/modules/Kconfig b/security/ipe/modules/Kconfig
index a6ea06cf0737..8f823a1edf96 100644
--- a/security/ipe/modules/Kconfig
+++ b/security/ipe/modules/Kconfig
@@ -40,4 +40,27 @@ config IPE_PROP_DM_VERITY_ROOTHASH
 
 	  If unsure, answer Y.
 
+config IPE_PROP_FS_VERITY_SIGNATURE
+	bool "Enable property for signed fs-verity files"
+	depends on FS_VERITY_BUILTIN_SIGNATURES
+	help
+	  This option enables IPE's integration with FSVerity's
+	  signed hashes. This enables the usage of the property,
+	  "fsverity_signature" in IPE's policy.
+
+	  if unsure, answer Y.
+
+config IPE_PROP_FS_VERITY_DIGEST
+	bool "Enable property for authorizing fs-verity files via digest"
+	depends on FS_VERITY
+	help
+	  This option enables IPE's integration with FSVerity.
+	  This enables the usage of the property "fsverity_digest" in IPE's
+	  policy. This property allows authorization or revocation via a
+	  a hex-string representing the digest of a fsverity file.
+
+	  if unsure, answer Y.
+
+
+
 endmenu
diff --git a/security/ipe/modules/Makefile b/security/ipe/modules/Makefile
index 84fadce85193..890440b9050f 100644
--- a/security/ipe/modules/Makefile
+++ b/security/ipe/modules/Makefile
@@ -8,3 +8,5 @@
 obj-$(CONFIG_IPE_PROP_BOOT_VERIFIED) += boot_verified.o
 obj-$(CONFIG_IPE_PROP_DM_VERITY_SIGNATURE) += dmverity_signature.o
 obj-$(CONFIG_IPE_PROP_DM_VERITY_ROOTHASH) += dmverity_roothash.o
+obj-$(CONFIG_IPE_PROP_FS_VERITY_SIGNATURE) += fsverity_signature.o
+obj-$(CONFIG_IPE_PROP_FS_VERITY_DIGEST) += fsverity_digest.o
diff --git a/security/ipe/modules/fsverity_digest.c b/security/ipe/modules/fsverity_digest.c
new file mode 100644
index 000000000000..67944ebbb8d5
--- /dev/null
+++ b/security/ipe/modules/fsverity_digest.c
@@ -0,0 +1,80 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe_module.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+
+struct counted_array {
+	size_t	len;
+	u8     *data;
+};
+
+static int parse(const char *valstr, void **value)
+{
+	int rv = 0;
+	struct counted_array *arr;
+
+	arr = kzalloc(sizeof(*arr), GFP_KERNEL);
+	if (!arr) {
+		rv = -ENOMEM;
+		goto err;
+	}
+
+	arr->len = (strlen(valstr) / 2);
+
+	arr->data = kzalloc(arr->len, GFP_KERNEL);
+	if (!arr->data) {
+		rv = -ENOMEM;
+		goto err;
+	}
+
+	rv = hex2bin(arr->data, valstr, arr->len);
+	if (rv != 0)
+		goto err2;
+
+	*value = arr;
+	return rv;
+err2:
+	kfree(arr->data);
+err:
+	kfree(arr);
+	return rv;
+}
+
+static bool evaluate(const struct ipe_eval_ctx *ctx, const void *val)
+{
+	const u8 *src;
+	struct counted_array *expect = (struct counted_array *)val;
+
+	if (!ctx->ipe_inode)
+		return false;
+
+	if (ctx->ipe_inode->hashlen != expect->len)
+		return false;
+
+	src = ctx->ipe_inode->hash;
+
+	return !memcmp(expect->data, src, expect->len);
+}
+
+static int free_value(void **val)
+{
+	struct counted_array *expect = (struct counted_array *)val;
+
+	kfree(expect->data);
+	kfree(expect);
+
+	return 0;
+}
+
+IPE_MODULE(fsv_digest) = {
+	.name = "fsverity_digest",
+	.version = 1,
+	.parse = parse,
+	.free = free_value,
+	.eval = evaluate,
+};
diff --git a/security/ipe/modules/fsverity_signature.c b/security/ipe/modules/fsverity_signature.c
new file mode 100644
index 000000000000..8930a8961f61
--- /dev/null
+++ b/security/ipe/modules/fsverity_signature.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe_module.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+#include <linux/slab.h>
+#include <linux/audit.h>
+#include <linux/mount.h>
+
+static bool evaluate(const struct ipe_eval_ctx *ctx, const void *value)
+{
+	bool expect = (bool)value;
+
+	if (!ctx->file)
+		return false;
+
+	if (!IS_VERITY(ctx->file->f_inode) || !ctx->ipe_inode)
+		return false;
+
+	return (!!ctx->ipe_inode->sigdata) == expect;
+}
+
+IPE_MODULE(fsvs) = {
+	.name = "fsverity_signature",
+	.version = 1,
+	.parse = ipe_bool_parse,
+	.free = NULL,
+	.eval = evaluate,
+};
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 14/16] scripts: add boot policy generation program
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (12 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 13/16] ipe: enable support for fs-verity as a trust provider deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-11-03 16:43   ` Roberto Sassu
  2021-10-13 19:06 ` [RFC PATCH v7 15/16] ipe: kunit tests deven.desai
                   ` (2 subsequent siblings)
  16 siblings, 1 reply; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Enables an IPE policy to be enforced from kernel start, enabling access
control based on trust from kernel startup. This is accomplished by
transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
c-string literal that is parsed at kernel startup as an unsigned policy.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Move patch 01/12 to [14/16] of the series

---
 MAINTAINERS                   |   1 +
 scripts/Makefile              |   1 +
 scripts/ipe/Makefile          |   2 +
 scripts/ipe/polgen/.gitignore |   1 +
 scripts/ipe/polgen/Makefile   |   6 ++
 scripts/ipe/polgen/polgen.c   | 145 ++++++++++++++++++++++++++++++++++
 security/ipe/.gitignore       |   1 +
 security/ipe/Kconfig          |  10 +++
 security/ipe/Makefile         |  13 +++
 security/ipe/ctx.c            |  18 +++++
 10 files changed, 198 insertions(+)
 create mode 100644 scripts/ipe/Makefile
 create mode 100644 scripts/ipe/polgen/.gitignore
 create mode 100644 scripts/ipe/polgen/Makefile
 create mode 100644 scripts/ipe/polgen/polgen.c
 create mode 100644 security/ipe/.gitignore

diff --git a/MAINTAINERS b/MAINTAINERS
index f1e76f791d47..a84ca781199b 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9283,6 +9283,7 @@ INTEGRITY POLICY ENFORCEMENT (IPE)
 M:	Deven Bowers <deven.desai@linux.microsoft.com>
 M:	Fan Wu <wufan@linux.microsoft.com>
 S:	Supported
+F:	scripts/ipe/
 F:	security/ipe/
 
 INTEL 810/815 FRAMEBUFFER DRIVER
diff --git a/scripts/Makefile b/scripts/Makefile
index 9adb6d247818..a31da6d57a36 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -41,6 +41,7 @@ targets += module.lds
 subdir-$(CONFIG_GCC_PLUGINS) += gcc-plugins
 subdir-$(CONFIG_MODVERSIONS) += genksyms
 subdir-$(CONFIG_SECURITY_SELINUX) += selinux
+subdir-$(CONFIG_SECURITY_IPE) += ipe
 
 # Let clean descend into subdirs
 subdir-	+= basic dtc gdb kconfig mod
diff --git a/scripts/ipe/Makefile b/scripts/ipe/Makefile
new file mode 100644
index 000000000000..e87553fbb8d6
--- /dev/null
+++ b/scripts/ipe/Makefile
@@ -0,0 +1,2 @@
+# SPDX-License-Identifier: GPL-2.0-only
+subdir-y := polgen
diff --git a/scripts/ipe/polgen/.gitignore b/scripts/ipe/polgen/.gitignore
new file mode 100644
index 000000000000..80f32f25d200
--- /dev/null
+++ b/scripts/ipe/polgen/.gitignore
@@ -0,0 +1 @@
+polgen
diff --git a/scripts/ipe/polgen/Makefile b/scripts/ipe/polgen/Makefile
new file mode 100644
index 000000000000..066060c22b4a
--- /dev/null
+++ b/scripts/ipe/polgen/Makefile
@@ -0,0 +1,6 @@
+# SPDX-License-Identifier: GPL-2.0
+hostprogs-always-y	:= polgen
+HOST_EXTRACFLAGS += \
+	-I$(srctree)/include \
+	-I$(srctree)/include/uapi \
+
diff --git a/scripts/ipe/polgen/polgen.c b/scripts/ipe/polgen/polgen.c
new file mode 100644
index 000000000000..73cf13e743f7
--- /dev/null
+++ b/scripts/ipe/polgen/polgen.c
@@ -0,0 +1,145 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include <stdlib.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <errno.h>
+
+static void usage(const char *const name)
+{
+	printf("Usage: %s OutputFile (PolicyFile)\n", name);
+	exit(EINVAL);
+}
+
+static int policy_to_buffer(const char *pathname, char **buffer, size_t *size)
+{
+	int rc = 0;
+	FILE *fd;
+	char *lbuf;
+	size_t fsize;
+	size_t read;
+
+	fd = fopen(pathname, "r");
+	if (!fd) {
+		rc = errno;
+		goto out;
+	}
+
+	fseek(fd, 0, SEEK_END);
+	fsize = ftell(fd);
+	rewind(fd);
+
+	lbuf = malloc(fsize);
+	if (!lbuf) {
+		rc = ENOMEM;
+		goto out_close;
+	}
+
+	read = fread((void *)lbuf, sizeof(*lbuf), fsize, fd);
+	if (read != fsize) {
+		rc = -1;
+		goto out_free;
+	}
+
+	*buffer = lbuf;
+	*size = fsize;
+	fclose(fd);
+
+	return rc;
+
+out_free:
+	free(lbuf);
+out_close:
+	fclose(fd);
+out:
+	return rc;
+}
+
+static int write_boot_policy(const char *pathname, const char *buf, size_t size)
+{
+	int rc = 0;
+	FILE *fd;
+	size_t i;
+
+	fd = fopen(pathname, "w");
+	if (!fd) {
+		rc = errno;
+		goto err;
+	}
+
+	fprintf(fd, "/* This file is automatically generated.");
+	fprintf(fd, " Do not edit. */\n");
+	fprintf(fd, "#include <stddef.h>\n");
+	fprintf(fd, "\nextern const char *const ipe_boot_policy;\n\n");
+	fprintf(fd, "const char *const ipe_boot_policy =\n");
+
+	if (!buf || size == 0) {
+		fprintf(fd, "\tNULL;\n");
+		fclose(fd);
+		return 0;
+	}
+
+	fprintf(fd, "\t\"");
+
+	for (i = 0; i < size; ++i) {
+		switch (buf[i]) {
+		case '"':
+			fprintf(fd, "\\\"");
+			break;
+		case '\'':
+			fprintf(fd, "'");
+			break;
+		case '\n':
+			fprintf(fd, "\\n\"\n\t\"");
+			break;
+		case '\\':
+			fprintf(fd, "\\\\");
+			break;
+		case '\t':
+			fprintf(fd, "\\t");
+			break;
+		case '\?':
+			fprintf(fd, "\\?");
+			break;
+		default:
+			fprintf(fd, "%c", buf[i]);
+		}
+	}
+	fprintf(fd, "\";\n");
+	fclose(fd);
+
+	return 0;
+
+err:
+	if (fd)
+		fclose(fd);
+	return rc;
+}
+
+int main(int argc, const char *const argv[])
+{
+	int rc = 0;
+	size_t len = 0;
+	char *policy = NULL;
+
+	if (argc < 2)
+		usage(argv[0]);
+
+	if (argc > 2) {
+		rc = policy_to_buffer(argv[2], &policy, &len);
+		if (rc != 0)
+			goto cleanup;
+	}
+
+	rc = write_boot_policy(argv[1], policy, len);
+cleanup:
+	if (policy)
+		free(policy);
+	if (rc != 0)
+		perror("An error occurred during policy conversion: ");
+	return rc;
+}
diff --git a/security/ipe/.gitignore b/security/ipe/.gitignore
new file mode 100644
index 000000000000..eca22ad5ed22
--- /dev/null
+++ b/security/ipe/.gitignore
@@ -0,0 +1 @@
+boot-policy.c
\ No newline at end of file
diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index fcf82a8152ec..39df680b67a2 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -20,6 +20,16 @@ menuconfig SECURITY_IPE
 
 if SECURITY_IPE
 
+config IPE_BOOT_POLICY
+	string "Integrity policy to apply on system startup"
+	help
+	  This option specifies a filepath to a IPE policy that is compiled
+	  into the kernel. This policy will be enforced until a policy update
+	  is deployed via the $securityfs/ipe/policies/$policy_name/active
+	  interface.
+
+	  If unsure, leave blank.
+
 choice
 	prompt "Hash algorithm used in auditing policies"
 	default IPE_AUDIT_HASH_SHA1
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 1e7b2d7fcd9e..89fec670f954 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -7,7 +7,18 @@
 
 ccflags-y := -I$(srctree)/security/ipe/modules
 
+quiet_cmd_polgen = IPE_POL $(2)
+      cmd_polgen = scripts/ipe/polgen/polgen security/ipe/boot-policy.c $(2)
+
+$(eval $(call config_filename,IPE_BOOT_POLICY))
+
+targets += boot-policy.c
+
+$(obj)/boot-policy.c: scripts/ipe/polgen/polgen $(IPE_BOOT_POLICY_FILENAME) FORCE
+	$(call if_changed,polgen,$(IPE_BOOT_POLICY_FILENAME))
+
 obj-$(CONFIG_SECURITY_IPE) += \
+	boot-policy.o \
 	ctx.o \
 	eval.o \
 	fs.o \
@@ -21,3 +32,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
 	policyfs.o \
 
 obj-$(CONFIG_AUDIT) += audit.o
+
+clean-files := boot-policy.c \
diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
index fc9b8e467bc9..879acf4ceac5 100644
--- a/security/ipe/ctx.c
+++ b/security/ipe/ctx.c
@@ -15,6 +15,7 @@
 #include <linux/spinlock.h>
 #include <linux/moduleparam.h>
 
+extern const char *const ipe_boot_policy;
 static bool success_audit;
 static bool enforce = true;
 
@@ -329,6 +330,7 @@ void ipe_put_ctx(struct ipe_context *ctx)
 int __init ipe_init_ctx(void)
 {
 	int rc = 0;
+	struct ipe_policy *p = NULL;
 	struct ipe_context *lns = NULL;
 
 	lns = create_ctx();
@@ -342,10 +344,26 @@ int __init ipe_init_ctx(void)
 	WRITE_ONCE(lns->enforce, enforce);
 	spin_unlock(&lns->lock);
 
+	if (ipe_boot_policy) {
+		p = ipe_new_policy(ipe_boot_policy, strlen(ipe_boot_policy),
+				   NULL, 0);
+		if (IS_ERR(p)) {
+			rc = PTR_ERR(lns);
+			goto err;
+		}
+
+		ipe_add_policy(lns, p);
+		rc = ipe_set_active_pol(p);
+		if (!rc)
+			goto err;
+	}
+
 	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
+	ipe_put_policy(p);
 
 	return 0;
 err:
+	ipe_put_policy(p);
 	ipe_put_ctx(lns);
 	return rc;
 }
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 15/16] ipe: kunit tests
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (13 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 14/16] scripts: add boot policy generation program deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-13 19:06 ` [RFC PATCH v7 16/16] documentation: add ipe documentation deven.desai
  2021-10-25 11:30 ` [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) Roberto Sassu
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Add various happy/unhappy unit tests for both IPE's parser
and evaluation loop, testing the core of IPE. The missing
test gap remains the interface with userspace.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Add Kunit tests (Introduced)

---
 security/ipe/Kconfig               |  17 +
 security/ipe/Makefile              |   3 +
 security/ipe/ctx_test.c            | 732 +++++++++++++++++++++++++++++
 security/ipe/eval.c                |   4 +
 security/ipe/policy_parser_tests.c | 299 ++++++++++++
 5 files changed, 1055 insertions(+)
 create mode 100644 security/ipe/ctx_test.c
 create mode 100644 security/ipe/policy_parser_tests.c

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index 39df680b67a2..e1ec8740392c 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -80,4 +80,21 @@ config IPE_AUDIT_HASH_ALG
 
 source "security/ipe/modules/Kconfig"
 
+config SECURITY_IPE_KUNIT_TEST
+	bool "Build KUnit tests for IPE" if !KUNIT_ALL_TESTS
+	depends on KUNIT=y
+	default KUNIT_ALL_TESTS
+	help
+	  This builds the IPE KUnit tests.
+
+	  KUnit tests run during boot and output the results to the debug log
+	  in TAP format (https://testanything.org/). Only useful for kernel devs
+	  running KUnit test harness and are not for inclusion into a
+	  production build.
+
+	  For more information on KUnit and unit tests in general please refer
+	  to the KUnit documentation in Documentation/dev-tools/kunit/.
+
+	  If unsure, say N.
+
 endif
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 89fec670f954..f11a9ac24f2e 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -33,4 +33,7 @@ obj-$(CONFIG_SECURITY_IPE) += \
 
 obj-$(CONFIG_AUDIT) += audit.o
 
+obj-$(CONFIG_SECURITY_IPE_KUNIT_TEST) += \
+	policy_parser_tests.o \
+
 clean-files := boot-policy.c \
diff --git a/security/ipe/ctx_test.c b/security/ipe/ctx_test.c
new file mode 100644
index 000000000000..163cc8aa8861
--- /dev/null
+++ b/security/ipe/ctx_test.c
@@ -0,0 +1,732 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#include <kunit/test.h>
+#include <linux/workqueue.h>
+#include <linux/types.h>
+#include <linux/list.h>
+#include "ctx.h"
+#include "policy.h"
+#include "hooks.h"
+
+struct eval_case {
+	const char *const desc;
+	const char *const policy;
+	int		  errno;
+
+	const struct file *fake_file;
+	const struct ipe_bdev *bdev_sec;
+	const struct ipe_inode *inode_sec;
+	bool initsb;
+};
+
+static const u8 fake_digest[] = { 0xDE, 0xAD, 0xBE, 0xEF };
+
+static const struct ipe_bdev fake_bdev_no_data = {};
+static const struct ipe_bdev fake_bdev_no_sig = {
+	.hash = fake_digest,
+	.hashlen = ARRAY_SIZE(fake_digest),
+};
+
+static const struct ipe_bdev fake_bdev_signed = {
+	.sigdata = fake_digest,
+	.siglen = ARRAY_SIZE(fake_digest),
+	.hash = fake_digest,
+	.hashlen = ARRAY_SIZE(fake_digest),
+};
+
+static const struct ipe_inode fake_ino_no_data = {};
+
+static const struct ipe_inode fake_ino_no_sig = {
+	.hash = fake_digest,
+	.hashlen = ARRAY_SIZE(fake_digest),
+};
+
+static const struct ipe_inode fake_ino_signed = {
+	.sigdata = fake_digest,
+	.siglen = ARRAY_SIZE(fake_digest),
+	.hash = fake_digest,
+	.hashlen = ARRAY_SIZE(fake_digest),
+};
+
+static struct inode fake_inode = {
+	.i_flags = S_VERITY
+};
+
+static const struct file fake_verity = {
+	.f_inode = &fake_inode,
+};
+
+static const struct eval_case cases[] = {
+	{
+		"boot_verified_trust_no_source",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE boot_verified=TRUE action=ALLOW\n"
+		"op=KERNEL_READ boot_verified=TRUE action=ALLOW\n",
+		-EACCES, NULL, NULL, NULL, false
+	},
+	{
+		"boot_verified_distrust",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE boot_verified=FALSE action=ALLOW\n"
+		"op=KERNEL_READ boot_verified=FALSE action=ALLOW\n",
+		0, NULL, NULL, NULL, false
+	},
+	{
+		"boot_verified_trust",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE boot_verified=TRUE action=ALLOW\n"
+		"op=KERNEL_READ boot_verified=TRUE action=ALLOW\n",
+		0, NULL, NULL, NULL, true
+	},
+	{
+		"boot_verified_trust",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE boot_verified=FALSE action=ALLOW\n"
+		"op=KERNEL_READ boot_verified=FALSE action=ALLOW\n",
+		-EACCES, NULL, NULL, NULL, true
+	},
+	{
+		"dmverity_signature_trust_no_bdev",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_signature=FALSE action=ALLOW\n"
+		"op=KERNEL_READ dmverity_signature=FALSE action=ALLOW\n",
+		0, NULL, NULL, NULL, true
+	},
+	{
+		"dmverity_signature_distrust_no_bdev",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ dmverity_signature=TRUE action=ALLOW\n",
+		-EACCES, NULL, NULL, NULL, false
+	},
+	{
+		"dmverity_signature_distrust_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_signature=FALSE action=ALLOW\n"
+		"op=KERNEL_READ dmverity_signature=FALSE action=ALLOW\n",
+		-EACCES, NULL, &fake_bdev_signed, &fake_ino_no_data, false
+	},
+	{
+		"dmverity_signature_trust_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ dmverity_signature=TRUE action=ALLOW\n",
+		0, NULL, &fake_bdev_signed, &fake_ino_no_data, true
+	},
+	{
+		"dmverity_roothash_trust_no_bdev",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_roothash=DEADBEEF action=ALLOW\n"
+		"op=KERNEL_READ dmverity_roothash=DEADBEEF action=ALLOW\n",
+		-EACCES, NULL, NULL, NULL, true
+	},
+	{
+		"dmverity_roothash_distrust_no_bdev",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_roothash=deadbeef action=DENY\n"
+		"op=KERNEL_READ dmverity_roothash=deadbeef action=DENY\n",
+		0, NULL, NULL, NULL, false
+	},
+	{
+		"dmverity_roothash_trust_hash",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_roothash=DEADBEEF action=ALLOW\n"
+		"op=KERNEL_READ dmverity_roothash=DEADBEEF action=ALLOW\n",
+		0, NULL, &fake_bdev_no_sig, &fake_ino_no_data, false
+	},
+	{
+		"dmverity_roothash_distrust_hash",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_roothash=DEADBEEF action=DENY\n"
+		"op=KERNEL_READ dmverity_roothash=DEADBEEF action=DENY\n",
+		-EACCES, NULL, &fake_bdev_no_sig, &fake_ino_no_data, false
+	},
+	{
+		"dmverity_signature_revoke_hash",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE dmverity_roothash=DEADBEEF action=DENY\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ dmverity_roothash=DEADBEEF action=DENY\n"
+		"op=KERNEL_READ dmverity_signature=TRUE action=ALLOW\n",
+		-EACCES, NULL, &fake_bdev_signed, &fake_ino_no_data, false
+	},
+	{
+		"fsverity_signature_trust_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE fsverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ fsverity_signature=TRUE action=ALLOW\n",
+		0, &fake_verity, &fake_bdev_no_data, &fake_ino_signed, false
+	},
+	{
+		"fsverity_signature_distrust_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE fsverity_signature=TRUE action=DENY\n"
+		"op=KERNEL_READ fsverity_signature=TRUE action=DENY\n",
+		-EACCES, &fake_verity, &fake_bdev_no_data, &fake_ino_signed, false
+	},
+	{
+		"fsverity_signature_trust_no_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE fsverity_signature=FALSE action=ALLOW\n"
+		"op=KERNEL_READ fsverity_signature=FALSE action=ALLOW\n",
+		0, &fake_verity, &fake_bdev_signed, &fake_ino_no_sig, true
+	},
+	{
+		"fsverity_signature_distrust_no_sigdata",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE fsverity_signature=FALSE action=DENY\n"
+		"op=KERNEL_READ fsverity_signature=FALSE action=DENY\n",
+		-EACCES, &fake_verity, &fake_bdev_signed, &fake_ino_no_sig, true
+	},
+	{
+		"fsverity_digest_trust_hash",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE fsverity_digest=DEADBEEF action=ALLOW\n"
+		"op=KERNEL_READ fsverity_digest=DEADBEEF action=ALLOW\n",
+		0, &fake_verity, &fake_bdev_signed, &fake_ino_no_sig, true
+	},
+	{
+		"fsverity_digest_revoke_hash",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE fsverity_digest=DEADBEEF action=DENY\n"
+		"op=EXECUTE fsverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ fsverity_digest=DEADBEEF action=DENY\n"
+		"op=KERNEL_READ fsverity_signature=TRUE action=ALLOW\n",
+		-EACCES, &fake_verity, &fake_bdev_signed, &fake_ino_signed, true
+	},
+	{
+		"dmverity_signature_revoke_fsverity_digest",
+		"policy_name='Test' policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"op=EXECUTE fsverity_digest=DEADBEEF action=DENY\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW\n"
+		"op=KERNEL_READ fsverity_digest=DEADBEEF action=DENY\n"
+		"op=KERNEL_READ dmverity_signature=TRUE action=ALLOW\n",
+		-EACCES, &fake_verity, &fake_bdev_signed, &fake_ino_signed, false
+	},
+};
+
+static void case_to_desc(const struct eval_case *c, char *desc)
+{
+	strncpy(desc, c->desc, KUNIT_PARAM_DESC_SIZE);
+}
+
+KUNIT_ARRAY_PARAM(ipe_eval, cases, case_to_desc);
+
+/**
+ * fake_free_ctx: Fake function to deallocate a context structure.
+ */
+static void fake_free_ctx(struct ipe_context *ctx)
+{
+	struct ipe_policy *p = NULL;
+
+	list_for_each_entry(p, &ctx->policies, next)
+		ipe_put_policy(p);
+
+	kfree(ctx);
+}
+
+/**
+ * create_fake_ctx: Build a fake ipe_context for use
+ *		    in a test.
+ * Return:
+ * !IS_ERR - OK
+ */
+static struct ipe_context *create_fake_ctx(void)
+{
+	struct ipe_context *ctx = NULL;
+
+	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
+	if (!ctx)
+		return ERR_PTR(-ENOMEM);
+
+	INIT_LIST_HEAD(&ctx->policies);
+	refcount_set(&ctx->refcount, 1);
+	spin_lock_init(&ctx->lock);
+	WRITE_ONCE(ctx->enforce, true);
+
+	return ctx;
+}
+
+/**
+ * ipe_ctx_eval_test: Parse a policy, and run a mock through the
+ *		      evaluation loop to check the functional result.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_eval_test(struct kunit *test)
+{
+	int rc = 0;
+	enum ipe_operation i = ipe_operation_exec;
+	struct ipe_policy *pol = NULL;
+	struct ipe_context *ctx = NULL;
+	struct ipe_eval_ctx eval = { 0 };
+	const struct eval_case *t = test->param_value;
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	pol = ipe_new_policy(t->policy, strlen(t->policy), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
+
+	ipe_add_policy(ctx, pol);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(pol));
+	KUNIT_EXPECT_EQ(test, refcount_read(&pol->refcount), 2);
+	KUNIT_EXPECT_PTR_EQ(test, pol->policyfs, NULL);
+	KUNIT_EXPECT_PTR_EQ(test, pol->pkcs7, NULL);
+
+	eval.hook = ipe_hook_max;
+	eval.ipe_bdev = t->bdev_sec;
+	eval.ipe_inode = t->inode_sec;
+	eval.from_init_sb = t->initsb;
+	eval.ci_ctx = ctx;
+	eval.file = t->fake_file;
+
+	for (i = ipe_operation_exec; i < ipe_operation_max; ++i) {
+		eval.op = i;
+		rc = evaluate(&eval);
+		KUNIT_EXPECT_EQ(test, rc, t->errno);
+	}
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(pol);
+}
+
+/**
+ * ipe_ctx_eval_permissive_test: Parse a policy, and run a mock through the
+ *				 evaluation loop to with permissive on,
+ *				 checking the functional result.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_eval_permissive_test(struct kunit *test)
+{
+	int rc = 0;
+	enum ipe_operation i = ipe_operation_exec;
+	struct ipe_policy *pol = NULL;
+	struct ipe_context *ctx = NULL;
+	struct ipe_eval_ctx eval = { 0 };
+	const struct eval_case *t = test->param_value;
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+	WRITE_ONCE(ctx->enforce, false);
+
+	pol = ipe_new_policy(t->policy, strlen(t->policy), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
+
+	ipe_add_policy(ctx, pol);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(pol));
+	KUNIT_EXPECT_EQ(test, refcount_read(&pol->refcount), 2);
+	KUNIT_EXPECT_PTR_EQ(test, pol->policyfs, NULL);
+	KUNIT_EXPECT_PTR_EQ(test, pol->pkcs7, NULL);
+
+	eval.hook = ipe_hook_max;
+	eval.ipe_bdev = t->bdev_sec;
+	eval.ipe_inode = t->inode_sec;
+	eval.from_init_sb = t->initsb;
+	eval.ci_ctx = ctx;
+	eval.file = t->fake_file;
+
+	for (i = ipe_operation_exec; i < ipe_operation_max; ++i) {
+		eval.op = i;
+		rc = evaluate(&eval);
+		KUNIT_EXPECT_EQ(test, rc, 0);
+	}
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(pol);
+}
+
+/**
+ * ipe_ctx_default_eval_test: Ensure an operation-level default
+ *			      is taken over a global-level default.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_default_eval_test(struct kunit *test)
+{
+	int rc = 0;
+	struct ipe_policy *pol = NULL;
+	struct ipe_context *ctx = NULL;
+	struct ipe_eval_ctx eval = { 0 };
+	const char *const policy =
+		"policy_name=Test policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n"
+		"DEFAULT op=EXECUTE action=ALLOW";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	pol = ipe_new_policy(policy, strlen(policy), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
+	KUNIT_EXPECT_EQ(test, pol->parsed->global_default, ipe_action_deny);
+	KUNIT_EXPECT_EQ(test, pol->parsed->rules[ipe_operation_exec].default_action,
+			ipe_action_allow);
+
+	ipe_add_policy(ctx, pol);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(pol));
+	KUNIT_EXPECT_EQ(test, refcount_read(&pol->refcount), 2);
+	KUNIT_EXPECT_PTR_EQ(test, pol->policyfs, NULL);
+	KUNIT_EXPECT_PTR_EQ(test, pol->pkcs7, NULL);
+
+	eval.hook = ipe_hook_max;
+	eval.ipe_bdev = NULL;
+	eval.ipe_inode = NULL;
+	eval.from_init_sb = NULL;
+	eval.ci_ctx = ctx;
+	eval.file = NULL;
+	eval.op = ipe_operation_exec;
+
+	rc = evaluate(&eval);
+	KUNIT_EXPECT_EQ(test, rc, 0);
+
+	eval.op = ipe_operation_kexec_image;
+	rc = evaluate(&eval);
+	KUNIT_EXPECT_EQ(test, rc, -EACCES);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(pol);
+}
+
+/**
+ * ipe_ctx_replace_policy - Associate a policy with a context, then replace it.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_replace_policy(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_policy *pp = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+	p2 = ipe_new_policy(policy2, strlen(policy2), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p2);
+
+	ipe_add_policy(ctx, p1);
+	KUNIT_EXPECT_TRUE(test, list_is_singular(&ctx->policies));
+
+	pp = list_first_entry(&ctx->policies, struct ipe_policy, next);
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+
+	ipe_replace_policy(p1, p2);
+	KUNIT_EXPECT_TRUE(test, list_is_singular(&ctx->policies));
+	pp = list_first_entry(&ctx->policies, struct ipe_policy, next);
+	KUNIT_EXPECT_PTR_EQ(test, pp, p2);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_replace_policy - Associate a policy with a context, mark the policy active,
+ *			    then replace it.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_replace_active_policy(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_policy *pp = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+	p2 = ipe_new_policy(policy2, strlen(policy2), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p2);
+
+	ipe_add_policy(ctx, p1);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(p1));
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	ipe_replace_policy(p1, p2);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p2);
+	ipe_put_policy(pp);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_update_policy - Associate a policy with a context, then update it.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness. This function differs from replace above,
+ * as it performs additional error checking.
+ */
+static void ipe_ctx_update_policy(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_policy *pp = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+
+	ipe_add_policy(ctx, p1);
+	ipe_set_active_pol(p1);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	p2 = ipe_update_policy(p1, policy2, strlen(policy2), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p2);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p2);
+	ipe_put_policy(pp);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_update_wrong_policy - Associate a policy with a context, then
+ *				 attempt update it with the wrong policy.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_update_wrong_policy(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_policy *pp = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t2 policy_version=0.0.0\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+
+	ipe_add_policy(ctx, p1);
+	ipe_set_active_pol(p1);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	p2 = ipe_update_policy(p1, policy2, strlen(policy2), NULL, 0);
+	KUNIT_EXPECT_EQ(test, PTR_ERR(p2), -EINVAL);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_update_wrong_policy - Associate a policy with a context, mark it active,
+ *				 then attempt update it with a stale policy.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_update_rollback_policy(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_policy *pp = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+
+	ipe_add_policy(ctx, p1);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(p1));
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	p2 = ipe_update_policy(p1, policy2, strlen(policy2), NULL, 0);
+	KUNIT_EXPECT_EQ(test, PTR_ERR(p2), -EINVAL);
+
+	rcu_read_lock();
+	pp = ipe_get_policy_rcu(ctx->active_policy);
+	rcu_read_unlock();
+	KUNIT_EXPECT_PTR_EQ(test, pp, p1);
+	ipe_put_policy(pp);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_rollback - Associate two policies with a context, then
+ *		      attempt rollback the active policy.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_rollback(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t2 policy_version=0.0.0\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+	ipe_add_policy(ctx, p1);
+	KUNIT_ASSERT_EQ(test, 0, ipe_set_active_pol(p1));
+
+	p2 = ipe_new_policy(policy2, strlen(policy2), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p2);
+	ipe_add_policy(ctx, p2);
+	KUNIT_ASSERT_EQ(test, -EINVAL, ipe_set_active_pol(p2));
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+/**
+ * ipe_ctx_update_rollback_inactive - Associate a policy with a context, then
+ *				      attempt update it with a stale policy.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_ctx_update_rollback_inactive(struct kunit *test)
+{
+	struct ipe_policy *p1 = NULL;
+	struct ipe_policy *p2 = NULL;
+	struct ipe_context *ctx = NULL;
+	const char *const policy1 = "policy_name=t policy_version=0.0.1\n"
+				    "DEFAULT action=ALLOW";
+	const char *const policy2 = "policy_name=t policy_version=0.0.0\n"
+				    "DEFAULT action=DENY\n";
+
+	ctx = create_fake_ctx();
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, ctx);
+
+	p1 = ipe_new_policy(policy1, strlen(policy1), NULL, 0);
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, p1);
+
+	ipe_add_policy(ctx, p1);
+
+	p2 = ipe_update_policy(p1, policy2, strlen(policy2), NULL, 0);
+	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, p2);
+
+	fake_free_ctx(ctx);
+	ipe_put_policy(p1);
+	ipe_put_policy(p2);
+}
+
+static struct kunit_case ipe_ctx_test_cases[] = {
+	KUNIT_CASE_PARAM(ipe_ctx_eval_test, ipe_eval_gen_params),
+	KUNIT_CASE_PARAM(ipe_ctx_eval_permissive_test, ipe_eval_gen_params),
+	KUNIT_CASE(ipe_ctx_default_eval_test),
+	KUNIT_CASE(ipe_ctx_replace_active_policy),
+	KUNIT_CASE(ipe_ctx_replace_policy),
+	KUNIT_CASE(ipe_ctx_update_policy),
+	KUNIT_CASE(ipe_ctx_update_wrong_policy),
+	KUNIT_CASE(ipe_ctx_update_rollback_policy),
+	KUNIT_CASE(ipe_ctx_update_rollback_inactive),
+	KUNIT_CASE(ipe_ctx_rollback),
+};
+
+static struct kunit_suite ipe_ctx_test_suite = {
+	.name = "ipe-context",
+	.test_cases = ipe_ctx_test_cases,
+};
+
+kunit_test_suite(ipe_ctx_test_suite);
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index 8f8b91c714c2..9a45548118c8 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -231,3 +231,7 @@ void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
 
 	spin_unlock(&pin_lock);
 }
+
+#ifdef CONFIG_SECURITY_IPE_KUNIT_TEST
+#include "ctx_test.c"
+#endif /* CONFIG_SECURITY_IPE_KUNIT_TEST */
diff --git a/security/ipe/policy_parser_tests.c b/security/ipe/policy_parser_tests.c
new file mode 100644
index 000000000000..9bc97f0e0a1c
--- /dev/null
+++ b/security/ipe/policy_parser_tests.c
@@ -0,0 +1,299 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include <linux/slab.h>
+#include <linux/types.h>
+#include <linux/list.h>
+#include <kunit/test.h>
+#include "policy.h"
+
+struct policy_case {
+	const char *const policy;
+	int	   errno;
+	const char *const desc;
+};
+
+static const struct policy_case policy_cases[] = {
+	{
+		"policy_name=\"allowall\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW",
+		0,
+		"basic",
+	},
+	{
+		"policy_name='trailing comment' policy_version=152.0.0 #This is comment\n"
+		"DEFAULT action=ALLOW",
+		0,
+		"trailing comment",
+	},
+	{
+		"policy_name=allowallnewline policy_version=0.2.0\n"
+		"DEFAULT action=ALLOW\n"
+		"\n",
+		0,
+		"trailing newline",
+	},
+	{
+		"policy_name=\"carriage return\tline feed\" policy_version=0.0.1\n"
+		"DEFAULT action=ALLOW\n"
+		"\r\n",
+		0,
+		"clrf newline",
+	},
+	{
+		"policy_name='whitespace' policy_version=0.0.0\n"
+		"DEFAULT\taction=ALLOW\n"
+		"     \t     DEFAULT \t    op=EXECUTE      action=DENY\n"
+		"op=EXECUTE boot_verified=TRUE action=ALLOW\n"
+		"# this is a\tcomment\t\t\t\t\n"
+		"DEFAULT \t op=KERNEL_READ\t\t\t  action=DENY\r\n"
+		"op=KERNEL_READ boot_verified=TRUE action=ALLOW\n",
+		0,
+		"various whitespaces and nested default",
+	},
+	{
+		"policy_name='boot verified' policy_version=-1236.0.0\n"
+		"DEFAULT\taction=ALLOW\n",
+		-EINVAL,
+		"negative version",
+	},
+	{
+		"policy_name=\"# this is not a comment\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW",
+		0,
+		"quoted '#'",
+	},
+	{
+		"policy_name=$@!*&^%%\\:;{}() policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW",
+		0,
+		"special characters",
+	},
+	{
+		"policy_name=test policy_version=999999.0.0\n"
+		"DEFAULT action=ALLOW",
+		-ERANGE,
+		"overflow version",
+	},
+	{
+		"policy_name=test policy_version=255.0\n"
+		"DEFAULT action=ALLOW",
+		-EBADMSG,
+		"incomplete version",
+	},
+	{
+		"policy_name=test policy_version=111.0.0.0\n"
+		"DEFAULT action=ALLOW",
+		-EBADMSG,
+		"extra version",
+	},
+	{
+		"",
+		-EBADMSG,
+		"0-length policy",
+	},
+	{
+		"policy_name=\"test\"\0policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW",
+		-EBADMSG,
+		"random null in header",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"\0DEFAULT action=ALLOW",
+		-EBADMSG,
+		"incomplete policy from NULL",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=DENY\n\0"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW\n",
+		0,
+		"NULL truncates policy",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_signature=abc action=ALLOW",
+		-EBADMSG,
+		"invalid property type",
+	},
+	{
+		"DEFAULT action=ALLOW",
+		-EBADMSG,
+		"missing policy header",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n",
+		-EBADMSG,
+		"missing default definition",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=KERNEL_READ dmverity_signature=TRUE action=ALLOW",
+		0,
+		"aliased operation",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"dmverity_signature=TRUE op=EXECUTE action=ALLOW",
+		-EINVAL,
+		"invalid rule ordering"
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"action=ALLOW op=EXECUTE dmverity_signature=TRUE",
+		-EINVAL,
+		"invalid rule ordering (2)",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW",
+		-EBADMSG,
+		"invalid version",
+	},
+	{
+		"policy_name=\"test\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=UNKNOWN dmverity_signature=TRUE action=ALLOW",
+		-ENOENT,
+		"unknown operation",
+	},
+	{
+		"policy_name=\"asdv\"policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n",
+		-EBADMSG,
+		"missing space after quote",
+	},
+	{
+		"policy_name=\"test\xFF\xEF\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_signature=TRUE action=ALLOW",
+		0,
+		"expanded ascii",
+	},
+	{
+		"policy_name=\"test\xFF\xEF\" policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"op=EXECUTE dmverity_roothash=\"GOOD DOG\" action=ALLOW",
+		-EINVAL,
+		"invalid property value (2)",
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"policy_name='test' policy_version=0.1.0\n"
+		"DEFAULT action=ALLOW",
+		-EBADMSG,
+		"double header"
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"DEFAULT action=ALLOW\n",
+		-EBADMSG,
+		"double default"
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"DEFAULT op=EXECUTE action=DENY\n"
+		"DEFAULT op=EXECUTE action=ALLOW\n",
+		-EBADMSG,
+		"double operation default"
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"DEFAULT op=EXECUTE action=DEN\n",
+		-EINVAL,
+		"invalid allow value"
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"DEFAULT op=EXECUTE action\n",
+		-EINVAL,
+		"invalid allow value (2)"
+	},
+	{
+		"policy_name='test' policy_version=0.0.0\n"
+		"DEFAULT action=ALLOW\n"
+		"UNKNOWN value=true\n",
+		-EINVAL,
+		"unrecognized statement"
+	}
+};
+
+static void pol_to_desc(const struct policy_case *c, char *desc)
+{
+	strncpy(desc, c->desc, KUNIT_PARAM_DESC_SIZE);
+}
+
+KUNIT_ARRAY_PARAM(ipe_policies, policy_cases, pol_to_desc);
+
+/**
+ * ipe_parser_unsigned_test: Throw policies at the parser and check the result.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness. This test does not check the correctness
+ * of the policy, but ensures that errors are handled correctly. Functional
+ * validation of correctly-parsed policies are done in the evaluation unit tests.
+ */
+static void ipe_parser_unsigned_test(struct kunit *test)
+{
+	const struct policy_case *p = test->param_value;
+	struct ipe_policy *pol = ipe_new_policy(p->policy, strlen(p->policy), NULL, 0);
+
+	if (p->errno) {
+		KUNIT_EXPECT_EQ(test, PTR_ERR(pol), p->errno);
+		return;
+	}
+
+	KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
+	KUNIT_EXPECT_EQ(test, 1, refcount_read(&pol->refcount));
+	KUNIT_EXPECT_PTR_EQ(test, NULL, pol->ctx);
+	KUNIT_EXPECT_NOT_ERR_OR_NULL(test, pol->parsed);
+	KUNIT_EXPECT_PTR_EQ(test, NULL, pol->policyfs);
+	KUNIT_EXPECT_STREQ(test, pol->text, p->policy);
+	KUNIT_EXPECT_PTR_EQ(test, NULL, pol->pkcs7);
+	KUNIT_EXPECT_EQ(test, 0, pol->pkcs7len);
+	KUNIT_EXPECT_TRUE(test, list_empty(&pol->next));
+
+	ipe_put_policy(pol);
+}
+
+/**
+ * ipe_parser_widestring_test: Ensure a wide string policy causes a failure.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_parser_widestring_test(struct kunit *test)
+{
+	struct ipe_policy *pol = NULL;
+	const unsigned short policy[] = L"policy_name=Test policy_version=0.0.0\n"
+					L"DEFAULT action=ALLOW";
+
+	pol = ipe_new_policy((const char *)policy, (ARRAY_SIZE(policy) - 1) * 2, NULL, 0);
+	KUNIT_EXPECT_TRUE(test, IS_ERR_OR_NULL(pol));
+
+	ipe_put_policy(pol);
+}
+
+static struct kunit_case ipe_parser_test_cases[] = {
+	KUNIT_CASE_PARAM(ipe_parser_unsigned_test, ipe_policies_gen_params),
+	KUNIT_CASE(ipe_parser_widestring_test),
+};
+
+static struct kunit_suite ipe_parser_test_suite = {
+	.name = "ipe-parser",
+	.test_cases = ipe_parser_test_cases,
+};
+
+kunit_test_suite(ipe_parser_test_suite);
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC PATCH v7 16/16] documentation: add ipe documentation
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (14 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 15/16] ipe: kunit tests deven.desai
@ 2021-10-13 19:06 ` deven.desai
  2021-10-25 11:30 ` [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) Roberto Sassu
  16 siblings, 0 replies; 63+ messages in thread
From: deven.desai @ 2021-10-13 19:06 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

From: Deven Bowers <deven.desai@linux.microsoft.com>

Add IPE's admin and developer documentation to the kernel tree.

Co-developed-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
---

Relevant changes since v6:
  * Add additional developer-level documentation
  * Update admin-guide docs to reflect changes.
  * Drop Acked-by due to significant changes

---
 Documentation/admin-guide/LSM/index.rst       |   1 +
 Documentation/admin-guide/LSM/ipe.rst         | 587 ++++++++++++++++++
 .../admin-guide/kernel-parameters.txt         |  12 +
 Documentation/security/index.rst              |   1 +
 Documentation/security/ipe.rst                | 339 ++++++++++
 MAINTAINERS                                   |   2 +
 6 files changed, 942 insertions(+)
 create mode 100644 Documentation/admin-guide/LSM/ipe.rst
 create mode 100644 Documentation/security/ipe.rst

diff --git a/Documentation/admin-guide/LSM/index.rst b/Documentation/admin-guide/LSM/index.rst
index a6ba95fbaa9f..ce63be6d64ad 100644
--- a/Documentation/admin-guide/LSM/index.rst
+++ b/Documentation/admin-guide/LSM/index.rst
@@ -47,3 +47,4 @@ subdirectories.
    tomoyo
    Yama
    SafeSetID
+   ipe
diff --git a/Documentation/admin-guide/LSM/ipe.rst b/Documentation/admin-guide/LSM/ipe.rst
new file mode 100644
index 000000000000..56a9fa2fe59b
--- /dev/null
+++ b/Documentation/admin-guide/LSM/ipe.rst
@@ -0,0 +1,587 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+Integrity Policy Enforcement (IPE)
+==================================
+
+.. NOTE::
+
+   This is the documentation for admins, system builders, or individuals
+   attempting to use IPE, without understanding all of its internal systems.
+   If you're looking for documentation to extend IPE, understand the design
+   decisions behind IPE, or are just curious about the internals, please
+   see :ref:`Documentation/security/ipe.rst`
+
+Overview
+--------
+
+IPE is a Linux Security Module which imposes a complimentary model
+of mandatory access control to other LSMs. Whereas the existing LSMs
+impose access control based on labels or paths, IPE imposes access
+control based on the trust of the resource. Simply put, IPE
+or restricts access to a resource based on the trust of said resource.
+
+Trust requirements are established via IPE's policy, sourcing multiple
+different implementations within the kernel to build a cohesive trust
+model, based on how the system was built.
+
+Trust vs Integrity
+------------------
+
+Trust, with respect to computing, is a concept that designates a set
+of entities who will endorse a set of resources as non-malicious.
+Traditionally, this is done via signatures, which is the act of endorsing
+a resource. Integrity, on the other hand, is the concept of ensuring that a
+resource has not been modified since a point of time. This is typically done
+through cryptography or signatures.
+
+Trust and integrity are very closely tied together concepts, as integrity
+is the way you can prove trust for a resource; otherwise it could have
+been modified by an entity who is untrusted.
+
+IPE provides a way for a user to express trust of resources, by using
+pre-existing systems which provide the integrity half of the equation.
+
+Use Cases
+---------
+
+IPE works best in fixed-function devices: Devices in which their purpose
+is clearly defined and not supposed to be changed (e.g. network firewall
+device in a data center, an IoT device, etcetera), where all software and
+configuration is built and provisioned by the system owner.
+
+IPE is a long-way off for use in general-purpose computing:
+the Linux community as a whole tends to follow a decentralized trust
+model, known as the Web of Trust, which IPE has no support for as of yet.
+Instead, IPE supports the PKI Trust Model, which generally designates a
+set of entities that provide a measure absolute trust.
+
+Additionally, while most packages are signed today, the files inside
+the packages (for instance, the executables), tend to be unsigned. This
+makes it difficult to utilize IPE in systems where a package manager is
+expected to be functional, without major changes to the package manager
+and ecosystem behind it.
+
+For the highest level of security, platform firmware should verify the
+the kernel and optionally the root filesystem (for example, via U-Boot
+verified boot). This forms a chain of trust from the hardware, ensuring
+that every stage of the system is trusted.
+
+Known Gaps
+----------
+
+IPE cannot verify the integrity of anonymous executable memory, such as
+the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
+Unfortunately, as this is dynamically generated code, there is no way
+for IPE to ensure the integrity of this code to form a trust basis. In all
+cases, the return result for these operations will be whatever the admin
+configures the DEFAULT action for "EXECUTE".
+
+IPE cannot verify the integrity of interpreted languages' programs when
+these scripts invoked via ``<interpreter> <file>``. This is because the
+way interpreters execute these files, the scripts themselves are not
+evaluated as executable code through one of IPE's hooks. Interpreters
+can be enlightened to the usage of IPE by trying to mmap a file into
+executable memory (+X), after opening the file and responding to the
+error code appropriately. This also applies to included files, or high
+value files, such as configuration files of critical system components [#]_.
+
+.. [#] Mickaël Salaün's `trusted_for patchset <https://lore.kernel.org/all/20211008104840.1733385-1-mic@digikod.net/>`_
+   can be used to leverage this.
+
+Threat Model
+------------
+
+The threat type addressed by IPE is tampering of executable user-land
+code beyond the initially booted kernel, and the initial verification of
+kernel modules that are loaded in userland through ``modprobe`` or
+``insmod``.
+
+Tampering violates integrity, and being unable to verify the integrity,
+results in a lack of trust. IPE's role in mitigating this threat is to
+verify the integrity (and authenticity) of all executable code and to
+deny their use if they cannot be trusted (as integrity verification fails).
+IPE generates audit logs which may be utilized to detect failures resulting
+from failure to pass policy.
+
+Tampering threat scenarios include modification or replacement of
+executable code by a range of actors including:
+
+-  Actors with physical access to the hardware
+-  Actors with local network access to the system
+-  Actors with access to the deployment system
+-  Compromised internal systems under external control
+-  Malicious end users of the system
+-  Compromised end users of the system
+-  Remote (external) compromise of the system
+
+IPE does not mitigate threats arising from malicious authorized
+developers, or compromised developer tools used by authorized
+developers. Additionally, IPE draws hard security boundary between user
+mode and kernel mode. As a result, IPE does not provide any protections
+against a kernel level exploit, and a kernel-level exploit can disable
+or tamper with IPE's protections.
+
+Policy
+------
+
+IPE policy is a plain-text [#]_ policy composed of multiple statements
+over several lines. There is one required line, at the top of the
+policy, indicating the policy name, and the policy version, for
+instance::
+
+   policy_name="Ex Policy" policy_version=0.0.0
+
+The policy name is a unique key identifying this policy in a human
+readable name. This is used to create nodes under securityfs as well as
+uniquely identify policies to deploy new policies vs update existing
+policies.
+
+The policy version indicates the current version of the policy (NOT the
+policy syntax version). This is used to prevent rollback of policy to
+potentially insecure previous versions of the policy.
+
+The next portion of IPE policy, are rules. Rules are formed by key=value
+pairs, known as properties. IPE rules require two properties: "action",
+which determines what IPE does when it encounters a match against the
+rule, and "op", which determines when that rule should be evaluated.
+The ordering is significant, a rule must start with "op", and end with
+"action". Thus, a minimal rule is::
+
+   op=EXECUTE action=ALLOW
+
+This example will allow any execution. Additional properties are used to
+restrict attributes about the files being evaluated. These properties
+are intended to be descriptions of systems within the kernel, that can
+provide a measure of integrity verification, such that IPE can determine
+the trust of the resource based on the "value" half of the property.
+
+Rules are evaluated top-to-bottom. As a result, any revocation rules,
+or denies should be placed early in the file to ensure that these rules
+are evaluated before as rule with "action=ALLOW" is hit.
+
+IPE policy is designed to be only forward compatible. Userspace can read
+what the parser's current configuration (supported statements, properties,
+etcetera) via reading the securityfs entry, 'ipe/config'
+
+IPE policy supports comments. The character '#' will function as a
+comment, ignoring all characters to the right of '#' until the newline.
+
+The default behavior of IPE evaluations can also be expressed in policy,
+through the ``DEFAULT`` statement. This can be done at a global level,
+or a per-operation level::
+
+   # Global
+   DEFAULT action=ALLOW
+
+   # Operation Specific
+   DEFAULT op=EXECUTE action=ALLOW
+
+A default must be set for all known operations in IPE. If you want to
+preserve older policies being compatible with newer kernels that can introduce
+new operations, please set a global default of 'ALLOW', and override the
+defaults on a per-operation basis.
+
+With configurable policy-based LSMs, there's several issues with
+enforcing the configurable policies at startup, around reading and
+parsing the policy:
+
+1. The kernel *should* not read files from userland, so directly reading
+   the policy file is prohibited.
+2. The kernel command line has a character limit, and one kernel module
+   should not reserve the entire character limit for its own
+   configuration.
+3. There are various boot loaders in the kernel ecosystem, so handing
+   off a memory block would be costly to maintain.
+
+As a result, IPE has addressed this problem through a concept of a "boot
+policy". A boot policy is a minimal policy, compiled into the kernel.
+This policy is intended to get the system to a state where userland is
+setup and ready to receive commands, at which point a more complex
+policy ("user policies") can be deployed via securityfs. The boot policy
+can be specified via the Kconfig, ``SECURITY_IPE_BOOT_POLICY``, which
+accepts a path to a plain-text version of the IPE policy to apply. This
+policy will be compiled into the kernel. If not specified, IPE will be
+disabled until a policy is deployed and activated through securityfs.
+
+.. [#] Please see the :ref:`Documentation/security/ipe.rst` for more on this
+   topic.
+
+Deploying Policies
+~~~~~~~~~~~~~~~~~~
+
+User policies as explained above, are policies that are deployed from
+userland, through securityfs. These policies are signed to enforce some
+level of authorization of the policies (prohibiting an attacker from
+gaining root, and deploying an "allow all" policy), through the PKCS#7
+enveloped data format. These policies must be signed by a certificate
+that chains to the ``SYSTEM_TRUSTED_KEYRING``. Through openssl, the
+signing can be done via::
+
+   openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
+     -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
+     -out "$MY_POLICY.p7s"
+
+Deploying the policies is done through securityfs, through the
+``new_policy`` node. To deploy a policy, simply cat the file into the
+securityfs node::
+
+   cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
+
+Upon success, this will create one subdirectory under
+``/sys/kernel/security/ipe/policies/``. The subdirectory will be the
+``policy_name`` field of the policy deployed, so for the example above,
+the directory will be ``/sys/kernel/security/ipe/policies/Ex\ Policy``.
+Within this directory, there will be five files: ``pkcs7``, ``policy``,
+``active``, ``update``, and ``delete``.
+
+The ``pkcs7`` file is rw, reading will provide the raw PKCS#7 data that
+was provided to the kernel, representing the policy. Writing, will
+deploy an in-place policy update - if this policy is the currently
+running policy, the new updated policy will replace it immediately upon
+success. If the policy being read is the boot policy, when read, this
+will return ENOENT.
+
+The ``policy`` file is read only. Reading will provide the PKCS#7 inner
+content of the policy, which will be the plain text policy.
+
+The ``active`` file is used to set a policy as the currently active policy.
+This file is rw, and accepts a value of ``"1"`` to set the policy as active.
+Since only a single policy can be active at one time, all other policies
+will be marked inactive. The policy being marked active must have a policy
+version greater or equal to the currently-running version.
+
+The ``update`` file is used to update a policy that is already present in
+the kernel. This file is write-only and accepts a PKCS#7 signed policy.
+One check will be performed on this policy: the policy_names must match
+with the updated version and the existing version. If the policy being
+updated is the active policy, the updated policy must have a policy version
+greater or equal to the currently-running version.
+
+The ``delete`` file is used to remove a policy that is no longer needed.
+This file is write-only and accepts a value of ``"1"`` to delete the policy.
+On deletion, the securityfs node representing the policy will be removed.
+The policy that is currently active, cannot be deleted.
+
+Similarly, the writes to both ``update`` and ``new_policy`` above will
+result in an error upon syntactically invalid or untrusted policies.
+It will also error if a policy already exists with the same ``policy_name``,
+in the case of ``new_policy``.
+
+Deploying these policies will *not* cause IPE to start enforcing this
+policy. Once deployment is successful, a policy can be marked as active,
+via ``/sys/kernel/security/ipe/$policy_name/active``. IPE will enforce
+whatever policy is marked as active. For our example, we can activate
+the ``Ex Policy`` via::
+
+   echo "1" > "/sys/kernel/security/ipe/Ex Policy/active"
+
+At which point, ``Ex Policy`` will now be the enforced policy on the
+system.
+
+IPE also provides a way to delete policies. This can be done via the
+``delete`` securityfs node, ``/sys/kernel/security/ipe/$policy_name/delete``.
+Writing ``1`` to that file will delete that node::
+
+   echo "1" > "/sys/kernel/security/ipe/$policy_name/delete"
+
+There is only one requirement to delete a policy:
+
+1. The policy being deleted must not be the active policy.
+
+.. NOTE::
+
+   If a traditional MAC system is enabled (SELinux, apparmor, smack), all
+   writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Modes
+~~~~~
+
+IPE supports two modes of operation: permissive (similar to SELinux's
+permissive mode) and enforce. Permissive mode performs the same checks
+as enforce mode, and logs policy violations, but will not enforce the
+policy. This allows users to test policies before enforcing them.
+
+The default mode is enforce, and can be changed via the kernel command
+line parameter ``ipe.enforce=(0|1)``, or the securityfs node
+``/sys/kernel/security/ipe/enforce``.
+
+.. NOTE::
+
+   If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
+   all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Audit Events
+~~~~~~~~~~~~
+
+Success Auditing
+^^^^^^^^^^^^^^^^
+
+IPE supports success auditing. When enabled, all events that pass IPE
+policy and are not blocked will emit an audit event. This is disabled by
+default, and can be enabled via the kernel command line
+``ipe.success_audit=(0|1)`` or the securityfs node,
+``/sys/kernel/security/ipe/success_audit``.
+
+This is very noisy, as IPE will check every user-mode binary on the
+system, but is useful for debugging policies.
+
+.. NOTE::
+
+   If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
+   all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Properties
+--------------
+
+As explained above, IPE properties are ``key=value`` pairs expressed in
+IPE policy. Two properties are built-into the policy parser: 'op' and
+'action'. The other properties are determinstic attributes to express
+across files. Currently those properties are: 'boot_verified',
+'dmverity_signature', 'dmverity_roothash', 'fsverity_signature',
+'fsverity_digest'. A description of all properties supported by IPE
+are listed below:
+
+op
+~~
+
+Indicates the operation for a rule to apply to. Must be in every rule,
+as the first token. IPE supports the following operations:
+
+Version 1
+^^^^^^^^^
+
+``EXECUTE``
+
+   Pertains to any file attempting to be executed, or loaded as an
+   executable.
+
+``FIRMWARE``:
+
+   Pertains to firmware being loaded via the firmware_class interface.
+   This covers both the preallocated buffer and the firmware file
+   itself.
+
+``KMODULE``:
+
+   Pertains to loading kernel modules via ``modprobe`` or ``insmod``.
+
+``KEXEC_IMAGE``:
+
+   Pertains to kernel images loading via ``kexec``.
+
+``KEXEC_INITRAMFS``
+
+   Pertains to initrd images loading via ``kexec --initrd``.
+
+``POLICY``:
+
+   Controls loading IMA policies through the
+   ``/sys/kernel/security/ima/policy`` securityfs entry.
+
+``X509_CERT``:
+
+   Controls loading IMA certificates through the Kconfigs,
+   ``CONFIG_IMA_X509_PATH`` and ``CONFIG_EVM_X509_PATH``.
+
+``KERNEL_READ``:
+
+   Short hand for all of the following: ``FIRMWARE``, ``KMODULE``,
+   ``KEXEC_IMAGE``, ``KEXEC_INITRAMFS``, ``POLICY``, and ``X509_CERT``.
+
+action
+~~~~~~
+
+Version 1
+^^^^^^^^^
+
+Determines what IPE should do when a rule matches. Must be in every
+rule, as the final clause. Can be one of:
+
+``ALLOW``:
+
+   If the rule matches, explicitly allow access to the resource to proceed
+   without executing any more rules.
+
+``DENY``:
+
+   If the rule matches, explicitly prohibit access to the resource to
+   proceed without executing any more rules.
+
+boot_verified
+~~~~~~~~~~~~~
+
+Version 1
+^^^^^^^^^
+
+This property can be utilized for authorization of the first super-block
+that executes a file. This is almost always init. Typically this is used
+for systems with an initramfs or other initial disk, where this is unmounted
+before the system becomes available, and is not covered by any other property.
+This property is controlled by the Kconfig, ``CONFIG_IPE_PROP_BOOT_VERIFIED``.
+The format of this property is::
+
+       boot_verified=(TRUE|FALSE)
+
+
+.. WARNING::
+
+  This property will trust any disk where the first execution evaluation
+  occurs. If you do *NOT* have a startup disk that is unpacked and unmounted
+  (like initramfs), then it will automatically trust the root filesystem and
+  potentially overauthorize the entire disk.
+
+dmverity_roothash
+~~~~~~~~~~~~~~~~~
+
+Version 1
+^^^^^^^^^
+
+This property can be utilized for authorization or revocation of
+specific dm-verity volumes, identified via root hash. It has a
+dependency on the DM_VERITY module. This property is controlled by the
+Kconfig ``CONFIG_IPE_PROP_DM_VERITY_ROOTHASH``. The format of this property
+is::
+
+   dmverity_roothash=HashHexDigest
+
+dmverity_signature
+~~~~~~~~~~~~~~~~~~
+
+Version 1
+^^^^^^^^^
+
+This property can be utilized for authorization of all dm-verity volumes
+that have a signed roothash that chains to a keyring specified by dm-verity's
+configuration, either the system trusted keyring, or the secondary keyring.
+It has an additional dependency on the ``DM_VERITY_VERIFY_ROOTHASH_SIG``
+Kconfig. This property is controlled by the Kconfig
+``CONFIG_IPE_PROP_DM_VERITY_SIGNATURE``. The format of this property is::
+
+   dmverity_signature=(TRUE|FALSE)
+
+fsverity_digest
+~~~~~~~~~~~~~~~
+
+Version 1
+^^^^^^^^^
+This property can be utilized for authorization or revocation of
+specific fsverity enabled file, identified via its fsverity digest,
+which is the hash of a struct contains the file's roothash and hashing
+parameters. It has a dependency on the FS_VERITY module.
+This property is controlled by the Kconfig
+``CONFIG_IPE_PROP_FS_VERITY_DIGEST``. The format of this property is::
+
+   fsverity_digest=HashHexDigest
+
+fsverity_signature
+~~~~~~~~~~~~~~~~~~
+
+Version 1
+^^^^^^^^^
+
+This property can be utilized for authorization of all fsverity enabled
+files that is verified by fsverity. The keyring that is verifies against
+is subject to fsverity's configuration, which is typically the fsverity
+keyring. It has a dependency on the ``CONFIG_FS_VERITY_BUILTIN_SIGNATURES``
+Kconfig. This property is controlled by the Kconfig
+``CONFIG_IPE_PROP_FS_VERITY_SIGNATURE``. The format of this property is::
+
+   fsverity_signature=(TRUE|FALSE)
+
+Policy Examples
+---------------
+
+Allow all
+~~~~~~~~~
+
+::
+
+   policy_name="Allow All" policy_version=0.0.0
+   DEFAULT action=ALLOW
+
+Allow only initial superblock
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="Allow All Initial SB" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE boot_verified=TRUE action=ALLOW
+
+Allow any signed dm-verity volume and the initial superblock
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="AllowSignedAndInitial" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE boot_verified=TRUE action=ALLOW
+   op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Prohibit execution from a specific dm-verity volume
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="AllowSignedAndInitial" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=DENY
+   op=EXECUTE boot_verified=TRUE action=ALLOW
+   op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Allow only a specific dm-verity volume
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="AllowSignedAndInitial" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW
+
+Allow any signed fs-verity file
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="AllowSignedFSVerity" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE fsverity_signature=TRUE action=ALLOW
+
+Prohibit execution of a specific fs-verity file
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+   policy_name="ProhibitSpecificFSVF" policy_version=0.0.0
+   DEFAULT action=DENY
+
+   op=EXECUTE fsverity_digest=fd88f2b8824e197f850bf4c5109bea5cf0ee38104f710843bb72da796ba5af9e action=DENY
+   op=EXECUTE boot_verified=TRUE action=ALLOW
+   op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Additional Information
+----------------------
+
+- `Github Repository <https://github.com/microsoft/ipe>`_
+- `Design Documentation </security/ipe>`_
+
+FAQ
+---
+
+:Q: What's the difference between other LSMs which provide trust-based
+   access control, for instance, IMA?
+
+:A: IMA is a fantastic option when needing measurement in addition to the
+   trust-based access model. All of IMA is centered around their measurement
+   hashes, so you save time when doing both actions. IPE, on the other hand,
+   is a highly performant system that does not rely (and explicitly prohibits),
+   generating its own integrity mechanisms - separating measurement and access
+   control. Simply put, IPE provides only the enforcement of trust, while other
+   subsystems provide the integrity guarantee that IPE needs to determine the
+   trust of a resource. IMA provides both the integrity guarantee, and the
+   enforcement of trust.
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 43dc35fe5bc0..85dd654e642f 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2096,6 +2096,18 @@
 	ipcmni_extend	[KNL] Extend the maximum number of unique System V
 			IPC identifiers from 32,768 to 16,777,216.
 
+	ipe.enforce=	[IPE]
+			Format: <bool>
+			Determine whether IPE starts in permissive (0) or
+			enforce (1) mode. The default is enforce.
+
+	ipe.success_audit=
+			[IPE]
+			Format: <bool>
+			Start IPE with success auditing enabled, emitting
+			an audit event when a binary is allowed. The default
+			is 0.
+
 	irqaffinity=	[SMP] Set the default irq affinity mask
 			The argument is a cpu list, as described above.
 
diff --git a/Documentation/security/index.rst b/Documentation/security/index.rst
index 16335de04e8c..c06530b50514 100644
--- a/Documentation/security/index.rst
+++ b/Documentation/security/index.rst
@@ -17,3 +17,4 @@ Security Documentation
    tpm/index
    digsig
    landlock
+   ipe
diff --git a/Documentation/security/ipe.rst b/Documentation/security/ipe.rst
new file mode 100644
index 000000000000..e691e08e0303
--- /dev/null
+++ b/Documentation/security/ipe.rst
@@ -0,0 +1,339 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+Integrity Policy Enforcement (IPE) - Design Documents
+=====================================================
+
+.. NOTE::
+
+   This is the documentation for kernel developers and other individuals
+   who want to understand the reason behind why IPE is designed the way it
+   is, as well as a tour of the implementation. If you're looking for
+   documentation on the usage of IPE, please see
+   :ref:`Documentation/admin-guide/LSM/ipe.rst`
+
+Role and Scope
+--------------
+
+IPE originally started with a simple goal: create a system that can
+ensure that only trusted usermode binaries are allowed to be executed.
+
+During the design phase it was apparent that there are multiple systems
+within the Linux kernel that can provide some level of integrity
+verification, and by association, trust for its content:
+
+  1. DM-Verity
+  2. FS-Verity
+  3. IMA + EVM
+
+However, of those systems only the third option has the ability to enforce
+trust requirements on the whole system. Its architecture, however is centered
+around its own form of verifications, and a multitude of actions surrounding
+those verifications with various purposes, the most prominent being measurement
+and verification (appraisal). This makes it unsuitable from a layering and
+architectural purpose, as IPE's goal is limited to ensure just trusted usermode
+binaries are executed, with the intentional goal of supporting multiple methods
+from a higher subsystem layer (i.e. fs, block, or super_block).
+
+The two other options, dm-verity and fs-verity are missing a crucial component
+to accomplish the goal of IPE: a policy to indicate the requirements of
+answering the question "What is Trusted?" and a system-wide level of enforcing
+those requirements.
+
+Therefore, IPE was designed around:
+
+  1. Easy configuration of trust mechanisms
+  2. Ease of integration with other layers
+  3. Ease of use for platform administrators.
+
+Design Decisions
+----------------
+
+Policy
+~~~~~~
+
+Plain Text
+^^^^^^^^^^
+
+Unlike other LSMs, IPE's policy is plain-text. This introduces slightly larger
+policy files than other LSMs, but solves two major problems that occurs with
+other trust-based access control systems.
+
+The first issue is one of code maintenance and duplication. To author policies,
+the policy has to be some form of string representation (be it structured,
+through XMl, JSON, YAML, etcetera), to allow the policy author to understand
+what is being written. In a hypothetical binary policy design, that a serializer
+must be written to write said binary form, for a *majority* of humans to be
+able to utilize it properly.
+
+Additionally, a deserializer will eventually be needed to transform the binary
+back into text with as much information preserved. Without a deserializer, a
+user of this access control system will have to keep a lookup table of either
+a checksum, or the file itself to try to understand what policies have been
+deployed on this system and what policies have not. For a single user, this
+may be alright, as old policies can be discarded almost immediately after
+the update takes hold.
+
+For users that manage fleets in the thousands, if not hundreds of thousands,
+this quickly becomes an issue, as stale policies from years ago may be present,
+quickly resulting in the need to recover the policy or fund extensive
+infrastructure to track what each policy contains.
+
+Secondly, a serializer is still needed with a plain-text policy (as the plain
+text policy still has to be serialized to a data structure in the kernel), so
+not much is saved.
+
+The second issue is one of transparency. As IPE controls access based on trust,
+it's policy must also be trusted to be changed. This is done through signatures,
+chaining to the SYSTEM_TRUSTED_KEYRING. The confidence of signing a plain-text
+policy in which you can see every aspect of what is being signed is a step higher
+than signing an opaque binary blob.
+
+Boot Policy
+~~~~~~~~~~~
+
+Additionally, IPE shouldn't have any obvious gaps in its enforcement story.
+That means, a policy that configures trust requirements, if specified, must
+be enforced as soon as the kernel starts up. That can be accomplished one
+of three ways:
+
+  1. The policy file(s) live on disk and the kernel loads the policy prior
+     to an code path that would result in an enforcement decision.
+  2. The policy file(s) are passed by the bootloader to the kernel, who
+     parses the policy.
+  3. There is a policy file that is compiled into the kernel that is
+     parsed and enforced on initialization.
+
+The first option has problems: the kernel reading files from userspace
+is typically discouraged and very uncommon in the kernel.
+
+The second option also has problems: Linux supports a variety of bootloaders
+across its entire ecosystem - every bootloader would have to support this
+new methodology or there must be an independent source. Additionally, it
+would likely result in more drastic changes to the kernel startup than
+necessary.
+
+The third option is the best but it's important to be aware that the policy
+will take disk space against the kernel it's compiled in. It's important to
+keep this policy generalized enough that userspace can load a new, more
+complicated policy, but restrictive enough that it will not overauthorize
+and cause security issues.
+
+The initramfs, provides a way that this bootup path can be established. The
+kernel starts with a minimal policy, that just trusts the initramfs. Inside
+the initramfs, when the real rootfs is mounted, but not yet transferred to,
+it deploys and activates a policy that trusts the new root filesystem(s).
+This prevents overauthorization at any step, and keeps the kernel policy
+to a minimal size.
+
+Startup
+^^^^^^^
+
+Not every system, however starts with an initramfs, so the startup policy
+compiled into the kernel will need some flexibility to express how trust
+is established for the next phase of the bootup. To this end, if we just
+make the compiled-in policy a full IPE policy, it allows system builders
+to express the first stage bootup requirements appropriately.
+
+Updatable, Rebootless Policy
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+As time goes on, trust requirements are changed (vulnerabilities are found in
+previously trusted applcations, keys roll, etcetera). Updating a kernel to
+change the trust requirements is not always a suitable option, as updates
+are not always risk-free and without consequence. This means IPE requires
+a policy that can be completely updated from a source external to the kernel.
+
+Additionally, since the kernel is relatively stateless between invocations,
+and we've established that reading policy files off the disk from kernel
+space is a *bad idea*, then the policy updates have to be done rebootlessly.
+
+To allow an update from an external source, it could be potentially malicious,
+so this policy needs to have a way to be identified as trusted. This will be
+done via a signature, chained to a trust source in the kernel. Arbitrarily,
+this will be the ``SYSTEM_TRUSTED_KEYRING``, a keyring that is initially
+populated at kernel compile-time, as this matches the expectation that the
+author of the compiled-in policy described above is the same entity that can
+deploy policy updates.
+
+Anti-Rollback / Anti-Replay
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Over time, vulnerabilities are found and trusted resources may not be
+trusted anymore. IPE's policy has no exception to this. There can be
+instances where a mistaken policy author deploys an insecure policy,
+before correcting it with a secure policy.
+
+Assuming that as soon as the insecure policy was signed, an attacker
+can acquire the insecure policy, IPE needs a way to prevent rollback
+from the secure policy update, to the insecure policy update.
+
+Initially, IPE's policy can have a policy_version that states the
+minimum required version across all policies that can be active on
+the system. This will prevent rollback while the system is live.
+
+.. WARNING::
+
+  However, since the kernel is stateless across boots, this policy
+  version will be reset to 0.0.0 on the next boot. System builders
+  need to be aware of this, and ensure the new secure policies are
+  deployed ASAP after a boot to ensure that the window of
+  opportunity is minimal for an attacker to deploy the insecure policy[#]_.
+
+Implementation
+--------------
+
+Context
+~~~~~~~
+
+An ``ipe_context`` structure represent a context in which IPE can be enforced.
+It contains all the typical values that one would expect are global:
+
+  1. Enforce/Permissive State
+  2. Active Policy
+  3. List of Policies
+  4. Success Auditing State
+
+A context is created at boot time and attached to the ``task_struct`` as a
+security blob. All new ``task_struct`` will inherit the original ``ipe_context``
+that the system boots with. This structure is reference counted.
+
+Initially, a system will only ever have one context; for ``init``, and since
+all userspace processes are descendents of ``init``, all of usermode will have
+this execution context.
+
+This architecture has some advantages - namely, it allows for a natural
+extension for IPE to create new contexts - such as applying a different
+policy for trust for a privledged container from that of its host.
+
+Anonymous Memory
+~~~~~~~~~~~~~~~~
+
+Anonymous memory isn't treated any differently than any other access in IPE.
+When anonymous memory is mapped with ``+X``, it still comes into the ``file_mmap``
+hook, but with a ``NULL`` file object. This is submitted to the evaluation, like
+any other file, however, all trust mechanisms will return false as there is
+nothing to evaluate. This means anonymous memory execution is subject to
+whatever the ``DEFAULT`` is for ``EXECUTE``.
+
+.. WARNING::
+
+  This also occurs with the ``kernel_load_data`` hook, which is used by signed
+  and compressed kernel modules. Using this with IPE will result in the
+  ``DEFAULT`` for ``KMODULE`` being taken.
+
+Policy Parser
+~~~~~~~~~~~~~
+
+The policy parser is the staple of IPE's functionality, providing a
+modular way to introduce new integrations. As such, it's functionality
+is divided into 4 passes. This gives the benefit of clearly defined pre
+and post-condition states after each pass, giving debugging benefits
+when something goes wrong.
+
+In pass1, the policy is transformed into a 2D, jagged, array of tokens,
+where a token is defined as a "key=value" pair, or a singular token,
+for example, "DEFAULT". Quoted values are parsed as a single value-pair,
+which is why ``<linux/parser.h>`` parser is insufficient - it does not
+understand quoted values.
+
+In pass2, the jagged array produced in pass1 is partially ingested,
+creating a partially populated policy, where no rules have been parsed
+yet, but metadata and references are created that can be now used in
+pass3.
+
+Examples of parsing that would be done in pass2::
+
+  policy_name="my-policy" policy_version=0.0.0
+  DEFAULT action=DENY
+
+As these lines are not rules in of themselves, but effect the policy
+itself.
+
+In pass3, the remaining lines in the jagged array produced in pass1 and
+partially-consumed in pass2 is consumed completely, parsing all the
+rules in IPE policy. This can leverage the data used in pass2.
+Example lines parsed in pass3::
+
+  op=EXECUTE dmverity_signature=TRUE action=DENY
+
+A rule is strictly defined as starts with the op token and ends with
+the action token.
+
+After this pass, a policy is deemed fully constructed but not yet valid,
+as there could be missing elements (such as a required DEFAULT for all
+actions, missing a policy_name), etc.
+
+Additionally, as IPE policy supports operation aliases (an operation
+that maps to two or more other operations), support is added here.
+
+The purpose in the division of pass2 and pass3 is to allow for
+declarations in IPE's syntax. For example, in the future, if we were
+to introduce this syntax::
+
+  CERTIFICATE=FakeCert thumbprint=DEADBEEF CN="Contoso"
+
+And use it like so::
+
+  op=EXECUTE dmverity_signature=FakeCert action=ALLOW
+
+The ``CERTIFICATE`` lines can be grouped together at any place in the policy.
+
+After pass3, an IPE policy can still be technically invalid for use, as
+a policy can be lacking required elements to eliminated the possibility
+of undefined or unknown behavior.
+
+A concrete example is when a policy does not define a default action for
+all possibilities::
+
+  DEFAULT op=EXECUTE action=ALLOW
+
+At this point, while a technically syntactically and semantically valid
+policy, it does not contain enough information to determine what should
+be done for an operation other than "EXECUTE". As IPE's design
+explicitly prohibits the implicit setting of a DEFAULT, it is important
+for cases like these are prevented from occurring.
+
+To resolve all these cases, a final check on the policy is done to ensure
+it valid for use.
+
+In all cases, the parser is the number one bottleneck when it comes to
+IPE's performance, but has the benefit of happening rarely, and as a
+direct consequence of user-input.
+
+Module vs Parser
+~~~~~~~~~~~~~~~~
+
+A "module", "trust provider", or "property" as defined in IPE's code and
+commits is an integration with an external subsystem that provides a way
+to identify a resource as trusted. It's the code that powers the key=value
+pairs in between the ``op`` token and the ``action`` token. These are called
+in pass3 when parsing a policy (via the ``parse`` method), and during
+evaluation when evaluating a access attempt (via the ``eval`` method). These
+discrete modules are single files in ``security/ipe/modules`` and are
+versioned independently. The documentation in the admin guide and be used
+to cross reference what version supports what syntax.
+
+A "parser", on the other hand is a discrete unit of code that is *only*
+used when parsing a policy in pass2. The intention is to make it easy
+to introduce statements, like the ``DEFAULT`` statement::
+
+  DEFAULT op=EXECUTE action=ALLOW
+  DEFAULT action=ALLOW
+
+or, the policy header::
+
+  policy_name="MyPolicy" policy_version=0.0.0
+
+These individual fragments of code, as such, gain access to manipulating
+IPE's policy structure directly, as opposed to the opaque ``void *`` that
+modules get.
+
+.. [#] This is something we're interested in solving, using some
+       persistent storage
+
+Tests
+~~~~~
+
+IPE initially has KUnit Tests, testing primarily the parser and the context
+structures. A majority of these are table-based testing, please contribute
+to them, especially when adding new properties.
diff --git a/MAINTAINERS b/MAINTAINERS
index a84ca781199b..909db5ba6f87 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -9283,6 +9283,8 @@ INTEGRITY POLICY ENFORCEMENT (IPE)
 M:	Deven Bowers <deven.desai@linux.microsoft.com>
 M:	Fan Wu <wufan@linux.microsoft.com>
 S:	Supported
+F:	Documentation/admin-guide/LSM/ipe.rst
+F:	Documentation/security/ipe.rst
 F:	scripts/ipe/
 F:	security/ipe/
 
-- 
2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-13 19:06 ` [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature deven.desai
@ 2021-10-13 19:24   ` Eric Biggers
  2021-10-15 19:25     ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Eric Biggers @ 2021-10-13 19:24 UTC (permalink / raw)
  To: deven.desai
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On Wed, Oct 13, 2021 at 12:06:31PM -0700, deven.desai@linux.microsoft.com wrote:
> From: Fan Wu <wufan@linux.microsoft.com>
> 
> Add security_inode_setsecurity to fsverity signature verification.
> This can let LSMs save the signature data and digest hashes provided
> by fsverity.

Can you elaborate on why LSMs need this information?

> 
> Also changes the implementaion inside the hook function to let
> multiple LSMs can add hooks.

Please split fs/verity/ changes and security/ changes into separate patches, if
possible.

> 
> Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>

> @@ -177,6 +178,17 @@ struct fsverity_info *fsverity_create_info(const struct inode *inode,
>  		fsverity_err(inode, "Error %d computing file digest", err);
>  		goto out;
>  	}
> +
> +	err = security_inode_setsecurity((struct inode *)inode,

If a non-const inode is needed, please propagate that into the callers rather
than randomly casting away the const.

> +					 FS_VERITY_DIGEST_SEC_NAME,
> +					 vi->file_digest,
> +					 vi->tree_params.hash_alg->digest_size,
> +					 0);

The digest isn't meaningful without knowing the hash algorithm it uses.
It's available here, but you aren't passing it to this function.

> @@ -84,7 +85,9 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
>  
>  	pr_debug("Valid signature for file digest %s:%*phN\n",
>  		 hash_alg->name, hash_alg->digest_size, vi->file_digest);
> -	return 0;
> +	return security_inode_setsecurity((struct inode *)inode,

Likewise, please don't cast away const.

> +					FS_VERITY_SIGNATURE_SEC_NAME,
> +					signature, sig_size, 0);

This is only for fs-verity built-in signatures which aren't the only way to do
signatures with fs-verity.  Are you sure this is what you're looking for?  Can
you elaborate on your use case for fs-verity built-in signatures, and what the
LSM hook will do with them?

- Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-13 19:06 ` [RFC PATCH v7 07/16] ipe: add auditing support deven.desai
@ 2021-10-13 20:02   ` Steve Grubb
  2021-10-15 19:25     ` Deven Bowers
  2021-10-13 22:54   ` Randy Dunlap
  1 sibling, 1 reply; 63+ messages in thread
From: Steve Grubb @ 2021-10-13 20:02 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge, linux-audit
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel, linux-audit, deven.desai

Hello,

On Wednesday, October 13, 2021 3:06:26 PM EDT deven.desai@linux.microsoft.com 
wrote:
> Users of IPE require a way to identify when and why an operation fails,
> allowing them to both respond to violations of policy and be notified
> of potentially malicious actions on their systens with respect to IPE
> itself.

Would you mind sending examples of audit events so that we can see what the 
end result is? Some people add them to the commit text. But we still need to 
see what they look like.

Thanks,
-Steve



^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-13 19:06 ` [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read deven.desai
@ 2021-10-13 20:04   ` Casey Schaufler
  2021-10-15 19:25     ` Deven Bowers
  2021-10-25 12:22   ` Roberto Sassu
  1 sibling, 1 reply; 63+ messages in thread
From: Casey Schaufler @ 2021-10-13 20:04 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel, linux-audit,
	Casey Schaufler

On 10/13/2021 12:06 PM, deven.desai@linux.microsoft.com wrote:
> From: Deven Bowers <deven.desai@linux.microsoft.com>
>
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for execve,
> mprotect, mmap, kernel_load_data and kernel_read_data.
>
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> ---
>
> Relevant changes since v6:
>   * Split up patch 02/12 into four parts:
>       1. context creation [01/16]
>       2. audit [07/16]
>       3. evaluation loop [03/16]
>       4. access control hooks [05/16] (this patch)
>
> ---
>  security/ipe/hooks.c  | 149 ++++++++++++++++++++++++++++++++++++++++++
>  security/ipe/hooks.h  |  23 ++++++-
>  security/ipe/ipe.c    |   5 ++
>  security/ipe/policy.c |  23 +++++++
>  security/ipe/policy.h |  12 +++-
>  5 files changed, 209 insertions(+), 3 deletions(-)
>
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index ed0c886eaa5a..216242408a80 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -6,11 +6,15 @@
>  #include "ipe.h"
>  #include "ctx.h"
>  #include "hooks.h"
> +#include "eval.h"
>  
> +#include <linux/fs.h>
>  #include <linux/sched.h>
>  #include <linux/types.h>
>  #include <linux/refcount.h>
>  #include <linux/rcupdate.h>
> +#include <linux/binfmts.h>
> +#include <linux/mman.h>
>  
>  /**
>   * ipe_task_alloc: Assign a new context for an associated task structure.
> @@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
>  	ipe_put_ctx(ctx);
>  	rcu_read_unlock();
>  }
> +
> +/**
> + * ipe_on_exec: LSM hook called when a process is loaded through the exec
> + *		family of system calls.
> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> + *	  being evaluated.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_exec(struct linux_binprm *bprm)
> +{
> +	return ipe_process_event(bprm->file, ipe_operation_exec, ipe_hook_exec);
> +}
> +
> +/**
> + * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
> + *		family of system calls.
> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + *	  system configuration.
> + * @flags: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> +		unsigned long flags)
> +{
> +	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
> +		return ipe_process_event(f, ipe_operation_exec, ipe_hook_mmap);
> +
> +	return 0;
> +}
> +
> +/**
> + * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is changing
> + *		    its protections via mprotect.
> + * @vma: Existing virtual memory area created by mmap or similar
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + *	  system configuration.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> +		    unsigned long prot)
> +{
> +	/* Already Executable */
> +	if (vma->vm_flags & VM_EXEC)
> +		return 0;
> +
> +	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
> +		return ipe_process_event(vma->vm_file, ipe_operation_exec,
> +					 ipe_hook_mprotect);
> +
> +	return 0;
> +}
> +
> +/**
> + * ipe_on_kernel_read: LSM hook called when a file is being read in from
> + *		       disk.
> + * @file: Supplies a pointer to the file structure being read in from disk
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> +		       bool contents)
> +{
> +	enum ipe_operation op;
> +
> +	switch (id) {
> +	case READING_FIRMWARE:
> +		op = ipe_operation_firmware;
> +		break;
> +	case READING_MODULE:
> +		op = ipe_operation_kernel_module;
> +		break;
> +	case READING_KEXEC_INITRAMFS:
> +		op = ipe_operation_kexec_initramfs;
> +		break;
> +	case READING_KEXEC_IMAGE:
> +		op = ipe_operation_kexec_image;
> +		break;
> +	case READING_POLICY:
> +		op = ipe_operation_ima_policy;
> +		break;
> +	case READING_X509_CERTIFICATE:
> +		op = ipe_operation_ima_x509;
> +		break;
> +	default:
> +		op = ipe_operation_max;
> +	}
> +
> +	return ipe_process_event(file, op, ipe_hook_kernel_read);
> +}
> +
> +/**
> + * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in from
> + *			    disk.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
> +{
> +	enum ipe_operation op;
> +
> +	switch (id) {
> +	case LOADING_FIRMWARE:
> +		op = ipe_operation_firmware;
> +		break;
> +	case LOADING_MODULE:
> +		op = ipe_operation_kernel_module;
> +		break;
> +	case LOADING_KEXEC_INITRAMFS:
> +		op = ipe_operation_kexec_initramfs;
> +		break;
> +	case LOADING_KEXEC_IMAGE:
> +		op = ipe_operation_kexec_image;
> +		break;
> +	case LOADING_POLICY:
> +		op = ipe_operation_ima_policy;
> +		break;
> +	case LOADING_X509_CERTIFICATE:
> +		op = ipe_operation_ima_x509;
> +		break;
> +	default:
> +		op = ipe_operation_max;
> +	}
> +
> +	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index 58ed4a612e26..c99a0b7f45f7 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -5,11 +5,19 @@
>  #ifndef IPE_HOOKS_H
>  #define IPE_HOOKS_H
>  
> +#include <linux/fs.h>
>  #include <linux/types.h>
>  #include <linux/sched.h>
> +#include <linux/binfmts.h>
> +#include <linux/security.h>
>  
>  enum ipe_hook {
> -	ipe_hook_max = 0
> +	ipe_hook_exec = 0,
> +	ipe_hook_mmap,
> +	ipe_hook_mprotect,
> +	ipe_hook_kernel_read,
> +	ipe_hook_kernel_load,
> +	ipe_hook_max
>  };
>  
>  int ipe_task_alloc(struct task_struct *task,
> @@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
>  
>  void ipe_task_free(struct task_struct *task);
>  
> +int ipe_on_exec(struct linux_binprm *bprm);
> +
> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> +		unsigned long flags);
> +
> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> +		    unsigned long prot);
> +
> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> +		       bool contents);
> +
> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
> +
>  #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index b58b372327a1..3f9d43783293 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>  static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
>  	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
>  	LSM_HOOK_INIT(task_free, ipe_task_free),
> +	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
> +	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
> +	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
> +	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
> +	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),

Please stick with the lsmname_hook_name convention, as you did
with ipe_task_alloc and ipe_task_free. Anyone who is looking at
more than one LSM is going to have a much harder time working
with your code the way you have it. Think

	% find security | xargs grep '_bprm_check_security('

>  };
>  
>  /**
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index b766824cc08f..048500229365 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -483,6 +483,14 @@ int ipe_parse_op(const struct ipe_policy_token *tok,
>  {
>  	substring_t match[MAX_OPT_ARGS] = { 0 };
>  	const match_table_t ops = {
> +		{ ipe_operation_exec,		 "EXECUTE" },
> +		{ ipe_operation_firmware,	 "FIRMWARE" },
> +		{ ipe_operation_kernel_module,	 "KMODULE" },
> +		{ ipe_operation_kexec_image,	 "KEXEC_IMAGE" },
> +		{ ipe_operation_kexec_initramfs, "KEXEC_INITRAMFS"},
> +		{ ipe_operation_ima_policy,	 "IMA_POLICY" },
> +		{ ipe_operation_ima_x509,	 "IMA_X509_CERT" },
> +		{ ipe_op_alias_kernel_read,	 "KERNEL_READ" },
>  		{ ipe_op_alias_max, NULL },
>  	};
>  
> @@ -838,6 +846,15 @@ static int parse_policy(struct ipe_policy *p)
>  	return rc;
>  }
>  
> +static const enum ipe_operation alias_kread[] = {
> +	ipe_operation_firmware,
> +	ipe_operation_kernel_module,
> +	ipe_operation_ima_policy,
> +	ipe_operation_ima_x509,
> +	ipe_operation_kexec_image,
> +	ipe_operation_kexec_initramfs,
> +};
> +
>  /**
>   * ipe_is_op_alias: Determine if @op is an alias for one or more operations
>   * @op: Supplies the operation to check. Should be either ipe_operation or
> @@ -852,9 +869,15 @@ static int parse_policy(struct ipe_policy *p)
>  bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
>  {
>  	switch (op) {
> +	case ipe_op_alias_kernel_read:
> +		*map = alias_kread;
> +		*size = ARRAY_SIZE(alias_kread);
> +		break;
>  	default:
>  		return false;
>  	}
> +
> +	return true;
>  }
>  
>  /**
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 6818f6405dd0..ca37af46e5af 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -26,7 +26,14 @@ struct ipe_policy_line {
>  struct ipe_module;
>  
>  enum ipe_operation {
> -	ipe_operation_max = 0,
> +	ipe_operation_exec = 0,
> +	ipe_operation_firmware,
> +	ipe_operation_kernel_module,
> +	ipe_operation_kexec_image,
> +	ipe_operation_kexec_initramfs,
> +	ipe_operation_ima_policy,
> +	ipe_operation_ima_x509,
> +	ipe_operation_max
>  };
>  
>  /*
> @@ -34,7 +41,8 @@ enum ipe_operation {
>   * that are just one or more operations under the hood
>   */
>  enum ipe_op_alias {
> -	ipe_op_alias_max = ipe_operation_max,
> +	ipe_op_alias_kernel_read = ipe_operation_max,
> +	ipe_op_alias_max,
>  };
>  
>  enum ipe_action {


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-13 19:06 ` [RFC PATCH v7 07/16] ipe: add auditing support deven.desai
  2021-10-13 20:02   ` Steve Grubb
@ 2021-10-13 22:54   ` Randy Dunlap
  2021-10-15 19:25     ` Deven Bowers
  1 sibling, 1 reply; 63+ messages in thread
From: Randy Dunlap @ 2021-10-13 22:54 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

Hi,

On 10/13/21 12:06 PM, deven.desai@linux.microsoft.com wrote:
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index c4503083e92d..ef556b66e674 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -17,3 +17,55 @@ menuconfig SECURITY_IPE
>   	  requirements on the fly.
>   
>   	  If unsure, answer N.
> +
> +if SECURITY_IPE
> +
> +choice
> +	prompt "Hash algorithm used in auditing policies"
> +	default IPE_AUDIT_HASH_SHA1
> +	depends on AUDIT
> +	help
> +		Specify the hash algorithm used when auditing policies.
> +		The hash is used to uniquely identify a policy from other
> +		policies on the system.
> +
> +		If unsure, leave default.
> +
> +	config IPE_AUDIT_HASH_SHA1
> +		bool "sha1"
> +		depends on CRYPTO_SHA1
> +		help
> +			Use the SHA128 algorithm to hash policies
> +			in the audit records.
> +
> +	config IPE_AUDIT_HASH_SHA256
> +		bool "sha256"
> +		depends on CRYPTO_SHA256
> +		help
> +			Use the SHA256 algorithm to hash policies
> +			in the audit records.
> +
> +	config IPE_AUDIT_HASH_SHA384
> +		bool "sha384"
> +		depends on CRYPTO_SHA512
> +		help
> +			Use the SHA384 algorithm to hash policies
> +			in the audit records
> +
> +	config IPE_AUDIT_HASH_SHA512
> +		bool "sha512"
> +		depends on CRYPTO_SHA512
> +		help
> +			Use the SHA512 algorithm to hash policies
> +			in the audit records
> +endchoice
> +
> +config IPE_AUDIT_HASH_ALG
> +	string
> +	depends on AUDIT
> +	default "sha1" if IPE_AUDIT_HASH_SHA1
> +	default "sha256" if IPE_AUDIT_HASH_SHA256
> +	default "sha384" if IPE_AUDIT_HASH_SHA384
> +	default "sha512" if IPE_AUDIT_HASH_SHA512
> +
> +endif

Please follow coding-style for Kconfig files:

(from Documentation/process/coding-style.rst, section 10):

For all of the Kconfig* configuration files throughout the source tree,
the indentation is somewhat different.  Lines under a ``config`` definition
are indented with one tab, while help text is indented an additional two
spaces.


thanks.
-- 
~Randy

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-13 22:54   ` Randy Dunlap
@ 2021-10-15 19:25     ` Deven Bowers
  2021-10-15 19:50       ` Randy Dunlap
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-10-15 19:25 UTC (permalink / raw)
  To: Randy Dunlap, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On 10/13/2021 3:54 PM, Randy Dunlap wrote:
> Hi,
>
> On 10/13/21 12:06 PM, deven.desai@linux.microsoft.com wrote:
>> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
>> index c4503083e92d..ef556b66e674 100644
>> --- a/security/ipe/Kconfig
>> +++ b/security/ipe/Kconfig
>> @@ -17,3 +17,55 @@ menuconfig SECURITY_IPE
>>         requirements on the fly.
>>           If unsure, answer N.
>> +
>> +if SECURITY_IPE
>> +
>> +choice
>> +    prompt "Hash algorithm used in auditing policies"
>> +    default IPE_AUDIT_HASH_SHA1
>> +    depends on AUDIT
>> +    help
>> +        Specify the hash algorithm used when auditing policies.
>> +        The hash is used to uniquely identify a policy from other
>> +        policies on the system.
>> +
>> +        If unsure, leave default.
>> +
>> +    config IPE_AUDIT_HASH_SHA1
>> +        bool "sha1"
>> +        depends on CRYPTO_SHA1
>> +        help
>> +            Use the SHA128 algorithm to hash policies
>> +            in the audit records.
>> +
>> +    config IPE_AUDIT_HASH_SHA256
>> +        bool "sha256"
>> +        depends on CRYPTO_SHA256
>> +        help
>> +            Use the SHA256 algorithm to hash policies
>> +            in the audit records.
>> +
>> +    config IPE_AUDIT_HASH_SHA384
>> +        bool "sha384"
>> +        depends on CRYPTO_SHA512
>> +        help
>> +            Use the SHA384 algorithm to hash policies
>> +            in the audit records
>> +
>> +    config IPE_AUDIT_HASH_SHA512
>> +        bool "sha512"
>> +        depends on CRYPTO_SHA512
>> +        help
>> +            Use the SHA512 algorithm to hash policies
>> +            in the audit records
>> +endchoice
>> +
>> +config IPE_AUDIT_HASH_ALG
>> +    string
>> +    depends on AUDIT
>> +    default "sha1" if IPE_AUDIT_HASH_SHA1
>> +    default "sha256" if IPE_AUDIT_HASH_SHA256
>> +    default "sha384" if IPE_AUDIT_HASH_SHA384
>> +    default "sha512" if IPE_AUDIT_HASH_SHA512
>> +
>> +endif
>
> Please follow coding-style for Kconfig files:
>
> (from Documentation/process/coding-style.rst, section 10):
>
> For all of the Kconfig* configuration files throughout the source tree,
> the indentation is somewhat different.  Lines under a ``config`` 
> definition
> are indented with one tab, while help text is indented an additional two
> spaces.
>
Oof. That's embarrassing. Sorry, I'll fix this for v8.

While I'm at it, is the help text required for choice configs?
checkpatch --strict complains with a warning without them, but
I see other places in the tree where help text is omitted for
these configs attached to a choice.

Documentation/process/* doesn't seem to have any guidance, nor
Documentation/kbuild/* on whether it is safe to ignore that
checkpatch warning.





^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-13 20:02   ` Steve Grubb
@ 2021-10-15 19:25     ` Deven Bowers
  2021-11-02 19:44       ` Steve Grubb
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-10-15 19:25 UTC (permalink / raw)
  To: Steve Grubb, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, linux-audit
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel

On 10/13/2021 1:02 PM, Steve Grubb wrote:

> Hello,
>
> On Wednesday, October 13, 2021 3:06:26 PM EDT deven.desai@linux.microsoft.com
> wrote:
>> Users of IPE require a way to identify when and why an operation fails,
>> allowing them to both respond to violations of policy and be notified
>> of potentially malicious actions on their systens with respect to IPE
>> itself.
> Would you mind sending examples of audit events so that we can see what the
> end result is? Some people add them to the commit text. But we still need to
> see what they look like.
>
> Thanks,
> -Steve

Sure, sorry. I’ll add them to the commit description (and the documentation
patch at the end) for v8 – In the interest of asynchronous feedback, I’ve
copied the relevant examples:

AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
ctx_ino=532 ctx_dev=vda rule="DEFAULT op=EXECUTE action=DENY"

AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
ctx_ino=532 ctx_dev=vda rule="DEFAULT action=DENY"

AUDIT1420 IPE ctx_pid=253 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=1
ctx_comm="anon" rule="DEFAULT op=EXECUTE action=DENY"

These three audit records represent various types of results after 
evaluating
the trust of a resource. The first two differ in the rule that was 
matched in
IPE's policy, the first being an operation-specific default, the second 
being
a global default. The third is an example of what is audited when anonymous
memory is blocked (as there is no way to verify the trust of an anonymous
page).

The remaining three events, AUDIT_TRUST_POLICY_LOAD (1421),
AUDIT_TRUST_POLICY_ACTIVATE (1422), and AUDIT_TRUST_STATUS (1423) have this
form:

AUDIT1421 IPE policy_name="my-policy" policy_version=0.0.0 
<hash_alg_name>=<hash>
AUDIT1422 IPE policy_name="my-policy" policy_version=0.0.0 
<hash_alg_name>=<hash>
AUDIT1423 IPE enforce=1

The 1421 (AUDIT_TRUST_POLICY_LOAD) event represents a new policy was loaded
into the kernel, but not is not marked as the policy to enforce. The

The 1422 (AUDIT_TRUST_POLICY_ACTIVATE) event represents a policy that was
already loaded was made the enforcing policy.

The 1423 (AUDIT_TRUST_STATUS) event represents a switch between 
permissive and
enforce, it is added in 08/16 (the following patch)


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-13 19:24   ` Eric Biggers
@ 2021-10-15 19:25     ` Deven Bowers
  2021-10-15 20:11       ` Eric Biggers
  2021-11-03 12:28       ` Roberto Sassu
  0 siblings, 2 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-15 19:25 UTC (permalink / raw)
  To: Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module


On 10/13/2021 12:24 PM, Eric Biggers wrote:
> On Wed, Oct 13, 2021 at 12:06:31PM -0700, deven.desai@linux.microsoft.com wrote:
>> From: Fan Wu <wufan@linux.microsoft.com>
>>
>> Add security_inode_setsecurity to fsverity signature verification.
>> This can let LSMs save the signature data and digest hashes provided
>> by fsverity.
> Can you elaborate on why LSMs need this information?

The proposed LSM (IPE) of this series will be the only one to need
this information at the  moment. IPE’s goal is to have provide
trust-based access control. Trust and Integrity are tied together,
as you cannot prove trust without proving integrity.

IPE needs the digest information to be able to compare a digest
provided by the policy author, against the digest calculated by
fsverity to make a decision on whether that specific file, represented
by the digest is authorized for the actions specified in the policy.

A more concrete example, if an IPE policy author writes:

     op=EXECUTE fsverity_digest=<HexDigest > action=DENY

IPE takes the digest provided by this security hook, stores it
in IPE's security blob on the inode. If this file is later
executed, IPE compares the digest stored in the LSM blob,
provided by this hook, against <HexDigest> in the policy, if
it matches, it denies the access, performing a revocation
of that file.

This brings me to your next comment:

 > The digest isn't meaningful without knowing the hash algorithm it uses.
It's available here, but you aren't passing it to this function.

The digest is meaningful without the algorithm in this case.
IPE does not want to recalculate a digest, that’s expensive and
doesn’t provide any value. IPE, in this case, treats this as a
buffer to compare the policy-provided one above to make a
policy decision about access to the resource.

>> Also changes the implementaion inside the hook function to let
>> multiple LSMs can add hooks.
> Please split fs/verity/ changes and security/ changes into separate patches, if
> possible.

Sorry, will do, not a problem.

>> @@ -177,6 +178,17 @@ struct fsverity_info *fsverity_create_info(const struct inode *inode,
>>   		fsverity_err(inode, "Error %d computing file digest", err);
>>   		goto out;
>>   	}
>> +
>> +	err = security_inode_setsecurity((struct inode *)inode,
> If a non-const inode is needed, please propagate that into the callers rather
> than randomly casting away the const.
>
>> +					 FS_VERITY_DIGEST_SEC_NAME,
>> +					 vi->file_digest,
>> +					 vi->tree_params.hash_alg->digest_size,
>> +					 0);
>> @@ -84,7 +85,9 @@ int fsverity_verify_signature(const struct fsverity_info *vi,
>>   
>>   	pr_debug("Valid signature for file digest %s:%*phN\n",
>>   		 hash_alg->name, hash_alg->digest_size, vi->file_digest);
>> -	return 0;
>> +	return security_inode_setsecurity((struct inode *)inode,
>>
> Likewise, please don't cast away const.

Sorry, I should've caught these myself. I'll change
fsverity_create_info to accept the non-const inode, and
change fsverity_verify_signature to accept an additional inode
struct as the first arg instead of changing the fsverity_info
structure to have a non-const inode field.

>> +					FS_VERITY_SIGNATURE_SEC_NAME,
>> +					signature, sig_size, 0);
> This is only for fs-verity built-in signatures which aren't the only way to do
> signatures with fs-verity.  Are you sure this is what you're looking for?

Could you elaborate on the other signature types that can be used
with fs-verity? I’m 99% sure this is what I’m looking for as this
is a signature validated in the kernel against the fs-verity keyring
as part of the “fsverity enable” utility.

It's important that the signature is validated in the kernel, as
userspace is considered untrusted until the signature is validated
for this case.

> Can you elaborate on your use case for fs-verity built-in signatures,
Sure, signatures, like digests, also provide a way to prove integrity,
and the trust component comes from the validation against the keyring,
as opposed to a fixed value in IPE’s policy. The use case for fs-verity
built-in signatures is that we have a rw ext4 filesystem that has some
executable files, and we want to have a execution policy (through IPE)
that only _trusted_ executables can run. Perf is important here, hence
fs-verity.

> and what the LSM hook will do with them?

At the moment, this will just signal to IPE that these fs-verity files were
enabled with a built-in signature as opposed to enabled without a signature.
In v7, it copies the signature data into IPE's LSM blob attached to the 
inode.
In v8+, I'm changing this to store “true” in IPE's LSM blob instead, as 
copying
the signature data is an unnecessary waste of space and point of 
failure. This
has a _slightly_ different functionality then fs.verity.require_signatures,
because even if someone were to disable the require signatures option, IPE
would still know if these files were signed or not and be able to make the
access control decision based IPE's policy.

Very concretely, this powers this kind of rule in IPE:

   op=EXECUTE fsverity_signature=TRUE action=ALLOW

if that fsverity_signature value in IPE’s LSM blob attached to the inode is
true, then fsverity_signature in IPE’s policy will evaluate to true and 
match
this rule. The inverse is also applicable.


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-13 20:04   ` Casey Schaufler
@ 2021-10-15 19:25     ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-15 19:25 UTC (permalink / raw)
  To: Casey Schaufler, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel, linux-audit


On 10/13/2021 1:04 PM, Casey Schaufler wrote:
> On 10/13/2021 12:06 PM, deven.desai@linux.microsoft.com wrote:
>> From: Deven Bowers <deven.desai@linux.microsoft.com>
>>
>> IPE's initial goal is to control both execution and the loading of
>> kernel modules based on the system's definition of trust. It
>> accomplishes this by plugging into the security hooks for execve,
>> mprotect, mmap, kernel_load_data and kernel_read_data.
>>
>> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
>> ---
>>
>> Relevant changes since v6:
>>    * Split up patch 02/12 into four parts:
>>        1. context creation [01/16]
>>        2. audit [07/16]
>>        3. evaluation loop [03/16]
>>        4. access control hooks [05/16] (this patch)
>>
>> ---
>>   security/ipe/hooks.c  | 149 ++++++++++++++++++++++++++++++++++++++++++
>>   security/ipe/hooks.h  |  23 ++++++-
>>   security/ipe/ipe.c    |   5 ++
>>   security/ipe/policy.c |  23 +++++++
>>   security/ipe/policy.h |  12 +++-
>>   5 files changed, 209 insertions(+), 3 deletions(-)
>>
>> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
>> index ed0c886eaa5a..216242408a80 100644
>> --- a/security/ipe/hooks.c
>> +++ b/security/ipe/hooks.c
>> @@ -6,11 +6,15 @@
>>   #include "ipe.h"
>>   #include "ctx.h"
>>   #include "hooks.h"
>> +#include "eval.h"
>>   
>> +#include <linux/fs.h>
>>   #include <linux/sched.h>
>>   #include <linux/types.h>
>>   #include <linux/refcount.h>
>>   #include <linux/rcupdate.h>
>> +#include <linux/binfmts.h>
>> +#include <linux/mman.h>
>>   
>>   /**
>>    * ipe_task_alloc: Assign a new context for an associated task structure.
>> @@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
>>   	ipe_put_ctx(ctx);
>>   	rcu_read_unlock();
>>   }
>> +
>> +/**
>> + * ipe_on_exec: LSM hook called when a process is loaded through the exec
>> + *		family of system calls.
>> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
>> + *	  being evaluated.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_exec(struct linux_binprm *bprm)
>> +{
>> +	return ipe_process_event(bprm->file, ipe_operation_exec, ipe_hook_exec);
>> +}
>> +
>> +/**
>> + * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
>> + *		family of system calls.
>> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
>> + * @reqprot: The requested protection on the mmap, passed from usermode.
>> + * @prot: The effective protection on the mmap, resolved from reqprot and
>> + *	  system configuration.
>> + * @flags: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
>> +		unsigned long flags)
>> +{
>> +	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
>> +		return ipe_process_event(f, ipe_operation_exec, ipe_hook_mmap);
>> +
>> +	return 0;
>> +}
>> +
>> +/**
>> + * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is changing
>> + *		    its protections via mprotect.
>> + * @vma: Existing virtual memory area created by mmap or similar
>> + * @reqprot: The requested protection on the mmap, passed from usermode.
>> + * @prot: The effective protection on the mmap, resolved from reqprot and
>> + *	  system configuration.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
>> +		    unsigned long prot)
>> +{
>> +	/* Already Executable */
>> +	if (vma->vm_flags & VM_EXEC)
>> +		return 0;
>> +
>> +	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
>> +		return ipe_process_event(vma->vm_file, ipe_operation_exec,
>> +					 ipe_hook_mprotect);
>> +
>> +	return 0;
>> +}
>> +
>> +/**
>> + * ipe_on_kernel_read: LSM hook called when a file is being read in from
>> + *		       disk.
>> + * @file: Supplies a pointer to the file structure being read in from disk
>> + * @id: Supplies the enumeration identifying the purpose of the read.
>> + * @contents: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
>> +		       bool contents)
>> +{
>> +	enum ipe_operation op;
>> +
>> +	switch (id) {
>> +	case READING_FIRMWARE:
>> +		op = ipe_operation_firmware;
>> +		break;
>> +	case READING_MODULE:
>> +		op = ipe_operation_kernel_module;
>> +		break;
>> +	case READING_KEXEC_INITRAMFS:
>> +		op = ipe_operation_kexec_initramfs;
>> +		break;
>> +	case READING_KEXEC_IMAGE:
>> +		op = ipe_operation_kexec_image;
>> +		break;
>> +	case READING_POLICY:
>> +		op = ipe_operation_ima_policy;
>> +		break;
>> +	case READING_X509_CERTIFICATE:
>> +		op = ipe_operation_ima_x509;
>> +		break;
>> +	default:
>> +		op = ipe_operation_max;
>> +	}
>> +
>> +	return ipe_process_event(file, op, ipe_hook_kernel_read);
>> +}
>> +
>> +/**
>> + * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in from
>> + *			    disk.
>> + * @id: Supplies the enumeration identifying the purpose of the read.
>> + * @contents: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
>> +{
>> +	enum ipe_operation op;
>> +
>> +	switch (id) {
>> +	case LOADING_FIRMWARE:
>> +		op = ipe_operation_firmware;
>> +		break;
>> +	case LOADING_MODULE:
>> +		op = ipe_operation_kernel_module;
>> +		break;
>> +	case LOADING_KEXEC_INITRAMFS:
>> +		op = ipe_operation_kexec_initramfs;
>> +		break;
>> +	case LOADING_KEXEC_IMAGE:
>> +		op = ipe_operation_kexec_image;
>> +		break;
>> +	case LOADING_POLICY:
>> +		op = ipe_operation_ima_policy;
>> +		break;
>> +	case LOADING_X509_CERTIFICATE:
>> +		op = ipe_operation_ima_x509;
>> +		break;
>> +	default:
>> +		op = ipe_operation_max;
>> +	}
>> +
>> +	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
>> +}
>> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
>> index 58ed4a612e26..c99a0b7f45f7 100644
>> --- a/security/ipe/hooks.h
>> +++ b/security/ipe/hooks.h
>> @@ -5,11 +5,19 @@
>>   #ifndef IPE_HOOKS_H
>>   #define IPE_HOOKS_H
>>   
>> +#include <linux/fs.h>
>>   #include <linux/types.h>
>>   #include <linux/sched.h>
>> +#include <linux/binfmts.h>
>> +#include <linux/security.h>
>>   
>>   enum ipe_hook {
>> -	ipe_hook_max = 0
>> +	ipe_hook_exec = 0,
>> +	ipe_hook_mmap,
>> +	ipe_hook_mprotect,
>> +	ipe_hook_kernel_read,
>> +	ipe_hook_kernel_load,
>> +	ipe_hook_max
>>   };
>>   
>>   int ipe_task_alloc(struct task_struct *task,
>> @@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
>>   
>>   void ipe_task_free(struct task_struct *task);
>>   
>> +int ipe_on_exec(struct linux_binprm *bprm);
>> +
>> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
>> +		unsigned long flags);
>> +
>> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
>> +		    unsigned long prot);
>> +
>> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
>> +		       bool contents);
>> +
>> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
>> +
>>   #endif /* IPE_HOOKS_H */
>> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
>> index b58b372327a1..3f9d43783293 100644
>> --- a/security/ipe/ipe.c
>> +++ b/security/ipe/ipe.c
>> @@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>>   static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
>>   	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
>>   	LSM_HOOK_INIT(task_free, ipe_task_free),
>> +	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
>> +	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
>> +	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
>> +	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
>> +	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
> Please stick with the lsmname_hook_name convention, as you did
> with ipe_task_alloc and ipe_task_free. Anyone who is looking at
> more than one LSM is going to have a much harder time working
> with your code the way you have it. Think
>
> 	% find security | xargs grep '_bprm_check_security('

Sure. I'll make this change with the v8 series.



^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-15 19:25     ` Deven Bowers
@ 2021-10-15 19:50       ` Randy Dunlap
  2021-10-26 19:03         ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Randy Dunlap @ 2021-10-15 19:50 UTC (permalink / raw)
  To: Deven Bowers, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On 10/15/21 12:25 PM, Deven Bowers wrote:
> On 10/13/2021 3:54 PM, Randy Dunlap wrote:
>> Hi,
>>
>> On 10/13/21 12:06 PM, deven.desai@linux.microsoft.com wrote:
>>> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
>>> index c4503083e92d..ef556b66e674 100644
>>> --- a/security/ipe/Kconfig
>>> +++ b/security/ipe/Kconfig
>>> @@ -17,3 +17,55 @@ menuconfig SECURITY_IPE
>>>         requirements on the fly.
>>>           If unsure, answer N.
>>> +
>>> +if SECURITY_IPE
>>> +
>>> +choice
>>> +    prompt "Hash algorithm used in auditing policies"
>>> +    default IPE_AUDIT_HASH_SHA1
>>> +    depends on AUDIT
>>> +    help
>>> +        Specify the hash algorithm used when auditing policies.
>>> +        The hash is used to uniquely identify a policy from other
>>> +        policies on the system.
>>> +
>>> +        If unsure, leave default.
>>> +
>>> +    config IPE_AUDIT_HASH_SHA1
>>> +        bool "sha1"
>>> +        depends on CRYPTO_SHA1
>>> +        help
>>> +            Use the SHA128 algorithm to hash policies
>>> +            in the audit records.
>>> +
>>> +    config IPE_AUDIT_HASH_SHA256
>>> +        bool "sha256"
>>> +        depends on CRYPTO_SHA256
>>> +        help
>>> +            Use the SHA256 algorithm to hash policies
>>> +            in the audit records.
>>> +
>>> +    config IPE_AUDIT_HASH_SHA384
>>> +        bool "sha384"
>>> +        depends on CRYPTO_SHA512
>>> +        help
>>> +            Use the SHA384 algorithm to hash policies
>>> +            in the audit records
>>> +
>>> +    config IPE_AUDIT_HASH_SHA512
>>> +        bool "sha512"
>>> +        depends on CRYPTO_SHA512
>>> +        help
>>> +            Use the SHA512 algorithm to hash policies
>>> +            in the audit records
>>> +endchoice
>>> +
>>> +config IPE_AUDIT_HASH_ALG
>>> +    string
>>> +    depends on AUDIT
>>> +    default "sha1" if IPE_AUDIT_HASH_SHA1
>>> +    default "sha256" if IPE_AUDIT_HASH_SHA256
>>> +    default "sha384" if IPE_AUDIT_HASH_SHA384
>>> +    default "sha512" if IPE_AUDIT_HASH_SHA512
>>> +
>>> +endif
>>
>> Please follow coding-style for Kconfig files:
>>
>> (from Documentation/process/coding-style.rst, section 10):
>>
>> For all of the Kconfig* configuration files throughout the source tree,
>> the indentation is somewhat different.  Lines under a ``config`` definition
>> are indented with one tab, while help text is indented an additional two
>> spaces.
>>
> Oof. That's embarrassing. Sorry, I'll fix this for v8.
> 
> While I'm at it, is the help text required for choice configs?
> checkpatch --strict complains with a warning without them, but
> I see other places in the tree where help text is omitted for
> these configs attached to a choice.

Does checkpatch complain about what you have above
or did you add that help text to keep it from complaining?


> Documentation/process/* doesn't seem to have any guidance, nor
> Documentation/kbuild/* on whether it is safe to ignore that
> checkpatch warning.

Yeah, I don't think that we have any good guidance on that.

I would say that if the choice prompt provides good/adequate
help info, then each 'config' inside the choice block does not
need help text. OTOH, if the choice prompt has little/no help
info, then each 'config' under it should have some useful info.

I only looked in arch/x86/Kconfig, init/Kconfig, and lib/Kconfig.debug,
but you can see either help text method being used in those.

And then if the help text is adequate in either one of those
methods, I would just ignore the checkpatch complaints.
It's just a guidance tool.

HTH.

-- 
~Randy

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-15 19:25     ` Deven Bowers
@ 2021-10-15 20:11       ` Eric Biggers
  2021-10-20 15:08         ` Roberto Sassu
  2021-10-26 19:03         ` Deven Bowers
  2021-11-03 12:28       ` Roberto Sassu
  1 sibling, 2 replies; 63+ messages in thread
From: Eric Biggers @ 2021-10-15 20:11 UTC (permalink / raw)
  To: Deven Bowers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> 
> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > On Wed, Oct 13, 2021 at 12:06:31PM -0700, deven.desai@linux.microsoft.com wrote:
> > > From: Fan Wu <wufan@linux.microsoft.com>
> > > 
> > > Add security_inode_setsecurity to fsverity signature verification.
> > > This can let LSMs save the signature data and digest hashes provided
> > > by fsverity.
> > Can you elaborate on why LSMs need this information?
> 
> The proposed LSM (IPE) of this series will be the only one to need
> this information at the  moment. IPE’s goal is to have provide
> trust-based access control. Trust and Integrity are tied together,
> as you cannot prove trust without proving integrity.

I think you mean authenticity, not integrity?

Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
file hashes, but that could be changed.  Why not extend IMA to cover your use
case(s)?

> IPE needs the digest information to be able to compare a digest
> provided by the policy author, against the digest calculated by
> fsverity to make a decision on whether that specific file, represented
> by the digest is authorized for the actions specified in the policy.
> 
> A more concrete example, if an IPE policy author writes:
> 
>     op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> 
> IPE takes the digest provided by this security hook, stores it
> in IPE's security blob on the inode. If this file is later
> executed, IPE compares the digest stored in the LSM blob,
> provided by this hook, against <HexDigest> in the policy, if
> it matches, it denies the access, performing a revocation
> of that file.

Do you have a better example?  This one is pretty useless since one can get
around it just by executing a file that doesn't have fs-verity enabled.

> This brings me to your next comment:
> 
> > The digest isn't meaningful without knowing the hash algorithm it uses.
> It's available here, but you aren't passing it to this function.
> 
> The digest is meaningful without the algorithm in this case.

No, it's not.

Digests are meaningless without knowing what algorithm they were created with.

If your security policy is something like "Trust the file with digest $foo" and
multiple hash algorithms are possible, then the alorithm intended to be used
needs to be explicitly specified.  Otherwise any algorithm with the same length
digest will be accepted.  That's a fatal flaw if any of these algorithms is
cryptographically broken or was never intended to be a cryptographic algorithm
in the first place (e.g., a non-cryptographic checksum).

Cryptosystems always need to specify the crypto algorithm(s) used; the adversary
must not be allowed to choose the algorithms.

I'm not sure how these patches can be taken seriously when they're getting this
sort of thing wrong.

> > > +					FS_VERITY_SIGNATURE_SEC_NAME,
> > > +					signature, sig_size, 0);
> > This is only for fs-verity built-in signatures which aren't the only way to do
> > signatures with fs-verity.  Are you sure this is what you're looking for?
> 
> Could you elaborate on the other signature types that can be used
> with fs-verity? I’m 99% sure this is what I’m looking for as this
> is a signature validated in the kernel against the fs-verity keyring
> as part of the “fsverity enable” utility.
> 
> It's important that the signature is validated in the kernel, as
> userspace is considered untrusted until the signature is validated
> for this case.
> 
> > Can you elaborate on your use case for fs-verity built-in signatures,
> Sure, signatures, like digests, also provide a way to prove integrity,
> and the trust component comes from the validation against the keyring,
> as opposed to a fixed value in IPE’s policy. The use case for fs-verity
> built-in signatures is that we have a rw ext4 filesystem that has some
> executable files, and we want to have a execution policy (through IPE)
> that only _trusted_ executables can run. Perf is important here, hence
> fs-verity.

Most users of fs-verity built-in signatures have actually been enforcing their
security policy in userspace, by checking whether specific files have the
fs-verity bit set or not.  Such users could just store and verify signatures in
userspace instead, without any kernel involvement.  So that's what I've been
recommending (with limited success, unfortunately).

If you really do need in-kernel signature verification, then that may be a
legitimate use case for the fs-verity built-in signatures, although I do wonder
why you aren't using IMA and its signature mechanism instead.

- Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-15 20:11       ` Eric Biggers
@ 2021-10-20 15:08         ` Roberto Sassu
  2021-10-22 16:31           ` Roberto Sassu
  2021-10-26 19:03         ` Deven Bowers
  1 sibling, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-10-20 15:08 UTC (permalink / raw)
  To: Eric Biggers, Deven Bowers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

> From: Eric Biggers [mailto:ebiggers@kernel.org]
> Sent: Friday, October 15, 2021 10:11 PM
> On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >
> > On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > > On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> deven.desai@linux.microsoft.com wrote:
> > > > From: Fan Wu <wufan@linux.microsoft.com>
> > > >
> > > > Add security_inode_setsecurity to fsverity signature verification.
> > > > This can let LSMs save the signature data and digest hashes provided
> > > > by fsverity.
> > > Can you elaborate on why LSMs need this information?
> >
> > The proposed LSM (IPE) of this series will be the only one to need
> > this information at the  moment. IPE’s goal is to have provide
> > trust-based access control. Trust and Integrity are tied together,
> > as you cannot prove trust without proving integrity.
> 
> I think you mean authenticity, not integrity?
> 
> Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
> file hashes, but that could be changed.  Why not extend IMA to cover your use
> case(s)?
> 
> > IPE needs the digest information to be able to compare a digest
> > provided by the policy author, against the digest calculated by
> > fsverity to make a decision on whether that specific file, represented
> > by the digest is authorized for the actions specified in the policy.
> >
> > A more concrete example, if an IPE policy author writes:
> >
> >     op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> >
> > IPE takes the digest provided by this security hook, stores it
> > in IPE's security blob on the inode. If this file is later
> > executed, IPE compares the digest stored in the LSM blob,
> > provided by this hook, against <HexDigest> in the policy, if
> > it matches, it denies the access, performing a revocation
> > of that file.
> 
> Do you have a better example?  This one is pretty useless since one can get
> around it just by executing a file that doesn't have fs-verity enabled.

I was wondering if the following use case can be supported:
allow the execution of files protected with fsverity if the root
digest is found among reference values (instead of providing
them one by one in the policy).

Something like:

op=EXECUTE fsverity_digest=diglim action=ALLOW

DIGLIM is a component I'm working on that generically
stores digests. The current use case is to store file digests
from RPMTAG_FILEDIGESTS and use them with IMA, but
the fsverity use case could be easily supported (if the root
digest is stored in the RPM header).

DIGLIM also tells whether or not the signature of the source
containing file digests (or fsverity digests) is valid (the signature
of the RPM header is taken from RPMTAG_RSAHEADER).

The memory occupation is relatively small for executables
and shared libraries. I published a demo for Fedora and
openSUSE some time ago:

https://lore.kernel.org/linux-integrity/48cd737c504d45208377daa27d625531@huawei.com/

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> > This brings me to your next comment:
> >
> > > The digest isn't meaningful without knowing the hash algorithm it uses.
> > It's available here, but you aren't passing it to this function.
> >
> > The digest is meaningful without the algorithm in this case.
> 
> No, it's not.
> 
> Digests are meaningless without knowing what algorithm they were created
> with.
> 
> If your security policy is something like "Trust the file with digest $foo" and
> multiple hash algorithms are possible, then the alorithm intended to be used
> needs to be explicitly specified.  Otherwise any algorithm with the same length
> digest will be accepted.  That's a fatal flaw if any of these algorithms is
> cryptographically broken or was never intended to be a cryptographic algorithm
> in the first place (e.g., a non-cryptographic checksum).
> 
> Cryptosystems always need to specify the crypto algorithm(s) used; the
> adversary
> must not be allowed to choose the algorithms.
> 
> I'm not sure how these patches can be taken seriously when they're getting this
> sort of thing wrong.
> 
> > > > +					FS_VERITY_SIGNATURE_SEC_NAME,
> > > > +					signature, sig_size, 0);
> > > This is only for fs-verity built-in signatures which aren't the only way to do
> > > signatures with fs-verity.  Are you sure this is what you're looking for?
> >
> > Could you elaborate on the other signature types that can be used
> > with fs-verity? I’m 99% sure this is what I’m looking for as this
> > is a signature validated in the kernel against the fs-verity keyring
> > as part of the “fsverity enable” utility.
> >
> > It's important that the signature is validated in the kernel, as
> > userspace is considered untrusted until the signature is validated
> > for this case.
> >
> > > Can you elaborate on your use case for fs-verity built-in signatures,
> > Sure, signatures, like digests, also provide a way to prove integrity,
> > and the trust component comes from the validation against the keyring,
> > as opposed to a fixed value in IPE’s policy. The use case for fs-verity
> > built-in signatures is that we have a rw ext4 filesystem that has some
> > executable files, and we want to have a execution policy (through IPE)
> > that only _trusted_ executables can run. Perf is important here, hence
> > fs-verity.
> 
> Most users of fs-verity built-in signatures have actually been enforcing their
> security policy in userspace, by checking whether specific files have the
> fs-verity bit set or not.  Such users could just store and verify signatures in
> userspace instead, without any kernel involvement.  So that's what I've been
> recommending (with limited success, unfortunately).
> 
> If you really do need in-kernel signature verification, then that may be a
> legitimate use case for the fs-verity built-in signatures, although I do wonder
> why you aren't using IMA and its signature mechanism instead.
> 
> - Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-20 15:08         ` Roberto Sassu
@ 2021-10-22 16:31           ` Roberto Sassu
  2021-10-26 19:03             ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-10-22 16:31 UTC (permalink / raw)
  To: Eric Biggers, Deven Bowers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
> Sent: Wednesday, October 20, 2021 5:09 PM
> > From: Eric Biggers [mailto:ebiggers@kernel.org]
> > Sent: Friday, October 15, 2021 10:11 PM
> > On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> > >
> > > On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > > > On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> > deven.desai@linux.microsoft.com wrote:
> > > > > From: Fan Wu <wufan@linux.microsoft.com>
> > > > >
> > > > > Add security_inode_setsecurity to fsverity signature verification.
> > > > > This can let LSMs save the signature data and digest hashes provided
> > > > > by fsverity.
> > > > Can you elaborate on why LSMs need this information?
> > >
> > > The proposed LSM (IPE) of this series will be the only one to need
> > > this information at the  moment. IPE’s goal is to have provide
> > > trust-based access control. Trust and Integrity are tied together,
> > > as you cannot prove trust without proving integrity.
> >
> > I think you mean authenticity, not integrity?
> >
> > Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
> > file hashes, but that could be changed.  Why not extend IMA to cover your use
> > case(s)?
> >
> > > IPE needs the digest information to be able to compare a digest
> > > provided by the policy author, against the digest calculated by
> > > fsverity to make a decision on whether that specific file, represented
> > > by the digest is authorized for the actions specified in the policy.
> > >
> > > A more concrete example, if an IPE policy author writes:
> > >
> > >     op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> > >
> > > IPE takes the digest provided by this security hook, stores it
> > > in IPE's security blob on the inode. If this file is later
> > > executed, IPE compares the digest stored in the LSM blob,
> > > provided by this hook, against <HexDigest> in the policy, if
> > > it matches, it denies the access, performing a revocation
> > > of that file.
> >
> > Do you have a better example?  This one is pretty useless since one can get
> > around it just by executing a file that doesn't have fs-verity enabled.
> 
> I was wondering if the following use case can be supported:
> allow the execution of files protected with fsverity if the root
> digest is found among reference values (instead of providing
> them one by one in the policy).
> 
> Something like:
> 
> op=EXECUTE fsverity_digest=diglim action=ALLOW

Looks like it works. I modified IPE to query the root digest
of an fsverity-protected file in DIGLIM.

# cat ipe-policy
policy_name="AllowFSVerityKmodules" policy_version=0.0.1
DEFAULT action=ALLOW
DEFAULT op=KMODULE action=DENY
op=KMODULE fsverity_digest=diglim action=ALLOW

IPE setup:
# cat ipe-policy.p7s > /sys/kernel/security/ipe/new_policy
# echo -n 1 >  /sys/kernel/security/ipe/policies/AllowFSVerityKmodules/active
# echo 1 > /sys/kernel/security/ipe/enforce

IPE denies loading of kernel modules not protected by fsverity:
# insmod  /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko
insmod: ERROR: could not insert module /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko: Permission denied

Protect fat.ko with fsverity:
# cp /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko /fsverity
# fsverity enable /fsverity/fat.ko
# fsverity measure /fsverity/fat.ko
sha256:079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 /fsverity/fat.ko

IPE still denies the loading of fat.ko (root digest not uploaded to the kernel):
# insmod /fsverity/fat.ko
insmod: ERROR: could not insert module /fsverity/fat.ko: Permission denied

Generate a digest list with the root digest above and upload it to the kernel:
# ./compact_gen -i 079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 -a sha256 -d test -s -t file -f
# echo $PWD/test/0-file_list-compact-079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 > /sys/kernel/security/integrity/diglim/digest_list_add

IPE allows the loading of fat.ko:
# insmod /fsverity/fat.ko
#

Regarding authenticity, not shown in this demo, IPE will also
ensure that the root digest is signed (diglim_digest_get_info()
reports this information).

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> DIGLIM is a component I'm working on that generically
> stores digests. The current use case is to store file digests
> from RPMTAG_FILEDIGESTS and use them with IMA, but
> the fsverity use case could be easily supported (if the root
> digest is stored in the RPM header).
> 
> DIGLIM also tells whether or not the signature of the source
> containing file digests (or fsverity digests) is valid (the signature
> of the RPM header is taken from RPMTAG_RSAHEADER).
> 
> The memory occupation is relatively small for executables
> and shared libraries. I published a demo for Fedora and
> openSUSE some time ago:
> 
> https://lore.kernel.org/linux-
> integrity/48cd737c504d45208377daa27d625531@huawei.com/
> 
> Thanks
> 
> Roberto
> 
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
> 
> > > This brings me to your next comment:
> > >
> > > > The digest isn't meaningful without knowing the hash algorithm it uses.
> > > It's available here, but you aren't passing it to this function.
> > >
> > > The digest is meaningful without the algorithm in this case.
> >
> > No, it's not.
> >
> > Digests are meaningless without knowing what algorithm they were created
> > with.
> >
> > If your security policy is something like "Trust the file with digest $foo" and
> > multiple hash algorithms are possible, then the alorithm intended to be used
> > needs to be explicitly specified.  Otherwise any algorithm with the same length
> > digest will be accepted.  That's a fatal flaw if any of these algorithms is
> > cryptographically broken or was never intended to be a cryptographic
> algorithm
> > in the first place (e.g., a non-cryptographic checksum).
> >
> > Cryptosystems always need to specify the crypto algorithm(s) used; the
> > adversary
> > must not be allowed to choose the algorithms.
> >
> > I'm not sure how these patches can be taken seriously when they're getting
> this
> > sort of thing wrong.
> >
> > > > > +
> 	FS_VERITY_SIGNATURE_SEC_NAME,
> > > > > +					signature, sig_size, 0);
> > > > This is only for fs-verity built-in signatures which aren't the only way to do
> > > > signatures with fs-verity.  Are you sure this is what you're looking for?
> > >
> > > Could you elaborate on the other signature types that can be used
> > > with fs-verity? I’m 99% sure this is what I’m looking for as this
> > > is a signature validated in the kernel against the fs-verity keyring
> > > as part of the “fsverity enable” utility.
> > >
> > > It's important that the signature is validated in the kernel, as
> > > userspace is considered untrusted until the signature is validated
> > > for this case.
> > >
> > > > Can you elaborate on your use case for fs-verity built-in signatures,
> > > Sure, signatures, like digests, also provide a way to prove integrity,
> > > and the trust component comes from the validation against the keyring,
> > > as opposed to a fixed value in IPE’s policy. The use case for fs-verity
> > > built-in signatures is that we have a rw ext4 filesystem that has some
> > > executable files, and we want to have a execution policy (through IPE)
> > > that only _trusted_ executables can run. Perf is important here, hence
> > > fs-verity.
> >
> > Most users of fs-verity built-in signatures have actually been enforcing their
> > security policy in userspace, by checking whether specific files have the
> > fs-verity bit set or not.  Such users could just store and verify signatures in
> > userspace instead, without any kernel involvement.  So that's what I've been
> > recommending (with limited success, unfortunately).
> >
> > If you really do need in-kernel signature verification, then that may be a
> > legitimate use case for the fs-verity built-in signatures, although I do wonder
> > why you aren't using IMA and its signature mechanism instead.
> >
> > - Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
  2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
                   ` (15 preceding siblings ...)
  2021-10-13 19:06 ` [RFC PATCH v7 16/16] documentation: add ipe documentation deven.desai
@ 2021-10-25 11:30 ` Roberto Sassu
  2021-10-26 19:03   ` Deven Bowers
  16 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-10-25 11:30 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: deven.desai@linux.microsoft.com
> [mailto:deven.desai@linux.microsoft.com]
> From: Deven Bowers <deven.desai@linux.microsoft.com>
> 
> Overview:
> ---------
> 
> IPE is a Linux Security Module which takes a complimentary approach to
> access control. Whereas existing systems approach use labels or paths
> which control access to a resource, IPE controls access to a resource
> based on the system's trust of said resource.

To me, it does not give a particularly precise idea of what IPE is about.

It would have been more clear, assuming that I understood it correctly,
if you have said:

Whereas existing mandatory access control mechanisms base their
decisions on labels and paths, IPE instead determines whether or not
an operation should be allowed based on immutable security properties
of the system component the operation is being performed on.

IPE itself does not mandate how the security property should be
evaluated, but relies on an extensible set of external property providers
to evaluate the component. IPE makes its decision based on reference
values for the selected properties, specified in the IPE policy.

The reference values represent the value that the policy writer and the
local system administrator (based on the policy signature) trust for the
system to accomplish the desired tasks.

One such provider is for example dm-verity, which is able to represent
the integrity property of a partition (its immutable state) with a digest.

> Trust requirements are established via IPE's policy, sourcing multiple
> different implementations within the kernel to build a cohesive trust
> model, based on how the system was built.
> 
> Trust, with respect to computing, is a concept that designates a set
> of entities who will endorse a set of resources as non-malicious.
> Traditionally, this is done via signatures, which is the act of endorsing
> a resource.
> 
> Integrity, on the other hand, is the concept of ensuring that a resource
> has not been modified since a point of time. This is typically done through
> cryptographic hashes or signatures.
> 
> Trust and integrity are very closely tied together concepts, as integrity
> is the way you can prove trust for a resource; otherwise it could have
> been modified by an entity who is untrusted.
> 
> IPE provides a way for a user to express trust requirements of resources,
> by using pre-existing systems which provide the integrity half of the
> equation.
> 
> IPE is compiled under CONFIG_SECURITY_IPE.
> 
> Use Cases
> ---------
> 
> IPE works best in fixed-function devices: Devices in which their purpose
> is clearly defined and not supposed to be changed (e.g. network firewall
> device in a data center, an IoT device, etcetera), where all software and
> configuration is built and provisioned by the system owner.
> 
> IPE is a long-way off for use in general-purpose computing:
> the Linux community as a whole tends to follow a decentralized trust
> model, known as the Web of Trust, which IPE has no support for as of yet.
> Instead, IPE supports the PKI Trust Model, which generally designates a
> set of entities that provide a measure absolute trust.

It is true that packages are signed with PGP, which is decentralized,
but there is a special case where Linux distribution vendors trust
their own keys. This, at least, would allow to trust the software built
by a particular vendor (I ported David Howells's work on PGP keys and
signature to the current kernel).

> Additionally, while most packages are signed today, the files inside
> the packages (for instance, the executables), tend to be unsigned. This
> makes it difficult to utilize IPE in systems where a package manager is
> expected to be functional, without major changes to the package manager
> and ecosystem behind it.

Yes, RPMs don't have per file signatures but have a signature of the
list of file digests, which is equivalent. They could have also the fsverity
digests (instead of the fsverity signatures) to reduce size overhead.

Given that the authenticity of RPMs headers can be verified, if the
PGP key of the vendor is included in the primary keyring of the kernel,
being able to protect file or fsverity digests against tampering by
user space and being able to query them (e.g. with DIGLIM) extends
the applicability of IPE to general purpose OSes.

> Policy:
> -------
> 
> IPE policy is a plain-text [#]_ policy composed of multiple statements
> over several lines. There is one required line, at the top of the
> policy, indicating the policy name, and the policy version, for
> instance:
> 
>   policy_name="Ex Policy" policy_version=0.0.0
> 
> The policy version indicates the current version of the policy (NOT the
> policy syntax version). This is used to prevent roll-back of policy to
> potentially insecure previous versions of the policy.
> 
> The next portion of IPE policy, are rules. Rules are formed by key=value
> pairs, known as properties. IPE rules require two properties: "action",

Better:

IPE rules require two keys:

> which determines what IPE does when it encounters a match against the
> policy, and "op", which determines when that rule should be evaluated.
> Thus, a minimal rule is:
> 
>   op=EXECUTE action=ALLOW
> 
> This example will allow any execution. Additional properties are used to
> restrict attributes about the files being evaluated. These properties are
> intended to be deterministic attributes that are resident in the kernel.
> Available properties for IPE described in the documentation patch of this
> series.
> 
> A rule is required to have the "op" property as the first token of a rule,
> and the "action" as the last token of the rule. Rules are evaluated
> top-to-bottom. As a result, any revocation rules, or denies should be
> placed early in the file to ensure that these rules are evaluated before
> a rule with "action=ALLOW" is hit.
> 
> Any unknown syntax in IPE policy will result in a fatal error to parse
> the policy. User mode can interrogate the kernel to understand what
> properties and the associated versions through the securityfs node,
> $securityfs/ipe/config, which will return a string of form:
> 
>   key1=version1
>   key2=version2
>   .
>   .
>   .
>   keyN=versionN
> 
> User-mode should correlate these versions with the supported values
> identified in the documentation to determine whether a policy should
> be accepted by the system without actually trying to deploy the policy.
> 
> Additionally, a DEFAULT operation must be set for all understood
> operations within IPE. For policies to remain completely forwards
> compatible, it is recommended that users add a "DEFAULT action=ALLOW"
> and override the defaults on a per-operation basis.
> 
> For more information about the policy syntax, the kernel documentation
> page.
> 
> Early Usermode Protection:
> --------------------------
> 
> IPE can be provided with a policy at startup to load and enforce.
> This is intended to be a minimal policy to get the system to a state
> where userland is setup and ready to receive commands, at which
> point a policy can be deployed via securityfs. This "boot policy" can be
> specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
> to a plain-text version of the IPE policy to apply. This policy will be
> compiled into the kernel. If not specified, IPE will be disabled until a
> policy is deployed and activated through the method above.
> 
> Policy Examples:
> ----------------
> 
> Allow all:
> 
>   policy_name="Allow All" policy_version=0.0.0
>   DEFAULT action=ALLOW
> 
> Allow only initial superblock:
> 
>   policy_name="Allow All Initial SB" policy_version=0.0.0
>   DEFAULT action=DENY
> 
>   op=EXECUTE boot_verified=TRUE action=ALLOW
> 
> Allow any signed dm-verity volume and the initial superblock:
> 
>   policy_name="AllowSignedAndInitial" policy_version=0.0.0
>   DEFAULT action=DENY
> 
>   op=EXECUTE boot_verified=TRUE action=ALLOW
>   op=EXECUTE dmverity_signature=TRUE action=ALLOW
> 
> Prohibit execution from a specific dm-verity volume:
> 
>   policy_name="AllowSignedAndInitial" policy_version=0.0.0
>   DEFAULT action=DENY
> 
>   op=EXECUTE
> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
> 146938 action=DENY
>   op=EXECUTE boot_verified=TRUE action=ALLOW
>   op=EXECUTE dmverity_signature=TRUE action=ALLOW
> 
> Allow only a specific dm-verity volume:
> 
>   policy_name="AllowSignedAndInitial" policy_version=0.0.0
>   DEFAULT action=DENY
> 
>   op=EXECUTE
> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
> 146938 action=ALLOW
> 
> Deploying Policies:
> -------------------
> 
> First sign a plain text policy, with a certificate that is present in
> the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
> signing can be done via:
> 
>   openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
>     -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
>     -out "$MY_POLICY.p7s"
> 
> Then, simply cat the file into the IPE's "new_policy" securityfs node:
> 
>   cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
> 
> The policy should now be present under the policies/ subdirectory, under
> its "policy_name" attribute.
> 
> The policy is now present in the kernel and can be marked as active,
> via the securityfs node:
> 
>   echo "1" > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"
> 
> This will now mark the policy as active and the system will be enforcing
> $MY_POLICY_NAME.
> 
> There is one requirement when marking a policy as active, the policy_version
> attribute must either increase, or remain the same as the currently running
> policy.
> 
> Policies can be updated via:
> 
>   cat "$MY_UPDATED_POLICY.p7s" > \
>     "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"
> 
> Additionally, policies can be deleted via the "delete" securityfs
> node. Simply write "1" to the corresponding node in the policy folder:
> 
>   echo "1" > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"
> 
> There is only one requirement to delete policies, the policy being
> deleted must not be the active policy.
> 
> NOTE: The securityfs commands will require CAP_MAC_ADMIN.
> 
> Integrations:
> -------------
> 
> This patch series adds support for fsverity via digest and signature
> (fsverity_signature and fsverity_digest), dm-verity by digest and
> signature (dmverity_signature and dmverity_roothash), and trust for
> the initramfs (boot_verified).

Verifying the initial ram disk looks like a big problem. On general
purpose OSes, having a reference value for it would be very hard.

Instead, we would still be able to use per file reference values.
Executable and shared libraries in the initial ram disk are copied
from the main OS. Without fsverity support in tmpfs, I wonder
if it would be still possible to mark the file as immutable and do
an on the fly calculation of the root digest.

As an alternative, the IMA approach of calculating the file digest
could be used (or IPE could get the file digest as a property from
the integrity subsystem).

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> Please see the documentation patch for more information about the
> integrations available.
> 
> Testing:
> --------
> 
> KUnit Tests are available. Recommended kunitconfig:
> 
>     CONFIG_KUNIT=y
>     CONFIG_SECURITY=y
>     CONFIG_SECURITYFS=y
>     CONFIG_PKCS7_MESSAGE_PARSER=y
>     CONFIG_SYSTEM_DATA_VERIFICATION=y
>     CONFIG_FS_VERITY=y
>     CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
>     CONFIG_BLOCK=y
>     CONFIG_MD=y
>     CONFIG_BLK_DEV_DM=y
>     CONFIG_DM_VERITY=y
>     CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
> 
>     CONFIG_SECURITY_IPE=y
>     CONFIG_SECURITY_IPE_KUNIT_TEST=y
>     CONFIG_IPE_PROP_BOOT_VERIFIED=y
>     CONFIG_IPE_PROP_DM_VERITY_SIGNATURE=y
>     CONFIG_IPE_PROP_DM_VERITY_ROOTHASH=y
>     CONFIG_IPE_PROP_FS_VERITY_SIGNATURE=y
>     CONFIG_IPE_PROP_FS_VERITY_DIGEST=y
> 
> Simply run:
> 
>     make ARCH=um mrproper
>     ./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>
> 
> And the tests will execute and report the result. For more indepth testing,
> it will require you to create and mount a dm-verity volume or fs-verity
> enabled file.
> 
> Documentation:
> --------------
> 
> There is both documentation available on github at
> https://microsoft.github.io/ipe, and Documentation in this patch series,
> to be added in-tree. This includes architectural block diagrams.
> 
> Known Gaps:
> -----------
> 
> IPE has two known gaps:
> 
> 1. IPE cannot verify the integrity of anonymous executable memory, such as
>   the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
>   Unfortunately, as this is dynamically generated code, there is no way
>   for IPE to ensure the integrity of this code to form a trust basis. In all
>   cases, the return result for these operations will be whatever the admin
>   configures the DEFAULT action for "EXECUTE".
> 
> 2. IPE cannot verify the integrity of interpreted languages' programs when
>   these scripts invoked via ``<interpreter> <file>``. This is because the
>   way interpreters execute these files, the scripts themselves are not
>   evaluated as executable code through one of IPE's hooks. Interpreters
>   can be enlightened to the usage of IPE by trying to mmap a file into
>   executable memory (+X), after opening the file and responding to the
>   error code appropriately. This also applies to included files, or high
>   value files, such as configuration files of critical system components.
>   However, there is a patchset that is looking to address this gap [1].
> 
> Appendix:
> ---------
> 
> A. IPE Github Repository: https://github.com/microsoft/ipe
> B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst
> 
> References:
> -----------
> 
> [1] https://lore.kernel.org/all/20211012192410.2356090-1-mic@digikod.net/
> 
> FAQ:
> ----
> 
> Q: What's the difference between other LSMs which provide trust-based
>   access control, for instance, IMA?
> 
> A: IMA is a fantastic option when needing measurement in addition to the
>   trust-based access model. All of IMA is centered around their measurement
>   hashes, so you save time when doing both actions. IPE, on the other hand,
>   is a highly performant system that does not rely (and explicitly prohibits),
>   generating its own integrity mechanisms - separating measurement and access
>   control. Simply put, IPE provides only the enforcement of trust, while other
>   subsystems provide the integrity guarantee that IPE needs to determine the
>   trust of a resource. IMA provides both the integrity guarantee, the
>   enforcement of trust, and a whole host of other features that may not be
>   needed.
> 
> Changelog:
> ----------
> 
> Changes since v1:
>   Split the second patch of the previous series into two.
>   Minor corrections in the cover-letter and documentation
>   comments regarding CAP_MAC_ADMIN checks in IPE.
> 
> Changes since v2:
>   Address various comments by Jann Horn. Highlights:
>     Switch various audit allocators to GFP_KERNEL.
>     Utilize rcu_access_pointer() in various locations.
>     Strip out the caching system for properties
>     Strip comments from headers
>     Move functions around in patches
>     Remove kernel command line parameters
>     Reconcile the race condition on the delete node for policy by
>       expanding the policy critical section.
> 
>   Address a few comments by Jonathan Corbet around the documentation
>     pages for IPE.
> 
>   Fix an issue with the initialization of IPE policy with a "-0"
>     version, caused by not initializing the hlist entries before
>     freeing.
> 
> Changes since v3:
>   Address a concern around IPE's behavior with unknown syntax.
>     Specifically, make any unknown syntax a fatal error instead of a
>     warning, as suggested by Mickaël Salaün.
>   Introduce a new securityfs node, $securityfs/ipe/property_config,
>     which provides a listing of what properties are enabled by the
>     kernel and their versions. This allows usermode to predict what
>     policies should be allowed.
>   Strip some comments from c files that I missed.
>   Clarify some documentation comments around 'boot_verified'.
>     While this currently does not functionally change the property
>     itself, the distinction is important when IPE can enforce verified
>     reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
>     This has been corrected.
>   Change SecurityFS and SHA1 to a reverse dependency.
>   Update the cover-letter with the updated behavior of unknown syntax.
>   Remove all sysctls, making an equivalent function in securityfs.
>   Rework the active/delete mechanism to be a node under the policy in
>     $securityfs/ipe/policies.
>   The kernel command line parameters ipe.enforce and ipe.success_audit
>     have returned as this functionality is no longer exposed through
>     sysfs.
> 
> Changes since v4:
>   Correct some grammatical errors reported by Randy Dunlap.
>   Fix some warnings reported by kernel test bot.
>   Change convention around security_bdev_setsecurity. -ENOSYS
>     is now expected if an LSM does not implement a particular @name,
>     as suggested by Casey Schaufler.
>   Minor string corrections related to the move from sysfs to securityfs
>   Correct a spelling of an #ifdef for the permissive argument.
>   Add the kernel parameters re-added to the documentation.
>   Fix a minor bug where the mode being audited on permissive switch
>     was the original mode, not the mode being swapped to.
>   Cleanup doc comments, fix some whitespace alignment issues.
> 
> Changes since v5:
>   Change if statement condition in security_bdev_setsecurity to be
>     more concise, as suggested by Casey Schaufler and Al Viro
>   Drop the 6th patch in the series, "dm-verity move signature check..."
>     due to numerous issues, and it ultimately providing no real value.
>   Fix the patch tree - the previous iteration appears to have been in a
>     torn state (patches 8+9 were merged). This has since been corrected.
> 
> Changes since v6:
>   * Reword cover letter to more accurate convey IPE's purpose
>     and latest updates.
>   * Refactor series to:
>       1. Support a context structure, enabling:
>           1. Easier Testing via KUNIT
>           2. A better architecture for future designs
>       2. Make parser code cleaner
>   * Move patch 01/12 to [14/16] of the series
>   * Split up patch 02/12 into four parts:
>       1. context creation [01/16]
>       2. audit [07/16]
>       3. evaluation loop [03/16]
>       4. access control hooks [05/16]
>       5. permissive mode [08/16]
>   * Split up patch 03/12 into two parts:
>       1. parser [02/16]
>       2. userspace interface [04/16]
>   * Reword and refactor patch 04/12 to [09/16]
>   * Squash patch 05/12, 07/12, 09/12 to [10/16]
>   * Squash patch 08/12, 10/12 to [11/16]
>   * Change audit records to MAC region (14XX) from Integrity region (18XX)
>   * Add FSVerity Support
>   * Interface changes:
>       1. "raw" was renamed to "pkcs7" and made read only
>       2. "raw"'s write functionality (update a policy) moved to "update"
>       3. introduced "version", "policy_name" nodes.
>       4. "content" renamed to "policy"
>       5. The boot policy can now be updated like any other policy.
>   * Add additional developer-level documentation
>   * Update admin-guide docs to reflect changes.
>   * Kunit tests
>   * Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
>     easily come later with a small patch.
>   * Use partition0 for block_device for dm-verity patch
> 
> Deven Bowers (14):
>   security: add ipe lsm & initial context creation
>   ipe: add policy parser
>   ipe: add evaluation loop
>   ipe: add userspace interface
>   ipe: add LSM hooks on execution and kernel read
>   uapi|audit: add trust audit message definitions
>   ipe: add auditing support
>   ipe: add permissive toggle
>   ipe: introduce 'boot_verified' as a trust provider
>   fs|dm-verity: add block_dev LSM blob and submit dm-verity data
>   ipe: add support for dm-verity as a trust provider
>   scripts: add boot policy generation program
>   ipe: kunit tests
>   documentation: add ipe documentation
> 
> Fan Wu (2):
>   fsverity|security: add security hooks to fsverity digest and signature
>   ipe: enable support for fs-verity as a trust provider
> 
>  Documentation/admin-guide/LSM/index.rst       |    1 +
>  Documentation/admin-guide/LSM/ipe.rst         |  587 ++++++++++
>  .../admin-guide/kernel-parameters.txt         |   12 +
>  Documentation/security/index.rst              |    1 +
>  Documentation/security/ipe.rst                |  339 ++++++
>  MAINTAINERS                                   |    9 +
>  block/bdev.c                                  |    7 +
>  drivers/md/dm-verity-target.c                 |   20 +-
>  drivers/md/dm-verity-verify-sig.c             |   16 +-
>  drivers/md/dm-verity-verify-sig.h             |   10 +-
>  fs/verity/open.c                              |   12 +
>  fs/verity/signature.c                         |    5 +-
>  include/asm-generic/vmlinux.lds.h             |   16 +
>  include/linux/blk_types.h                     |    1 +
>  include/linux/device-mapper.h                 |    3 +
>  include/linux/fsverity.h                      |    3 +
>  include/linux/lsm_hook_defs.h                 |    5 +
>  include/linux/lsm_hooks.h                     |   12 +
>  include/linux/security.h                      |   22 +
>  include/uapi/linux/audit.h                    |    4 +
>  scripts/Makefile                              |    1 +
>  scripts/ipe/Makefile                          |    2 +
>  scripts/ipe/polgen/.gitignore                 |    1 +
>  scripts/ipe/polgen/Makefile                   |    6 +
>  scripts/ipe/polgen/polgen.c                   |  145 +++
>  security/Kconfig                              |   11 +-
>  security/Makefile                             |    1 +
>  security/ipe/.gitignore                       |    1 +
>  security/ipe/Kconfig                          |  100 ++
>  security/ipe/Makefile                         |   39 +
>  security/ipe/audit.c                          |  304 +++++
>  security/ipe/audit.h                          |   41 +
>  security/ipe/ctx.c                            |  381 ++++++
>  security/ipe/ctx.h                            |   43 +
>  security/ipe/ctx_test.c                       |  732 ++++++++++++
>  security/ipe/eval.c                           |  237 ++++
>  security/ipe/eval.h                           |   57 +
>  security/ipe/fs.c                             |  327 ++++++
>  security/ipe/fs.h                             |   13 +
>  security/ipe/hooks.c                          |  328 ++++++
>  security/ipe/hooks.h                          |   56 +
>  security/ipe/ipe.c                            |  143 +++
>  security/ipe/ipe.h                            |   27 +
>  security/ipe/ipe_parser.h                     |   59 +
>  security/ipe/modules.c                        |  134 +++
>  security/ipe/modules.h                        |   17 +
>  security/ipe/modules/Kconfig                  |   66 ++
>  security/ipe/modules/Makefile                 |   12 +
>  security/ipe/modules/boot_verified.c          |   24 +
>  security/ipe/modules/dmverity_roothash.c      |   80 ++
>  security/ipe/modules/dmverity_signature.c     |   25 +
>  security/ipe/modules/fsverity_digest.c        |   80 ++
>  security/ipe/modules/fsverity_signature.c     |   33 +
>  security/ipe/modules/ipe_module.h             |   40 +
>  security/ipe/parsers.c                        |  139 +++
>  security/ipe/parsers/Makefile                 |   12 +
>  security/ipe/parsers/default.c                |  106 ++
>  security/ipe/parsers/policy_header.c          |  126 ++
>  security/ipe/policy.c                         | 1037 +++++++++++++++++
>  security/ipe/policy.h                         |  113 ++
>  security/ipe/policy_parser_tests.c            |  299 +++++
>  security/ipe/policyfs.c                       |  528 +++++++++
>  security/security.c                           |   76 +-
>  63 files changed, 7069 insertions(+), 18 deletions(-)
>  create mode 100644 Documentation/admin-guide/LSM/ipe.rst
>  create mode 100644 Documentation/security/ipe.rst
>  create mode 100644 scripts/ipe/Makefile
>  create mode 100644 scripts/ipe/polgen/.gitignore
>  create mode 100644 scripts/ipe/polgen/Makefile
>  create mode 100644 scripts/ipe/polgen/polgen.c
>  create mode 100644 security/ipe/.gitignore
>  create mode 100644 security/ipe/Kconfig
>  create mode 100644 security/ipe/Makefile
>  create mode 100644 security/ipe/audit.c
>  create mode 100644 security/ipe/audit.h
>  create mode 100644 security/ipe/ctx.c
>  create mode 100644 security/ipe/ctx.h
>  create mode 100644 security/ipe/ctx_test.c
>  create mode 100644 security/ipe/eval.c
>  create mode 100644 security/ipe/eval.h
>  create mode 100644 security/ipe/fs.c
>  create mode 100644 security/ipe/fs.h
>  create mode 100644 security/ipe/hooks.c
>  create mode 100644 security/ipe/hooks.h
>  create mode 100644 security/ipe/ipe.c
>  create mode 100644 security/ipe/ipe.h
>  create mode 100644 security/ipe/ipe_parser.h
>  create mode 100644 security/ipe/modules.c
>  create mode 100644 security/ipe/modules.h
>  create mode 100644 security/ipe/modules/Kconfig
>  create mode 100644 security/ipe/modules/Makefile
>  create mode 100644 security/ipe/modules/boot_verified.c
>  create mode 100644 security/ipe/modules/dmverity_roothash.c
>  create mode 100644 security/ipe/modules/dmverity_signature.c
>  create mode 100644 security/ipe/modules/fsverity_digest.c
>  create mode 100644 security/ipe/modules/fsverity_signature.c
>  create mode 100644 security/ipe/modules/ipe_module.h
>  create mode 100644 security/ipe/parsers.c
>  create mode 100644 security/ipe/parsers/Makefile
>  create mode 100644 security/ipe/parsers/default.c
>  create mode 100644 security/ipe/parsers/policy_header.c
>  create mode 100644 security/ipe/policy.c
>  create mode 100644 security/ipe/policy.h
>  create mode 100644 security/ipe/policy_parser_tests.c
>  create mode 100644 security/ipe/policyfs.c
> 
> --
> 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-13 19:06 ` [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read deven.desai
  2021-10-13 20:04   ` Casey Schaufler
@ 2021-10-25 12:22   ` Roberto Sassu
  2021-10-26 19:03     ` Deven Bowers
  1 sibling, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-10-25 12:22 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

> From: deven.desai@linux.microsoft.com
> [mailto:deven.desai@linux.microsoft.com]
> From: Deven Bowers <deven.desai@linux.microsoft.com>
> 
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for execve,
> mprotect, mmap, kernel_load_data and kernel_read_data.
> 
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> ---
> 
> Relevant changes since v6:
>   * Split up patch 02/12 into four parts:
>       1. context creation [01/16]
>       2. audit [07/16]
>       3. evaluation loop [03/16]
>       4. access control hooks [05/16] (this patch)
> 
> ---
>  security/ipe/hooks.c  | 149 ++++++++++++++++++++++++++++++++++++++++++
>  security/ipe/hooks.h  |  23 ++++++-
>  security/ipe/ipe.c    |   5 ++
>  security/ipe/policy.c |  23 +++++++
>  security/ipe/policy.h |  12 +++-
>  5 files changed, 209 insertions(+), 3 deletions(-)
> 
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index ed0c886eaa5a..216242408a80 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -6,11 +6,15 @@
>  #include "ipe.h"
>  #include "ctx.h"
>  #include "hooks.h"
> +#include "eval.h"
> 
> +#include <linux/fs.h>
>  #include <linux/sched.h>
>  #include <linux/types.h>
>  #include <linux/refcount.h>
>  #include <linux/rcupdate.h>
> +#include <linux/binfmts.h>
> +#include <linux/mman.h>
> 
>  /**
>   * ipe_task_alloc: Assign a new context for an associated task structure.
> @@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
>  	ipe_put_ctx(ctx);
>  	rcu_read_unlock();
>  }
> +
> +/**
> + * ipe_on_exec: LSM hook called when a process is loaded through the exec
> + *		family of system calls.
> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> + *	  being evaluated.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_exec(struct linux_binprm *bprm)
> +{
> +	return ipe_process_event(bprm->file, ipe_operation_exec,
> ipe_hook_exec);
> +}
> +
> +/**
> + * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
> + *		family of system calls.
> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + *	  system configuration.
> + * @flags: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> +		unsigned long flags)
> +{
> +	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
> +		return ipe_process_event(f, ipe_operation_exec,
> ipe_hook_mmap);
> +
> +	return 0;
> +}
> +
> +/**
> + * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is
> changing
> + *		    its protections via mprotect.
> + * @vma: Existing virtual memory area created by mmap or similar
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + *	  system configuration.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> +		    unsigned long prot)
> +{
> +	/* Already Executable */
> +	if (vma->vm_flags & VM_EXEC)
> +		return 0;
> +
> +	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
> +		return ipe_process_event(vma->vm_file, ipe_operation_exec,
> +					 ipe_hook_mprotect);
> +
> +	return 0;
> +}
> +
> +/**
> + * ipe_on_kernel_read: LSM hook called when a file is being read in from
> + *		       disk.
> + * @file: Supplies a pointer to the file structure being read in from disk
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> +		       bool contents)
> +{
> +	enum ipe_operation op;
> +
> +	switch (id) {
> +	case READING_FIRMWARE:
> +		op = ipe_operation_firmware;
> +		break;
> +	case READING_MODULE:
> +		op = ipe_operation_kernel_module;
> +		break;
> +	case READING_KEXEC_INITRAMFS:
> +		op = ipe_operation_kexec_initramfs;
> +		break;
> +	case READING_KEXEC_IMAGE:
> +		op = ipe_operation_kexec_image;
> +		break;
> +	case READING_POLICY:
> +		op = ipe_operation_ima_policy;
> +		break;
> +	case READING_X509_CERTIFICATE:
> +		op = ipe_operation_ima_x509;
> +		break;
> +	default:
> +		op = ipe_operation_max;

Possible problem here. If someone (like me) adds a new file type
and forgets to add a case, there will be an out of bound access
in evaluate():

        rules = &pol->parsed->rules[ctx->op];

due to the static definition of the rules array in the ipe_parsed_policy
structure (array length: ipe_operation_max).

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> +	}
> +
> +	return ipe_process_event(file, op, ipe_hook_kernel_read);
> +}
> +
> +/**
> + * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in
> from
> + *			    disk.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
> +{
> +	enum ipe_operation op;
> +
> +	switch (id) {
> +	case LOADING_FIRMWARE:
> +		op = ipe_operation_firmware;
> +		break;
> +	case LOADING_MODULE:
> +		op = ipe_operation_kernel_module;
> +		break;
> +	case LOADING_KEXEC_INITRAMFS:
> +		op = ipe_operation_kexec_initramfs;
> +		break;
> +	case LOADING_KEXEC_IMAGE:
> +		op = ipe_operation_kexec_image;
> +		break;
> +	case LOADING_POLICY:
> +		op = ipe_operation_ima_policy;
> +		break;
> +	case LOADING_X509_CERTIFICATE:
> +		op = ipe_operation_ima_x509;
> +		break;
> +	default:
> +		op = ipe_operation_max;
> +	}
> +
> +	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index 58ed4a612e26..c99a0b7f45f7 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -5,11 +5,19 @@
>  #ifndef IPE_HOOKS_H
>  #define IPE_HOOKS_H
> 
> +#include <linux/fs.h>
>  #include <linux/types.h>
>  #include <linux/sched.h>
> +#include <linux/binfmts.h>
> +#include <linux/security.h>
> 
>  enum ipe_hook {
> -	ipe_hook_max = 0
> +	ipe_hook_exec = 0,
> +	ipe_hook_mmap,
> +	ipe_hook_mprotect,
> +	ipe_hook_kernel_read,
> +	ipe_hook_kernel_load,
> +	ipe_hook_max
>  };
> 
>  int ipe_task_alloc(struct task_struct *task,
> @@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
> 
>  void ipe_task_free(struct task_struct *task);
> 
> +int ipe_on_exec(struct linux_binprm *bprm);
> +
> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> +		unsigned long flags);
> +
> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> +		    unsigned long prot);
> +
> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> +		       bool contents);
> +
> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
> +
>  #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index b58b372327a1..3f9d43783293 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>  static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
>  	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
>  	LSM_HOOK_INIT(task_free, ipe_task_free),
> +	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
> +	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
> +	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
> +	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
> +	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
>  };
> 
>  /**
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index b766824cc08f..048500229365 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -483,6 +483,14 @@ int ipe_parse_op(const struct ipe_policy_token *tok,
>  {
>  	substring_t match[MAX_OPT_ARGS] = { 0 };
>  	const match_table_t ops = {
> +		{ ipe_operation_exec,		 "EXECUTE" },
> +		{ ipe_operation_firmware,	 "FIRMWARE" },
> +		{ ipe_operation_kernel_module,	 "KMODULE" },
> +		{ ipe_operation_kexec_image,	 "KEXEC_IMAGE" },
> +		{ ipe_operation_kexec_initramfs, "KEXEC_INITRAMFS"},
> +		{ ipe_operation_ima_policy,	 "IMA_POLICY" },
> +		{ ipe_operation_ima_x509,	 "IMA_X509_CERT" },
> +		{ ipe_op_alias_kernel_read,	 "KERNEL_READ" },
>  		{ ipe_op_alias_max, NULL },
>  	};
> 
> @@ -838,6 +846,15 @@ static int parse_policy(struct ipe_policy *p)
>  	return rc;
>  }
> 
> +static const enum ipe_operation alias_kread[] = {
> +	ipe_operation_firmware,
> +	ipe_operation_kernel_module,
> +	ipe_operation_ima_policy,
> +	ipe_operation_ima_x509,
> +	ipe_operation_kexec_image,
> +	ipe_operation_kexec_initramfs,
> +};
> +
>  /**
>   * ipe_is_op_alias: Determine if @op is an alias for one or more operations
>   * @op: Supplies the operation to check. Should be either ipe_operation or
> @@ -852,9 +869,15 @@ static int parse_policy(struct ipe_policy *p)
>  bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
>  {
>  	switch (op) {
> +	case ipe_op_alias_kernel_read:
> +		*map = alias_kread;
> +		*size = ARRAY_SIZE(alias_kread);
> +		break;
>  	default:
>  		return false;
>  	}
> +
> +	return true;
>  }
> 
>  /**
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 6818f6405dd0..ca37af46e5af 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -26,7 +26,14 @@ struct ipe_policy_line {
>  struct ipe_module;
> 
>  enum ipe_operation {
> -	ipe_operation_max = 0,
> +	ipe_operation_exec = 0,
> +	ipe_operation_firmware,
> +	ipe_operation_kernel_module,
> +	ipe_operation_kexec_image,
> +	ipe_operation_kexec_initramfs,
> +	ipe_operation_ima_policy,
> +	ipe_operation_ima_x509,
> +	ipe_operation_max
>  };
> 
>  /*
> @@ -34,7 +41,8 @@ enum ipe_operation {
>   * that are just one or more operations under the hood
>   */
>  enum ipe_op_alias {
> -	ipe_op_alias_max = ipe_operation_max,
> +	ipe_op_alias_kernel_read = ipe_operation_max,
> +	ipe_op_alias_max,
>  };
> 
>  enum ipe_action {
> --
> 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-15 19:50       ` Randy Dunlap
@ 2021-10-26 19:03         ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-26 19:03 UTC (permalink / raw)
  To: Randy Dunlap, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module


On 10/15/2021 12:50 PM, Randy Dunlap wrote:
> On 10/15/21 12:25 PM, Deven Bowers wrote:
>> On 10/13/2021 3:54 PM, Randy Dunlap wrote:
>>> Hi,
>>>
>>> On 10/13/21 12:06 PM, deven.desai@linux.microsoft.com wrote:
>>>> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
>>>> index c4503083e92d..ef556b66e674 100644
>>>> --- a/security/ipe/Kconfig
>>>> +++ b/security/ipe/Kconfig
>>>> @@ -17,3 +17,55 @@ menuconfig SECURITY_IPE
>>>>         requirements on the fly.
>>>>           If unsure, answer N.
>>>> +
>>>> +if SECURITY_IPE
>>>> +
>>>> +choice
>>>> +    prompt "Hash algorithm used in auditing policies"
>>>> +    default IPE_AUDIT_HASH_SHA1
>>>> +    depends on AUDIT
>>>> +    help
>>>> +        Specify the hash algorithm used when auditing policies.
>>>> +        The hash is used to uniquely identify a policy from other
>>>> +        policies on the system.
>>>> +
>>>> +        If unsure, leave default.
>>>> +
>>>> +    config IPE_AUDIT_HASH_SHA1
>>>> +        bool "sha1"
>>>> +        depends on CRYPTO_SHA1
>>>> +        help
>>>> +            Use the SHA128 algorithm to hash policies
>>>> +            in the audit records.
>>>> +
>>>> +    config IPE_AUDIT_HASH_SHA256
>>>> +        bool "sha256"
>>>> +        depends on CRYPTO_SHA256
>>>> +        help
>>>> +            Use the SHA256 algorithm to hash policies
>>>> +            in the audit records.
>>>> +
>>>> +    config IPE_AUDIT_HASH_SHA384
>>>> +        bool "sha384"
>>>> +        depends on CRYPTO_SHA512
>>>> +        help
>>>> +            Use the SHA384 algorithm to hash policies
>>>> +            in the audit records
>>>> +
>>>> +    config IPE_AUDIT_HASH_SHA512
>>>> +        bool "sha512"
>>>> +        depends on CRYPTO_SHA512
>>>> +        help
>>>> +            Use the SHA512 algorithm to hash policies
>>>> +            in the audit records
>>>> +endchoice
>>>> +
>>>> +config IPE_AUDIT_HASH_ALG
>>>> +    string
>>>> +    depends on AUDIT
>>>> +    default "sha1" if IPE_AUDIT_HASH_SHA1
>>>> +    default "sha256" if IPE_AUDIT_HASH_SHA256
>>>> +    default "sha384" if IPE_AUDIT_HASH_SHA384
>>>> +    default "sha512" if IPE_AUDIT_HASH_SHA512
>>>> +
>>>> +endif
>>>
>>> Please follow coding-style for Kconfig files:
>>>
>>> (from Documentation/process/coding-style.rst, section 10):
>>>
>>> For all of the Kconfig* configuration files throughout the source tree,
>>> the indentation is somewhat different.  Lines under a ``config`` 
>>> definition
>>> are indented with one tab, while help text is indented an additional 
>>> two
>>> spaces.
>>>
>> Oof. That's embarrassing. Sorry, I'll fix this for v8.
>>
>> While I'm at it, is the help text required for choice configs?
>> checkpatch --strict complains with a warning without them, but
>> I see other places in the tree where help text is omitted for
>> these configs attached to a choice.
>
> Does checkpatch complain about what you have above
> or did you add that help text to keep it from complaining?

I added the help text to keep it from complaining (and added it incorrectly,
clearly).

>
>
>> Documentation/process/* doesn't seem to have any guidance, nor
>> Documentation/kbuild/* on whether it is safe to ignore that
>> checkpatch warning.
>
> Yeah, I don't think that we have any good guidance on that.
>
> I would say that if the choice prompt provides good/adequate
> help info, then each 'config' inside the choice block does not
> need help text. OTOH, if the choice prompt has little/no help
> info, then each 'config' under it should have some useful info.
>
> I only looked in arch/x86/Kconfig, init/Kconfig, and lib/Kconfig.debug,
> but you can see either help text method being used in those.
>
> And then if the help text is adequate in either one of those
> methods, I would just ignore the checkpatch complaints.
> It's just a guidance tool.

Alright. I think the choice guidance is pretty clear:

    Specify the hash algorithm used when auditing policies.
    The hash is used to uniquely identify a policy from other
    policies on the system.

So I'll remove the help text for these choices.

At worst, I can make the choice text more clear.
>
> HTH.
>

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
  2021-10-25 11:30 ` [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) Roberto Sassu
@ 2021-10-26 19:03   ` Deven Bowers
  2021-10-27  8:26     ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-10-26 19:03 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 10/25/2021 4:30 AM, Roberto Sassu wrote:
>> From:deven.desai@linux.microsoft.com
>> [mailto:deven.desai@linux.microsoft.com]
>> From: Deven Bowers<deven.desai@linux.microsoft.com>
>>
>> Overview:
>> ---------
>>
>> IPE is a Linux Security Module which takes a complimentary approach to
>> access control. Whereas existing systems approach use labels or paths
>> which control access to a resource, IPE controls access to a resource
>> based on the system's trust of said resource.
> To me, it does not give a particularly precise idea of what IPE is about.
>
> It would have been more clear, assuming that I understood it correctly,
> if you have said:
>
> Whereas existing mandatory access control mechanisms base their
> decisions on labels and paths, IPE instead determines whether or not
> an operation should be allowed based on immutable security properties
> of the system component the operation is being performed on.
>
> IPE itself does not mandate how the security property should be
> evaluated, but relies on an extensible set of external property providers
> to evaluate the component. IPE makes its decision based on reference
> values for the selected properties, specified in the IPE policy.
>
> The reference values represent the value that the policy writer and the
> local system administrator (based on the policy signature) trust for the
> system to accomplish the desired tasks.
>
> One such provider is for example dm-verity, which is able to represent
> the integrity property of a partition (its immutable state) with a digest.
You understood it perfectly, and managed to word in a much more clear
way than I did. I'll apply these changes in the next posting! Thanks.
>> Trust requirements are established via IPE's policy, sourcing multiple
>> different implementations within the kernel to build a cohesive trust
>> model, based on how the system was built.
>>
>> Trust, with respect to computing, is a concept that designates a set
>> of entities who will endorse a set of resources as non-malicious.
>> Traditionally, this is done via signatures, which is the act of endorsing
>> a resource.
>>
>> Integrity, on the other hand, is the concept of ensuring that a resource
>> has not been modified since a point of time. This is typically done through
>> cryptographic hashes or signatures.
>>
>> Trust and integrity are very closely tied together concepts, as integrity
>> is the way you can prove trust for a resource; otherwise it could have
>> been modified by an entity who is untrusted.
>>
>> IPE provides a way for a user to express trust requirements of resources,
>> by using pre-existing systems which provide the integrity half of the
>> equation.
>>
>> IPE is compiled under CONFIG_SECURITY_IPE.
>>
>> Use Cases
>> ---------
>>
>> IPE works best in fixed-function devices: Devices in which their purpose
>> is clearly defined and not supposed to be changed (e.g. network firewall
>> device in a data center, an IoT device, etcetera), where all software and
>> configuration is built and provisioned by the system owner.
>>
>> IPE is a long-way off for use in general-purpose computing:
>> the Linux community as a whole tends to follow a decentralized trust
>> model, known as the Web of Trust, which IPE has no support for as of yet.
>> Instead, IPE supports the PKI Trust Model, which generally designates a
>> set of entities that provide a measure absolute trust.
> It is true that packages are signed with PGP, which is decentralized,
> but there is a special case where Linux distribution vendors trust
> their own keys. This, at least, would allow to trust the software built
> by a particular vendor (I ported David Howells's work on PGP keys and
> signature to the current kernel).
Yes, that is true. I figured that this scenario was somewhat obvious,
as it is, at a high level, similar to PKI but I can certainly add it
explicitly.
>> Additionally, while most packages are signed today, the files inside
>> the packages (for instance, the executables), tend to be unsigned. This
>> makes it difficult to utilize IPE in systems where a package manager is
>> expected to be functional, without major changes to the package manager
>> and ecosystem behind it.
> Yes, RPMs don't have per file signatures but have a signature of the
> list of file digests, which is equivalent. They could have also the fsverity
> digests (instead of the fsverity signatures) to reduce size overhead.
>
> Given that the authenticity of RPMs headers can be verified, if the
> PGP key of the vendor is included in the primary keyring of the kernel,
> being able to protect file or fsverity digests against tampering by
> user space and being able to query them (e.g. with DIGLIM) extends
> the applicability of IPE to general purpose OSes.
Agreed. With these two functionalities, it does appear that IPE + DIGLIM
can be used for general purpose RPM-based OSes. I'll add a reference to
your recent posting (v3?) as a way to extend the functionality to general
purposes OSes in the next revision.
>> Policy:
>> -------
>>
>> IPE policy is a plain-text [#]_ policy composed of multiple statements
>> over several lines. There is one required line, at the top of the
>> policy, indicating the policy name, and the policy version, for
>> instance:
>>
>>    policy_name="Ex Policy" policy_version=0.0.0
>>
>> The policy version indicates the current version of the policy (NOT the
>> policy syntax version). This is used to prevent roll-back of policy to
>> potentially insecure previous versions of the policy.
>>
>> The next portion of IPE policy, are rules. Rules are formed by key=value
>> pairs, known as properties. IPE rules require two properties: "action",
> Better:
>
> IPE rules require two keys:
Ack.
>> which determines what IPE does when it encounters a match against the
>> policy, and "op", which determines when that rule should be evaluated.
>> Thus, a minimal rule is:
>>
>>    op=EXECUTE action=ALLOW
>>
>> This example will allow any execution. Additional properties are used to
>> restrict attributes about the files being evaluated. These properties are
>> intended to be deterministic attributes that are resident in the kernel.
>> Available properties for IPE described in the documentation patch of this
>> series.
>>
>> A rule is required to have the "op" property as the first token of a rule,
>> and the "action" as the last token of the rule. Rules are evaluated
>> top-to-bottom. As a result, any revocation rules, or denies should be
>> placed early in the file to ensure that these rules are evaluated before
>> a rule with "action=ALLOW" is hit.
>>
>> Any unknown syntax in IPE policy will result in a fatal error to parse
>> the policy. User mode can interrogate the kernel to understand what
>> properties and the associated versions through the securityfs node,
>> $securityfs/ipe/config, which will return a string of form:
>>
>>    key1=version1
>>    key2=version2
>>    .
>>    .
>>    .
>>    keyN=versionN
>>
>> User-mode should correlate these versions with the supported values
>> identified in the documentation to determine whether a policy should
>> be accepted by the system without actually trying to deploy the policy.
>>
>> Additionally, a DEFAULT operation must be set for all understood
>> operations within IPE. For policies to remain completely forwards
>> compatible, it is recommended that users add a "DEFAULT action=ALLOW"
>> and override the defaults on a per-operation basis.
>>
>> For more information about the policy syntax, the kernel documentation
>> page.
>>
>> Early Usermode Protection:
>> --------------------------
>>
>> IPE can be provided with a policy at startup to load and enforce.
>> This is intended to be a minimal policy to get the system to a state
>> where userland is setup and ready to receive commands, at which
>> point a policy can be deployed via securityfs. This "boot policy" can be
>> specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
>> to a plain-text version of the IPE policy to apply. This policy will be
>> compiled into the kernel. If not specified, IPE will be disabled until a
>> policy is deployed and activated through the method above.
>>
>> Policy Examples:
>> ----------------
>>
>> Allow all:
>>
>>    policy_name="Allow All" policy_version=0.0.0
>>    DEFAULT action=ALLOW
>>
>> Allow only initial superblock:
>>
>>    policy_name="Allow All Initial SB" policy_version=0.0.0
>>    DEFAULT action=DENY
>>
>>    op=EXECUTE boot_verified=TRUE action=ALLOW
>>
>> Allow any signed dm-verity volume and the initial superblock:
>>
>>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>    DEFAULT action=DENY
>>
>>    op=EXECUTE boot_verified=TRUE action=ALLOW
>>    op=EXECUTE dmverity_signature=TRUE action=ALLOW
>>
>> Prohibit execution from a specific dm-verity volume:
>>
>>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>    DEFAULT action=DENY
>>
>>    op=EXECUTE
>> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
>> 146938 action=DENY
>>    op=EXECUTE boot_verified=TRUE action=ALLOW
>>    op=EXECUTE dmverity_signature=TRUE action=ALLOW
>>
>> Allow only a specific dm-verity volume:
>>
>>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>    DEFAULT action=DENY
>>
>>    op=EXECUTE
>> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
>> 146938 action=ALLOW
>>
>> Deploying Policies:
>> -------------------
>>
>> First sign a plain text policy, with a certificate that is present in
>> the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
>> signing can be done via:
>>
>>    openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
>>      -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
>>      -out "$MY_POLICY.p7s"
>>
>> Then, simply cat the file into the IPE's "new_policy" securityfs node:
>>
>>    cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
>>
>> The policy should now be present under the policies/ subdirectory, under
>> its "policy_name" attribute.
>>
>> The policy is now present in the kernel and can be marked as active,
>> via the securityfs node:
>>
>>    echo "1" > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"
>>
>> This will now mark the policy as active and the system will be enforcing
>> $MY_POLICY_NAME.
>>
>> There is one requirement when marking a policy as active, the policy_version
>> attribute must either increase, or remain the same as the currently running
>> policy.
>>
>> Policies can be updated via:
>>
>>    cat "$MY_UPDATED_POLICY.p7s" > \
>>      "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"
>>
>> Additionally, policies can be deleted via the "delete" securityfs
>> node. Simply write "1" to the corresponding node in the policy folder:
>>
>>    echo "1" > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"
>>
>> There is only one requirement to delete policies, the policy being
>> deleted must not be the active policy.
>>
>> NOTE: The securityfs commands will require CAP_MAC_ADMIN.
>>
>> Integrations:
>> -------------
>>
>> This patch series adds support for fsverity via digest and signature
>> (fsverity_signature and fsverity_digest), dm-verity by digest and
>> signature (dmverity_signature and dmverity_roothash), and trust for
>> the initramfs (boot_verified).
> Verifying the initial ram disk looks like a big problem. On general
> purpose OSes, having a reference value for it would be very hard.
>
> Instead, we would still be able to use per file reference values.
> Executable and shared libraries in the initial ram disk are copied
> from the main OS. Without fsverity support in tmpfs, I wonder
> if it would be still possible to mark the file as immutable and do
> an on the fly calculation of the root digest.
Yes, verifying the initial ramdisk is very difficult. "boot_verified",
is largely an assumption of trust as all the warning shows in the
documentation; it assumes the boot stack verified the initramfs somehow
(i.e. u-boot verified boot with it in the fitImage), and 'pins' (similar
to loadpin) the superblock to allow execution from that superblock.
> As an alternative, the IMA approach of calculating the file digest
> could be used (or IPE could get the file digest as a property from
> the integrity subsystem).
In general, I would like to keep as much of the implementation of the
integrity mechanisms out of IPE as much as possible - there are likely
much better layers to implement new ways of providing integrity /
authenticity claims than at the lsm layer within IPE.
> Roberto
>
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
>
>> Please see the documentation patch for more information about the
>> integrations available.
>>
>> Testing:
>> --------
>>
>> KUnit Tests are available. Recommended kunitconfig:
>>
>>      CONFIG_KUNIT=y
>>      CONFIG_SECURITY=y
>>      CONFIG_SECURITYFS=y
>>      CONFIG_PKCS7_MESSAGE_PARSER=y
>>      CONFIG_SYSTEM_DATA_VERIFICATION=y
>>      CONFIG_FS_VERITY=y
>>      CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
>>      CONFIG_BLOCK=y
>>      CONFIG_MD=y
>>      CONFIG_BLK_DEV_DM=y
>>      CONFIG_DM_VERITY=y
>>      CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
>>
>>      CONFIG_SECURITY_IPE=y
>>      CONFIG_SECURITY_IPE_KUNIT_TEST=y
>>      CONFIG_IPE_PROP_BOOT_VERIFIED=y
>>      CONFIG_IPE_PROP_DM_VERITY_SIGNATURE=y
>>      CONFIG_IPE_PROP_DM_VERITY_ROOTHASH=y
>>      CONFIG_IPE_PROP_FS_VERITY_SIGNATURE=y
>>      CONFIG_IPE_PROP_FS_VERITY_DIGEST=y
>>
>> Simply run:
>>
>>      make ARCH=um mrproper
>>      ./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>
>>
>> And the tests will execute and report the result. For more indepth testing,
>> it will require you to create and mount a dm-verity volume or fs-verity
>> enabled file.
>>
>> Documentation:
>> --------------
>>
>> There is both documentation available on github at
>> https://microsoft.github.io/ipe, and Documentation in this patch series,
>> to be added in-tree. This includes architectural block diagrams.
>>
>> Known Gaps:
>> -----------
>>
>> IPE has two known gaps:
>>
>> 1. IPE cannot verify the integrity of anonymous executable memory, such as
>>    the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
>>    Unfortunately, as this is dynamically generated code, there is no way
>>    for IPE to ensure the integrity of this code to form a trust basis. In all
>>    cases, the return result for these operations will be whatever the admin
>>    configures the DEFAULT action for "EXECUTE".
>>
>> 2. IPE cannot verify the integrity of interpreted languages' programs when
>>    these scripts invoked via ``<interpreter> <file>``. This is because the
>>    way interpreters execute these files, the scripts themselves are not
>>    evaluated as executable code through one of IPE's hooks. Interpreters
>>    can be enlightened to the usage of IPE by trying to mmap a file into
>>    executable memory (+X), after opening the file and responding to the
>>    error code appropriately. This also applies to included files, or high
>>    value files, such as configuration files of critical system components.
>>    However, there is a patchset that is looking to address this gap [1].
>>
>> Appendix:
>> ---------
>>
>> A. IPE Github Repository:https://github.com/microsoft/ipe
>> B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst
>>
>> References:
>> -----------
>>
>> [1]https://lore.kernel.org/all/20211012192410.2356090-1-mic@digikod.net/
>>
>> FAQ:
>> ----
>>
>> Q: What's the difference between other LSMs which provide trust-based
>>    access control, for instance, IMA?
>>
>> A: IMA is a fantastic option when needing measurement in addition to the
>>    trust-based access model. All of IMA is centered around their measurement
>>    hashes, so you save time when doing both actions. IPE, on the other hand,
>>    is a highly performant system that does not rely (and explicitly prohibits),
>>    generating its own integrity mechanisms - separating measurement and access
>>    control. Simply put, IPE provides only the enforcement of trust, while other
>>    subsystems provide the integrity guarantee that IPE needs to determine the
>>    trust of a resource. IMA provides both the integrity guarantee, the
>>    enforcement of trust, and a whole host of other features that may not be
>>    needed.
>>
>> Changelog:
>> ----------
>>
>> Changes since v1:
>>    Split the second patch of the previous series into two.
>>    Minor corrections in the cover-letter and documentation
>>    comments regarding CAP_MAC_ADMIN checks in IPE.
>>
>> Changes since v2:
>>    Address various comments by Jann Horn. Highlights:
>>      Switch various audit allocators to GFP_KERNEL.
>>      Utilize rcu_access_pointer() in various locations.
>>      Strip out the caching system for properties
>>      Strip comments from headers
>>      Move functions around in patches
>>      Remove kernel command line parameters
>>      Reconcile the race condition on the delete node for policy by
>>        expanding the policy critical section.
>>
>>    Address a few comments by Jonathan Corbet around the documentation
>>      pages for IPE.
>>
>>    Fix an issue with the initialization of IPE policy with a "-0"
>>      version, caused by not initializing the hlist entries before
>>      freeing.
>>
>> Changes since v3:
>>    Address a concern around IPE's behavior with unknown syntax.
>>      Specifically, make any unknown syntax a fatal error instead of a
>>      warning, as suggested by Mickaël Salaün.
>>    Introduce a new securityfs node, $securityfs/ipe/property_config,
>>      which provides a listing of what properties are enabled by the
>>      kernel and their versions. This allows usermode to predict what
>>      policies should be allowed.
>>    Strip some comments from c files that I missed.
>>    Clarify some documentation comments around 'boot_verified'.
>>      While this currently does not functionally change the property
>>      itself, the distinction is important when IPE can enforce verified
>>      reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
>>      This has been corrected.
>>    Change SecurityFS and SHA1 to a reverse dependency.
>>    Update the cover-letter with the updated behavior of unknown syntax.
>>    Remove all sysctls, making an equivalent function in securityfs.
>>    Rework the active/delete mechanism to be a node under the policy in
>>      $securityfs/ipe/policies.
>>    The kernel command line parameters ipe.enforce and ipe.success_audit
>>      have returned as this functionality is no longer exposed through
>>      sysfs.
>>
>> Changes since v4:
>>    Correct some grammatical errors reported by Randy Dunlap.
>>    Fix some warnings reported by kernel test bot.
>>    Change convention around security_bdev_setsecurity. -ENOSYS
>>      is now expected if an LSM does not implement a particular @name,
>>      as suggested by Casey Schaufler.
>>    Minor string corrections related to the move from sysfs to securityfs
>>    Correct a spelling of an #ifdef for the permissive argument.
>>    Add the kernel parameters re-added to the documentation.
>>    Fix a minor bug where the mode being audited on permissive switch
>>      was the original mode, not the mode being swapped to.
>>    Cleanup doc comments, fix some whitespace alignment issues.
>>
>> Changes since v5:
>>    Change if statement condition in security_bdev_setsecurity to be
>>      more concise, as suggested by Casey Schaufler and Al Viro
>>    Drop the 6th patch in the series, "dm-verity move signature check..."
>>      due to numerous issues, and it ultimately providing no real value.
>>    Fix the patch tree - the previous iteration appears to have been in a
>>      torn state (patches 8+9 were merged). This has since been corrected.
>>
>> Changes since v6:
>>    * Reword cover letter to more accurate convey IPE's purpose
>>      and latest updates.
>>    * Refactor series to:
>>        1. Support a context structure, enabling:
>>            1. Easier Testing via KUNIT
>>            2. A better architecture for future designs
>>        2. Make parser code cleaner
>>    * Move patch 01/12 to [14/16] of the series
>>    * Split up patch 02/12 into four parts:
>>        1. context creation [01/16]
>>        2. audit [07/16]
>>        3. evaluation loop [03/16]
>>        4. access control hooks [05/16]
>>        5. permissive mode [08/16]
>>    * Split up patch 03/12 into two parts:
>>        1. parser [02/16]
>>        2. userspace interface [04/16]
>>    * Reword and refactor patch 04/12 to [09/16]
>>    * Squash patch 05/12, 07/12, 09/12 to [10/16]
>>    * Squash patch 08/12, 10/12 to [11/16]
>>    * Change audit records to MAC region (14XX) from Integrity region (18XX)
>>    * Add FSVerity Support
>>    * Interface changes:
>>        1. "raw" was renamed to "pkcs7" and made read only
>>        2. "raw"'s write functionality (update a policy) moved to "update"
>>        3. introduced "version", "policy_name" nodes.
>>        4. "content" renamed to "policy"
>>        5. The boot policy can now be updated like any other policy.
>>    * Add additional developer-level documentation
>>    * Update admin-guide docs to reflect changes.
>>    * Kunit tests
>>    * Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
>>      easily come later with a small patch.
>>    * Use partition0 for block_device for dm-verity patch
>>
>> Deven Bowers (14):
>>    security: add ipe lsm & initial context creation
>>    ipe: add policy parser
>>    ipe: add evaluation loop
>>    ipe: add userspace interface
>>    ipe: add LSM hooks on execution and kernel read
>>    uapi|audit: add trust audit message definitions
>>    ipe: add auditing support
>>    ipe: add permissive toggle
>>    ipe: introduce 'boot_verified' as a trust provider
>>    fs|dm-verity: add block_dev LSM blob and submit dm-verity data
>>    ipe: add support for dm-verity as a trust provider
>>    scripts: add boot policy generation program
>>    ipe: kunit tests
>>    documentation: add ipe documentation
>>
>> Fan Wu (2):
>>    fsverity|security: add security hooks to fsverity digest and signature
>>    ipe: enable support for fs-verity as a trust provider
>>
>>   Documentation/admin-guide/LSM/index.rst       |    1 +
>>   Documentation/admin-guide/LSM/ipe.rst         |  587 ++++++++++
>>   .../admin-guide/kernel-parameters.txt         |   12 +
>>   Documentation/security/index.rst              |    1 +
>>   Documentation/security/ipe.rst                |  339 ++++++
>>   MAINTAINERS                                   |    9 +
>>   block/bdev.c                                  |    7 +
>>   drivers/md/dm-verity-target.c                 |   20 +-
>>   drivers/md/dm-verity-verify-sig.c             |   16 +-
>>   drivers/md/dm-verity-verify-sig.h             |   10 +-
>>   fs/verity/open.c                              |   12 +
>>   fs/verity/signature.c                         |    5 +-
>>   include/asm-generic/vmlinux.lds.h             |   16 +
>>   include/linux/blk_types.h                     |    1 +
>>   include/linux/device-mapper.h                 |    3 +
>>   include/linux/fsverity.h                      |    3 +
>>   include/linux/lsm_hook_defs.h                 |    5 +
>>   include/linux/lsm_hooks.h                     |   12 +
>>   include/linux/security.h                      |   22 +
>>   include/uapi/linux/audit.h                    |    4 +
>>   scripts/Makefile                              |    1 +
>>   scripts/ipe/Makefile                          |    2 +
>>   scripts/ipe/polgen/.gitignore                 |    1 +
>>   scripts/ipe/polgen/Makefile                   |    6 +
>>   scripts/ipe/polgen/polgen.c                   |  145 +++
>>   security/Kconfig                              |   11 +-
>>   security/Makefile                             |    1 +
>>   security/ipe/.gitignore                       |    1 +
>>   security/ipe/Kconfig                          |  100 ++
>>   security/ipe/Makefile                         |   39 +
>>   security/ipe/audit.c                          |  304 +++++
>>   security/ipe/audit.h                          |   41 +
>>   security/ipe/ctx.c                            |  381 ++++++
>>   security/ipe/ctx.h                            |   43 +
>>   security/ipe/ctx_test.c                       |  732 ++++++++++++
>>   security/ipe/eval.c                           |  237 ++++
>>   security/ipe/eval.h                           |   57 +
>>   security/ipe/fs.c                             |  327 ++++++
>>   security/ipe/fs.h                             |   13 +
>>   security/ipe/hooks.c                          |  328 ++++++
>>   security/ipe/hooks.h                          |   56 +
>>   security/ipe/ipe.c                            |  143 +++
>>   security/ipe/ipe.h                            |   27 +
>>   security/ipe/ipe_parser.h                     |   59 +
>>   security/ipe/modules.c                        |  134 +++
>>   security/ipe/modules.h                        |   17 +
>>   security/ipe/modules/Kconfig                  |   66 ++
>>   security/ipe/modules/Makefile                 |   12 +
>>   security/ipe/modules/boot_verified.c          |   24 +
>>   security/ipe/modules/dmverity_roothash.c      |   80 ++
>>   security/ipe/modules/dmverity_signature.c     |   25 +
>>   security/ipe/modules/fsverity_digest.c        |   80 ++
>>   security/ipe/modules/fsverity_signature.c     |   33 +
>>   security/ipe/modules/ipe_module.h             |   40 +
>>   security/ipe/parsers.c                        |  139 +++
>>   security/ipe/parsers/Makefile                 |   12 +
>>   security/ipe/parsers/default.c                |  106 ++
>>   security/ipe/parsers/policy_header.c          |  126 ++
>>   security/ipe/policy.c                         | 1037 +++++++++++++++++
>>   security/ipe/policy.h                         |  113 ++
>>   security/ipe/policy_parser_tests.c            |  299 +++++
>>   security/ipe/policyfs.c                       |  528 +++++++++
>>   security/security.c                           |   76 +-
>>   63 files changed, 7069 insertions(+), 18 deletions(-)
>>   create mode 100644 Documentation/admin-guide/LSM/ipe.rst
>>   create mode 100644 Documentation/security/ipe.rst
>>   create mode 100644 scripts/ipe/Makefile
>>   create mode 100644 scripts/ipe/polgen/.gitignore
>>   create mode 100644 scripts/ipe/polgen/Makefile
>>   create mode 100644 scripts/ipe/polgen/polgen.c
>>   create mode 100644 security/ipe/.gitignore
>>   create mode 100644 security/ipe/Kconfig
>>   create mode 100644 security/ipe/Makefile
>>   create mode 100644 security/ipe/audit.c
>>   create mode 100644 security/ipe/audit.h
>>   create mode 100644 security/ipe/ctx.c
>>   create mode 100644 security/ipe/ctx.h
>>   create mode 100644 security/ipe/ctx_test.c
>>   create mode 100644 security/ipe/eval.c
>>   create mode 100644 security/ipe/eval.h
>>   create mode 100644 security/ipe/fs.c
>>   create mode 100644 security/ipe/fs.h
>>   create mode 100644 security/ipe/hooks.c
>>   create mode 100644 security/ipe/hooks.h
>>   create mode 100644 security/ipe/ipe.c
>>   create mode 100644 security/ipe/ipe.h
>>   create mode 100644 security/ipe/ipe_parser.h
>>   create mode 100644 security/ipe/modules.c
>>   create mode 100644 security/ipe/modules.h
>>   create mode 100644 security/ipe/modules/Kconfig
>>   create mode 100644 security/ipe/modules/Makefile
>>   create mode 100644 security/ipe/modules/boot_verified.c
>>   create mode 100644 security/ipe/modules/dmverity_roothash.c
>>   create mode 100644 security/ipe/modules/dmverity_signature.c
>>   create mode 100644 security/ipe/modules/fsverity_digest.c
>>   create mode 100644 security/ipe/modules/fsverity_signature.c
>>   create mode 100644 security/ipe/modules/ipe_module.h
>>   create mode 100644 security/ipe/parsers.c
>>   create mode 100644 security/ipe/parsers/Makefile
>>   create mode 100644 security/ipe/parsers/default.c
>>   create mode 100644 security/ipe/parsers/policy_header.c
>>   create mode 100644 security/ipe/policy.c
>>   create mode 100644 security/ipe/policy.h
>>   create mode 100644 security/ipe/policy_parser_tests.c
>>   create mode 100644 security/ipe/policyfs.c
>>
>> --
>> 2.33.0

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-25 12:22   ` Roberto Sassu
@ 2021-10-26 19:03     ` Deven Bowers
  2021-10-27  8:56       ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-10-26 19:03 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module


On 10/25/2021 5:22 AM, Roberto Sassu wrote:
>> From:deven.desai@linux.microsoft.com
>> [mailto:deven.desai@linux.microsoft.com]
>> From: Deven Bowers<deven.desai@linux.microsoft.com>
>>
>> IPE's initial goal is to control both execution and the loading of
>> kernel modules based on the system's definition of trust. It
>> accomplishes this by plugging into the security hooks for execve,
>> mprotect, mmap, kernel_load_data and kernel_read_data.
>>
>> Signed-off-by: Deven Bowers<deven.desai@linux.microsoft.com>
>> ---
>>
>> Relevant changes since v6:
>>    * Split up patch 02/12 into four parts:
>>        1. context creation [01/16]
>>        2. audit [07/16]
>>        3. evaluation loop [03/16]
>>        4. access control hooks [05/16] (this patch)
>>
>> ---
>>   security/ipe/hooks.c  | 149 ++++++++++++++++++++++++++++++++++++++++++
>>   security/ipe/hooks.h  |  23 ++++++-
>>   security/ipe/ipe.c    |   5 ++
>>   security/ipe/policy.c |  23 +++++++
>>   security/ipe/policy.h |  12 +++-
>>   5 files changed, 209 insertions(+), 3 deletions(-)
>>
>> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
>> index ed0c886eaa5a..216242408a80 100644
>> --- a/security/ipe/hooks.c
>> +++ b/security/ipe/hooks.c
>> @@ -6,11 +6,15 @@
>>   #include "ipe.h"
>>   #include "ctx.h"
>>   #include "hooks.h"
>> +#include "eval.h"
>>
>> +#include <linux/fs.h>
>>   #include <linux/sched.h>
>>   #include <linux/types.h>
>>   #include <linux/refcount.h>
>>   #include <linux/rcupdate.h>
>> +#include <linux/binfmts.h>
>> +#include <linux/mman.h>
>>
>>   /**
>>    * ipe_task_alloc: Assign a new context for an associated task structure.
>> @@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
>>   	ipe_put_ctx(ctx);
>>   	rcu_read_unlock();
>>   }
>> +
>> +/**
>> + * ipe_on_exec: LSM hook called when a process is loaded through the exec
>> + *		family of system calls.
>> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
>> + *	  being evaluated.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_exec(struct linux_binprm *bprm)
>> +{
>> +	return ipe_process_event(bprm->file, ipe_operation_exec,
>> ipe_hook_exec);
>> +}
>> +
>> +/**
>> + * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
>> + *		family of system calls.
>> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
>> + * @reqprot: The requested protection on the mmap, passed from usermode.
>> + * @prot: The effective protection on the mmap, resolved from reqprot and
>> + *	  system configuration.
>> + * @flags: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
>> +		unsigned long flags)
>> +{
>> +	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
>> +		return ipe_process_event(f, ipe_operation_exec,
>> ipe_hook_mmap);
>> +
>> +	return 0;
>> +}
>> +
>> +/**
>> + * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is
>> changing
>> + *		    its protections via mprotect.
>> + * @vma: Existing virtual memory area created by mmap or similar
>> + * @reqprot: The requested protection on the mmap, passed from usermode.
>> + * @prot: The effective protection on the mmap, resolved from reqprot and
>> + *	  system configuration.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
>> +		    unsigned long prot)
>> +{
>> +	/* Already Executable */
>> +	if (vma->vm_flags & VM_EXEC)
>> +		return 0;
>> +
>> +	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
>> +		return ipe_process_event(vma->vm_file, ipe_operation_exec,
>> +					 ipe_hook_mprotect);
>> +
>> +	return 0;
>> +}
>> +
>> +/**
>> + * ipe_on_kernel_read: LSM hook called when a file is being read in from
>> + *		       disk.
>> + * @file: Supplies a pointer to the file structure being read in from disk
>> + * @id: Supplies the enumeration identifying the purpose of the read.
>> + * @contents: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
>> +		       bool contents)
>> +{
>> +	enum ipe_operation op;
>> +
>> +	switch (id) {
>> +	case READING_FIRMWARE:
>> +		op = ipe_operation_firmware;
>> +		break;
>> +	case READING_MODULE:
>> +		op = ipe_operation_kernel_module;
>> +		break;
>> +	case READING_KEXEC_INITRAMFS:
>> +		op = ipe_operation_kexec_initramfs;
>> +		break;
>> +	case READING_KEXEC_IMAGE:
>> +		op = ipe_operation_kexec_image;
>> +		break;
>> +	case READING_POLICY:
>> +		op = ipe_operation_ima_policy;
>> +		break;
>> +	case READING_X509_CERTIFICATE:
>> +		op = ipe_operation_ima_x509;
>> +		break;
>> +	default:
>> +		op = ipe_operation_max;
> Possible problem here. If someone (like me) adds a new file type
> and forgets to add a case, there will be an out of bound access
> in evaluate():
>
>          rules = &pol->parsed->rules[ctx->op];
>
> due to the static definition of the rules array in the ipe_parsed_policy
> structure (array length: ipe_operation_max).

Yeah, that's a problem. I can fix this down in the eval loop by matching
the global default and emitting a WARN here.

> Roberto
>
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
>
>> +	}
>> +
>> +	return ipe_process_event(file, op, ipe_hook_kernel_read);
>> +}
>> +
>> +/**
>> + * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in
>> from
>> + *			    disk.
>> + * @id: Supplies the enumeration identifying the purpose of the read.
>> + * @contents: Unused.
>> + *
>> + * Return:
>> + * 0 - OK
>> + * !0 - Error
>> + */
>> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
>> +{
>> +	enum ipe_operation op;
>> +
>> +	switch (id) {
>> +	case LOADING_FIRMWARE:
>> +		op = ipe_operation_firmware;
>> +		break;
>> +	case LOADING_MODULE:
>> +		op = ipe_operation_kernel_module;
>> +		break;
>> +	case LOADING_KEXEC_INITRAMFS:
>> +		op = ipe_operation_kexec_initramfs;
>> +		break;
>> +	case LOADING_KEXEC_IMAGE:
>> +		op = ipe_operation_kexec_image;
>> +		break;
>> +	case LOADING_POLICY:
>> +		op = ipe_operation_ima_policy;
>> +		break;
>> +	case LOADING_X509_CERTIFICATE:
>> +		op = ipe_operation_ima_x509;
>> +		break;
>> +	default:
>> +		op = ipe_operation_max;
>> +	}
>> +
>> +	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
>> +}
>> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
>> index 58ed4a612e26..c99a0b7f45f7 100644
>> --- a/security/ipe/hooks.h
>> +++ b/security/ipe/hooks.h
>> @@ -5,11 +5,19 @@
>>   #ifndef IPE_HOOKS_H
>>   #define IPE_HOOKS_H
>>
>> +#include <linux/fs.h>
>>   #include <linux/types.h>
>>   #include <linux/sched.h>
>> +#include <linux/binfmts.h>
>> +#include <linux/security.h>
>>
>>   enum ipe_hook {
>> -	ipe_hook_max = 0
>> +	ipe_hook_exec = 0,
>> +	ipe_hook_mmap,
>> +	ipe_hook_mprotect,
>> +	ipe_hook_kernel_read,
>> +	ipe_hook_kernel_load,
>> +	ipe_hook_max
>>   };
>>
>>   int ipe_task_alloc(struct task_struct *task,
>> @@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
>>
>>   void ipe_task_free(struct task_struct *task);
>>
>> +int ipe_on_exec(struct linux_binprm *bprm);
>> +
>> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
>> +		unsigned long flags);
>> +
>> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
>> +		    unsigned long prot);
>> +
>> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
>> +		       bool contents);
>> +
>> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
>> +
>>   #endif /* IPE_HOOKS_H */
>> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
>> index b58b372327a1..3f9d43783293 100644
>> --- a/security/ipe/ipe.c
>> +++ b/security/ipe/ipe.c
>> @@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>>   static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
>>   	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
>>   	LSM_HOOK_INIT(task_free, ipe_task_free),
>> +	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
>> +	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
>> +	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
>> +	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
>> +	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
>>   };
>>
>>   /**
>> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
>> index b766824cc08f..048500229365 100644
>> --- a/security/ipe/policy.c
>> +++ b/security/ipe/policy.c
>> @@ -483,6 +483,14 @@ int ipe_parse_op(const struct ipe_policy_token *tok,
>>   {
>>   	substring_t match[MAX_OPT_ARGS] = { 0 };
>>   	const match_table_t ops = {
>> +		{ ipe_operation_exec,		 "EXECUTE" },
>> +		{ ipe_operation_firmware,	 "FIRMWARE" },
>> +		{ ipe_operation_kernel_module,	 "KMODULE" },
>> +		{ ipe_operation_kexec_image,	 "KEXEC_IMAGE" },
>> +		{ ipe_operation_kexec_initramfs, "KEXEC_INITRAMFS"},
>> +		{ ipe_operation_ima_policy,	 "IMA_POLICY" },
>> +		{ ipe_operation_ima_x509,	 "IMA_X509_CERT" },
>> +		{ ipe_op_alias_kernel_read,	 "KERNEL_READ" },
>>   		{ ipe_op_alias_max, NULL },
>>   	};
>>
>> @@ -838,6 +846,15 @@ static int parse_policy(struct ipe_policy *p)
>>   	return rc;
>>   }
>>
>> +static const enum ipe_operation alias_kread[] = {
>> +	ipe_operation_firmware,
>> +	ipe_operation_kernel_module,
>> +	ipe_operation_ima_policy,
>> +	ipe_operation_ima_x509,
>> +	ipe_operation_kexec_image,
>> +	ipe_operation_kexec_initramfs,
>> +};
>> +
>>   /**
>>    * ipe_is_op_alias: Determine if @op is an alias for one or more operations
>>    * @op: Supplies the operation to check. Should be either ipe_operation or
>> @@ -852,9 +869,15 @@ static int parse_policy(struct ipe_policy *p)
>>   bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
>>   {
>>   	switch (op) {
>> +	case ipe_op_alias_kernel_read:
>> +		*map = alias_kread;
>> +		*size = ARRAY_SIZE(alias_kread);
>> +		break;
>>   	default:
>>   		return false;
>>   	}
>> +
>> +	return true;
>>   }
>>
>>   /**
>> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
>> index 6818f6405dd0..ca37af46e5af 100644
>> --- a/security/ipe/policy.h
>> +++ b/security/ipe/policy.h
>> @@ -26,7 +26,14 @@ struct ipe_policy_line {
>>   struct ipe_module;
>>
>>   enum ipe_operation {
>> -	ipe_operation_max = 0,
>> +	ipe_operation_exec = 0,
>> +	ipe_operation_firmware,
>> +	ipe_operation_kernel_module,
>> +	ipe_operation_kexec_image,
>> +	ipe_operation_kexec_initramfs,
>> +	ipe_operation_ima_policy,
>> +	ipe_operation_ima_x509,
>> +	ipe_operation_max
>>   };
>>
>>   /*
>> @@ -34,7 +41,8 @@ enum ipe_operation {
>>    * that are just one or more operations under the hood
>>    */
>>   enum ipe_op_alias {
>> -	ipe_op_alias_max = ipe_operation_max,
>> +	ipe_op_alias_kernel_read = ipe_operation_max,
>> +	ipe_op_alias_max,
>>   };
>>
>>   enum ipe_action {
>> --
>> 2.33.0

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-22 16:31           ` Roberto Sassu
@ 2021-10-26 19:03             ` Deven Bowers
  2021-10-27  8:41               ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-10-26 19:03 UTC (permalink / raw)
  To: Roberto Sassu, Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 10/22/2021 9:31 AM, Roberto Sassu wrote:
>> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
>> Sent: Wednesday, October 20, 2021 5:09 PM
>>> From: Eric Biggers [mailto:ebiggers@kernel.org]
>>> Sent: Friday, October 15, 2021 10:11 PM
>>> On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
>>>> On 10/13/2021 12:24 PM, Eric Biggers wrote:
>>>>> On Wed, Oct 13, 2021 at 12:06:31PM -0700,
>>> deven.desai@linux.microsoft.com  wrote:
>>>>>> From: Fan Wu<wufan@linux.microsoft.com>
>>>>>>
>>>>>> Add security_inode_setsecurity to fsverity signature verification.
>>>>>> This can let LSMs save the signature data and digest hashes provided
>>>>>> by fsverity.
>>>>> Can you elaborate on why LSMs need this information?
>>>> The proposed LSM (IPE) of this series will be the only one to need
>>>> this information at the  moment. IPE’s goal is to have provide
>>>> trust-based access control. Trust and Integrity are tied together,
>>>> as you cannot prove trust without proving integrity.
>>> I think you mean authenticity, not integrity?
>>>
>>> Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
>>> file hashes, but that could be changed.  Why not extend IMA to cover your use
>>> case(s)?
>>>
>>>> IPE needs the digest information to be able to compare a digest
>>>> provided by the policy author, against the digest calculated by
>>>> fsverity to make a decision on whether that specific file, represented
>>>> by the digest is authorized for the actions specified in the policy.
>>>>
>>>> A more concrete example, if an IPE policy author writes:
>>>>
>>>>      op=EXECUTE fsverity_digest=<HexDigest > action=DENY
>>>>
>>>> IPE takes the digest provided by this security hook, stores it
>>>> in IPE's security blob on the inode. If this file is later
>>>> executed, IPE compares the digest stored in the LSM blob,
>>>> provided by this hook, against <HexDigest> in the policy, if
>>>> it matches, it denies the access, performing a revocation
>>>> of that file.
>>> Do you have a better example?  This one is pretty useless since one can get
>>> around it just by executing a file that doesn't have fs-verity enabled.
>> I was wondering if the following use case can be supported:
>> allow the execution of files protected with fsverity if the root
>> digest is found among reference values (instead of providing
>> them one by one in the policy).
>>
>> Something like:
>>
>> op=EXECUTE fsverity_digest=diglim action=ALLOW
> Looks like it works. I modified IPE to query the root digest
> of an fsverity-protected file in DIGLIM.
>
> # cat ipe-policy
> policy_name="AllowFSVerityKmodules" policy_version=0.0.1
> DEFAULT action=ALLOW
> DEFAULT op=KMODULE action=DENY
> op=KMODULE fsverity_digest=diglim action=ALLOW
>
> IPE setup:
> # cat ipe-policy.p7s > /sys/kernel/security/ipe/new_policy
> # echo -n 1 >  /sys/kernel/security/ipe/policies/AllowFSVerityKmodules/active
> # echo 1 > /sys/kernel/security/ipe/enforce
>
> IPE denies loading of kernel modules not protected by fsverity:
> # insmod  /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko
> insmod: ERROR: could not insert module /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko: Permission denied
>
> Protect fat.ko with fsverity:
> # cp /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko /fsverity
> # fsverity enable /fsverity/fat.ko
> # fsverity measure /fsverity/fat.ko
> sha256:079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 /fsverity/fat.ko
>
> IPE still denies the loading of fat.ko (root digest not uploaded to the kernel):
> # insmod /fsverity/fat.ko
> insmod: ERROR: could not insert module /fsverity/fat.ko: Permission denied
>
> Generate a digest list with the root digest above and upload it to the kernel:
> # ./compact_gen -i 079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 -a sha256 -d test -s -t file -f
> # echo $PWD/test/0-file_list-compact-079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 > /sys/kernel/security/integrity/diglim/digest_list_add
>
> IPE allows the loading of fat.ko:
> # insmod /fsverity/fat.ko
> #
>
> Regarding authenticity, not shown in this demo, IPE will also
> ensure that the root digest is signed (diglim_digest_get_info()
> reports this information).

I apologize for the delay in responses, but it looks like
you've figured it out.

This kind of thing is exactly what IPE's design is supposed to
solve, you have some other system which provides the
integrity mechanism and (optionally) determine if it is trusted or
not, and IPE can provide the policy aspect very easily to
make a set of system-wide requirements around your mechanism.

I'm very supportive of adding the functionality, but I wonder
if it makes more sense to have digilm's extension be a separate
key instead of tied to the fsverity_digest key - something like

    op=EXECUTE diglim_fsverity=TRUE action=DENY

that way the condition that enables this property can depend
on digilm in the build, and it separates the two systems'
integrations in a slightly more clean way.

As an aside, did you find it difficult to extend?

> Roberto
>
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
>
>> DIGLIM is a component I'm working on that generically
>> stores digests. The current use case is to store file digests
>> from RPMTAG_FILEDIGESTS and use them with IMA, but
>> the fsverity use case could be easily supported (if the root
>> digest is stored in the RPM header).
>>
>> DIGLIM also tells whether or not the signature of the source
>> containing file digests (or fsverity digests) is valid (the signature
>> of the RPM header is taken from RPMTAG_RSAHEADER).
>>
>> The memory occupation is relatively small for executables
>> and shared libraries. I published a demo for Fedora and
>> openSUSE some time ago:
>>
>> https://lore.kernel.org/linux-
>> integrity/48cd737c504d45208377daa27d625531@huawei.com/
>>
>> Thanks
>>
>> Roberto
>>
>> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
>> Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-15 20:11       ` Eric Biggers
  2021-10-20 15:08         ` Roberto Sassu
@ 2021-10-26 19:03         ` Deven Bowers
  2021-10-27  9:34           ` Roberto Sassu
  2021-10-28  3:48           ` Eric Biggers
  1 sibling, 2 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-26 19:03 UTC (permalink / raw)
  To: Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On 10/15/2021 1:11 PM, Eric Biggers wrote:

> On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
>> On 10/13/2021 12:24 PM, Eric Biggers wrote:
>>> On Wed, Oct 13, 2021 at 12:06:31PM -0700,deven.desai@linux.microsoft.com  wrote:
>>>> From: Fan Wu<wufan@linux.microsoft.com>
>>>>
>>>> Add security_inode_setsecurity to fsverity signature verification.
>>>> This can let LSMs save the signature data and digest hashes provided
>>>> by fsverity.
>>> Can you elaborate on why LSMs need this information?
>> The proposed LSM (IPE) of this series will be the only one to need
>> this information at the  moment. IPE’s goal is to have provide
>> trust-based access control. Trust and Integrity are tied together,
>> as you cannot prove trust without proving integrity.
> I think you mean authenticity, not integrity?
I’ve heard a lot of people use these terms in overloaded ways.

If we’re working with the definition of authenticity being
“the property that a resource was _actually_ sent/created by a
party”, and integrity being “the property that a resource was not
modified from a point of time”, then yes. Though the statement isn’t
false, though, because you’d need to prove integrity in the process of
proving authenticity.

If not, could you clarify what you mean by authenticity and integrity,
so that we can use consistent definitions?
> Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
> file hashes, but that could be changed.  Why not extend IMA to cover your use
> case(s)?
We looked at extending IMA to cover our requirements extensively the 
past year
based on feedback the last time I posted these patches. We implemented a
prototype that had half of our requirements, but found it resulted in a
large change list that would result in a large amount of pain in respect
to maintenance, in addition to other more architectural concerns about the
implementation. We weren’t convinced it was the correct direction, for our
needs.

There was a presentation done at LSS 2021 around this prototype done by my
colleague, Fan, who authored this patch and implemented the aforementioned
prototype.

In general, IMA provides a whole suite of amazing functionality when it
comes to everything integrity, as the fs-verity documentation states
itself:

    IMA specifies a system-wide policy that specifies which
    files are hashed and what to do with those hashes, such
    as log them, authenticate them, or add them to a
    measurement list.

Instead, IPE provides a fine-tuned way to _only_ enforce an access control
policy to these files based on the defined trust requirements in the policy,
under various contexts, (you might have different requirements for what
executes in a general purpose, versus loadable kernel modules, for example).
It will never provide bother to log, measure, or revalidate these hashes 
because
that’s not its purpose. This is why it belongs at the LSM layer instead 
of the
integrity subsystem layer, as it is providing access control based on a 
policy,
versus providing deep integrations with the actual integrity claim.

IPE is trying to be agnostic to how precisely “trust” is provided, as
opposed to be deeply integrated into the mechanism that provides
“trust”.
>> IPE needs the digest information to be able to compare a digest
>> provided by the policy author, against the digest calculated by
>> fsverity to make a decision on whether that specific file, represented
>> by the digest is authorized for the actions specified in the policy.
>>
>> A more concrete example, if an IPE policy author writes:
>>
>>      op=EXECUTE fsverity_digest=<HexDigest > action=DENY
>>
>> IPE takes the digest provided by this security hook, stores it
>> in IPE's security blob on the inode. If this file is later
>> executed, IPE compares the digest stored in the LSM blob,
>> provided by this hook, against <HexDigest> in the policy, if
>> it matches, it denies the access, performing a revocation
>> of that file.
> Do you have a better example?  This one is pretty useless since one can get
> around it just by executing a file that doesn't have fs-verity enabled.
Here’s a more complete example:

    policy_name=”fs-exec-only” policy_version=0.0.1
    DEFAULT action=ALLOW

    DEFAULT op=EXECUTE action=DENY
    op=EXECUTE fsverity_digest=<Digest> action=DENY
    op=EXECUTE fsverity_signature=TRUE action=ALLOW

Execution is prohibited unless it is a signed fs-verity file;
However, after one of those executables was signed and published,
an exploitable vulnerability in said executable was found, a new
version was published without that vulnerability. We need to
revoke trust for that executable since it could be used to exploit
the system, so the first rule prevents it from matching the second.
>> This brings me to your next comment:
>>
>>> The digest isn't meaningful without knowing the hash algorithm it uses.
>> It's available here, but you aren't passing it to this function.
>>
>> The digest is meaningful without the algorithm in this case.
> No, it's not.
>
> Digests are meaningless without knowing what algorithm they were created with.
>
> If your security policy is something like "Trust the file with digest $foo" and
> multiple hash algorithms are possible, then the alorithm intended to be used
> needs to be explicitly specified.  Otherwise any algorithm with the same length
> digest will be accepted.  That's a fatal flaw if any of these algorithms is
> cryptographically broken or was never intended to be a cryptographic algorithm
> in the first place (e.g., a non-cryptographic checksum).
>
> Cryptosystems always need to specify the crypto algorithm(s) used; the adversary
> must not be allowed to choose the algorithms.
Oof. You’re completely right. The part I was missing is that as time 
goes on,
the secure status of these cryptographic algorithms will change, and 
then we’ll
need a way to migrate between algorithms. Additionally, tooling and the 
like will
likely need a way to identify this from the policy text without 
consulting anything
else. This is a major oversight for general use, the system that this 
was originally
designed for only had support for a subset of the sha2-family (all 
separate lengths)
so I hadn’t even considered it.

It's trivial to correct in a minimal amount of code, making the policy 
express the
digest like so:

    fsverity_digest=<algo>:<digest>

and change the argument passed to the LSM hook to accept a structure 
containing these
two fields.

> I'm not sure how these patches can be taken seriously when they're getting this
> sort of thing wrong.
That said, I, personally, hope that an honest mistake, in a series 
submitted as
an RFC submitted in good faith, is not a reason to discount an entire patch
series.

I hope you continue to provide feedback, as it is invaluable to making this
system better, and making me, personally, a better developer.
>>>> +					FS_VERITY_SIGNATURE_SEC_NAME,
>>>> +					signature, sig_size, 0);
>>> This is only for fs-verity built-in signatures which aren't the only way to do
>>> signatures with fs-verity.  Are you sure this is what you're looking for?
>> Could you elaborate on the other signature types that can be used
>> with fs-verity? I’m 99% sure this is what I’m looking for as this
>> is a signature validated in the kernel against the fs-verity keyring
>> as part of the “fsverity enable” utility.
>>
>> It's important that the signature is validated in the kernel, as
>> userspace is considered untrusted until the signature is validated
>> for this case.
>>
>>> Can you elaborate on your use case for fs-verity built-in signatures,
>> Sure, signatures, like digests, also provide a way to prove integrity,
>> and the trust component comes from the validation against the keyring,
>> as opposed to a fixed value in IPE’s policy. The use case for fs-verity
>> built-in signatures is that we have a rw ext4 filesystem that has some
>> executable files, and we want to have a execution policy (through IPE)
>> that only _trusted_ executables can run. Perf is important here, hence
>> fs-verity.
> Most users of fs-verity built-in signatures have actually been enforcing their
> security policy in userspace, by checking whether specific files have the
> fs-verity bit set or not.  Such users could just store and verify signatures in
> userspace instead, without any kernel involvement.  So that's what I've been
> recommending (with limited success, unfortunately).
I believe the difference in security models comes from this line
(emphasis, mine):

 > by checking whether _specific files_ have the fs-verity bit set or not.

IPE policy is written by a system author who owns the system, but may
not have 100% control over all of the application code running on the
system.  In the case of applications which are not aware of IPE, the policy
can still enforce that all of the code running on the system is trusted.

An example attack of what we're trying to mitigate:  A hostile actor
could downloads a binary off the internet with all required
dependencies into tmpfs and runs their malicious executable.

With us validating this information in the kernel, even if the attacker
downloaded their malicious executable to /tmp and executed it, it would
still fail to pass policy and be denied, as the kernel is the common
entrypoint across all executables.

Operationally, this _could_ be done by digest, but the policies would
quickly become gigantic on a cartoonish proportion, as you'll have to
authorize every single executable and dependency by digest - and
there would be a complicated update story as the policy would have to
be updated to onboard new digests.

By using signatures, we can prevent the policy update, and keep the
policy size small.

> If you really do need in-kernel signature verification, then that may be a
> legitimate use case for the fs-verity built-in signatures, although I do wonder
> why you aren't using IMA and its signature mechanism instead.
>
> - Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
  2021-10-26 19:03   ` Deven Bowers
@ 2021-10-27  8:26     ` Roberto Sassu
  2021-10-28 20:36       ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-10-27  8:26 UTC (permalink / raw)
  To: Deven Bowers, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/25/2021 4:30 AM, Roberto Sassu wrote:
> >> From:deven.desai@linux.microsoft.com
> >> [mailto:deven.desai@linux.microsoft.com]
> >> From: Deven Bowers<deven.desai@linux.microsoft.com>
> >>
> >> Overview:
> >> ---------
> >>
> >> IPE is a Linux Security Module which takes a complimentary approach to
> >> access control. Whereas existing systems approach use labels or paths
> >> which control access to a resource, IPE controls access to a resource
> >> based on the system's trust of said resource.
> > To me, it does not give a particularly precise idea of what IPE is about.
> >
> > It would have been more clear, assuming that I understood it correctly,
> > if you have said:
> >
> > Whereas existing mandatory access control mechanisms base their
> > decisions on labels and paths, IPE instead determines whether or not
> > an operation should be allowed based on immutable security properties
> > of the system component the operation is being performed on.
> >
> > IPE itself does not mandate how the security property should be
> > evaluated, but relies on an extensible set of external property providers
> > to evaluate the component. IPE makes its decision based on reference
> > values for the selected properties, specified in the IPE policy.
> >
> > The reference values represent the value that the policy writer and the
> > local system administrator (based on the policy signature) trust for the
> > system to accomplish the desired tasks.
> >
> > One such provider is for example dm-verity, which is able to represent
> > the integrity property of a partition (its immutable state) with a digest.
> You understood it perfectly, and managed to word in a much more clear
> way than I did. I'll apply these changes in the next posting! Thanks.

Welcome.

> >> Trust requirements are established via IPE's policy, sourcing multiple
> >> different implementations within the kernel to build a cohesive trust
> >> model, based on how the system was built.
> >>
> >> Trust, with respect to computing, is a concept that designates a set
> >> of entities who will endorse a set of resources as non-malicious.
> >> Traditionally, this is done via signatures, which is the act of endorsing
> >> a resource.
> >>
> >> Integrity, on the other hand, is the concept of ensuring that a resource
> >> has not been modified since a point of time. This is typically done through
> >> cryptographic hashes or signatures.
> >>
> >> Trust and integrity are very closely tied together concepts, as integrity
> >> is the way you can prove trust for a resource; otherwise it could have
> >> been modified by an entity who is untrusted.
> >>
> >> IPE provides a way for a user to express trust requirements of resources,
> >> by using pre-existing systems which provide the integrity half of the
> >> equation.
> >>
> >> IPE is compiled under CONFIG_SECURITY_IPE.
> >>
> >> Use Cases
> >> ---------
> >>
> >> IPE works best in fixed-function devices: Devices in which their purpose
> >> is clearly defined and not supposed to be changed (e.g. network firewall
> >> device in a data center, an IoT device, etcetera), where all software and
> >> configuration is built and provisioned by the system owner.
> >>
> >> IPE is a long-way off for use in general-purpose computing:
> >> the Linux community as a whole tends to follow a decentralized trust
> >> model, known as the Web of Trust, which IPE has no support for as of yet.
> >> Instead, IPE supports the PKI Trust Model, which generally designates a
> >> set of entities that provide a measure absolute trust.
> > It is true that packages are signed with PGP, which is decentralized,
> > but there is a special case where Linux distribution vendors trust
> > their own keys. This, at least, would allow to trust the software built
> > by a particular vendor (I ported David Howells's work on PGP keys and
> > signature to the current kernel).
> Yes, that is true. I figured that this scenario was somewhat obvious,
> as it is, at a high level, similar to PKI but I can certainly add it
> explicitly.

Perfect.

> >> Additionally, while most packages are signed today, the files inside
> >> the packages (for instance, the executables), tend to be unsigned. This
> >> makes it difficult to utilize IPE in systems where a package manager is
> >> expected to be functional, without major changes to the package manager
> >> and ecosystem behind it.
> > Yes, RPMs don't have per file signatures but have a signature of the
> > list of file digests, which is equivalent. They could have also the fsverity
> > digests (instead of the fsverity signatures) to reduce size overhead.
> >
> > Given that the authenticity of RPMs headers can be verified, if the
> > PGP key of the vendor is included in the primary keyring of the kernel,
> > being able to protect file or fsverity digests against tampering by
> > user space and being able to query them (e.g. with DIGLIM) extends
> > the applicability of IPE to general purpose OSes.
> Agreed. With these two functionalities, it does appear that IPE + DIGLIM
> can be used for general purpose RPM-based OSes. I'll add a reference to
> your recent posting (v3?) as a way to extend the functionality to general
> purposes OSes in the next revision.

Ok. Yes, v3 is the latest.

> >> Policy:
> >> -------
> >>
> >> IPE policy is a plain-text [#]_ policy composed of multiple statements
> >> over several lines. There is one required line, at the top of the
> >> policy, indicating the policy name, and the policy version, for
> >> instance:
> >>
> >>    policy_name="Ex Policy" policy_version=0.0.0
> >>
> >> The policy version indicates the current version of the policy (NOT the
> >> policy syntax version). This is used to prevent roll-back of policy to
> >> potentially insecure previous versions of the policy.
> >>
> >> The next portion of IPE policy, are rules. Rules are formed by key=value
> >> pairs, known as properties. IPE rules require two properties: "action",
> > Better:
> >
> > IPE rules require two keys:
> Ack.
> >> which determines what IPE does when it encounters a match against the
> >> policy, and "op", which determines when that rule should be evaluated.
> >> Thus, a minimal rule is:
> >>
> >>    op=EXECUTE action=ALLOW
> >>
> >> This example will allow any execution. Additional properties are used to
> >> restrict attributes about the files being evaluated. These properties are
> >> intended to be deterministic attributes that are resident in the kernel.
> >> Available properties for IPE described in the documentation patch of this
> >> series.
> >>
> >> A rule is required to have the "op" property as the first token of a rule,
> >> and the "action" as the last token of the rule. Rules are evaluated
> >> top-to-bottom. As a result, any revocation rules, or denies should be
> >> placed early in the file to ensure that these rules are evaluated before
> >> a rule with "action=ALLOW" is hit.
> >>
> >> Any unknown syntax in IPE policy will result in a fatal error to parse
> >> the policy. User mode can interrogate the kernel to understand what
> >> properties and the associated versions through the securityfs node,
> >> $securityfs/ipe/config, which will return a string of form:
> >>
> >>    key1=version1
> >>    key2=version2
> >>    .
> >>    .
> >>    .
> >>    keyN=versionN
> >>
> >> User-mode should correlate these versions with the supported values
> >> identified in the documentation to determine whether a policy should
> >> be accepted by the system without actually trying to deploy the policy.
> >>
> >> Additionally, a DEFAULT operation must be set for all understood
> >> operations within IPE. For policies to remain completely forwards
> >> compatible, it is recommended that users add a "DEFAULT action=ALLOW"
> >> and override the defaults on a per-operation basis.
> >>
> >> For more information about the policy syntax, the kernel documentation
> >> page.
> >>
> >> Early Usermode Protection:
> >> --------------------------
> >>
> >> IPE can be provided with a policy at startup to load and enforce.
> >> This is intended to be a minimal policy to get the system to a state
> >> where userland is setup and ready to receive commands, at which
> >> point a policy can be deployed via securityfs. This "boot policy" can be
> >> specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
> >> to a plain-text version of the IPE policy to apply. This policy will be
> >> compiled into the kernel. If not specified, IPE will be disabled until a
> >> policy is deployed and activated through the method above.
> >>
> >> Policy Examples:
> >> ----------------
> >>
> >> Allow all:
> >>
> >>    policy_name="Allow All" policy_version=0.0.0
> >>    DEFAULT action=ALLOW
> >>
> >> Allow only initial superblock:
> >>
> >>    policy_name="Allow All Initial SB" policy_version=0.0.0
> >>    DEFAULT action=DENY
> >>
> >>    op=EXECUTE boot_verified=TRUE action=ALLOW
> >>
> >> Allow any signed dm-verity volume and the initial superblock:
> >>
> >>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
> >>    DEFAULT action=DENY
> >>
> >>    op=EXECUTE boot_verified=TRUE action=ALLOW
> >>    op=EXECUTE dmverity_signature=TRUE action=ALLOW
> >>
> >> Prohibit execution from a specific dm-verity volume:
> >>
> >>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
> >>    DEFAULT action=DENY
> >>
> >>    op=EXECUTE
> >>
> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
> >> 146938 action=DENY
> >>    op=EXECUTE boot_verified=TRUE action=ALLOW
> >>    op=EXECUTE dmverity_signature=TRUE action=ALLOW
> >>
> >> Allow only a specific dm-verity volume:
> >>
> >>    policy_name="AllowSignedAndInitial" policy_version=0.0.0
> >>    DEFAULT action=DENY
> >>
> >>    op=EXECUTE
> >>
> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
> >> 146938 action=ALLOW
> >>
> >> Deploying Policies:
> >> -------------------
> >>
> >> First sign a plain text policy, with a certificate that is present in
> >> the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
> >> signing can be done via:
> >>
> >>    openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
> >>      -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
> >>      -out "$MY_POLICY.p7s"
> >>
> >> Then, simply cat the file into the IPE's "new_policy" securityfs node:
> >>
> >>    cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
> >>
> >> The policy should now be present under the policies/ subdirectory, under
> >> its "policy_name" attribute.
> >>
> >> The policy is now present in the kernel and can be marked as active,
> >> via the securityfs node:
> >>
> >>    echo "1" > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"
> >>
> >> This will now mark the policy as active and the system will be enforcing
> >> $MY_POLICY_NAME.
> >>
> >> There is one requirement when marking a policy as active, the policy_version
> >> attribute must either increase, or remain the same as the currently running
> >> policy.
> >>
> >> Policies can be updated via:
> >>
> >>    cat "$MY_UPDATED_POLICY.p7s" > \
> >>      "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"
> >>
> >> Additionally, policies can be deleted via the "delete" securityfs
> >> node. Simply write "1" to the corresponding node in the policy folder:
> >>
> >>    echo "1" > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"
> >>
> >> There is only one requirement to delete policies, the policy being
> >> deleted must not be the active policy.
> >>
> >> NOTE: The securityfs commands will require CAP_MAC_ADMIN.
> >>
> >> Integrations:
> >> -------------
> >>
> >> This patch series adds support for fsverity via digest and signature
> >> (fsverity_signature and fsverity_digest), dm-verity by digest and
> >> signature (dmverity_signature and dmverity_roothash), and trust for
> >> the initramfs (boot_verified).
> > Verifying the initial ram disk looks like a big problem. On general
> > purpose OSes, having a reference value for it would be very hard.
> >
> > Instead, we would still be able to use per file reference values.
> > Executable and shared libraries in the initial ram disk are copied
> > from the main OS. Without fsverity support in tmpfs, I wonder
> > if it would be still possible to mark the file as immutable and do
> > an on the fly calculation of the root digest.
> Yes, verifying the initial ramdisk is very difficult. "boot_verified",
> is largely an assumption of trust as all the warning shows in the
> documentation; it assumes the boot stack verified the initramfs somehow
> (i.e. u-boot verified boot with it in the fitImage), and 'pins' (similar
> to loadpin) the superblock to allow execution from that superblock.
> > As an alternative, the IMA approach of calculating the file digest
> > could be used (or IPE could get the file digest as a property from
> > the integrity subsystem).
> In general, I would like to keep as much of the implementation of the
> integrity mechanisms out of IPE as much as possible - there are likely
> much better layers to implement new ways of providing integrity /
> authenticity claims than at the lsm layer within IPE.

That would be still the case. The integrity subsystem will be still
responsible to calculate the file digest and maintain it in a per
inode metadata. Then, IPE could evaluate the file digest as the
same as for the fsverity digest:

op=EXECUTE integrity_digest=<hex> action=ALLOW

integrity_digest will be handled by a separate IPE module which
communicates with the integrity subsystem.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> > Roberto
> >
> > HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> > Managing Director: Li Peng, Zhong Ronghua
> >
> >> Please see the documentation patch for more information about the
> >> integrations available.
> >>
> >> Testing:
> >> --------
> >>
> >> KUnit Tests are available. Recommended kunitconfig:
> >>
> >>      CONFIG_KUNIT=y
> >>      CONFIG_SECURITY=y
> >>      CONFIG_SECURITYFS=y
> >>      CONFIG_PKCS7_MESSAGE_PARSER=y
> >>      CONFIG_SYSTEM_DATA_VERIFICATION=y
> >>      CONFIG_FS_VERITY=y
> >>      CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
> >>      CONFIG_BLOCK=y
> >>      CONFIG_MD=y
> >>      CONFIG_BLK_DEV_DM=y
> >>      CONFIG_DM_VERITY=y
> >>      CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
> >>
> >>      CONFIG_SECURITY_IPE=y
> >>      CONFIG_SECURITY_IPE_KUNIT_TEST=y
> >>      CONFIG_IPE_PROP_BOOT_VERIFIED=y
> >>      CONFIG_IPE_PROP_DM_VERITY_SIGNATURE=y
> >>      CONFIG_IPE_PROP_DM_VERITY_ROOTHASH=y
> >>      CONFIG_IPE_PROP_FS_VERITY_SIGNATURE=y
> >>      CONFIG_IPE_PROP_FS_VERITY_DIGEST=y
> >>
> >> Simply run:
> >>
> >>      make ARCH=um mrproper
> >>      ./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>
> >>
> >> And the tests will execute and report the result. For more indepth testing,
> >> it will require you to create and mount a dm-verity volume or fs-verity
> >> enabled file.
> >>
> >> Documentation:
> >> --------------
> >>
> >> There is both documentation available on github at
> >> https://microsoft.github.io/ipe, and Documentation in this patch series,
> >> to be added in-tree. This includes architectural block diagrams.
> >>
> >> Known Gaps:
> >> -----------
> >>
> >> IPE has two known gaps:
> >>
> >> 1. IPE cannot verify the integrity of anonymous executable memory, such as
> >>    the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> >>    Unfortunately, as this is dynamically generated code, there is no way
> >>    for IPE to ensure the integrity of this code to form a trust basis. In all
> >>    cases, the return result for these operations will be whatever the admin
> >>    configures the DEFAULT action for "EXECUTE".
> >>
> >> 2. IPE cannot verify the integrity of interpreted languages' programs when
> >>    these scripts invoked via ``<interpreter> <file>``. This is because the
> >>    way interpreters execute these files, the scripts themselves are not
> >>    evaluated as executable code through one of IPE's hooks. Interpreters
> >>    can be enlightened to the usage of IPE by trying to mmap a file into
> >>    executable memory (+X), after opening the file and responding to the
> >>    error code appropriately. This also applies to included files, or high
> >>    value files, such as configuration files of critical system components.
> >>    However, there is a patchset that is looking to address this gap [1].
> >>
> >> Appendix:
> >> ---------
> >>
> >> A. IPE Github Repository:https://github.com/microsoft/ipe
> >> B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst
> >>
> >> References:
> >> -----------
> >>
> >> [1]https://lore.kernel.org/all/20211012192410.2356090-1-mic@digikod.net/
> >>
> >> FAQ:
> >> ----
> >>
> >> Q: What's the difference between other LSMs which provide trust-based
> >>    access control, for instance, IMA?
> >>
> >> A: IMA is a fantastic option when needing measurement in addition to the
> >>    trust-based access model. All of IMA is centered around their measurement
> >>    hashes, so you save time when doing both actions. IPE, on the other hand,
> >>    is a highly performant system that does not rely (and explicitly prohibits),
> >>    generating its own integrity mechanisms - separating measurement and
> access
> >>    control. Simply put, IPE provides only the enforcement of trust, while other
> >>    subsystems provide the integrity guarantee that IPE needs to determine the
> >>    trust of a resource. IMA provides both the integrity guarantee, the
> >>    enforcement of trust, and a whole host of other features that may not be
> >>    needed.
> >>
> >> Changelog:
> >> ----------
> >>
> >> Changes since v1:
> >>    Split the second patch of the previous series into two.
> >>    Minor corrections in the cover-letter and documentation
> >>    comments regarding CAP_MAC_ADMIN checks in IPE.
> >>
> >> Changes since v2:
> >>    Address various comments by Jann Horn. Highlights:
> >>      Switch various audit allocators to GFP_KERNEL.
> >>      Utilize rcu_access_pointer() in various locations.
> >>      Strip out the caching system for properties
> >>      Strip comments from headers
> >>      Move functions around in patches
> >>      Remove kernel command line parameters
> >>      Reconcile the race condition on the delete node for policy by
> >>        expanding the policy critical section.
> >>
> >>    Address a few comments by Jonathan Corbet around the documentation
> >>      pages for IPE.
> >>
> >>    Fix an issue with the initialization of IPE policy with a "-0"
> >>      version, caused by not initializing the hlist entries before
> >>      freeing.
> >>
> >> Changes since v3:
> >>    Address a concern around IPE's behavior with unknown syntax.
> >>      Specifically, make any unknown syntax a fatal error instead of a
> >>      warning, as suggested by Mickaël Salaün.
> >>    Introduce a new securityfs node, $securityfs/ipe/property_config,
> >>      which provides a listing of what properties are enabled by the
> >>      kernel and their versions. This allows usermode to predict what
> >>      policies should be allowed.
> >>    Strip some comments from c files that I missed.
> >>    Clarify some documentation comments around 'boot_verified'.
> >>      While this currently does not functionally change the property
> >>      itself, the distinction is important when IPE can enforce verified
> >>      reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
> >>      This has been corrected.
> >>    Change SecurityFS and SHA1 to a reverse dependency.
> >>    Update the cover-letter with the updated behavior of unknown syntax.
> >>    Remove all sysctls, making an equivalent function in securityfs.
> >>    Rework the active/delete mechanism to be a node under the policy in
> >>      $securityfs/ipe/policies.
> >>    The kernel command line parameters ipe.enforce and ipe.success_audit
> >>      have returned as this functionality is no longer exposed through
> >>      sysfs.
> >>
> >> Changes since v4:
> >>    Correct some grammatical errors reported by Randy Dunlap.
> >>    Fix some warnings reported by kernel test bot.
> >>    Change convention around security_bdev_setsecurity. -ENOSYS
> >>      is now expected if an LSM does not implement a particular @name,
> >>      as suggested by Casey Schaufler.
> >>    Minor string corrections related to the move from sysfs to securityfs
> >>    Correct a spelling of an #ifdef for the permissive argument.
> >>    Add the kernel parameters re-added to the documentation.
> >>    Fix a minor bug where the mode being audited on permissive switch
> >>      was the original mode, not the mode being swapped to.
> >>    Cleanup doc comments, fix some whitespace alignment issues.
> >>
> >> Changes since v5:
> >>    Change if statement condition in security_bdev_setsecurity to be
> >>      more concise, as suggested by Casey Schaufler and Al Viro
> >>    Drop the 6th patch in the series, "dm-verity move signature check..."
> >>      due to numerous issues, and it ultimately providing no real value.
> >>    Fix the patch tree - the previous iteration appears to have been in a
> >>      torn state (patches 8+9 were merged). This has since been corrected.
> >>
> >> Changes since v6:
> >>    * Reword cover letter to more accurate convey IPE's purpose
> >>      and latest updates.
> >>    * Refactor series to:
> >>        1. Support a context structure, enabling:
> >>            1. Easier Testing via KUNIT
> >>            2. A better architecture for future designs
> >>        2. Make parser code cleaner
> >>    * Move patch 01/12 to [14/16] of the series
> >>    * Split up patch 02/12 into four parts:
> >>        1. context creation [01/16]
> >>        2. audit [07/16]
> >>        3. evaluation loop [03/16]
> >>        4. access control hooks [05/16]
> >>        5. permissive mode [08/16]
> >>    * Split up patch 03/12 into two parts:
> >>        1. parser [02/16]
> >>        2. userspace interface [04/16]
> >>    * Reword and refactor patch 04/12 to [09/16]
> >>    * Squash patch 05/12, 07/12, 09/12 to [10/16]
> >>    * Squash patch 08/12, 10/12 to [11/16]
> >>    * Change audit records to MAC region (14XX) from Integrity region (18XX)
> >>    * Add FSVerity Support
> >>    * Interface changes:
> >>        1. "raw" was renamed to "pkcs7" and made read only
> >>        2. "raw"'s write functionality (update a policy) moved to "update"
> >>        3. introduced "version", "policy_name" nodes.
> >>        4. "content" renamed to "policy"
> >>        5. The boot policy can now be updated like any other policy.
> >>    * Add additional developer-level documentation
> >>    * Update admin-guide docs to reflect changes.
> >>    * Kunit tests
> >>    * Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
> >>      easily come later with a small patch.
> >>    * Use partition0 for block_device for dm-verity patch
> >>
> >> Deven Bowers (14):
> >>    security: add ipe lsm & initial context creation
> >>    ipe: add policy parser
> >>    ipe: add evaluation loop
> >>    ipe: add userspace interface
> >>    ipe: add LSM hooks on execution and kernel read
> >>    uapi|audit: add trust audit message definitions
> >>    ipe: add auditing support
> >>    ipe: add permissive toggle
> >>    ipe: introduce 'boot_verified' as a trust provider
> >>    fs|dm-verity: add block_dev LSM blob and submit dm-verity data
> >>    ipe: add support for dm-verity as a trust provider
> >>    scripts: add boot policy generation program
> >>    ipe: kunit tests
> >>    documentation: add ipe documentation
> >>
> >> Fan Wu (2):
> >>    fsverity|security: add security hooks to fsverity digest and signature
> >>    ipe: enable support for fs-verity as a trust provider
> >>
> >>   Documentation/admin-guide/LSM/index.rst       |    1 +
> >>   Documentation/admin-guide/LSM/ipe.rst         |  587 ++++++++++
> >>   .../admin-guide/kernel-parameters.txt         |   12 +
> >>   Documentation/security/index.rst              |    1 +
> >>   Documentation/security/ipe.rst                |  339 ++++++
> >>   MAINTAINERS                                   |    9 +
> >>   block/bdev.c                                  |    7 +
> >>   drivers/md/dm-verity-target.c                 |   20 +-
> >>   drivers/md/dm-verity-verify-sig.c             |   16 +-
> >>   drivers/md/dm-verity-verify-sig.h             |   10 +-
> >>   fs/verity/open.c                              |   12 +
> >>   fs/verity/signature.c                         |    5 +-
> >>   include/asm-generic/vmlinux.lds.h             |   16 +
> >>   include/linux/blk_types.h                     |    1 +
> >>   include/linux/device-mapper.h                 |    3 +
> >>   include/linux/fsverity.h                      |    3 +
> >>   include/linux/lsm_hook_defs.h                 |    5 +
> >>   include/linux/lsm_hooks.h                     |   12 +
> >>   include/linux/security.h                      |   22 +
> >>   include/uapi/linux/audit.h                    |    4 +
> >>   scripts/Makefile                              |    1 +
> >>   scripts/ipe/Makefile                          |    2 +
> >>   scripts/ipe/polgen/.gitignore                 |    1 +
> >>   scripts/ipe/polgen/Makefile                   |    6 +
> >>   scripts/ipe/polgen/polgen.c                   |  145 +++
> >>   security/Kconfig                              |   11 +-
> >>   security/Makefile                             |    1 +
> >>   security/ipe/.gitignore                       |    1 +
> >>   security/ipe/Kconfig                          |  100 ++
> >>   security/ipe/Makefile                         |   39 +
> >>   security/ipe/audit.c                          |  304 +++++
> >>   security/ipe/audit.h                          |   41 +
> >>   security/ipe/ctx.c                            |  381 ++++++
> >>   security/ipe/ctx.h                            |   43 +
> >>   security/ipe/ctx_test.c                       |  732 ++++++++++++
> >>   security/ipe/eval.c                           |  237 ++++
> >>   security/ipe/eval.h                           |   57 +
> >>   security/ipe/fs.c                             |  327 ++++++
> >>   security/ipe/fs.h                             |   13 +
> >>   security/ipe/hooks.c                          |  328 ++++++
> >>   security/ipe/hooks.h                          |   56 +
> >>   security/ipe/ipe.c                            |  143 +++
> >>   security/ipe/ipe.h                            |   27 +
> >>   security/ipe/ipe_parser.h                     |   59 +
> >>   security/ipe/modules.c                        |  134 +++
> >>   security/ipe/modules.h                        |   17 +
> >>   security/ipe/modules/Kconfig                  |   66 ++
> >>   security/ipe/modules/Makefile                 |   12 +
> >>   security/ipe/modules/boot_verified.c          |   24 +
> >>   security/ipe/modules/dmverity_roothash.c      |   80 ++
> >>   security/ipe/modules/dmverity_signature.c     |   25 +
> >>   security/ipe/modules/fsverity_digest.c        |   80 ++
> >>   security/ipe/modules/fsverity_signature.c     |   33 +
> >>   security/ipe/modules/ipe_module.h             |   40 +
> >>   security/ipe/parsers.c                        |  139 +++
> >>   security/ipe/parsers/Makefile                 |   12 +
> >>   security/ipe/parsers/default.c                |  106 ++
> >>   security/ipe/parsers/policy_header.c          |  126 ++
> >>   security/ipe/policy.c                         | 1037 +++++++++++++++++
> >>   security/ipe/policy.h                         |  113 ++
> >>   security/ipe/policy_parser_tests.c            |  299 +++++
> >>   security/ipe/policyfs.c                       |  528 +++++++++
> >>   security/security.c                           |   76 +-
> >>   63 files changed, 7069 insertions(+), 18 deletions(-)
> >>   create mode 100644 Documentation/admin-guide/LSM/ipe.rst
> >>   create mode 100644 Documentation/security/ipe.rst
> >>   create mode 100644 scripts/ipe/Makefile
> >>   create mode 100644 scripts/ipe/polgen/.gitignore
> >>   create mode 100644 scripts/ipe/polgen/Makefile
> >>   create mode 100644 scripts/ipe/polgen/polgen.c
> >>   create mode 100644 security/ipe/.gitignore
> >>   create mode 100644 security/ipe/Kconfig
> >>   create mode 100644 security/ipe/Makefile
> >>   create mode 100644 security/ipe/audit.c
> >>   create mode 100644 security/ipe/audit.h
> >>   create mode 100644 security/ipe/ctx.c
> >>   create mode 100644 security/ipe/ctx.h
> >>   create mode 100644 security/ipe/ctx_test.c
> >>   create mode 100644 security/ipe/eval.c
> >>   create mode 100644 security/ipe/eval.h
> >>   create mode 100644 security/ipe/fs.c
> >>   create mode 100644 security/ipe/fs.h
> >>   create mode 100644 security/ipe/hooks.c
> >>   create mode 100644 security/ipe/hooks.h
> >>   create mode 100644 security/ipe/ipe.c
> >>   create mode 100644 security/ipe/ipe.h
> >>   create mode 100644 security/ipe/ipe_parser.h
> >>   create mode 100644 security/ipe/modules.c
> >>   create mode 100644 security/ipe/modules.h
> >>   create mode 100644 security/ipe/modules/Kconfig
> >>   create mode 100644 security/ipe/modules/Makefile
> >>   create mode 100644 security/ipe/modules/boot_verified.c
> >>   create mode 100644 security/ipe/modules/dmverity_roothash.c
> >>   create mode 100644 security/ipe/modules/dmverity_signature.c
> >>   create mode 100644 security/ipe/modules/fsverity_digest.c
> >>   create mode 100644 security/ipe/modules/fsverity_signature.c
> >>   create mode 100644 security/ipe/modules/ipe_module.h
> >>   create mode 100644 security/ipe/parsers.c
> >>   create mode 100644 security/ipe/parsers/Makefile
> >>   create mode 100644 security/ipe/parsers/default.c
> >>   create mode 100644 security/ipe/parsers/policy_header.c
> >>   create mode 100644 security/ipe/policy.c
> >>   create mode 100644 security/ipe/policy.h
> >>   create mode 100644 security/ipe/policy_parser_tests.c
> >>   create mode 100644 security/ipe/policyfs.c
> >>
> >> --
> >> 2.33.0

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-26 19:03             ` Deven Bowers
@ 2021-10-27  8:41               ` Roberto Sassu
  0 siblings, 0 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-10-27  8:41 UTC (permalink / raw)
  To: Deven Bowers, Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/22/2021 9:31 AM, Roberto Sassu wrote:
> >> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
> >> Sent: Wednesday, October 20, 2021 5:09 PM
> >>> From: Eric Biggers [mailto:ebiggers@kernel.org]
> >>> Sent: Friday, October 15, 2021 10:11 PM
> >>> On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >>>> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> >>>>> On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> >>> deven.desai@linux.microsoft.com  wrote:
> >>>>>> From: Fan Wu<wufan@linux.microsoft.com>
> >>>>>>
> >>>>>> Add security_inode_setsecurity to fsverity signature verification.
> >>>>>> This can let LSMs save the signature data and digest hashes provided
> >>>>>> by fsverity.
> >>>>> Can you elaborate on why LSMs need this information?
> >>>> The proposed LSM (IPE) of this series will be the only one to need
> >>>> this information at the  moment. IPE’s goal is to have provide
> >>>> trust-based access control. Trust and Integrity are tied together,
> >>>> as you cannot prove trust without proving integrity.
> >>> I think you mean authenticity, not integrity?
> >>>
> >>> Also how does this differ from IMA?  I know that IMA doesn't support fs-
> verity
> >>> file hashes, but that could be changed.  Why not extend IMA to cover your
> use
> >>> case(s)?
> >>>
> >>>> IPE needs the digest information to be able to compare a digest
> >>>> provided by the policy author, against the digest calculated by
> >>>> fsverity to make a decision on whether that specific file, represented
> >>>> by the digest is authorized for the actions specified in the policy.
> >>>>
> >>>> A more concrete example, if an IPE policy author writes:
> >>>>
> >>>>      op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> >>>>
> >>>> IPE takes the digest provided by this security hook, stores it
> >>>> in IPE's security blob on the inode. If this file is later
> >>>> executed, IPE compares the digest stored in the LSM blob,
> >>>> provided by this hook, against <HexDigest> in the policy, if
> >>>> it matches, it denies the access, performing a revocation
> >>>> of that file.
> >>> Do you have a better example?  This one is pretty useless since one can get
> >>> around it just by executing a file that doesn't have fs-verity enabled.
> >> I was wondering if the following use case can be supported:
> >> allow the execution of files protected with fsverity if the root
> >> digest is found among reference values (instead of providing
> >> them one by one in the policy).
> >>
> >> Something like:
> >>
> >> op=EXECUTE fsverity_digest=diglim action=ALLOW
> > Looks like it works. I modified IPE to query the root digest
> > of an fsverity-protected file in DIGLIM.
> >
> > # cat ipe-policy
> > policy_name="AllowFSVerityKmodules" policy_version=0.0.1
> > DEFAULT action=ALLOW
> > DEFAULT op=KMODULE action=DENY
> > op=KMODULE fsverity_digest=diglim action=ALLOW
> >
> > IPE setup:
> > # cat ipe-policy.p7s > /sys/kernel/security/ipe/new_policy
> > # echo -n 1 >  /sys/kernel/security/ipe/policies/AllowFSVerityKmodules/active
> > # echo 1 > /sys/kernel/security/ipe/enforce
> >
> > IPE denies loading of kernel modules not protected by fsverity:
> > # insmod  /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko
> > insmod: ERROR: could not insert module /lib/modules/5.15.0-
> rc1+/kernel/fs/fat/fat.ko: Permission denied
> >
> > Protect fat.ko with fsverity:
> > # cp /lib/modules/5.15.0-rc1+/kernel/fs/fat/fat.ko /fsverity
> > # fsverity enable /fsverity/fat.ko
> > # fsverity measure /fsverity/fat.ko
> >
> sha256:079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe154
> 7803 /fsverity/fat.ko
> >
> > IPE still denies the loading of fat.ko (root digest not uploaded to the kernel):
> > # insmod /fsverity/fat.ko
> > insmod: ERROR: could not insert module /fsverity/fat.ko: Permission denied
> >
> > Generate a digest list with the root digest above and upload it to the kernel:
> > # ./compact_gen -i
> 079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 -a
> sha256 -d test -s -t file -f
> > # echo $PWD/test/0-file_list-compact-
> 079be6d88638e58141ee24bba89813917c44faa55ada4bf5d80335efe1547803 >
> /sys/kernel/security/integrity/diglim/digest_list_add
> >
> > IPE allows the loading of fat.ko:
> > # insmod /fsverity/fat.ko
> > #
> >
> > Regarding authenticity, not shown in this demo, IPE will also
> > ensure that the root digest is signed (diglim_digest_get_info()
> > reports this information).
> 
> I apologize for the delay in responses, but it looks like
> you've figured it out.

No problem.

> This kind of thing is exactly what IPE's design is supposed to
> solve, you have some other system which provides the
> integrity mechanism and (optionally) determine if it is trusted or
> not, and IPE can provide the policy aspect very easily to
> make a set of system-wide requirements around your mechanism.
> 
> I'm very supportive of adding the functionality, but I wonder
> if it makes more sense to have digilm's extension be a separate
> key instead of tied to the fsverity_digest key - something like
> 
>     op=EXECUTE diglim_fsverity=TRUE action=DENY
> 
> that way the condition that enables this property can depend
> on digilm in the build, and it separates the two systems'
> integrations in a slightly more clean way.

Yes, I agree. It is much more clean.

> As an aside, did you find it difficult to extend?

No, it was very straightforward.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> > Roberto
> >
> > HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> > Managing Director: Li Peng, Zhong Ronghua
> >
> >> DIGLIM is a component I'm working on that generically
> >> stores digests. The current use case is to store file digests
> >> from RPMTAG_FILEDIGESTS and use them with IMA, but
> >> the fsverity use case could be easily supported (if the root
> >> digest is stored in the RPM header).
> >>
> >> DIGLIM also tells whether or not the signature of the source
> >> containing file digests (or fsverity digests) is valid (the signature
> >> of the RPM header is taken from RPMTAG_RSAHEADER).
> >>
> >> The memory occupation is relatively small for executables
> >> and shared libraries. I published a demo for Fedora and
> >> openSUSE some time ago:
> >>
> >> https://lore.kernel.org/linux-
> >> integrity/48cd737c504d45208377daa27d625531@huawei.com/
> >>
> >> Thanks
> >>
> >> Roberto
> >>
> >> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> >> Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read
  2021-10-26 19:03     ` Deven Bowers
@ 2021-10-27  8:56       ` Roberto Sassu
  0 siblings, 0 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-10-27  8:56 UTC (permalink / raw)
  To: Deven Bowers, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/25/2021 5:22 AM, Roberto Sassu wrote:
> >> From:deven.desai@linux.microsoft.com
> >> [mailto:deven.desai@linux.microsoft.com]
> >> From: Deven Bowers<deven.desai@linux.microsoft.com>
> >>
> >> IPE's initial goal is to control both execution and the loading of
> >> kernel modules based on the system's definition of trust. It
> >> accomplishes this by plugging into the security hooks for execve,
> >> mprotect, mmap, kernel_load_data and kernel_read_data.
> >>
> >> Signed-off-by: Deven Bowers<deven.desai@linux.microsoft.com>
> >> ---
> >>
> >> Relevant changes since v6:
> >>    * Split up patch 02/12 into four parts:
> >>        1. context creation [01/16]
> >>        2. audit [07/16]
> >>        3. evaluation loop [03/16]
> >>        4. access control hooks [05/16] (this patch)
> >>
> >> ---
> >>   security/ipe/hooks.c  | 149
> ++++++++++++++++++++++++++++++++++++++++++
> >>   security/ipe/hooks.h  |  23 ++++++-
> >>   security/ipe/ipe.c    |   5 ++
> >>   security/ipe/policy.c |  23 +++++++
> >>   security/ipe/policy.h |  12 +++-
> >>   5 files changed, 209 insertions(+), 3 deletions(-)
> >>
> >> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> >> index ed0c886eaa5a..216242408a80 100644
> >> --- a/security/ipe/hooks.c
> >> +++ b/security/ipe/hooks.c
> >> @@ -6,11 +6,15 @@
> >>   #include "ipe.h"
> >>   #include "ctx.h"
> >>   #include "hooks.h"
> >> +#include "eval.h"
> >>
> >> +#include <linux/fs.h>
> >>   #include <linux/sched.h>
> >>   #include <linux/types.h>
> >>   #include <linux/refcount.h>
> >>   #include <linux/rcupdate.h>
> >> +#include <linux/binfmts.h>
> >> +#include <linux/mman.h>
> >>
> >>   /**
> >>    * ipe_task_alloc: Assign a new context for an associated task structure.
> >> @@ -56,3 +60,148 @@ void ipe_task_free(struct task_struct *task)
> >>   	ipe_put_ctx(ctx);
> >>   	rcu_read_unlock();
> >>   }
> >> +
> >> +/**
> >> + * ipe_on_exec: LSM hook called when a process is loaded through the exec
> >> + *		family of system calls.
> >> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> >> + *	  being evaluated.
> >> + *
> >> + * Return:
> >> + * 0 - OK
> >> + * !0 - Error
> >> + */
> >> +int ipe_on_exec(struct linux_binprm *bprm)
> >> +{
> >> +	return ipe_process_event(bprm->file, ipe_operation_exec,
> >> ipe_hook_exec);
> >> +}
> >> +
> >> +/**
> >> + * ipe_on_mmap: LSM hook called when a file is loaded through the mmap
> >> + *		family of system calls.
> >> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> >> + * @reqprot: The requested protection on the mmap, passed from
> usermode.
> >> + * @prot: The effective protection on the mmap, resolved from reqprot and
> >> + *	  system configuration.
> >> + * @flags: Unused.
> >> + *
> >> + * Return:
> >> + * 0 - OK
> >> + * !0 - Error
> >> + */
> >> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> >> +		unsigned long flags)
> >> +{
> >> +	if (prot & PROT_EXEC || reqprot & PROT_EXEC)
> >> +		return ipe_process_event(f, ipe_operation_exec,
> >> ipe_hook_mmap);
> >> +
> >> +	return 0;
> >> +}
> >> +
> >> +/**
> >> + * ipe_on_mprotect: LSM hook called when a mmap'd region of memory is
> >> changing
> >> + *		    its protections via mprotect.
> >> + * @vma: Existing virtual memory area created by mmap or similar
> >> + * @reqprot: The requested protection on the mmap, passed from
> usermode.
> >> + * @prot: The effective protection on the mmap, resolved from reqprot and
> >> + *	  system configuration.
> >> + *
> >> + * Return:
> >> + * 0 - OK
> >> + * !0 - Error
> >> + */
> >> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> >> +		    unsigned long prot)
> >> +{
> >> +	/* Already Executable */
> >> +	if (vma->vm_flags & VM_EXEC)
> >> +		return 0;
> >> +
> >> +	if (((prot & PROT_EXEC) || reqprot & PROT_EXEC))
> >> +		return ipe_process_event(vma->vm_file, ipe_operation_exec,
> >> +					 ipe_hook_mprotect);
> >> +
> >> +	return 0;
> >> +}
> >> +
> >> +/**
> >> + * ipe_on_kernel_read: LSM hook called when a file is being read in from
> >> + *		       disk.
> >> + * @file: Supplies a pointer to the file structure being read in from disk
> >> + * @id: Supplies the enumeration identifying the purpose of the read.
> >> + * @contents: Unused.
> >> + *
> >> + * Return:
> >> + * 0 - OK
> >> + * !0 - Error
> >> + */
> >> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> >> +		       bool contents)
> >> +{
> >> +	enum ipe_operation op;
> >> +
> >> +	switch (id) {
> >> +	case READING_FIRMWARE:
> >> +		op = ipe_operation_firmware;
> >> +		break;
> >> +	case READING_MODULE:
> >> +		op = ipe_operation_kernel_module;
> >> +		break;
> >> +	case READING_KEXEC_INITRAMFS:
> >> +		op = ipe_operation_kexec_initramfs;
> >> +		break;
> >> +	case READING_KEXEC_IMAGE:
> >> +		op = ipe_operation_kexec_image;
> >> +		break;
> >> +	case READING_POLICY:
> >> +		op = ipe_operation_ima_policy;
> >> +		break;
> >> +	case READING_X509_CERTIFICATE:
> >> +		op = ipe_operation_ima_x509;
> >> +		break;
> >> +	default:
> >> +		op = ipe_operation_max;
> > Possible problem here. If someone (like me) adds a new file type
> > and forgets to add a case, there will be an out of bound access
> > in evaluate():
> >
> >          rules = &pol->parsed->rules[ctx->op];
> >
> > due to the static definition of the rules array in the ipe_parsed_policy
> > structure (array length: ipe_operation_max).
> 
> Yeah, that's a problem. I can fix this down in the eval loop by matching
> the global default and emitting a WARN here.

Ok, will do a test with your new version of the patch set.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> > Roberto
> >
> > HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> > Managing Director: Li Peng, Zhong Ronghua
> >
> >> +	}
> >> +
> >> +	return ipe_process_event(file, op, ipe_hook_kernel_read);
> >> +}
> >> +
> >> +/**
> >> + * ipe_on_kernel_load_data: LSM hook called when a buffer is being read in
> >> from
> >> + *			    disk.
> >> + * @id: Supplies the enumeration identifying the purpose of the read.
> >> + * @contents: Unused.
> >> + *
> >> + * Return:
> >> + * 0 - OK
> >> + * !0 - Error
> >> + */
> >> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents)
> >> +{
> >> +	enum ipe_operation op;
> >> +
> >> +	switch (id) {
> >> +	case LOADING_FIRMWARE:
> >> +		op = ipe_operation_firmware;
> >> +		break;
> >> +	case LOADING_MODULE:
> >> +		op = ipe_operation_kernel_module;
> >> +		break;
> >> +	case LOADING_KEXEC_INITRAMFS:
> >> +		op = ipe_operation_kexec_initramfs;
> >> +		break;
> >> +	case LOADING_KEXEC_IMAGE:
> >> +		op = ipe_operation_kexec_image;
> >> +		break;
> >> +	case LOADING_POLICY:
> >> +		op = ipe_operation_ima_policy;
> >> +		break;
> >> +	case LOADING_X509_CERTIFICATE:
> >> +		op = ipe_operation_ima_x509;
> >> +		break;
> >> +	default:
> >> +		op = ipe_operation_max;
> >> +	}
> >> +
> >> +	return ipe_process_event(NULL, op, ipe_hook_kernel_load);
> >> +}
> >> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> >> index 58ed4a612e26..c99a0b7f45f7 100644
> >> --- a/security/ipe/hooks.h
> >> +++ b/security/ipe/hooks.h
> >> @@ -5,11 +5,19 @@
> >>   #ifndef IPE_HOOKS_H
> >>   #define IPE_HOOKS_H
> >>
> >> +#include <linux/fs.h>
> >>   #include <linux/types.h>
> >>   #include <linux/sched.h>
> >> +#include <linux/binfmts.h>
> >> +#include <linux/security.h>
> >>
> >>   enum ipe_hook {
> >> -	ipe_hook_max = 0
> >> +	ipe_hook_exec = 0,
> >> +	ipe_hook_mmap,
> >> +	ipe_hook_mprotect,
> >> +	ipe_hook_kernel_read,
> >> +	ipe_hook_kernel_load,
> >> +	ipe_hook_max
> >>   };
> >>
> >>   int ipe_task_alloc(struct task_struct *task,
> >> @@ -17,4 +25,17 @@ int ipe_task_alloc(struct task_struct *task,
> >>
> >>   void ipe_task_free(struct task_struct *task);
> >>
> >> +int ipe_on_exec(struct linux_binprm *bprm);
> >> +
> >> +int ipe_on_mmap(struct file *f, unsigned long reqprot, unsigned long prot,
> >> +		unsigned long flags);
> >> +
> >> +int ipe_on_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> >> +		    unsigned long prot);
> >> +
> >> +int ipe_on_kernel_read(struct file *file, enum kernel_read_file_id id,
> >> +		       bool contents);
> >> +
> >> +int ipe_on_kernel_load_data(enum kernel_load_data_id id, bool contents);
> >> +
> >>   #endif /* IPE_HOOKS_H */
> >> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> >> index b58b372327a1..3f9d43783293 100644
> >> --- a/security/ipe/ipe.c
> >> +++ b/security/ipe/ipe.c
> >> @@ -25,6 +25,11 @@ struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init =
> {
> >>   static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> >>   	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
> >>   	LSM_HOOK_INIT(task_free, ipe_task_free),
> >> +	LSM_HOOK_INIT(bprm_check_security, ipe_on_exec),
> >> +	LSM_HOOK_INIT(mmap_file, ipe_on_mmap),
> >> +	LSM_HOOK_INIT(file_mprotect, ipe_on_mprotect),
> >> +	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
> >> +	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
> >>   };
> >>
> >>   /**
> >> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> >> index b766824cc08f..048500229365 100644
> >> --- a/security/ipe/policy.c
> >> +++ b/security/ipe/policy.c
> >> @@ -483,6 +483,14 @@ int ipe_parse_op(const struct ipe_policy_token
> *tok,
> >>   {
> >>   	substring_t match[MAX_OPT_ARGS] = { 0 };
> >>   	const match_table_t ops = {
> >> +		{ ipe_operation_exec,		 "EXECUTE" },
> >> +		{ ipe_operation_firmware,	 "FIRMWARE" },
> >> +		{ ipe_operation_kernel_module,	 "KMODULE" },
> >> +		{ ipe_operation_kexec_image,	 "KEXEC_IMAGE" },
> >> +		{ ipe_operation_kexec_initramfs, "KEXEC_INITRAMFS"},
> >> +		{ ipe_operation_ima_policy,	 "IMA_POLICY" },
> >> +		{ ipe_operation_ima_x509,	 "IMA_X509_CERT" },
> >> +		{ ipe_op_alias_kernel_read,	 "KERNEL_READ" },
> >>   		{ ipe_op_alias_max, NULL },
> >>   	};
> >>
> >> @@ -838,6 +846,15 @@ static int parse_policy(struct ipe_policy *p)
> >>   	return rc;
> >>   }
> >>
> >> +static const enum ipe_operation alias_kread[] = {
> >> +	ipe_operation_firmware,
> >> +	ipe_operation_kernel_module,
> >> +	ipe_operation_ima_policy,
> >> +	ipe_operation_ima_x509,
> >> +	ipe_operation_kexec_image,
> >> +	ipe_operation_kexec_initramfs,
> >> +};
> >> +
> >>   /**
> >>    * ipe_is_op_alias: Determine if @op is an alias for one or more operations
> >>    * @op: Supplies the operation to check. Should be either ipe_operation or
> >> @@ -852,9 +869,15 @@ static int parse_policy(struct ipe_policy *p)
> >>   bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size)
> >>   {
> >>   	switch (op) {
> >> +	case ipe_op_alias_kernel_read:
> >> +		*map = alias_kread;
> >> +		*size = ARRAY_SIZE(alias_kread);
> >> +		break;
> >>   	default:
> >>   		return false;
> >>   	}
> >> +
> >> +	return true;
> >>   }
> >>
> >>   /**
> >> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> >> index 6818f6405dd0..ca37af46e5af 100644
> >> --- a/security/ipe/policy.h
> >> +++ b/security/ipe/policy.h
> >> @@ -26,7 +26,14 @@ struct ipe_policy_line {
> >>   struct ipe_module;
> >>
> >>   enum ipe_operation {
> >> -	ipe_operation_max = 0,
> >> +	ipe_operation_exec = 0,
> >> +	ipe_operation_firmware,
> >> +	ipe_operation_kernel_module,
> >> +	ipe_operation_kexec_image,
> >> +	ipe_operation_kexec_initramfs,
> >> +	ipe_operation_ima_policy,
> >> +	ipe_operation_ima_x509,
> >> +	ipe_operation_max
> >>   };
> >>
> >>   /*
> >> @@ -34,7 +41,8 @@ enum ipe_operation {
> >>    * that are just one or more operations under the hood
> >>    */
> >>   enum ipe_op_alias {
> >> -	ipe_op_alias_max = ipe_operation_max,
> >> +	ipe_op_alias_kernel_read = ipe_operation_max,
> >> +	ipe_op_alias_max,
> >>   };
> >>
> >>   enum ipe_action {
> >> --
> >> 2.33.0

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-26 19:03         ` Deven Bowers
@ 2021-10-27  9:34           ` Roberto Sassu
  2021-10-28  3:48           ` Eric Biggers
  1 sibling, 0 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-10-27  9:34 UTC (permalink / raw)
  To: Deven Bowers, Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
> Sent: Tuesday, October 26, 2021 9:04 PM
> On 10/15/2021 1:11 PM, Eric Biggers wrote:
> 
> > On Fri, Oct 15, 2021 at 12:25:53PM -0700, Deven Bowers wrote:
> >> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> >>> On Wed, Oct 13, 2021 at 12:06:31PM -
> 0700,deven.desai@linux.microsoft.com  wrote:
> >>>> From: Fan Wu<wufan@linux.microsoft.com>
> >>>>
> >>>> Add security_inode_setsecurity to fsverity signature verification.
> >>>> This can let LSMs save the signature data and digest hashes provided
> >>>> by fsverity.
> >>> Can you elaborate on why LSMs need this information?
> >> The proposed LSM (IPE) of this series will be the only one to need
> >> this information at the  moment. IPE’s goal is to have provide
> >> trust-based access control. Trust and Integrity are tied together,
> >> as you cannot prove trust without proving integrity.
> > I think you mean authenticity, not integrity?
> I’ve heard a lot of people use these terms in overloaded ways.
> 
> If we’re working with the definition of authenticity being
> “the property that a resource was _actually_ sent/created by a
> party”, and integrity being “the property that a resource was not
> modified from a point of time”, then yes. Though the statement isn’t
> false, though, because you’d need to prove integrity in the process of
> proving authenticity.
> 
> If not, could you clarify what you mean by authenticity and integrity,
> so that we can use consistent definitions?
> > Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
> > file hashes, but that could be changed.  Why not extend IMA to cover your use
> > case(s)?
> We looked at extending IMA to cover our requirements extensively the
> past year
> based on feedback the last time I posted these patches. We implemented a
> prototype that had half of our requirements, but found it resulted in a
> large change list that would result in a large amount of pain in respect
> to maintenance, in addition to other more architectural concerns about the
> implementation. We weren’t convinced it was the correct direction, for our
> needs.
> 
> There was a presentation done at LSS 2021 around this prototype done by my
> colleague, Fan, who authored this patch and implemented the aforementioned
> prototype.
> 
> In general, IMA provides a whole suite of amazing functionality when it
> comes to everything integrity, as the fs-verity documentation states
> itself:
> 
>     IMA specifies a system-wide policy that specifies which
>     files are hashed and what to do with those hashes, such
>     as log them, authenticate them, or add them to a
>     measurement list.
> 
> Instead, IPE provides a fine-tuned way to _only_ enforce an access control
> policy to these files based on the defined trust requirements in the policy,
> under various contexts, (you might have different requirements for what
> executes in a general purpose, versus loadable kernel modules, for example).
> It will never provide bother to log, measure, or revalidate these hashes
> because
> that’s not its purpose. This is why it belongs at the LSM layer instead
> of the
> integrity subsystem layer, as it is providing access control based on a
> policy,
> versus providing deep integrations with the actual integrity claim.
> 
> IPE is trying to be agnostic to how precisely “trust” is provided, as
> opposed to be deeply integrated into the mechanism that provides
> “trust”.
> >> IPE needs the digest information to be able to compare a digest
> >> provided by the policy author, against the digest calculated by
> >> fsverity to make a decision on whether that specific file, represented
> >> by the digest is authorized for the actions specified in the policy.
> >>
> >> A more concrete example, if an IPE policy author writes:
> >>
> >>      op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> >>
> >> IPE takes the digest provided by this security hook, stores it
> >> in IPE's security blob on the inode. If this file is later
> >> executed, IPE compares the digest stored in the LSM blob,
> >> provided by this hook, against <HexDigest> in the policy, if
> >> it matches, it denies the access, performing a revocation
> >> of that file.
> > Do you have a better example?  This one is pretty useless since one can get
> > around it just by executing a file that doesn't have fs-verity enabled.
> Here’s a more complete example:
> 
>     policy_name=”fs-exec-only” policy_version=0.0.1
>     DEFAULT action=ALLOW
> 
>     DEFAULT op=EXECUTE action=DENY
>     op=EXECUTE fsverity_digest=<Digest> action=DENY
>     op=EXECUTE fsverity_signature=TRUE action=ALLOW
> 
> Execution is prohibited unless it is a signed fs-verity file;
> However, after one of those executables was signed and published,
> an exploitable vulnerability in said executable was found, a new
> version was published without that vulnerability. We need to
> revoke trust for that executable since it could be used to exploit
> the system, so the first rule prevents it from matching the second.

With DIGLIM, revocation will be completely transparent since
digests of files in the packages being removed will be also removed
from the kernel. The next time IPE will evaluate an old version of the
file (assuming that there was a copy somewhere) it will realize that
the digest is not known anymore and will deny access.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> >> This brings me to your next comment:
> >>
> >>> The digest isn't meaningful without knowing the hash algorithm it uses.
> >> It's available here, but you aren't passing it to this function.
> >>
> >> The digest is meaningful without the algorithm in this case.
> > No, it's not.
> >
> > Digests are meaningless without knowing what algorithm they were created
> with.
> >
> > If your security policy is something like "Trust the file with digest $foo" and
> > multiple hash algorithms are possible, then the alorithm intended to be used
> > needs to be explicitly specified.  Otherwise any algorithm with the same length
> > digest will be accepted.  That's a fatal flaw if any of these algorithms is
> > cryptographically broken or was never intended to be a cryptographic
> algorithm
> > in the first place (e.g., a non-cryptographic checksum).
> >
> > Cryptosystems always need to specify the crypto algorithm(s) used; the
> adversary
> > must not be allowed to choose the algorithms.
> Oof. You’re completely right. The part I was missing is that as time
> goes on,
> the secure status of these cryptographic algorithms will change, and
> then we’ll
> need a way to migrate between algorithms. Additionally, tooling and the
> like will
> likely need a way to identify this from the policy text without
> consulting anything
> else. This is a major oversight for general use, the system that this
> was originally
> designed for only had support for a subset of the sha2-family (all
> separate lengths)
> so I hadn’t even considered it.
> 
> It's trivial to correct in a minimal amount of code, making the policy
> express the
> digest like so:
> 
>     fsverity_digest=<algo>:<digest>
> 
> and change the argument passed to the LSM hook to accept a structure
> containing these
> two fields.
> 
> > I'm not sure how these patches can be taken seriously when they're getting
> this
> > sort of thing wrong.
> That said, I, personally, hope that an honest mistake, in a series
> submitted as
> an RFC submitted in good faith, is not a reason to discount an entire patch
> series.
> 
> I hope you continue to provide feedback, as it is invaluable to making this
> system better, and making me, personally, a better developer.
> >>>> +					FS_VERITY_SIGNATURE_SEC_NAME,
> >>>> +					signature, sig_size, 0);
> >>> This is only for fs-verity built-in signatures which aren't the only way to do
> >>> signatures with fs-verity.  Are you sure this is what you're looking for?
> >> Could you elaborate on the other signature types that can be used
> >> with fs-verity? I’m 99% sure this is what I’m looking for as this
> >> is a signature validated in the kernel against the fs-verity keyring
> >> as part of the “fsverity enable” utility.
> >>
> >> It's important that the signature is validated in the kernel, as
> >> userspace is considered untrusted until the signature is validated
> >> for this case.
> >>
> >>> Can you elaborate on your use case for fs-verity built-in signatures,
> >> Sure, signatures, like digests, also provide a way to prove integrity,
> >> and the trust component comes from the validation against the keyring,
> >> as opposed to a fixed value in IPE’s policy. The use case for fs-verity
> >> built-in signatures is that we have a rw ext4 filesystem that has some
> >> executable files, and we want to have a execution policy (through IPE)
> >> that only _trusted_ executables can run. Perf is important here, hence
> >> fs-verity.
> > Most users of fs-verity built-in signatures have actually been enforcing their
> > security policy in userspace, by checking whether specific files have the
> > fs-verity bit set or not.  Such users could just store and verify signatures in
> > userspace instead, without any kernel involvement.  So that's what I've been
> > recommending (with limited success, unfortunately).
> I believe the difference in security models comes from this line
> (emphasis, mine):
> 
>  > by checking whether _specific files_ have the fs-verity bit set or not.
> 
> IPE policy is written by a system author who owns the system, but may
> not have 100% control over all of the application code running on the
> system.  In the case of applications which are not aware of IPE, the policy
> can still enforce that all of the code running on the system is trusted.
> 
> An example attack of what we're trying to mitigate:  A hostile actor
> could downloads a binary off the internet with all required
> dependencies into tmpfs and runs their malicious executable.
> 
> With us validating this information in the kernel, even if the attacker
> downloaded their malicious executable to /tmp and executed it, it would
> still fail to pass policy and be denied, as the kernel is the common
> entrypoint across all executables.
> 
> Operationally, this _could_ be done by digest, but the policies would
> quickly become gigantic on a cartoonish proportion, as you'll have to
> authorize every single executable and dependency by digest - and
> there would be a complicated update story as the policy would have to
> be updated to onboard new digests.
> 
> By using signatures, we can prevent the policy update, and keep the
> policy size small.
> 
> > If you really do need in-kernel signature verification, then that may be a
> > legitimate use case for the fs-verity built-in signatures, although I do wonder
> > why you aren't using IMA and its signature mechanism instead.
> >
> > - Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-26 19:03         ` Deven Bowers
  2021-10-27  9:34           ` Roberto Sassu
@ 2021-10-28  3:48           ` Eric Biggers
  2021-10-28 18:11             ` Deven Bowers
  1 sibling, 1 reply; 63+ messages in thread
From: Eric Biggers @ 2021-10-28  3:48 UTC (permalink / raw)
  To: Deven Bowers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module

On Tue, Oct 26, 2021 at 12:03:53PM -0700, Deven Bowers wrote:
> > > The proposed LSM (IPE) of this series will be the only one to need
> > > this information at the  moment. IPE’s goal is to have provide
> > > trust-based access control. Trust and Integrity are tied together,
> > > as you cannot prove trust without proving integrity.
> > I think you mean authenticity, not integrity?
> I’ve heard a lot of people use these terms in overloaded ways.
> 
> If we’re working with the definition of authenticity being
> “the property that a resource was _actually_ sent/created by a
> party”, and integrity being “the property that a resource was not
> modified from a point of time”, then yes. Though the statement isn’t
> false, though, because you’d need to prove integrity in the process of
> proving authenticity.
> 
> If not, could you clarify what you mean by authenticity and integrity,
> so that we can use consistent definitions?

In cryptography, integrity normally means knowing whether data has been
non-maliciously changed, while authenticity means knowing whether data is from a
particular source, which implies knowing whether it has been changed at all
(whether maliciously or not).  Consider that there are "Message Authentication
Codes" (MACs) and "Authenticated Encryption", not "Message Integrity Codes" and
"Intact Encryption".

Unfortunately lots of people do overload "integrity" to mean authenticity, so
you're not alone.  But it's confusing, so if you're going to do that then please
make sure to clearly explain what you mean.

> > Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
> > file hashes, but that could be changed.  Why not extend IMA to cover your use
> > case(s)?
> We looked at extending IMA to cover our requirements extensively the past
> year
> based on feedback the last time I posted these patches. We implemented a
> prototype that had half of our requirements, but found it resulted in a
> large change list that would result in a large amount of pain in respect
> to maintenance, in addition to other more architectural concerns about the
> implementation. We weren’t convinced it was the correct direction, for our
> needs.
> 
> There was a presentation done at LSS 2021 around this prototype done by my
> colleague, Fan, who authored this patch and implemented the aforementioned
> prototype.
> 
> In general, IMA provides a whole suite of amazing functionality when it
> comes to everything integrity, as the fs-verity documentation states
> itself:
> 
>    IMA specifies a system-wide policy that specifies which
>    files are hashed and what to do with those hashes, such
>    as log them, authenticate them, or add them to a
>    measurement list.
> 
> Instead, IPE provides a fine-tuned way to _only_ enforce an access control
> policy to these files based on the defined trust requirements in the policy,
> under various contexts, (you might have different requirements for what
> executes in a general purpose, versus loadable kernel modules, for example).
> It will never provide bother to log, measure, or revalidate these hashes
> because
> that’s not its purpose. This is why it belongs at the LSM layer instead of
> the
> integrity subsystem layer, as it is providing access control based on a
> policy,
> versus providing deep integrations with the actual integrity claim.
> 
> IPE is trying to be agnostic to how precisely “trust” is provided, as
> opposed to be deeply integrated into the mechanism that provides
> “trust”.

IMA doesn't require logging or "measuring" hashes, though.  Those are just some
of its supported features.  And I thought the IMA developers were planning to
add support for fs-verity hashes, and that it wouldn't require an entirely new
architecture to do so.

Anyway, while it does sound to me like you're duplicating IMA, I don't really
have a horse in this race, and I defer to the IMA developers on this.  I trust
that you've been engaging with them?  This patchset isn't even Cc'ed to
linux-integrity, so it's unclear that's been happening.

- Eric

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-28  3:48           ` Eric Biggers
@ 2021-10-28 18:11             ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-28 18:11 UTC (permalink / raw)
  To: Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module


On 10/27/2021 8:48 PM, Eric Biggers wrote:
> On Tue, Oct 26, 2021 at 12:03:53PM -0700, Deven Bowers wrote:
>>>> The proposed LSM (IPE) of this series will be the only one to need
>>>> this information at the  moment. IPE’s goal is to have provide
>>>> trust-based access control. Trust and Integrity are tied together,
>>>> as you cannot prove trust without proving integrity.
>>> I think you mean authenticity, not integrity?
>> I’ve heard a lot of people use these terms in overloaded ways.
>>
>> If we’re working with the definition of authenticity being
>> “the property that a resource was _actually_ sent/created by a
>> party”, and integrity being “the property that a resource was not
>> modified from a point of time”, then yes. Though the statement isn’t
>> false, though, because you’d need to prove integrity in the process of
>> proving authenticity.
>>
>> If not, could you clarify what you mean by authenticity and integrity,
>> so that we can use consistent definitions?
> In cryptography, integrity normally means knowing whether data has been
> non-maliciously changed, while authenticity means knowing whether data is from a
> particular source, which implies knowing whether it has been changed at all
> (whether maliciously or not).  Consider that there are "Message Authentication
> Codes" (MACs) and "Authenticated Encryption", not "Message Integrity Codes" and
> "Intact Encryption".
>
> Unfortunately lots of people do overload "integrity" to mean authenticity, so
> you're not alone.  But it's confusing, so if you're going to do that then please
> make sure to clearly explain what you mean.
>
>>> Also how does this differ from IMA?  I know that IMA doesn't support fs-verity
>>> file hashes, but that could be changed.  Why not extend IMA to cover your use
>>> case(s)?
>> We looked at extending IMA to cover our requirements extensively the past
>> year
>> based on feedback the last time I posted these patches. We implemented a
>> prototype that had half of our requirements, but found it resulted in a
>> large change list that would result in a large amount of pain in respect
>> to maintenance, in addition to other more architectural concerns about the
>> implementation. We weren’t convinced it was the correct direction, for our
>> needs.
>>
>> There was a presentation done at LSS 2021 around this prototype done by my
>> colleague, Fan, who authored this patch and implemented the aforementioned
>> prototype.
>>
>> In general, IMA provides a whole suite of amazing functionality when it
>> comes to everything integrity, as the fs-verity documentation states
>> itself:
>>
>>     IMA specifies a system-wide policy that specifies which
>>     files are hashed and what to do with those hashes, such
>>     as log them, authenticate them, or add them to a
>>     measurement list.
>>
>> Instead, IPE provides a fine-tuned way to _only_ enforce an access control
>> policy to these files based on the defined trust requirements in the policy,
>> under various contexts, (you might have different requirements for what
>> executes in a general purpose, versus loadable kernel modules, for example).
>> It will never provide bother to log, measure, or revalidate these hashes
>> because
>> that’s not its purpose. This is why it belongs at the LSM layer instead of
>> the
>> integrity subsystem layer, as it is providing access control based on a
>> policy,
>> versus providing deep integrations with the actual integrity claim.
>>
>> IPE is trying to be agnostic to how precisely “trust” is provided, as
>> opposed to be deeply integrated into the mechanism that provides
>> “trust”.
> IMA doesn't require logging or "measuring" hashes, though.  Those are just some
> of its supported features.  And I thought the IMA developers were planning to
> add support for fs-verity hashes, and that it wouldn't require an entirely new
> architecture to do so.
>
> Anyway, while it does sound to me like you're duplicating IMA, I don't really
> have a horse in this race, and I defer to the IMA developers on this.  I trust
> that you've been engaging with them?  This patchset isn't even Cc'ed to
> linux-integrity, so it's unclear that's been happening.
That was entirely my mistake. Mimi and the linux-integrity list was CC'd 
on previous
versions (Roberto actually added the list to his responses) - when I was 
reconstructing
the To: line with get-maintainers.pl, the list didn't pop up and I did 
not remember to
add it manually. I've corrected my mailing script to re-add them again.

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE)
  2021-10-27  8:26     ` Roberto Sassu
@ 2021-10-28 20:36       ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-10-28 20:36 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 10/27/2021 1:26 AM, Roberto Sassu wrote:
>> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
>> Sent: Tuesday, October 26, 2021 9:04 PM
>> On 10/25/2021 4:30 AM, Roberto Sassu wrote:
>>>> From:deven.desai@linux.microsoft.com
>>>> [mailto:deven.desai@linux.microsoft.com]
>>>> From: Deven Bowers<deven.desai@linux.microsoft.com>
>>>>
>>>> Overview:
>>>> ---------
>>>>
>>>> IPE is a Linux Security Module which takes a complimentary approach to
>>>> access control. Whereas existing systems approach use labels or paths
>>>> which control access to a resource, IPE controls access to a resource
>>>> based on the system's trust of said resource.
>>> To me, it does not give a particularly precise idea of what IPE is about.
>>>
>>> It would have been more clear, assuming that I understood it correctly,
>>> if you have said:
>>>
>>> Whereas existing mandatory access control mechanisms base their
>>> decisions on labels and paths, IPE instead determines whether or not
>>> an operation should be allowed based on immutable security properties
>>> of the system component the operation is being performed on.
>>>
>>> IPE itself does not mandate how the security property should be
>>> evaluated, but relies on an extensible set of external property providers
>>> to evaluate the component. IPE makes its decision based on reference
>>> values for the selected properties, specified in the IPE policy.
>>>
>>> The reference values represent the value that the policy writer and the
>>> local system administrator (based on the policy signature) trust for the
>>> system to accomplish the desired tasks.
>>>
>>> One such provider is for example dm-verity, which is able to represent
>>> the integrity property of a partition (its immutable state) with a digest.
>> You understood it perfectly, and managed to word in a much more clear
>> way than I did. I'll apply these changes in the next posting! Thanks.
> Welcome.
>
>>>> Trust requirements are established via IPE's policy, sourcing multiple
>>>> different implementations within the kernel to build a cohesive trust
>>>> model, based on how the system was built.
>>>>
>>>> Trust, with respect to computing, is a concept that designates a set
>>>> of entities who will endorse a set of resources as non-malicious.
>>>> Traditionally, this is done via signatures, which is the act of endorsing
>>>> a resource.
>>>>
>>>> Integrity, on the other hand, is the concept of ensuring that a resource
>>>> has not been modified since a point of time. This is typically done through
>>>> cryptographic hashes or signatures.
>>>>
>>>> Trust and integrity are very closely tied together concepts, as integrity
>>>> is the way you can prove trust for a resource; otherwise it could have
>>>> been modified by an entity who is untrusted.
>>>>
>>>> IPE provides a way for a user to express trust requirements of resources,
>>>> by using pre-existing systems which provide the integrity half of the
>>>> equation.
>>>>
>>>> IPE is compiled under CONFIG_SECURITY_IPE.
>>>>
>>>> Use Cases
>>>> ---------
>>>>
>>>> IPE works best in fixed-function devices: Devices in which their purpose
>>>> is clearly defined and not supposed to be changed (e.g. network firewall
>>>> device in a data center, an IoT device, etcetera), where all software and
>>>> configuration is built and provisioned by the system owner.
>>>>
>>>> IPE is a long-way off for use in general-purpose computing:
>>>> the Linux community as a whole tends to follow a decentralized trust
>>>> model, known as the Web of Trust, which IPE has no support for as of yet.
>>>> Instead, IPE supports the PKI Trust Model, which generally designates a
>>>> set of entities that provide a measure absolute trust.
>>> It is true that packages are signed with PGP, which is decentralized,
>>> but there is a special case where Linux distribution vendors trust
>>> their own keys. This, at least, would allow to trust the software built
>>> by a particular vendor (I ported David Howells's work on PGP keys and
>>> signature to the current kernel).
>> Yes, that is true. I figured that this scenario was somewhat obvious,
>> as it is, at a high level, similar to PKI but I can certainly add it
>> explicitly.
> Perfect.
>
>>>> Additionally, while most packages are signed today, the files inside
>>>> the packages (for instance, the executables), tend to be unsigned. This
>>>> makes it difficult to utilize IPE in systems where a package manager is
>>>> expected to be functional, without major changes to the package manager
>>>> and ecosystem behind it.
>>> Yes, RPMs don't have per file signatures but have a signature of the
>>> list of file digests, which is equivalent. They could have also the fsverity
>>> digests (instead of the fsverity signatures) to reduce size overhead.
>>>
>>> Given that the authenticity of RPMs headers can be verified, if the
>>> PGP key of the vendor is included in the primary keyring of the kernel,
>>> being able to protect file or fsverity digests against tampering by
>>> user space and being able to query them (e.g. with DIGLIM) extends
>>> the applicability of IPE to general purpose OSes.
>> Agreed. With these two functionalities, it does appear that IPE + DIGLIM
>> can be used for general purpose RPM-based OSes. I'll add a reference to
>> your recent posting (v3?) as a way to extend the functionality to general
>> purposes OSes in the next revision.
> Ok. Yes, v3 is the latest.
>
>>>> Policy:
>>>> -------
>>>>
>>>> IPE policy is a plain-text [#]_ policy composed of multiple statements
>>>> over several lines. There is one required line, at the top of the
>>>> policy, indicating the policy name, and the policy version, for
>>>> instance:
>>>>
>>>>     policy_name="Ex Policy" policy_version=0.0.0
>>>>
>>>> The policy version indicates the current version of the policy (NOT the
>>>> policy syntax version). This is used to prevent roll-back of policy to
>>>> potentially insecure previous versions of the policy.
>>>>
>>>> The next portion of IPE policy, are rules. Rules are formed by key=value
>>>> pairs, known as properties. IPE rules require two properties: "action",
>>> Better:
>>>
>>> IPE rules require two keys:
>> Ack.
>>>> which determines what IPE does when it encounters a match against the
>>>> policy, and "op", which determines when that rule should be evaluated.
>>>> Thus, a minimal rule is:
>>>>
>>>>     op=EXECUTE action=ALLOW
>>>>
>>>> This example will allow any execution. Additional properties are used to
>>>> restrict attributes about the files being evaluated. These properties are
>>>> intended to be deterministic attributes that are resident in the kernel.
>>>> Available properties for IPE described in the documentation patch of this
>>>> series.
>>>>
>>>> A rule is required to have the "op" property as the first token of a rule,
>>>> and the "action" as the last token of the rule. Rules are evaluated
>>>> top-to-bottom. As a result, any revocation rules, or denies should be
>>>> placed early in the file to ensure that these rules are evaluated before
>>>> a rule with "action=ALLOW" is hit.
>>>>
>>>> Any unknown syntax in IPE policy will result in a fatal error to parse
>>>> the policy. User mode can interrogate the kernel to understand what
>>>> properties and the associated versions through the securityfs node,
>>>> $securityfs/ipe/config, which will return a string of form:
>>>>
>>>>     key1=version1
>>>>     key2=version2
>>>>     .
>>>>     .
>>>>     .
>>>>     keyN=versionN
>>>>
>>>> User-mode should correlate these versions with the supported values
>>>> identified in the documentation to determine whether a policy should
>>>> be accepted by the system without actually trying to deploy the policy.
>>>>
>>>> Additionally, a DEFAULT operation must be set for all understood
>>>> operations within IPE. For policies to remain completely forwards
>>>> compatible, it is recommended that users add a "DEFAULT action=ALLOW"
>>>> and override the defaults on a per-operation basis.
>>>>
>>>> For more information about the policy syntax, the kernel documentation
>>>> page.
>>>>
>>>> Early Usermode Protection:
>>>> --------------------------
>>>>
>>>> IPE can be provided with a policy at startup to load and enforce.
>>>> This is intended to be a minimal policy to get the system to a state
>>>> where userland is setup and ready to receive commands, at which
>>>> point a policy can be deployed via securityfs. This "boot policy" can be
>>>> specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
>>>> to a plain-text version of the IPE policy to apply. This policy will be
>>>> compiled into the kernel. If not specified, IPE will be disabled until a
>>>> policy is deployed and activated through the method above.
>>>>
>>>> Policy Examples:
>>>> ----------------
>>>>
>>>> Allow all:
>>>>
>>>>     policy_name="Allow All" policy_version=0.0.0
>>>>     DEFAULT action=ALLOW
>>>>
>>>> Allow only initial superblock:
>>>>
>>>>     policy_name="Allow All Initial SB" policy_version=0.0.0
>>>>     DEFAULT action=DENY
>>>>
>>>>     op=EXECUTE boot_verified=TRUE action=ALLOW
>>>>
>>>> Allow any signed dm-verity volume and the initial superblock:
>>>>
>>>>     policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>>>     DEFAULT action=DENY
>>>>
>>>>     op=EXECUTE boot_verified=TRUE action=ALLOW
>>>>     op=EXECUTE dmverity_signature=TRUE action=ALLOW
>>>>
>>>> Prohibit execution from a specific dm-verity volume:
>>>>
>>>>     policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>>>     DEFAULT action=DENY
>>>>
>>>>     op=EXECUTE
>>>>
>> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
>>>> 146938 action=DENY
>>>>     op=EXECUTE boot_verified=TRUE action=ALLOW
>>>>     op=EXECUTE dmverity_signature=TRUE action=ALLOW
>>>>
>>>> Allow only a specific dm-verity volume:
>>>>
>>>>     policy_name="AllowSignedAndInitial" policy_version=0.0.0
>>>>     DEFAULT action=DENY
>>>>
>>>>     op=EXECUTE
>>>>
>> dmverity_roothash=401fcec5944823ae12f62726e8184407a5fa9599783f030dec
>>>> 146938 action=ALLOW
>>>>
>>>> Deploying Policies:
>>>> -------------------
>>>>
>>>> First sign a plain text policy, with a certificate that is present in
>>>> the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
>>>> signing can be done via:
>>>>
>>>>     openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
>>>>       -inkey "$MY_PRIVATE_KEY" -binary -outform der -noattr -nodetach \
>>>>       -out "$MY_POLICY.p7s"
>>>>
>>>> Then, simply cat the file into the IPE's "new_policy" securityfs node:
>>>>
>>>>     cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
>>>>
>>>> The policy should now be present under the policies/ subdirectory, under
>>>> its "policy_name" attribute.
>>>>
>>>> The policy is now present in the kernel and can be marked as active,
>>>> via the securityfs node:
>>>>
>>>>     echo "1" > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"
>>>>
>>>> This will now mark the policy as active and the system will be enforcing
>>>> $MY_POLICY_NAME.
>>>>
>>>> There is one requirement when marking a policy as active, the policy_version
>>>> attribute must either increase, or remain the same as the currently running
>>>> policy.
>>>>
>>>> Policies can be updated via:
>>>>
>>>>     cat "$MY_UPDATED_POLICY.p7s" > \
>>>>       "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"
>>>>
>>>> Additionally, policies can be deleted via the "delete" securityfs
>>>> node. Simply write "1" to the corresponding node in the policy folder:
>>>>
>>>>     echo "1" > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"
>>>>
>>>> There is only one requirement to delete policies, the policy being
>>>> deleted must not be the active policy.
>>>>
>>>> NOTE: The securityfs commands will require CAP_MAC_ADMIN.
>>>>
>>>> Integrations:
>>>> -------------
>>>>
>>>> This patch series adds support for fsverity via digest and signature
>>>> (fsverity_signature and fsverity_digest), dm-verity by digest and
>>>> signature (dmverity_signature and dmverity_roothash), and trust for
>>>> the initramfs (boot_verified).
>>> Verifying the initial ram disk looks like a big problem. On general
>>> purpose OSes, having a reference value for it would be very hard.
>>>
>>> Instead, we would still be able to use per file reference values.
>>> Executable and shared libraries in the initial ram disk are copied
>>> from the main OS. Without fsverity support in tmpfs, I wonder
>>> if it would be still possible to mark the file as immutable and do
>>> an on the fly calculation of the root digest.
>> Yes, verifying the initial ramdisk is very difficult. "boot_verified",
>> is largely an assumption of trust as all the warning shows in the
>> documentation; it assumes the boot stack verified the initramfs somehow
>> (i.e. u-boot verified boot with it in the fitImage), and 'pins' (similar
>> to loadpin) the superblock to allow execution from that superblock.
>>> As an alternative, the IMA approach of calculating the file digest
>>> could be used (or IPE could get the file digest as a property from
>>> the integrity subsystem).
>> In general, I would like to keep as much of the implementation of the
>> integrity mechanisms out of IPE as much as possible - there are likely
>> much better layers to implement new ways of providing integrity /
>> authenticity claims than at the lsm layer within IPE.
> That would be still the case. The integrity subsystem will be still
> responsible to calculate the file digest and maintain it in a per
> inode metadata. Then, IPE could evaluate the file digest as the
> same as for the fsverity digest:
>
> op=EXECUTE integrity_digest=<hex> action=ALLOW
>
> integrity_digest will be handled by a separate IPE module which
> communicates with the integrity subsystem.

Sure, I'm happy with this. My comment was originally to the first half
of your response ("the IMA approach of calculating the file digest
could be used"); I don't see that as part of IPE's purpose.

I wanted to draw as rough boundary between what I find acceptable
as an IPE extension and what isn't.



^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-10-15 19:25     ` Deven Bowers
@ 2021-11-02 19:44       ` Steve Grubb
  2021-11-04 16:59         ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Steve Grubb @ 2021-11-02 19:44 UTC (permalink / raw)
  To: corbet, axboe, agk, snitzer, ebiggers, tytso, paul, eparis,
	jmorris, serge, linux-audit, Deven Bowers
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel

Hello,

On Friday, October 15, 2021 3:25:47 PM EDT Deven Bowers wrote:
> On 10/13/2021 1:02 PM, Steve Grubb wrote:
> > On Wednesday, October 13, 2021 3:06:26 PM EDT
> > deven.desai@linux.microsoft.com> 
> > wrote:
> >> Users of IPE require a way to identify when and why an operation fails,
> >> allowing them to both respond to violations of policy and be notified
> >> of potentially malicious actions on their systens with respect to IPE
> >> itself.
> > 
> > Would you mind sending examples of audit events so that we can see what
> > the end result is? Some people add them to the commit text. But we still
> > need to see what they look like.
> 
> Sure, sorry. I’ll add them to the commit description (and the documentation
> patch at the end) for v8 – In the interest of asynchronous feedback, I’ve
> copied the relevant examples:

Thanks for sending these. This helps.

 
> AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
> ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
> ctx_ino=532 ctx_dev=vda rule="DEFAULT op=EXECUTE action=DENY"

Question...why do all of these have a ctx_  prefix? Is it possible to trigger 
an audit context so that the audit machinery collects all of this stuff in 
it's own way? Which means you could drop everything execept op, hook, 
enforce, rule, and action.

We also have a field dictionary here:
https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
field-dictionary.csv

which names the known fields and how they should be formatted. If there is a 
collision where they are something else and cannot be in the same format, 
then we make a new name and hopefully update the dictionary. For example, if 
you are collecting a process id, use pid and not ctx_pid so that it matches a 
known definition.

Also, I don't thnk these events can stand on their own. Who did this action? 
You have the pid, but no uid, auid, or session_id.

Hope this helps...

-Steve

 
> AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
> ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
> ctx_ino=532 ctx_dev=vda rule="DEFAULT action=DENY"
> 
> AUDIT1420 IPE ctx_pid=253 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=1
> ctx_comm="anon" rule="DEFAULT op=EXECUTE action=DENY"
> 
> These three audit records represent various types of results after
> evaluating
> the trust of a resource. The first two differ in the rule that was
> matched in
> IPE's policy, the first being an operation-specific default, the second
> being
> a global default. The third is an example of what is audited when anonymous
> memory is blocked (as there is no way to verify the trust of an anonymous
> page).
> 
> The remaining three events, AUDIT_TRUST_POLICY_LOAD (1421),
> AUDIT_TRUST_POLICY_ACTIVATE (1422), and AUDIT_TRUST_STATUS (1423) have this
> form:
> 
> AUDIT1421 IPE policy_name="my-policy" policy_version=0.0.0
> <hash_alg_name>=<hash>
> AUDIT1422 IPE policy_name="my-policy" policy_version=0.0.0
> <hash_alg_name>=<hash>
> AUDIT1423 IPE enforce=1
> 
> The 1421 (AUDIT_TRUST_POLICY_LOAD) event represents a new policy was loaded
> into the kernel, but not is not marked as the policy to enforce. The
> 
> The 1422 (AUDIT_TRUST_POLICY_ACTIVATE) event represents a policy that was
> already loaded was made the enforcing policy.
> 
> The 1423 (AUDIT_TRUST_STATUS) event represents a switch between
> permissive and
> enforce, it is added in 08/16 (the following patch)





^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 04/16] ipe: add userspace interface
  2021-10-13 19:06 ` [RFC PATCH v7 04/16] ipe: add userspace interface deven.desai
@ 2021-11-03  9:42   ` Roberto Sassu
  2021-11-04 16:50     ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-11-03  9:42 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: deven.desai@linux.microsoft.com
> [mailto:deven.desai@linux.microsoft.com]
> From: Deven Bowers <deven.desai@linux.microsoft.com>
> 
> As is typical with LSMs, IPE uses securityfs as its interface with
> userspace. for a complete list of the interfaces and the respective
> inputs/outputs, please see the documentation under
> admin-guide/LSM/ipe.rst
> 
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> ---
> 
> Relevant changes since v6:
>   * Refactor series to:
>       1. Support a context structure, enabling easier testing
>   * Split up patch 03/12 into two parts:
>       1. parser [02/16]
>       2. userspace interface [04/16] (this patch)
>   * Interface changes:
>       1. "raw" was renamed to "pkcs7" and made read only
>       2. "raw"'s write functionality (update a policy) moved to "update"
>       3. introduced "version", "policy_name" nodes.
>       4. "content" renamed to "policy"
>       5. The boot policy can now be updated like any other policy.
> 
> ---
>  security/ipe/Makefile   |   2 +
>  security/ipe/ctx.c      | 121 +++++++++
>  security/ipe/ctx.h      |   6 +
>  security/ipe/fs.c       | 170 +++++++++++++
>  security/ipe/fs.h       |  13 +
>  security/ipe/policy.c   |  41 ++++
>  security/ipe/policy.h   |   4 +
>  security/ipe/policyfs.c | 528 ++++++++++++++++++++++++++++++++++++++++
>  8 files changed, 885 insertions(+)
>  create mode 100644 security/ipe/fs.c
>  create mode 100644 security/ipe/fs.h
>  create mode 100644 security/ipe/policyfs.c
> 
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 0db69f13e82a..d5660a17364c 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -10,9 +10,11 @@ ccflags-y := -I$(srctree)/security/ipe/modules
>  obj-$(CONFIG_SECURITY_IPE) += \
>  	ctx.o \
>  	eval.o \
> +	fs.o \
>  	hooks.o \
>  	ipe.o \
>  	modules.o \
>  	parsers/ \
>  	parsers.o \
>  	policy.o \
> +	policyfs.o \
> diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
> index 9274e51eff52..664c671a4f9c 100644
> --- a/security/ipe/ctx.c
> +++ b/security/ipe/ctx.c
> @@ -13,6 +13,29 @@
>  #include <linux/refcount.h>
>  #include <linux/spinlock.h>
> 
> +/**
> + * ver_to_u64: convert an internal ipe_policy_version to a u64
> + * @p: Policy to extract the version from
> + *
> + * Bits (LSB is index 0):
> + *	[48,32] -> Major
> + *	[32,16] -> Minor
> + *	[16, 0] -> Revision
> + *
> + * Return:
> + * u64 version of the embedded version structure.
> + */
> +static inline u64 ver_to_u64(const struct ipe_policy *const p)
> +{
> +	u64 r = 0;
> +
> +	r = (((u64)p->parsed->version.major) << 32)
> +	  | (((u64)p->parsed->version.minor) << 16)
> +	  | ((u64)(p->parsed->version.rev));
> +
> +	return r;
> +}
> +
>  /**
>   * ipe_current_ctx: Helper to retrieve the ipe_context for the current task.
>   *
> @@ -96,6 +119,7 @@ static void free_ctx_work(struct work_struct *const
> work)
>  	list_for_each_entry(p, &ctx->policies, next)
>  		ipe_put_policy(p);
> 
> +	securityfs_remove(ctx->policy_root);
>  	kfree(ctx);
>  }
> 
> @@ -160,6 +184,9 @@ void ipe_remove_policy(struct ipe_policy *p)
>   * ipe_add_policy: Associate @p with @ctx
>   * @ctx: Supplies a pointer to the ipe_context structure to associate @p with.
>   * @p: Supplies a pointer to the ipe_policy structure to associate.
> + *
> + * This will increase @p's reference count by one.
> + *
>   */
>  void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p)
>  {
> @@ -168,7 +195,101 @@ void ipe_add_policy(struct ipe_context *ctx, struct
> ipe_policy *p)
>  	list_add_tail(&p->next, &ctx->policies);
>  	refcount_inc(&p->refcount);
>  	spin_unlock(&ctx->lock);
> +}
> +
> +/**
> + * ipe_replace_policy: Replace @old with @new in the list of policies in @ctx
> + * @ctx: Supplies the context object to manipulate.
> + * @old: Supplies a pointer to the ipe_policy to replace with @new
> + * @new: Supplies a pointer to the ipe_policy structure to replace @old with
> + */
> +int ipe_replace_policy(struct ipe_policy *old, struct ipe_policy *new)
> +{
> +	int rc = -EINVAL;
> +	struct ipe_context *ctx;
> +	struct ipe_policy *cursor;
> +	struct ipe_policy *p = NULL;
> +
> +	ctx = ipe_get_ctx_rcu(old->ctx);
> +	if (!ctx)
> +		return -ENOENT;
> +
> +	spin_lock(&ctx->lock);
> +	list_for_each_entry(cursor, &ctx->policies, next) {
> +		if (!strcmp(old->parsed->name, cursor->parsed->name)) {
> +			if (ipe_is_policy_active(old)) {
> +				if (ver_to_u64(old) > ver_to_u64(new))
> +					break;
> +				rcu_assign_pointer(ctx->active_policy, new);
> +			}
> +			list_replace_init(&cursor->next, &new->next);
> +			refcount_inc(&new->refcount);
> +			rcu_assign_pointer(new->ctx, old->ctx);
> +			p = cursor;
> +			rc = 0;
> +			break;
> +		}
> +	}
> +	spin_unlock(&ctx->lock);
> +	synchronize_rcu();
> +
> +	ipe_put_policy(p);
> +	ipe_put_ctx(ctx);
> +	return rc;
> +}
> +
> +/**
> + * ipe_set_active_pol: Make @p the active policy.
> + * @p: Supplies a pointer to the policy to make active.
> + */
> +int ipe_set_active_pol(const struct ipe_policy *p)
> +{
> +	int rc = 0;
> +	struct ipe_policy *ap = NULL;
> +	struct ipe_context *ctx = NULL;
> +
> +	ctx = ipe_get_ctx_rcu(p->ctx);
> +	if (!ctx) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	ap = ipe_get_policy_rcu(ctx->active_policy);
> +	if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
> +		rc = -EINVAL;
> +		goto out;
> +	}
> +
> +	spin_lock(&ctx->lock);
> +	rcu_assign_pointer(ctx->active_policy, p);
> +	spin_unlock(&ctx->lock);
>  	synchronize_rcu();
> +
> +out:
> +	ipe_put_policy(ap);
> +	ipe_put_ctx(ctx);
> +	return rc;
> +}
> +
> +/**
> + * ipe_is_policy_active: Determine wehther @p is the active policy
> + * @p: Supplies a pointer to the policy to check.
> + *
> + * Return:
> + * true - @p is the active policy of @ctx
> + * false - @p is not the active policy of @ctx
> + */
> +bool ipe_is_policy_active(const struct ipe_policy *p)
> +{
> +	bool rv;
> +	struct ipe_context *ctx;
> +
> +	rcu_read_lock();
> +	ctx = rcu_dereference(p->ctx);
> +	rv = !IS_ERR_OR_NULL(ctx) && rcu_access_pointer(ctx->active_policy)
> == p;
> +	rcu_read_unlock();
> +
> +	return rv;
>  }
> 
>  /**
> diff --git a/security/ipe/ctx.h b/security/ipe/ctx.h
> index a0da92da818c..fe11fb767788 100644
> --- a/security/ipe/ctx.h
> +++ b/security/ipe/ctx.h
> @@ -7,6 +7,7 @@
> 
>  #include <linux/sched.h>
>  #include <linux/types.h>
> +#include <linux/dcache.h>
>  #include <linux/refcount.h>
>  #include <linux/spinlock.h>
>  #include <linux/workqueue.h>
> @@ -20,6 +21,8 @@ struct ipe_context {
> 
>  	struct list_head policies; /* type: ipe_policy */
> 
> +	struct dentry *policy_root;
> +
>  	struct work_struct free_work;
>  };
> 
> @@ -30,5 +33,8 @@ struct ipe_context *ipe_get_ctx_rcu(struct ipe_context
> __rcu *ctx);
>  void ipe_put_ctx(struct ipe_context *ctx);
>  void ipe_add_policy(struct ipe_context *ctx, struct ipe_policy *p);
>  void ipe_remove_policy(struct ipe_policy *p);
> +int ipe_replace_policy(struct ipe_policy *old, struct ipe_policy *new);
> +int ipe_set_active_pol(const struct ipe_policy *p);
> +bool ipe_is_policy_active(const struct ipe_policy *p);
> 
>  #endif /* IPE_CONTEXT_H */
> diff --git a/security/ipe/fs.c b/security/ipe/fs.c
> new file mode 100644
> index 000000000000..10ad23f8bf92
> --- /dev/null
> +++ b/security/ipe/fs.c
> @@ -0,0 +1,170 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#include "ipe.h"
> +#include "fs.h"
> +#include "policy.h"
> +
> +#include <linux/dcache.h>
> +#include <linux/security.h>
> +
> +static struct dentry *np __ro_after_init;
> +static struct dentry *root __ro_after_init;
> +static struct dentry *config __ro_after_init;
> +
> +/**
> + * new_policy: Write handler for the securityfs node, "ipe/new_policy"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t new_policy(struct file *f, const char __user *data,
> +			  size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	char *copy = NULL;
> +	struct ipe_policy *p = NULL;
> +	struct ipe_context *ctx = NULL;
> +
> +	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> +		return -EPERM;
> +
> +	ctx = ipe_current_ctx();
> +
> +	copy = memdup_user_nul(data, len);
> +	if (IS_ERR(copy)) {
> +		rc = PTR_ERR(copy);
> +		goto err;
> +	}
> +
> +	p = ipe_new_policy(NULL, 0, copy, len);
> +	if (IS_ERR(p)) {
> +		rc = PTR_ERR(p);
> +		goto err;
> +	}
> +
> +	rc = ipe_new_policyfs_node(ctx, p);
> +	if (rc)
> +		goto err;
> +
> +	ipe_add_policy(ctx, p);
> +err:
> +	ipe_put_policy(p);
> +	ipe_put_ctx(ctx);
> +	return (rc < 0) ? rc : len;
> +}
> +
> +/**
> + * get_config: Read handler for the securityfs node, "ipe/config"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the read syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t get_config(struct file *f, char __user *data, size_t len,
> +			  loff_t *offset)
> +{
> +	int rc = 0;
> +	char *buf = NULL;
> +	size_t buflen = 0;
> +	char tmp[30] = { 0 };
> +	struct ipe_parser *p = NULL;
> +	struct ipe_module *m = NULL;
> +
> +	for (p = __start_ipe_parsers; p < __end_ipe_parsers; ++p)
> +		buflen += snprintf(NULL, 0, "%s=%d\n", p->first_token, p-
> >version);
> +	for (m = __start_ipe_modules; m < __end_ipe_modules; ++m)
> +		buflen += snprintf(NULL, 0, "%s=%d\n", m->name, m->version);
> +
> +	++buflen;
> +	buf = kzalloc(buflen, GFP_KERNEL);
> +	if (!buf) {
> +		rc = -ENOMEM;
> +		goto out;
> +	}
> +
> +	for (p = __start_ipe_parsers; p < __end_ipe_parsers; ++p) {
> +		memset(tmp, 0x0, ARRAY_SIZE(tmp));
> +		scnprintf(tmp, ARRAY_SIZE(tmp), "%s=%d\n", p->first_token, p-
> >version);
> +		strcat(buf, tmp);
> +	}
> +
> +	for (m = __start_ipe_modules; m < __end_ipe_modules; ++m) {
> +		memset(tmp, 0x0, ARRAY_SIZE(tmp));
> +		scnprintf(tmp, ARRAY_SIZE(tmp), "%s=%d\n", m->name, m-
> >version);
> +		strcat(buf, tmp);
> +	}
> +
> +	rc = simple_read_from_buffer(data, len, offset, buf, buflen);
> +out:
> +	kfree(buf);
> +	return rc;
> +}
> +
> +static const struct file_operations cfg_fops = {
> +	.read = get_config,
> +};
> +
> +static const struct file_operations np_fops = {
> +	.write = new_policy,
> +};
> +
> +/**
> + * ipe_init_securityfs: Initialize IPE's securityfs tree at fsinit
> + *
> + * Return:
> + * !0 - Error
> + * 0 - OK
> + */
> +static int __init ipe_init_securityfs(void)
> +{
> +	int rc = 0;
> +	struct ipe_context *ctx = NULL;
> +
> +	ctx = ipe_current_ctx();

Hi Deven

the instruction above should be executed only if IPE LSM is
enabled. Otherwise, the kernel panics due to the illegal access
to the security blob of the task.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> +
> +	root = securityfs_create_dir("ipe", NULL);
> +	if (IS_ERR(root)) {
> +		rc = PTR_ERR(root);
> +		goto err;
> +	}
> +
> +	np = securityfs_create_file("new_policy", 0200, root, NULL, &np_fops);
> +	if (IS_ERR(np)) {
> +		rc = PTR_ERR(np);
> +		goto err;
> +	}
> +
> +	config = securityfs_create_file("config", 0400, root, NULL,
> +					&cfg_fops);
> +	if (IS_ERR(config)) {
> +		rc = PTR_ERR(config);
> +		goto err;
> +	}
> +
> +	ctx->policy_root = securityfs_create_dir("policies", root);
> +	if (IS_ERR(ctx->policy_root)) {
> +		rc = PTR_ERR(ctx->policy_root);
> +		goto err;
> +	}
> +
> +	return 0;
> +err:
> +	securityfs_remove(np);
> +	securityfs_remove(root);
> +	securityfs_remove(config);
> +	securityfs_remove(ctx->policy_root);
> +	return rc;
> +}
> +
> +fs_initcall(ipe_init_securityfs);
> diff --git a/security/ipe/fs.h b/security/ipe/fs.h
> new file mode 100644
> index 000000000000..4ab2f4e8c454
> --- /dev/null
> +++ b/security/ipe/fs.h
> @@ -0,0 +1,13 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_FS_H
> +#define IPE_FS_H
> +
> +void ipe_soft_del_policyfs(struct ipe_policy *p);
> +int ipe_new_policyfs_node(struct ipe_context *ctx, struct ipe_policy *p);
> +void ipe_del_policyfs_node(struct ipe_policy *p);
> +
> +#endif /* IPE_FS_H */
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index 8970f96453d6..b766824cc08f 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -4,6 +4,7 @@
>   */
> 
>  #include "ipe.h"
> +#include "fs.h"
>  #include "policy.h"
>  #include "ipe_parser.h"
>  #include "modules.h"
> @@ -867,6 +868,8 @@ void ipe_put_policy(struct ipe_policy *p)
>  	if (IS_ERR_OR_NULL(p) || !refcount_dec_and_test(&p->refcount))
>  		return;
> 
> +	ipe_del_policyfs_node(p);
> +	securityfs_remove(p->policyfs);
>  	free_parsed_policy(p->parsed);
>  	if (!p->pkcs7)
>  		kfree(p->text);
> @@ -911,6 +914,44 @@ static int set_pkcs7_data(void *ctx, const void *data,
> size_t len,
>  	return 0;
>  }
> 
> +/**
> + * ipe_update_policy: parse a new policy and replace @old with it.
> + * @old: Supplies a pointer to the policy to replace
> + * @text: Supplies a pointer to the plain text policy
> + * @textlen: Supplies the length of @text
> + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> + * @pkcs7len: Supplies the length of @pkcs7len
> + *
> + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> + * ipe_new_policy.
> + *
> + * Return:
> + * !IS_ERR - OK
> + */
> +struct ipe_policy *ipe_update_policy(struct ipe_policy *old,
> +				     const char *text, size_t textlen,
> +				     const char *pkcs7, size_t pkcs7len)
> +{
> +	int rc = 0;
> +	struct ipe_policy *new;
> +
> +	new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> +	if (IS_ERR(new)) {
> +		rc = PTR_ERR(new);
> +		goto err;
> +	}
> +
> +	if (strcmp(new->parsed->name, old->parsed->name)) {
> +		rc = -EINVAL;
> +		goto err;
> +	}
> +
> +	rc = ipe_replace_policy(old, new);
> +err:
> +	ipe_put_policy(new);
> +	return (rc < 0) ? ERR_PTR(rc) : new;
> +}
> +
>  /**
>   * ipe_new_policy: allocate and parse an ipe_policy structure.
>   *
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 2b5041c5a75a..6818f6405dd0 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -88,12 +88,16 @@ struct ipe_policy {
> 
>  	refcount_t	refcount;
> 
> +	struct dentry *policyfs;
>  	struct list_head next;		/* type: ipe_policy */
>  	struct ipe_context __rcu *ctx;
>  };
> 
>  struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
>  				  const char *pkcs7, size_t pkcs7len);
> +struct ipe_policy *ipe_update_policy(struct ipe_policy *old, const char *text,
> +				     size_t textlen, const char *pkcs7,
> +				     size_t pkcs7len);
>  void ipe_put_policy(struct ipe_policy *pol);
>  bool ipe_is_op_alias(int op, const enum ipe_operation **map, size_t *size);
>  struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
> diff --git a/security/ipe/policyfs.c b/security/ipe/policyfs.c
> new file mode 100644
> index 000000000000..d34c22e99225
> --- /dev/null
> +++ b/security/ipe/policyfs.c
> @@ -0,0 +1,528 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#include "ipe.h"
> +#include "policy.h"
> +#include "fs.h"
> +
> +#include <linux/fs.h>
> +#include <linux/namei.h>
> +#include <linux/types.h>
> +#include <linux/dcache.h>
> +#include <linux/security.h>
> +
> +#define MAX_VERSION_SIZE ARRAY_SIZE("65535.65535.65535")
> +
> +/**
> + * find_policy: Follow the i_private field of a dentry, returning the address
> + *		of the resulting policy structure.
> + * @f: Securityfs object that contains a link to the dentry containing the
> + *     policy structure.
> + *
> + * Return:
> + * Always-Valid Address Pointer
> + */
> +static inline struct ipe_policy __rcu **find_policy(struct file *f)
> +{
> +	struct dentry *link;
> +
> +	link = d_inode(f->f_path.dentry)->i_private;
> +
> +	return (struct ipe_policy __rcu **)&(d_inode(link)->i_private);
> +}
> +
> +/**
> + * ipefs_file: defines a file in securityfs
> + */
> +struct ipefs_file {
> +	const char	*name;
> +	umode_t		access;
> +	const struct	file_operations *fops;
> +};
> +
> +/**
> + * read_pkcs7: Read handler for the securityfs node,
> + *	       "ipe/policies/$name/pkcs7"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * @data will be populated with the pkcs7 blob representing the policy
> + * on success. If the policy is unsigned (like the boot policy), this
> + * will return -ENOENT.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t read_pkcs7(struct file *f, char __user *data,
> +			  size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	struct ipe_policy *p = NULL;
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p)
> +		return -ENOENT;
> +
> +	if (!p->pkcs7) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	rc = simple_read_from_buffer(data, len, offset, p->pkcs7, p->pkcs7len);
> +
> +out:
> +	ipe_put_policy(p);
> +	return rc;
> +}
> +
> +/**
> + * read_policy: Read handler for the securityfs node,
> + *		"ipe/policies/$name/policy"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * @data will be populated with the plain-text version of the policy
> + * on success.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t read_policy(struct file *f, char __user *data,
> +			   size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	struct ipe_policy *p = NULL;
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p)
> +		return -ENOENT;
> +
> +	rc = simple_read_from_buffer(data, len, offset, p->text, p->textlen);
> +
> +	ipe_put_policy(p);
> +	return rc;
> +}
> +
> +/**
> + * read_name: Read handler for the securityfs node,
> + *	      "ipe/policies/$name/name"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * @data will be populated with the policy_name attribute on success
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t read_name(struct file *f, char __user *data,
> +			 size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	struct ipe_policy *p = NULL;
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p)
> +		return -ENOENT;
> +
> +	rc = simple_read_from_buffer(data, len, offset, p->parsed->name,
> +				     strlen(p->parsed->name));
> +
> +	ipe_put_policy(p);
> +	return rc;
> +}
> +
> +/**
> + * read_version: Read handler for the securityfs node,
> + *		 "ipe/policies/$name/version"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * @data will be populated with the version string on success.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t read_version(struct file *f, char __user *data,
> +			    size_t len, loff_t *offset)
> +{
> +	ssize_t rc = 0;
> +	size_t bufsize = 0;
> +	struct ipe_policy *p = NULL;
> +	char buffer[MAX_VERSION_SIZE] = { 0 };
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p)
> +		return -ENOENT;
> +
> +	bufsize = scnprintf(buffer, ARRAY_SIZE(buffer), "%hu.%hu.%hu",
> +			    p->parsed->version.major, p->parsed->version.minor,
> +			    p->parsed->version.rev);
> +
> +	rc = simple_read_from_buffer(data, len, offset, buffer, bufsize);
> +
> +	ipe_put_policy(p);
> +	return rc;
> +}
> +
> +/**
> + * setactive: Write handler for the securityfs node,
> + *	      "ipe/policies/$name/active"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t setactive(struct file *f, const char __user *data,
> +			 size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	bool value = false;
> +	struct ipe_policy *p = NULL;
> +	struct ipe_context *ctx = NULL;
> +
> +	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> +		return -EPERM;
> +
> +	rc = kstrtobool_from_user(data, len, &value);
> +	if (rc)
> +		goto out;
> +
> +	if (!value) {
> +		rc = -EINVAL;
> +		goto out;
> +	}
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	ctx = ipe_get_ctx_rcu(p->ctx);
> +	if (!ctx) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	rc = ipe_set_active_pol(p);
> +
> +out:
> +	ipe_put_ctx(ctx);
> +	ipe_put_policy(p);
> +	return (rc < 0) ? rc : len;
> +}
> +
> +/**
> + * getactive: Read handler for the securityfs node,
> + *	      "ipe/policies/$name/active"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * @data will be populated with the 1 or 0 depending on if the
> + * corresponding policy is active.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t getactive(struct file *f, char __user *data,
> +			 size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	const char *str;
> +	struct ipe_policy *p = NULL;
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	str = ipe_is_policy_active(p) ? "1" : "0";
> +	rc = simple_read_from_buffer(data, len, offset, str, 2);
> +
> +out:
> +	ipe_put_policy(p);
> +	return rc;
> +}
> +
> +/**
> + * update_policy: Write handler for the securityfs node,
> + *		  "ipe/policies/$name/active"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * On success this updates the policy represented by $name,
> + * in-place.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t update_policy(struct file *f, const char __user *data,
> +			     size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	char *copy = NULL;
> +	struct ipe_policy *new = NULL;
> +	struct ipe_policy *old = NULL;
> +	struct ipe_context *ctx = NULL;
> +	struct ipe_policy __rcu **addr = NULL;
> +
> +	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> +		return -EPERM;
> +
> +	ctx = ipe_current_ctx();
> +	if (!ctx)
> +		return -ENOENT;
> +
> +	addr = find_policy(f);
> +	old = ipe_get_policy_rcu(*addr);
> +	if (!old) {
> +		rc = -ENOENT;
> +		goto err;
> +	}
> +
> +	copy = memdup_user(data, len);
> +	if (IS_ERR(copy)) {
> +		rc = PTR_ERR(copy);
> +		goto err;
> +	}
> +
> +	new = ipe_update_policy(old, NULL, 0, copy, len);
> +	if (IS_ERR(new)) {
> +		rc = PTR_ERR(new);
> +		goto err;
> +	}
> +
> +	spin_lock(&ctx->lock);
> +	rcu_assign_pointer(*addr, new);
> +	spin_unlock(&ctx->lock);
> +	synchronize_rcu();
> +
> +	swap(new->policyfs, old->policyfs);
> +
> +	kfree(copy);
> +	ipe_put_ctx(ctx);
> +	ipe_put_policy(old);
> +	return len;
> +err:
> +	kfree(copy);
> +	ipe_put_ctx(ctx);
> +	ipe_put_policy(new);
> +	ipe_put_policy(old);
> +	return rc;
> +}
> +
> +/**
> + * delete_policy: write handler for securityfs dir, "ipe/policies/$name/delete"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * On success this deletes the policy represented by $name.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t delete_policy(struct file *f, const char __user *data,
> +			     size_t len, loff_t *offset)
> +{
> +	int rc = 0;
> +	bool value = false;
> +	struct ipe_policy *p = NULL;
> +	struct ipe_context *ctx = NULL;
> +
> +	if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> +		return -EPERM;
> +
> +	rc = kstrtobool_from_user(data, len, &value);
> +	if (rc)
> +		goto out;
> +
> +	if (!value) {
> +		rc = -EINVAL;
> +		goto out;
> +	}
> +
> +	p = ipe_get_policy_rcu(*find_policy(f));
> +	if (!p) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	if (ipe_is_policy_active(p)) {
> +		rc = -EPERM;
> +		goto out;
> +	}
> +
> +	ctx = ipe_get_ctx_rcu(p->ctx);
> +	if (!ctx) {
> +		rc = -ENOENT;
> +		goto out;
> +	}
> +
> +	ipe_remove_policy(p);
> +out:
> +	ipe_put_ctx(ctx);
> +	ipe_put_policy(p);
> +	return (rc < 0) ? rc : len;
> +}
> +
> +static const struct file_operations content_fops = {
> +	.read = read_policy,
> +};
> +
> +static const struct file_operations pkcs7_fops = {
> +	.read = read_pkcs7,
> +};
> +
> +static const struct file_operations name_fops = {
> +	.read = read_name,
> +};
> +
> +static const struct file_operations ver_fops = {
> +	.read = read_version,
> +};
> +
> +static const struct file_operations active_fops = {
> +	.write = setactive,
> +	.read = getactive,
> +};
> +
> +static const struct file_operations update_fops = {
> +	.write = update_policy,
> +};
> +
> +static const struct file_operations delete_fops = {
> +	.write = delete_policy,
> +};
> +
> +/**
> + * policy_subdir: files under a policy subdirectory
> + */
> +static const struct ipefs_file policy_subdir[] = {
> +	{ "pkcs7", 0444, &pkcs7_fops },
> +	{ "policy", 0444, &content_fops },
> +	{ "name", 0444, &name_fops },
> +	{ "version", 0444, &ver_fops },
> +	{ "active", 0600, &active_fops },
> +	{ "update", 0200, &update_fops },
> +	{ "delete", 0200, &delete_fops },
> +};
> +
> +/**
> + * soft_del_policyfs - soft delete the policyfs tree, preventing new
> + *		       accesses to the interfaces for this policy.
> + * @p - Policy to soft delete the tree for.
> + */
> +static void soft_del_policyfs(struct ipe_policy *p)
> +{
> +	struct inode *ino = NULL;
> +	struct ipe_policy __rcu **addr = NULL;
> +
> +	ino = d_inode(p->policyfs);
> +	addr = (struct ipe_policy __rcu **)&ino->i_private;
> +
> +	inode_lock(ino);
> +	rcu_assign_pointer(*addr, NULL);
> +	inode_unlock(ino);
> +	synchronize_rcu();
> +}
> +
> +/**
> + * ipe_del_policyfs_node: Delete a securityfs entry for @p
> + * @p: Supplies a pointer to the policy to delete a securityfs entry for.
> + */
> +void ipe_del_policyfs_node(struct ipe_policy *p)
> +{
> +	size_t i = 0;
> +	struct dentry *d = NULL;
> +	const struct ipefs_file *f = NULL;
> +
> +	if (IS_ERR_OR_NULL(p->policyfs))
> +		return;
> +
> +	soft_del_policyfs(p);
> +
> +	for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
> +		f = &policy_subdir[i];
> +
> +		d = lookup_positive_unlocked(f->name, p->policyfs,
> +					     strlen(f->name));
> +		if (IS_ERR(d))
> +			continue;
> +
> +		securityfs_remove(d);
> +		dput(d);
> +	}
> +
> +	securityfs_remove(p->policyfs);
> +}
> +
> +/**
> + * ipe_new_policyfs_node: Create a securityfs entry for @p
> + * @ctx: Supplies a pointer to a context structure that contains the root of
> + *	 the policy tree.
> + * @p: Supplies a pointer to the policy to create a securityfs entry for.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_new_policyfs_node(struct ipe_context *ctx, struct ipe_policy *p)
> +{
> +	int rc = 0;
> +	size_t i = 0;
> +	struct dentry *d = NULL;
> +	struct ipe_policy **addr = NULL;
> +	const struct ipefs_file *f = NULL;
> +
> +	p->policyfs = securityfs_create_dir(p->parsed->name, ctx->policy_root);
> +	if (IS_ERR(p->policyfs)) {
> +		rc = PTR_ERR(p->policyfs);
> +		goto err;
> +	}
> +
> +	addr = (struct ipe_policy **)&(d_inode(p->policyfs)->i_private);
> +	*addr = p;
> +
> +	for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
> +		f = &policy_subdir[i];
> +
> +		d = securityfs_create_file(f->name, f->access, p->policyfs, p-
> >policyfs,
> +					   f->fops);
> +		if (IS_ERR(d)) {
> +			rc = PTR_ERR(d);
> +			goto err;
> +		}
> +	}
> +
> +	return 0;
> +err:
> +	ipe_del_policyfs_node(p);
> +	return rc;
> +}
> --
> 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-10-15 19:25     ` Deven Bowers
  2021-10-15 20:11       ` Eric Biggers
@ 2021-11-03 12:28       ` Roberto Sassu
  2021-11-04 17:12         ` Deven Bowers
  1 sibling, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-11-03 12:28 UTC (permalink / raw)
  To: Deven Bowers, Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
> Sent: Friday, October 15, 2021 9:26 PM
> On 10/13/2021 12:24 PM, Eric Biggers wrote:
> > On Wed, Oct 13, 2021 at 12:06:31PM -0700,
> deven.desai@linux.microsoft.com wrote:
> >> From: Fan Wu <wufan@linux.microsoft.com>
> >>
> >> Add security_inode_setsecurity to fsverity signature verification.
> >> This can let LSMs save the signature data and digest hashes provided
> >> by fsverity.
> > Can you elaborate on why LSMs need this information?
> 
> The proposed LSM (IPE) of this series will be the only one to need
> this information at the  moment. IPE’s goal is to have provide
> trust-based access control. Trust and Integrity are tied together,
> as you cannot prove trust without proving integrity.

I wanted to go back on this question.

It seems, at least for fsverity, that you could obtain the
root digest at run-time, without storing it in a security blob.

I thought I should use fsverity_get_info() but the fsverity_info
structure is not exported (it is defined in fs/verity/fsverity_private.h).

Then, I defined a new function, fsverity_get_file_digest() to copy
the file_digest member of fsverity_info to a buffer and to pass
the associated hash algorithm.

With that, the code of evaluate() for DIGLIM becomes:

        info = fsverity_get_info(file_inode(ctx->file));
        if (info)
                ret = fsverity_get_file_digest(info, buffer, sizeof(buffer), &algo);

        if (!strcmp(expect->data, "diglim") && ret > 0) {
                ret = diglim_digest_get_info(buffer, algo, COMPACT_FILE, &modifiers, &actions);
                if (!ret)
                        return true;
        }

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> IPE needs the digest information to be able to compare a digest
> provided by the policy author, against the digest calculated by
> fsverity to make a decision on whether that specific file, represented
> by the digest is authorized for the actions specified in the policy.
> 
> A more concrete example, if an IPE policy author writes:
> 
>      op=EXECUTE fsverity_digest=<HexDigest > action=DENY
> 
> IPE takes the digest provided by this security hook, stores it
> in IPE's security blob on the inode. If this file is later
> executed, IPE compares the digest stored in the LSM blob,
> provided by this hook, against <HexDigest> in the policy, if
> it matches, it denies the access, performing a revocation
> of that file.
> 
> This brings me to your next comment:
> 
>  > The digest isn't meaningful without knowing the hash algorithm it uses.
> It's available here, but you aren't passing it to this function.
> 
> The digest is meaningful without the algorithm in this case.
> IPE does not want to recalculate a digest, that’s expensive and
> doesn’t provide any value. IPE, in this case, treats this as a
> buffer to compare the policy-provided one above to make a
> policy decision about access to the resource.
> 
> >> Also changes the implementaion inside the hook function to let
> >> multiple LSMs can add hooks.
> > Please split fs/verity/ changes and security/ changes into separate patches, if
> > possible.
> 
> Sorry, will do, not a problem.
> 
> >> @@ -177,6 +178,17 @@ struct fsverity_info *fsverity_create_info(const
> struct inode *inode,
> >>   		fsverity_err(inode, "Error %d computing file digest", err);
> >>   		goto out;
> >>   	}
> >> +
> >> +	err = security_inode_setsecurity((struct inode *)inode,
> > If a non-const inode is needed, please propagate that into the callers rather
> > than randomly casting away the const.
> >
> >> +					 FS_VERITY_DIGEST_SEC_NAME,
> >> +					 vi->file_digest,
> >> +					 vi->tree_params.hash_alg-
> >digest_size,
> >> +					 0);
> >> @@ -84,7 +85,9 @@ int fsverity_verify_signature(const struct fsverity_info
> *vi,
> >>
> >>   	pr_debug("Valid signature for file digest %s:%*phN\n",
> >>   		 hash_alg->name, hash_alg->digest_size, vi->file_digest);
> >> -	return 0;
> >> +	return security_inode_setsecurity((struct inode *)inode,
> >>
> > Likewise, please don't cast away const.
> 
> Sorry, I should've caught these myself. I'll change
> fsverity_create_info to accept the non-const inode, and
> change fsverity_verify_signature to accept an additional inode
> struct as the first arg instead of changing the fsverity_info
> structure to have a non-const inode field.
> 
> >> +					FS_VERITY_SIGNATURE_SEC_NAME,
> >> +					signature, sig_size, 0);
> > This is only for fs-verity built-in signatures which aren't the only way to do
> > signatures with fs-verity.  Are you sure this is what you're looking for?
> 
> Could you elaborate on the other signature types that can be used
> with fs-verity? I’m 99% sure this is what I’m looking for as this
> is a signature validated in the kernel against the fs-verity keyring
> as part of the “fsverity enable” utility.
> 
> It's important that the signature is validated in the kernel, as
> userspace is considered untrusted until the signature is validated
> for this case.
> 
> > Can you elaborate on your use case for fs-verity built-in signatures,
> Sure, signatures, like digests, also provide a way to prove integrity,
> and the trust component comes from the validation against the keyring,
> as opposed to a fixed value in IPE’s policy. The use case for fs-verity
> built-in signatures is that we have a rw ext4 filesystem that has some
> executable files, and we want to have a execution policy (through IPE)
> that only _trusted_ executables can run. Perf is important here, hence
> fs-verity.
> 
> > and what the LSM hook will do with them?
> 
> At the moment, this will just signal to IPE that these fs-verity files were
> enabled with a built-in signature as opposed to enabled without a signature.
> In v7, it copies the signature data into IPE's LSM blob attached to the
> inode.
> In v8+, I'm changing this to store “true” in IPE's LSM blob instead, as
> copying
> the signature data is an unnecessary waste of space and point of
> failure. This
> has a _slightly_ different functionality then fs.verity.require_signatures,
> because even if someone were to disable the require signatures option, IPE
> would still know if these files were signed or not and be able to make the
> access control decision based IPE's policy.
> 
> Very concretely, this powers this kind of rule in IPE:
> 
>    op=EXECUTE fsverity_signature=TRUE action=ALLOW
> 
> if that fsverity_signature value in IPE’s LSM blob attached to the inode is
> true, then fsverity_signature in IPE’s policy will evaluate to true and
> match
> this rule. The inverse is also applicable.


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 14/16] scripts: add boot policy generation program
  2021-10-13 19:06 ` [RFC PATCH v7 14/16] scripts: add boot policy generation program deven.desai
@ 2021-11-03 16:43   ` Roberto Sassu
  2021-11-03 16:53     ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-11-03 16:43 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: deven.desai@linux.microsoft.com
> [mailto:deven.desai@linux.microsoft.com]
> From: Deven Bowers <deven.desai@linux.microsoft.com>
> 
> Enables an IPE policy to be enforced from kernel start, enabling access
> control based on trust from kernel startup. This is accomplished by
> transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
> c-string literal that is parsed at kernel startup as an unsigned policy.
> 
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> ---
> 
> Relevant changes since v6:
>   * Move patch 01/12 to [14/16] of the series
> 
> ---
>  MAINTAINERS                   |   1 +
>  scripts/Makefile              |   1 +
>  scripts/ipe/Makefile          |   2 +
>  scripts/ipe/polgen/.gitignore |   1 +
>  scripts/ipe/polgen/Makefile   |   6 ++
>  scripts/ipe/polgen/polgen.c   | 145 ++++++++++++++++++++++++++++++++++
>  security/ipe/.gitignore       |   1 +
>  security/ipe/Kconfig          |  10 +++
>  security/ipe/Makefile         |  13 +++
>  security/ipe/ctx.c            |  18 +++++
>  10 files changed, 198 insertions(+)
>  create mode 100644 scripts/ipe/Makefile
>  create mode 100644 scripts/ipe/polgen/.gitignore
>  create mode 100644 scripts/ipe/polgen/Makefile
>  create mode 100644 scripts/ipe/polgen/polgen.c
>  create mode 100644 security/ipe/.gitignore
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index f1e76f791d47..a84ca781199b 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -9283,6 +9283,7 @@ INTEGRITY POLICY ENFORCEMENT (IPE)
>  M:	Deven Bowers <deven.desai@linux.microsoft.com>
>  M:	Fan Wu <wufan@linux.microsoft.com>
>  S:	Supported
> +F:	scripts/ipe/
>  F:	security/ipe/
> 
>  INTEL 810/815 FRAMEBUFFER DRIVER
> diff --git a/scripts/Makefile b/scripts/Makefile
> index 9adb6d247818..a31da6d57a36 100644
> --- a/scripts/Makefile
> +++ b/scripts/Makefile
> @@ -41,6 +41,7 @@ targets += module.lds
>  subdir-$(CONFIG_GCC_PLUGINS) += gcc-plugins
>  subdir-$(CONFIG_MODVERSIONS) += genksyms
>  subdir-$(CONFIG_SECURITY_SELINUX) += selinux
> +subdir-$(CONFIG_SECURITY_IPE) += ipe
> 
>  # Let clean descend into subdirs
>  subdir-	+= basic dtc gdb kconfig mod
> diff --git a/scripts/ipe/Makefile b/scripts/ipe/Makefile
> new file mode 100644
> index 000000000000..e87553fbb8d6
> --- /dev/null
> +++ b/scripts/ipe/Makefile
> @@ -0,0 +1,2 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +subdir-y := polgen
> diff --git a/scripts/ipe/polgen/.gitignore b/scripts/ipe/polgen/.gitignore
> new file mode 100644
> index 000000000000..80f32f25d200
> --- /dev/null
> +++ b/scripts/ipe/polgen/.gitignore
> @@ -0,0 +1 @@
> +polgen
> diff --git a/scripts/ipe/polgen/Makefile b/scripts/ipe/polgen/Makefile
> new file mode 100644
> index 000000000000..066060c22b4a
> --- /dev/null
> +++ b/scripts/ipe/polgen/Makefile
> @@ -0,0 +1,6 @@
> +# SPDX-License-Identifier: GPL-2.0
> +hostprogs-always-y	:= polgen
> +HOST_EXTRACFLAGS += \
> +	-I$(srctree)/include \
> +	-I$(srctree)/include/uapi \
> +
> diff --git a/scripts/ipe/polgen/polgen.c b/scripts/ipe/polgen/polgen.c
> new file mode 100644
> index 000000000000..73cf13e743f7
> --- /dev/null
> +++ b/scripts/ipe/polgen/polgen.c
> @@ -0,0 +1,145 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include <stdlib.h>
> +#include <stddef.h>
> +#include <stdio.h>
> +#include <unistd.h>
> +#include <errno.h>
> +
> +static void usage(const char *const name)
> +{
> +	printf("Usage: %s OutputFile (PolicyFile)\n", name);
> +	exit(EINVAL);
> +}
> +
> +static int policy_to_buffer(const char *pathname, char **buffer, size_t *size)
> +{
> +	int rc = 0;
> +	FILE *fd;
> +	char *lbuf;
> +	size_t fsize;
> +	size_t read;
> +
> +	fd = fopen(pathname, "r");
> +	if (!fd) {
> +		rc = errno;
> +		goto out;
> +	}
> +
> +	fseek(fd, 0, SEEK_END);
> +	fsize = ftell(fd);
> +	rewind(fd);
> +
> +	lbuf = malloc(fsize);
> +	if (!lbuf) {
> +		rc = ENOMEM;
> +		goto out_close;
> +	}
> +
> +	read = fread((void *)lbuf, sizeof(*lbuf), fsize, fd);
> +	if (read != fsize) {
> +		rc = -1;
> +		goto out_free;
> +	}
> +
> +	*buffer = lbuf;
> +	*size = fsize;
> +	fclose(fd);
> +
> +	return rc;
> +
> +out_free:
> +	free(lbuf);
> +out_close:
> +	fclose(fd);
> +out:
> +	return rc;
> +}
> +
> +static int write_boot_policy(const char *pathname, const char *buf, size_t size)
> +{
> +	int rc = 0;
> +	FILE *fd;
> +	size_t i;
> +
> +	fd = fopen(pathname, "w");
> +	if (!fd) {
> +		rc = errno;
> +		goto err;
> +	}
> +
> +	fprintf(fd, "/* This file is automatically generated.");
> +	fprintf(fd, " Do not edit. */\n");
> +	fprintf(fd, "#include <stddef.h>\n");
> +	fprintf(fd, "\nextern const char *const ipe_boot_policy;\n\n");
> +	fprintf(fd, "const char *const ipe_boot_policy =\n");
> +
> +	if (!buf || size == 0) {
> +		fprintf(fd, "\tNULL;\n");
> +		fclose(fd);
> +		return 0;
> +	}
> +
> +	fprintf(fd, "\t\"");
> +
> +	for (i = 0; i < size; ++i) {
> +		switch (buf[i]) {
> +		case '"':
> +			fprintf(fd, "\\\"");
> +			break;
> +		case '\'':
> +			fprintf(fd, "'");
> +			break;
> +		case '\n':
> +			fprintf(fd, "\\n\"\n\t\"");
> +			break;
> +		case '\\':
> +			fprintf(fd, "\\\\");
> +			break;
> +		case '\t':
> +			fprintf(fd, "\\t");
> +			break;
> +		case '\?':
> +			fprintf(fd, "\\?");
> +			break;
> +		default:
> +			fprintf(fd, "%c", buf[i]);
> +		}
> +	}
> +	fprintf(fd, "\";\n");
> +	fclose(fd);
> +
> +	return 0;
> +
> +err:
> +	if (fd)
> +		fclose(fd);
> +	return rc;
> +}
> +
> +int main(int argc, const char *const argv[])
> +{
> +	int rc = 0;
> +	size_t len = 0;
> +	char *policy = NULL;
> +
> +	if (argc < 2)
> +		usage(argv[0]);
> +
> +	if (argc > 2) {
> +		rc = policy_to_buffer(argv[2], &policy, &len);
> +		if (rc != 0)
> +			goto cleanup;
> +	}
> +
> +	rc = write_boot_policy(argv[1], policy, len);
> +cleanup:
> +	if (policy)
> +		free(policy);
> +	if (rc != 0)
> +		perror("An error occurred during policy conversion: ");
> +	return rc;
> +}
> diff --git a/security/ipe/.gitignore b/security/ipe/.gitignore
> new file mode 100644
> index 000000000000..eca22ad5ed22
> --- /dev/null
> +++ b/security/ipe/.gitignore
> @@ -0,0 +1 @@
> +boot-policy.c
> \ No newline at end of file
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index fcf82a8152ec..39df680b67a2 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -20,6 +20,16 @@ menuconfig SECURITY_IPE
> 
>  if SECURITY_IPE
> 
> +config IPE_BOOT_POLICY
> +	string "Integrity policy to apply on system startup"
> +	help
> +	  This option specifies a filepath to a IPE policy that is compiled
> +	  into the kernel. This policy will be enforced until a policy update
> +	  is deployed via the $securityfs/ipe/policies/$policy_name/active
> +	  interface.
> +
> +	  If unsure, leave blank.
> +
>  choice
>  	prompt "Hash algorithm used in auditing policies"
>  	default IPE_AUDIT_HASH_SHA1
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 1e7b2d7fcd9e..89fec670f954 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -7,7 +7,18 @@
> 
>  ccflags-y := -I$(srctree)/security/ipe/modules
> 
> +quiet_cmd_polgen = IPE_POL $(2)
> +      cmd_polgen = scripts/ipe/polgen/polgen security/ipe/boot-policy.c $(2)
> +
> +$(eval $(call config_filename,IPE_BOOT_POLICY))
> +
> +targets += boot-policy.c
> +
> +$(obj)/boot-policy.c: scripts/ipe/polgen/polgen
> $(IPE_BOOT_POLICY_FILENAME) FORCE
> +	$(call if_changed,polgen,$(IPE_BOOT_POLICY_FILENAME))
> +
>  obj-$(CONFIG_SECURITY_IPE) += \
> +	boot-policy.o \
>  	ctx.o \
>  	eval.o \
>  	fs.o \
> @@ -21,3 +32,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
>  	policyfs.o \
> 
>  obj-$(CONFIG_AUDIT) += audit.o
> +
> +clean-files := boot-policy.c \
> diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
> index fc9b8e467bc9..879acf4ceac5 100644
> --- a/security/ipe/ctx.c
> +++ b/security/ipe/ctx.c
> @@ -15,6 +15,7 @@
>  #include <linux/spinlock.h>
>  #include <linux/moduleparam.h>
> 
> +extern const char *const ipe_boot_policy;
>  static bool success_audit;
>  static bool enforce = true;
> 
> @@ -329,6 +330,7 @@ void ipe_put_ctx(struct ipe_context *ctx)
>  int __init ipe_init_ctx(void)
>  {
>  	int rc = 0;
> +	struct ipe_policy *p = NULL;
>  	struct ipe_context *lns = NULL;
> 
>  	lns = create_ctx();
> @@ -342,10 +344,26 @@ int __init ipe_init_ctx(void)
>  	WRITE_ONCE(lns->enforce, enforce);
>  	spin_unlock(&lns->lock);
> 
> +	if (ipe_boot_policy) {
> +		p = ipe_new_policy(ipe_boot_policy, strlen(ipe_boot_policy),
> +				   NULL, 0);
> +		if (IS_ERR(p)) {
> +			rc = PTR_ERR(lns);

This should be:

	rc = PTR_ERR(p);

> +			goto err;
> +		}
> +
> +		ipe_add_policy(lns, p);
> +		rc = ipe_set_active_pol(p);
> +		if (!rc)

Here you need to set a non-zero value, so that ipe_init()
does not enable the LSM.

I would set to 1 a new global variable, like ipe_lsm_enabled,
in ipe_init() just before security_add_hooks().

Then, I would add a check of this variable in ipe_init_securityfs()
to avoid the kernel panic.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> +			goto err;
> +	}
> +
>  	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
> +	ipe_put_policy(p);
> 
>  	return 0;
>  err:
> +	ipe_put_policy(p);
>  	ipe_put_ctx(lns);
>  	return rc;
>  }
> --
> 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 14/16] scripts: add boot policy generation program
  2021-11-03 16:43   ` Roberto Sassu
@ 2021-11-03 16:53     ` Roberto Sassu
  2021-11-04 16:52       ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-11-03 16:53 UTC (permalink / raw)
  To: Roberto Sassu, deven.desai, corbet, axboe, agk, snitzer,
	ebiggers, tytso, paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity

> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
> Sent: Wednesday, November 3, 2021 5:43 PM
> > From: deven.desai@linux.microsoft.com
> > [mailto:deven.desai@linux.microsoft.com]
> > From: Deven Bowers <deven.desai@linux.microsoft.com>
> >
> > Enables an IPE policy to be enforced from kernel start, enabling access
> > control based on trust from kernel startup. This is accomplished by
> > transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
> > c-string literal that is parsed at kernel startup as an unsigned policy.
> >
> > Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> > ---
> >
> > Relevant changes since v6:
> >   * Move patch 01/12 to [14/16] of the series
> >
> > ---
> >  MAINTAINERS                   |   1 +
> >  scripts/Makefile              |   1 +
> >  scripts/ipe/Makefile          |   2 +
> >  scripts/ipe/polgen/.gitignore |   1 +
> >  scripts/ipe/polgen/Makefile   |   6 ++
> >  scripts/ipe/polgen/polgen.c   | 145 ++++++++++++++++++++++++++++++++++
> >  security/ipe/.gitignore       |   1 +
> >  security/ipe/Kconfig          |  10 +++
> >  security/ipe/Makefile         |  13 +++
> >  security/ipe/ctx.c            |  18 +++++
> >  10 files changed, 198 insertions(+)
> >  create mode 100644 scripts/ipe/Makefile
> >  create mode 100644 scripts/ipe/polgen/.gitignore
> >  create mode 100644 scripts/ipe/polgen/Makefile
> >  create mode 100644 scripts/ipe/polgen/polgen.c
> >  create mode 100644 security/ipe/.gitignore
> >
> > diff --git a/MAINTAINERS b/MAINTAINERS
> > index f1e76f791d47..a84ca781199b 100644
> > --- a/MAINTAINERS
> > +++ b/MAINTAINERS
> > @@ -9283,6 +9283,7 @@ INTEGRITY POLICY ENFORCEMENT (IPE)
> >  M:	Deven Bowers <deven.desai@linux.microsoft.com>
> >  M:	Fan Wu <wufan@linux.microsoft.com>
> >  S:	Supported
> > +F:	scripts/ipe/
> >  F:	security/ipe/
> >
> >  INTEL 810/815 FRAMEBUFFER DRIVER
> > diff --git a/scripts/Makefile b/scripts/Makefile
> > index 9adb6d247818..a31da6d57a36 100644
> > --- a/scripts/Makefile
> > +++ b/scripts/Makefile
> > @@ -41,6 +41,7 @@ targets += module.lds
> >  subdir-$(CONFIG_GCC_PLUGINS) += gcc-plugins
> >  subdir-$(CONFIG_MODVERSIONS) += genksyms
> >  subdir-$(CONFIG_SECURITY_SELINUX) += selinux
> > +subdir-$(CONFIG_SECURITY_IPE) += ipe
> >
> >  # Let clean descend into subdirs
> >  subdir-	+= basic dtc gdb kconfig mod
> > diff --git a/scripts/ipe/Makefile b/scripts/ipe/Makefile
> > new file mode 100644
> > index 000000000000..e87553fbb8d6
> > --- /dev/null
> > +++ b/scripts/ipe/Makefile
> > @@ -0,0 +1,2 @@
> > +# SPDX-License-Identifier: GPL-2.0-only
> > +subdir-y := polgen
> > diff --git a/scripts/ipe/polgen/.gitignore b/scripts/ipe/polgen/.gitignore
> > new file mode 100644
> > index 000000000000..80f32f25d200
> > --- /dev/null
> > +++ b/scripts/ipe/polgen/.gitignore
> > @@ -0,0 +1 @@
> > +polgen
> > diff --git a/scripts/ipe/polgen/Makefile b/scripts/ipe/polgen/Makefile
> > new file mode 100644
> > index 000000000000..066060c22b4a
> > --- /dev/null
> > +++ b/scripts/ipe/polgen/Makefile
> > @@ -0,0 +1,6 @@
> > +# SPDX-License-Identifier: GPL-2.0
> > +hostprogs-always-y	:= polgen
> > +HOST_EXTRACFLAGS += \
> > +	-I$(srctree)/include \
> > +	-I$(srctree)/include/uapi \
> > +
> > diff --git a/scripts/ipe/polgen/polgen.c b/scripts/ipe/polgen/polgen.c
> > new file mode 100644
> > index 000000000000..73cf13e743f7
> > --- /dev/null
> > +++ b/scripts/ipe/polgen/polgen.c
> > @@ -0,0 +1,145 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#include <stdlib.h>
> > +#include <stddef.h>
> > +#include <stdio.h>
> > +#include <unistd.h>
> > +#include <errno.h>
> > +
> > +static void usage(const char *const name)
> > +{
> > +	printf("Usage: %s OutputFile (PolicyFile)\n", name);
> > +	exit(EINVAL);
> > +}
> > +
> > +static int policy_to_buffer(const char *pathname, char **buffer, size_t *size)
> > +{
> > +	int rc = 0;
> > +	FILE *fd;
> > +	char *lbuf;
> > +	size_t fsize;
> > +	size_t read;
> > +
> > +	fd = fopen(pathname, "r");
> > +	if (!fd) {
> > +		rc = errno;
> > +		goto out;
> > +	}
> > +
> > +	fseek(fd, 0, SEEK_END);
> > +	fsize = ftell(fd);
> > +	rewind(fd);
> > +
> > +	lbuf = malloc(fsize);
> > +	if (!lbuf) {
> > +		rc = ENOMEM;
> > +		goto out_close;
> > +	}
> > +
> > +	read = fread((void *)lbuf, sizeof(*lbuf), fsize, fd);
> > +	if (read != fsize) {
> > +		rc = -1;
> > +		goto out_free;
> > +	}
> > +
> > +	*buffer = lbuf;
> > +	*size = fsize;
> > +	fclose(fd);
> > +
> > +	return rc;
> > +
> > +out_free:
> > +	free(lbuf);
> > +out_close:
> > +	fclose(fd);
> > +out:
> > +	return rc;
> > +}
> > +
> > +static int write_boot_policy(const char *pathname, const char *buf, size_t
> size)
> > +{
> > +	int rc = 0;
> > +	FILE *fd;
> > +	size_t i;
> > +
> > +	fd = fopen(pathname, "w");
> > +	if (!fd) {
> > +		rc = errno;
> > +		goto err;
> > +	}
> > +
> > +	fprintf(fd, "/* This file is automatically generated.");
> > +	fprintf(fd, " Do not edit. */\n");
> > +	fprintf(fd, "#include <stddef.h>\n");
> > +	fprintf(fd, "\nextern const char *const ipe_boot_policy;\n\n");
> > +	fprintf(fd, "const char *const ipe_boot_policy =\n");
> > +
> > +	if (!buf || size == 0) {
> > +		fprintf(fd, "\tNULL;\n");
> > +		fclose(fd);
> > +		return 0;
> > +	}
> > +
> > +	fprintf(fd, "\t\"");
> > +
> > +	for (i = 0; i < size; ++i) {
> > +		switch (buf[i]) {
> > +		case '"':
> > +			fprintf(fd, "\\\"");
> > +			break;
> > +		case '\'':
> > +			fprintf(fd, "'");
> > +			break;
> > +		case '\n':
> > +			fprintf(fd, "\\n\"\n\t\"");
> > +			break;
> > +		case '\\':
> > +			fprintf(fd, "\\\\");
> > +			break;
> > +		case '\t':
> > +			fprintf(fd, "\\t");
> > +			break;
> > +		case '\?':
> > +			fprintf(fd, "\\?");
> > +			break;
> > +		default:
> > +			fprintf(fd, "%c", buf[i]);
> > +		}
> > +	}
> > +	fprintf(fd, "\";\n");
> > +	fclose(fd);
> > +
> > +	return 0;
> > +
> > +err:
> > +	if (fd)
> > +		fclose(fd);
> > +	return rc;
> > +}
> > +
> > +int main(int argc, const char *const argv[])
> > +{
> > +	int rc = 0;
> > +	size_t len = 0;
> > +	char *policy = NULL;
> > +
> > +	if (argc < 2)
> > +		usage(argv[0]);
> > +
> > +	if (argc > 2) {
> > +		rc = policy_to_buffer(argv[2], &policy, &len);
> > +		if (rc != 0)
> > +			goto cleanup;
> > +	}
> > +
> > +	rc = write_boot_policy(argv[1], policy, len);
> > +cleanup:
> > +	if (policy)
> > +		free(policy);
> > +	if (rc != 0)
> > +		perror("An error occurred during policy conversion: ");
> > +	return rc;
> > +}
> > diff --git a/security/ipe/.gitignore b/security/ipe/.gitignore
> > new file mode 100644
> > index 000000000000..eca22ad5ed22
> > --- /dev/null
> > +++ b/security/ipe/.gitignore
> > @@ -0,0 +1 @@
> > +boot-policy.c
> > \ No newline at end of file
> > diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> > index fcf82a8152ec..39df680b67a2 100644
> > --- a/security/ipe/Kconfig
> > +++ b/security/ipe/Kconfig
> > @@ -20,6 +20,16 @@ menuconfig SECURITY_IPE
> >
> >  if SECURITY_IPE
> >
> > +config IPE_BOOT_POLICY
> > +	string "Integrity policy to apply on system startup"
> > +	help
> > +	  This option specifies a filepath to a IPE policy that is compiled
> > +	  into the kernel. This policy will be enforced until a policy update
> > +	  is deployed via the $securityfs/ipe/policies/$policy_name/active
> > +	  interface.
> > +
> > +	  If unsure, leave blank.
> > +
> >  choice
> >  	prompt "Hash algorithm used in auditing policies"
> >  	default IPE_AUDIT_HASH_SHA1
> > diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> > index 1e7b2d7fcd9e..89fec670f954 100644
> > --- a/security/ipe/Makefile
> > +++ b/security/ipe/Makefile
> > @@ -7,7 +7,18 @@
> >
> >  ccflags-y := -I$(srctree)/security/ipe/modules
> >
> > +quiet_cmd_polgen = IPE_POL $(2)
> > +      cmd_polgen = scripts/ipe/polgen/polgen security/ipe/boot-policy.c $(2)
> > +
> > +$(eval $(call config_filename,IPE_BOOT_POLICY))
> > +
> > +targets += boot-policy.c
> > +
> > +$(obj)/boot-policy.c: scripts/ipe/polgen/polgen
> > $(IPE_BOOT_POLICY_FILENAME) FORCE
> > +	$(call if_changed,polgen,$(IPE_BOOT_POLICY_FILENAME))
> > +
> >  obj-$(CONFIG_SECURITY_IPE) += \
> > +	boot-policy.o \
> >  	ctx.o \
> >  	eval.o \
> >  	fs.o \
> > @@ -21,3 +32,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
> >  	policyfs.o \
> >
> >  obj-$(CONFIG_AUDIT) += audit.o
> > +
> > +clean-files := boot-policy.c \
> > diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
> > index fc9b8e467bc9..879acf4ceac5 100644
> > --- a/security/ipe/ctx.c
> > +++ b/security/ipe/ctx.c
> > @@ -15,6 +15,7 @@
> >  #include <linux/spinlock.h>
> >  #include <linux/moduleparam.h>
> >
> > +extern const char *const ipe_boot_policy;
> >  static bool success_audit;
> >  static bool enforce = true;
> >
> > @@ -329,6 +330,7 @@ void ipe_put_ctx(struct ipe_context *ctx)
> >  int __init ipe_init_ctx(void)
> >  {
> >  	int rc = 0;
> > +	struct ipe_policy *p = NULL;
> >  	struct ipe_context *lns = NULL;
> >
> >  	lns = create_ctx();
> > @@ -342,10 +344,26 @@ int __init ipe_init_ctx(void)
> >  	WRITE_ONCE(lns->enforce, enforce);
> >  	spin_unlock(&lns->lock);
> >
> > +	if (ipe_boot_policy) {
> > +		p = ipe_new_policy(ipe_boot_policy, strlen(ipe_boot_policy),
> > +				   NULL, 0);
> > +		if (IS_ERR(p)) {
> > +			rc = PTR_ERR(lns);
> 
> This should be:
> 
> 	rc = PTR_ERR(p);
> 
> > +			goto err;
> > +		}
> > +
> > +		ipe_add_policy(lns, p);
> > +		rc = ipe_set_active_pol(p);
> > +		if (!rc)
> 
> Here you need to set a non-zero value, so that ipe_init()
> does not enable the LSM.

Actually you probably should just check that rc is not zero
and goto err.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> I would set to 1 a new global variable, like ipe_lsm_enabled,
> in ipe_init() just before security_add_hooks().
> 
> Then, I would add a check of this variable in ipe_init_securityfs()
> to avoid the kernel panic.
> 
> Roberto
> 
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
> 
> > +			goto err;
> > +	}
> > +
> >  	rcu_assign_pointer(*ipe_tsk_ctx(current), lns);
> > +	ipe_put_policy(p);
> >
> >  	return 0;
> >  err:
> > +	ipe_put_policy(p);
> >  	ipe_put_ctx(lns);
> >  	return rc;
> >  }
> > --
> > 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 04/16] ipe: add userspace interface
  2021-11-03  9:42   ` Roberto Sassu
@ 2021-11-04 16:50     ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-11-04 16:50 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 11/3/2021 2:42 AM, Roberto Sassu wrote:
>>
>> +
>> +/**
>> + * ipe_init_securityfs: Initialize IPE's securityfs tree at fsinit
>> + *
>> + * Return:
>> + * !0 - Error
>> + * 0 - OK
>> + */
>> +static int __init ipe_init_securityfs(void)
>> +{
>> +	int rc = 0;
>> +	struct ipe_context *ctx = NULL;
>> +
>> +	ctx = ipe_current_ctx();
> Hi Deven
>
> the instruction above should be executed only if IPE LSM is
> enabled. Otherwise, the kernel panics due to the illegal access
> to the security blob of the task.

I see. I mistakenly assumed that failure in the LSM init would cause
a kernel panic (as the system is now booting without a potentially
required security component) as opposed to just disabling the LSM
and emitting a warning.

Easy fix for v8.

Thanks for pointing it out.



^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 14/16] scripts: add boot policy generation program
  2021-11-03 16:53     ` Roberto Sassu
@ 2021-11-04 16:52       ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-11-04 16:52 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 11/3/2021 9:53 AM, Roberto Sassu wrote:
>> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
>> Sent: Wednesday, November 3, 2021 5:43 PM
>>> From: deven.desai@linux.microsoft.com
>>> [mailto:deven.desai@linux.microsoft.com]
>>> From: Deven Bowers <deven.desai@linux.microsoft.com>
>>>
>>> Enables an IPE policy to be enforced from kernel start, enabling access
>>> control based on trust from kernel startup. This is accomplished by
>>> transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
>>> c-string literal that is parsed at kernel startup as an unsigned policy.
>>>
>>> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
>>> ---
>>>
>>> Relevant changes since v6:
>>>    * Move patch 01/12 to [14/16] of the series
>>>
>>> ---
>>>   MAINTAINERS                   |   1 +
>>>   scripts/Makefile              |   1 +
>>>   scripts/ipe/Makefile          |   2 +
>>>   scripts/ipe/polgen/.gitignore |   1 +
>>>   scripts/ipe/polgen/Makefile   |   6 ++
>>>   scripts/ipe/polgen/polgen.c   | 145 ++++++++++++++++++++++++++++++++++
>>>   security/ipe/.gitignore       |   1 +
>>>   security/ipe/Kconfig          |  10 +++
>>>   security/ipe/Makefile         |  13 +++
>>>   security/ipe/ctx.c            |  18 +++++
>>>   10 files changed, 198 insertions(+)
>>>   create mode 100644 scripts/ipe/Makefile
>>>   create mode 100644 scripts/ipe/polgen/.gitignore
>>>   create mode 100644 scripts/ipe/polgen/Makefile
>>>   create mode 100644 scripts/ipe/polgen/polgen.c
>>>   create mode 100644 security/ipe/.gitignore
>>>
>>> diff --git a/MAINTAINERS b/MAINTAINERS
>>> index f1e76f791d47..a84ca781199b 100644
>>> --- a/MAINTAINERS
>>> +++ b/MAINTAINERS
>>> @@ -9283,6 +9283,7 @@ INTEGRITY POLICY ENFORCEMENT (IPE)
>>>   M:	Deven Bowers <deven.desai@linux.microsoft.com>
>>>   M:	Fan Wu <wufan@linux.microsoft.com>
>>>   S:	Supported
>>> +F:	scripts/ipe/
>>>   F:	security/ipe/
>>>
>>>   INTEL 810/815 FRAMEBUFFER DRIVER
>>> diff --git a/scripts/Makefile b/scripts/Makefile
>>> index 9adb6d247818..a31da6d57a36 100644
>>> --- a/scripts/Makefile
>>> +++ b/scripts/Makefile
>>> @@ -41,6 +41,7 @@ targets += module.lds
>>>   subdir-$(CONFIG_GCC_PLUGINS) += gcc-plugins
>>>   subdir-$(CONFIG_MODVERSIONS) += genksyms
>>>   subdir-$(CONFIG_SECURITY_SELINUX) += selinux
>>> +subdir-$(CONFIG_SECURITY_IPE) += ipe
>>>
>>>   # Let clean descend into subdirs
>>>   subdir-	+= basic dtc gdb kconfig mod
>>> diff --git a/scripts/ipe/Makefile b/scripts/ipe/Makefile
>>> new file mode 100644
>>> index 000000000000..e87553fbb8d6
>>> --- /dev/null
>>> +++ b/scripts/ipe/Makefile
>>> @@ -0,0 +1,2 @@
>>> +# SPDX-License-Identifier: GPL-2.0-only
>>> +subdir-y := polgen
>>> diff --git a/scripts/ipe/polgen/.gitignore b/scripts/ipe/polgen/.gitignore
>>> new file mode 100644
>>> index 000000000000..80f32f25d200
>>> --- /dev/null
>>> +++ b/scripts/ipe/polgen/.gitignore
>>> @@ -0,0 +1 @@
>>> +polgen
>>> diff --git a/scripts/ipe/polgen/Makefile b/scripts/ipe/polgen/Makefile
>>> new file mode 100644
>>> index 000000000000..066060c22b4a
>>> --- /dev/null
>>> +++ b/scripts/ipe/polgen/Makefile
>>> @@ -0,0 +1,6 @@
>>> +# SPDX-License-Identifier: GPL-2.0
>>> +hostprogs-always-y	:= polgen
>>> +HOST_EXTRACFLAGS += \
>>> +	-I$(srctree)/include \
>>> +	-I$(srctree)/include/uapi \
>>> +
>>> diff --git a/scripts/ipe/polgen/polgen.c b/scripts/ipe/polgen/polgen.c
>>> new file mode 100644
>>> index 000000000000..73cf13e743f7
>>> --- /dev/null
>>> +++ b/scripts/ipe/polgen/polgen.c
>>> @@ -0,0 +1,145 @@
>>> +// SPDX-License-Identifier: GPL-2.0
>>> +/*
>>> + * Copyright (C) Microsoft Corporation. All rights reserved.
>>> + */
>>> +
>>> +#include <stdlib.h>
>>> +#include <stddef.h>
>>> +#include <stdio.h>
>>> +#include <unistd.h>
>>> +#include <errno.h>
>>> +
>>> +static void usage(const char *const name)
>>> +{
>>> +	printf("Usage: %s OutputFile (PolicyFile)\n", name);
>>> +	exit(EINVAL);
>>> +}
>>> +
>>> +static int policy_to_buffer(const char *pathname, char **buffer, size_t *size)
>>> +{
>>> +	int rc = 0;
>>> +	FILE *fd;
>>> +	char *lbuf;
>>> +	size_t fsize;
>>> +	size_t read;
>>> +
>>> +	fd = fopen(pathname, "r");
>>> +	if (!fd) {
>>> +		rc = errno;
>>> +		goto out;
>>> +	}
>>> +
>>> +	fseek(fd, 0, SEEK_END);
>>> +	fsize = ftell(fd);
>>> +	rewind(fd);
>>> +
>>> +	lbuf = malloc(fsize);
>>> +	if (!lbuf) {
>>> +		rc = ENOMEM;
>>> +		goto out_close;
>>> +	}
>>> +
>>> +	read = fread((void *)lbuf, sizeof(*lbuf), fsize, fd);
>>> +	if (read != fsize) {
>>> +		rc = -1;
>>> +		goto out_free;
>>> +	}
>>> +
>>> +	*buffer = lbuf;
>>> +	*size = fsize;
>>> +	fclose(fd);
>>> +
>>> +	return rc;
>>> +
>>> +out_free:
>>> +	free(lbuf);
>>> +out_close:
>>> +	fclose(fd);
>>> +out:
>>> +	return rc;
>>> +}
>>> +
>>> +static int write_boot_policy(const char *pathname, const char *buf, size_t
>> size)
>>> +{
>>> +	int rc = 0;
>>> +	FILE *fd;
>>> +	size_t i;
>>> +
>>> +	fd = fopen(pathname, "w");
>>> +	if (!fd) {
>>> +		rc = errno;
>>> +		goto err;
>>> +	}
>>> +
>>> +	fprintf(fd, "/* This file is automatically generated.");
>>> +	fprintf(fd, " Do not edit. */\n");
>>> +	fprintf(fd, "#include <stddef.h>\n");
>>> +	fprintf(fd, "\nextern const char *const ipe_boot_policy;\n\n");
>>> +	fprintf(fd, "const char *const ipe_boot_policy =\n");
>>> +
>>> +	if (!buf || size == 0) {
>>> +		fprintf(fd, "\tNULL;\n");
>>> +		fclose(fd);
>>> +		return 0;
>>> +	}
>>> +
>>> +	fprintf(fd, "\t\"");
>>> +
>>> +	for (i = 0; i < size; ++i) {
>>> +		switch (buf[i]) {
>>> +		case '"':
>>> +			fprintf(fd, "\\\"");
>>> +			break;
>>> +		case '\'':
>>> +			fprintf(fd, "'");
>>> +			break;
>>> +		case '\n':
>>> +			fprintf(fd, "\\n\"\n\t\"");
>>> +			break;
>>> +		case '\\':
>>> +			fprintf(fd, "\\\\");
>>> +			break;
>>> +		case '\t':
>>> +			fprintf(fd, "\\t");
>>> +			break;
>>> +		case '\?':
>>> +			fprintf(fd, "\\?");
>>> +			break;
>>> +		default:
>>> +			fprintf(fd, "%c", buf[i]);
>>> +		}
>>> +	}
>>> +	fprintf(fd, "\";\n");
>>> +	fclose(fd);
>>> +
>>> +	return 0;
>>> +
>>> +err:
>>> +	if (fd)
>>> +		fclose(fd);
>>> +	return rc;
>>> +}
>>> +
>>> +int main(int argc, const char *const argv[])
>>> +{
>>> +	int rc = 0;
>>> +	size_t len = 0;
>>> +	char *policy = NULL;
>>> +
>>> +	if (argc < 2)
>>> +		usage(argv[0]);
>>> +
>>> +	if (argc > 2) {
>>> +		rc = policy_to_buffer(argv[2], &policy, &len);
>>> +		if (rc != 0)
>>> +			goto cleanup;
>>> +	}
>>> +
>>> +	rc = write_boot_policy(argv[1], policy, len);
>>> +cleanup:
>>> +	if (policy)
>>> +		free(policy);
>>> +	if (rc != 0)
>>> +		perror("An error occurred during policy conversion: ");
>>> +	return rc;
>>> +}
>>> diff --git a/security/ipe/.gitignore b/security/ipe/.gitignore
>>> new file mode 100644
>>> index 000000000000..eca22ad5ed22
>>> --- /dev/null
>>> +++ b/security/ipe/.gitignore
>>> @@ -0,0 +1 @@
>>> +boot-policy.c
>>> \ No newline at end of file
>>> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
>>> index fcf82a8152ec..39df680b67a2 100644
>>> --- a/security/ipe/Kconfig
>>> +++ b/security/ipe/Kconfig
>>> @@ -20,6 +20,16 @@ menuconfig SECURITY_IPE
>>>
>>>   if SECURITY_IPE
>>>
>>> +config IPE_BOOT_POLICY
>>> +	string "Integrity policy to apply on system startup"
>>> +	help
>>> +	  This option specifies a filepath to a IPE policy that is compiled
>>> +	  into the kernel. This policy will be enforced until a policy update
>>> +	  is deployed via the $securityfs/ipe/policies/$policy_name/active
>>> +	  interface.
>>> +
>>> +	  If unsure, leave blank.
>>> +
>>>   choice
>>>   	prompt "Hash algorithm used in auditing policies"
>>>   	default IPE_AUDIT_HASH_SHA1
>>> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
>>> index 1e7b2d7fcd9e..89fec670f954 100644
>>> --- a/security/ipe/Makefile
>>> +++ b/security/ipe/Makefile
>>> @@ -7,7 +7,18 @@
>>>
>>>   ccflags-y := -I$(srctree)/security/ipe/modules
>>>
>>> +quiet_cmd_polgen = IPE_POL $(2)
>>> +      cmd_polgen = scripts/ipe/polgen/polgen security/ipe/boot-policy.c $(2)
>>> +
>>> +$(eval $(call config_filename,IPE_BOOT_POLICY))
>>> +
>>> +targets += boot-policy.c
>>> +
>>> +$(obj)/boot-policy.c: scripts/ipe/polgen/polgen
>>> $(IPE_BOOT_POLICY_FILENAME) FORCE
>>> +	$(call if_changed,polgen,$(IPE_BOOT_POLICY_FILENAME))
>>> +
>>>   obj-$(CONFIG_SECURITY_IPE) += \
>>> +	boot-policy.o \
>>>   	ctx.o \
>>>   	eval.o \
>>>   	fs.o \
>>> @@ -21,3 +32,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
>>>   	policyfs.o \
>>>
>>>   obj-$(CONFIG_AUDIT) += audit.o
>>> +
>>> +clean-files := boot-policy.c \
>>> diff --git a/security/ipe/ctx.c b/security/ipe/ctx.c
>>> index fc9b8e467bc9..879acf4ceac5 100644
>>> --- a/security/ipe/ctx.c
>>> +++ b/security/ipe/ctx.c
>>> @@ -15,6 +15,7 @@
>>>   #include <linux/spinlock.h>
>>>   #include <linux/moduleparam.h>
>>>
>>> +extern const char *const ipe_boot_policy;
>>>   static bool success_audit;
>>>   static bool enforce = true;
>>>
>>> @@ -329,6 +330,7 @@ void ipe_put_ctx(struct ipe_context *ctx)
>>>   int __init ipe_init_ctx(void)
>>>   {
>>>   	int rc = 0;
>>> +	struct ipe_policy *p = NULL;
>>>   	struct ipe_context *lns = NULL;
>>>
>>>   	lns = create_ctx();
>>> @@ -342,10 +344,26 @@ int __init ipe_init_ctx(void)
>>>   	WRITE_ONCE(lns->enforce, enforce);
>>>   	spin_unlock(&lns->lock);
>>>
>>> +	if (ipe_boot_policy) {
>>> +		p = ipe_new_policy(ipe_boot_policy, strlen(ipe_boot_policy),
>>> +				   NULL, 0);
>>> +		if (IS_ERR(p)) {
>>> +			rc = PTR_ERR(lns);
>> This should be:
>>
>> 	rc = PTR_ERR(p);
>>
>>> +			goto err;
>>> +		}
>>> +
>>> +		ipe_add_policy(lns, p);
>>> +		rc = ipe_set_active_pol(p);
>>> +		if (!rc)
>> Here you need to set a non-zero value, so that ipe_init()
>> does not enable the LSM.
> Actually you probably should just check that rc is not zero
> and goto err.
>
> Roberto
>
Yeah, I actually noticed these two mistakes myself fairly recently.

Changes will be applied in v8.
>
>> I would set to 1 a new global variable, like ipe_lsm_enabled,
>> in ipe_init() just before security_add_hooks().
>>
>> Then, I would add a check of this variable in ipe_init_securityfs()
>> to avoid the kernel panic.

That's my plan.

-Deven

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 07/16] ipe: add auditing support
  2021-11-02 19:44       ` Steve Grubb
@ 2021-11-04 16:59         ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-11-04 16:59 UTC (permalink / raw)
  To: Steve Grubb, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, linux-audit
  Cc: linux-security-module, linux-doc, jannh, linux-fscrypt,
	linux-kernel, linux-block, dm-devel


On 11/2/2021 12:44 PM, Steve Grubb wrote:
> Hello,
>
> On Friday, October 15, 2021 3:25:47 PM EDT Deven Bowers wrote:
>> On 10/13/2021 1:02 PM, Steve Grubb wrote:
>>> On Wednesday, October 13, 2021 3:06:26 PM EDT
>>> deven.desai@linux.microsoft.com> 
>>> wrote:
>>>> Users of IPE require a way to identify when and why an operation fails,
>>>> allowing them to both respond to violations of policy and be notified
>>>> of potentially malicious actions on their systens with respect to IPE
>>>> itself.
>>> Would you mind sending examples of audit events so that we can see what
>>> the end result is? Some people add them to the commit text. But we still
>>> need to see what they look like.
>> Sure, sorry. I’ll add them to the commit description (and the documentation
>> patch at the end) for v8 – In the interest of asynchronous feedback, I’ve
>> copied the relevant examples:
> Thanks for sending these. This helps.
>
>   
>> AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
>> ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
>> ctx_ino=532 ctx_dev=vda rule="DEFAULT op=EXECUTE action=DENY"
> Question...why do all of these have a ctx_  prefix?

Ah, the ctx_ was because these fields are all grouped in ipe in a 
context (ctx)
structure. An private version (pre-v1) had these grouped like:

    ctx={ pid=229 comm="grep" op=EXECUTE ... }

But during an internal review, it was brought up that the grouping is likely
non-standard and to cause more issues than its worth instead of just 
prefixing
the field with ctx_. Now that I think about it a bit more, the context is
implicit, so the prefix and grouping doesn't make sense.

> Is it possible to trigger an audit context so that the audit machinery
> collects all of this stuff in  it's own way? Which means you could drop
> everything execept op, hook, enforce, rule, and action.

I could do something internal in IPE that will create the context in the 
right
way. As far as inside the audit stack it looks like the closest analogue 
would
be common_lsm_audit - which fixes the type to be AVC. I don't think 
adding another
form of AVC is appropriate?

I could also either extend common_lsm_audit to accept a type parameter, or
make a more generalized function as part of the audit framework. Do you have
a preference? Paul, do you have a preference?

> We also have a field dictionary here:
> https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
> field-dictionary.csv
>
> which names the known fields and how they should be formatted. If there is a
> collision where they are something else and cannot be in the same format,
> then we make a new name and hopefully update the dictionary. For example, if
> you are collecting a process id, use pid and not ctx_pid so that it matches a
> known definition.

Wow. I didn't know about this - it should be pretty easy to change the 
fields
to follow this mapping. Almost everything has a correlation already. It 
looks
like there would be only one collision with hook being currently defined
with netfilter. Everything else would be new (e.g. rule), or could map
an existingfield.
> Also, I don't thnk these events can stand on their own. Who did this action?
> You have the pid, but no uid, auid, or session_id.

It makes sense to add these fields; and it'd be taken care of with your 
suggestion
above to make the audit context just gathers this information in its 
own, consistent
way.

> Hope this helps...
>
> -Steve
>
>   
>> AUDIT1420 IPE ctx_pid=229 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=0
>> ctx_comm="grep" ctx_pathname="/usr/lib/libc-2.23.so"
>> ctx_ino=532 ctx_dev=vda rule="DEFAULT action=DENY"
>>
>> AUDIT1420 IPE ctx_pid=253 ctx_op=EXECUTE ctx_hook=MMAP ctx_enforce=1
>> ctx_comm="anon" rule="DEFAULT op=EXECUTE action=DENY"
>>
>> These three audit records represent various types of results after
>> evaluating
>> the trust of a resource. The first two differ in the rule that was
>> matched in
>> IPE's policy, the first being an operation-specific default, the second
>> being
>> a global default. The third is an example of what is audited when anonymous
>> memory is blocked (as there is no way to verify the trust of an anonymous
>> page).
>>
>> The remaining three events, AUDIT_TRUST_POLICY_LOAD (1421),
>> AUDIT_TRUST_POLICY_ACTIVATE (1422), and AUDIT_TRUST_STATUS (1423) have this
>> form:
>>
>> AUDIT1421 IPE policy_name="my-policy" policy_version=0.0.0
>> <hash_alg_name>=<hash>
>> AUDIT1422 IPE policy_name="my-policy" policy_version=0.0.0
>> <hash_alg_name>=<hash>
>> AUDIT1423 IPE enforce=1
>>
>> The 1421 (AUDIT_TRUST_POLICY_LOAD) event represents a new policy was loaded
>> into the kernel, but not is not marked as the policy to enforce. The
>>
>> The 1422 (AUDIT_TRUST_POLICY_ACTIVATE) event represents a policy that was
>> already loaded was made the enforcing policy.
>>
>> The 1423 (AUDIT_TRUST_STATUS) event represents a switch between
>> permissive and
>> enforce, it is added in 08/16 (the following patch)

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature
  2021-11-03 12:28       ` Roberto Sassu
@ 2021-11-04 17:12         ` Deven Bowers
  0 siblings, 0 replies; 63+ messages in thread
From: Deven Bowers @ 2021-11-04 17:12 UTC (permalink / raw)
  To: Roberto Sassu, Eric Biggers
  Cc: corbet, axboe, agk, snitzer, tytso, paul, eparis, jmorris, serge,
	jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity


On 11/3/2021 5:28 AM, Roberto Sassu wrote:
>> From: Deven Bowers [mailto:deven.desai@linux.microsoft.com]
>> Sent: Friday, October 15, 2021 9:26 PM
>> On 10/13/2021 12:24 PM, Eric Biggers wrote:
>>> On Wed, Oct 13, 2021 at 12:06:31PM -0700,
>> deven.desai@linux.microsoft.com wrote:
>>>> From: Fan Wu <wufan@linux.microsoft.com>
>>>>
>>>> Add security_inode_setsecurity to fsverity signature verification.
>>>> This can let LSMs save the signature data and digest hashes provided
>>>> by fsverity.
>>> Can you elaborate on why LSMs need this information?
>> The proposed LSM (IPE) of this series will be the only one to need
>> this information at the  moment. IPE’s goal is to have provide
>> trust-based access control. Trust and Integrity are tied together,
>> as you cannot prove trust without proving integrity.
> I wanted to go back on this question.
>
> It seems, at least for fsverity, that you could obtain the
> root digest at run-time, without storing it in a security blob.
>
> I thought I should use fsverity_get_info() but the fsverity_info
> structure is not exported (it is defined in fs/verity/fsverity_private.h).
>
> Then, I defined a new function, fsverity_get_file_digest() to copy
> the file_digest member of fsverity_info to a buffer and to pass
> the associated hash algorithm.
>
> With that, the code of evaluate() for DIGLIM becomes:
>
>          info = fsverity_get_info(file_inode(ctx->file));
>          if (info)
>                  ret = fsverity_get_file_digest(info, buffer, sizeof(buffer), &algo);
>
>          if (!strcmp(expect->data, "diglim") && ret > 0) {
>                  ret = diglim_digest_get_info(buffer, algo, COMPACT_FILE, &modifiers, &actions);
>                  if (!ret)
>                          return true;
>          }
This would work with the digest with a bit more code in fs-verity. It
also has benefits if there are other callers who want this information.

I was planning on grouping the digest and signature into 
apublic_key_signature
structure in v8 to pass the digest, digest algorithm,digest size, signature
and signature size (as opposed to defining a new structfor this purpose),
reducing the number of LSM hook calls down to one functionin fsverity.

I think both approaches have merit. fsverity_get_file_digest is more useful
if there are callers outside of LSMs that want this information. The LSM 
hook
is cleaner if only LSMs want this information.

At least, at the moment, it seems like it's only IPE who wants this 
information,
and it's not like it won't be able to change later if the need arises, 
as this
is all implementation details that wouldn't effect the end-user.

I'll defer to Eric - his opinion holds the most weight, as fsverity would be
the main code affected in either case.


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider
  2021-10-13 19:06 ` [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider deven.desai
@ 2021-11-25  9:37   ` Roberto Sassu
  2021-11-30 18:55     ` Deven Bowers
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-11-25  9:37 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: deven.desai@linux.microsoft.com
> [mailto:deven.desai@linux.microsoft.com]
> Sent: Wednesday, October 13, 2021 9:07 PM
> From: Deven Bowers <deven.desai@linux.microsoft.com>
> 
> Allows author of IPE policy to indicate trust for a singular dm-verity
> volume, identified by roothash, through "dmverity_roothash" and all
> signed dm-verity volumes, through "dmverity_signature".
> 
> Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
> ---
> 
> Relevant changes since v6:
>   * Squash patch 08/12, 10/12 to [11/16]
> 
> ---
>  security/ipe/eval.c                       |  5 ++
>  security/ipe/eval.h                       | 10 +++
>  security/ipe/hooks.c                      | 48 ++++++++++++++
>  security/ipe/hooks.h                      |  6 ++
>  security/ipe/ipe.c                        |  9 +++
>  security/ipe/ipe.h                        |  3 +
>  security/ipe/modules/Kconfig              | 23 +++++++
>  security/ipe/modules/Makefile             |  2 +
>  security/ipe/modules/dmverity_roothash.c  | 80 +++++++++++++++++++++++
>  security/ipe/modules/dmverity_signature.c | 25 +++++++
>  10 files changed, 211 insertions(+)
>  create mode 100644 security/ipe/modules/dmverity_roothash.c
>  create mode 100644 security/ipe/modules/dmverity_signature.c
> 
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> index 361efccebad4..facc05c753f4 100644
> --- a/security/ipe/eval.c
> +++ b/security/ipe/eval.c
> @@ -23,6 +23,7 @@ static struct super_block *pinned_sb;
>  static DEFINE_SPINLOCK(pin_lock);
> 
>  #define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> +#define FILE_BLOCK_DEV(f) (FILE_SUPERBLOCK(f)->s_bdev)
> 
>  /**
>   * pin_sb: pin the underlying superblock of @f, marking it as trusted
> @@ -95,6 +96,10 @@ static struct ipe_eval_ctx *build_ctx(const struct file *file,
>  	ctx->hook = hook;
>  	ctx->ci_ctx = ipe_current_ctx();
>  	ctx->from_init_sb = from_pinned(file);
> +	if (file) {
> +		if (FILE_BLOCK_DEV(file))
> +			ctx->ipe_bdev = ipe_bdev(FILE_BLOCK_DEV(file));
> +	}
> 
>  	return ctx;
>  }
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> index 42fb7fdf2599..25d2d8d55702 100644
> --- a/security/ipe/eval.h
> +++ b/security/ipe/eval.h
> @@ -13,6 +13,14 @@
>  #include "hooks.h"
>  #include "policy.h"
> 
> +struct ipe_bdev {
> +	const u8       *sigdata;
> +	size_t		siglen;
> +
> +	const u8       *hash;
> +	size_t		hashlen;
> +};
> +
>  struct ipe_eval_ctx {
>  	enum ipe_hook hook;
>  	enum ipe_operation op;
> @@ -20,6 +28,8 @@ struct ipe_eval_ctx {
>  	const struct file *file;
>  	struct ipe_context *ci_ctx;
> 
> +	const struct ipe_bdev *ipe_bdev;
> +
>  	bool from_init_sb;
>  };
> 
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index 2d4a4f0eead0..470fb48e490c 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -13,6 +13,7 @@
>  #include <linux/types.h>
>  #include <linux/refcount.h>
>  #include <linux/rcupdate.h>
> +#include <linux/blk_types.h>
>  #include <linux/binfmts.h>
>  #include <linux/mman.h>
> 
> @@ -219,3 +220,50 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
>  {
>  	ipe_invalidate_pinned_sb(mnt_sb);
>  }
> +
> +/**
> + * ipe_bdev_free_security: free nested structures within IPE's LSM blob
> + *			   in block_devices
> + * @bdev: Supplies a pointer to a block_device that contains the structure
> + *	  to free.
> + */
> +void ipe_bdev_free_security(struct block_device *bdev)
> +{
> +	struct ipe_bdev *blob = ipe_bdev(bdev);
> +
> +	kfree(blob->sigdata);
> +}
> +
> +/**
> + * ipe_bdev_setsecurity: associate some data from the block device layer
> + *			 with IPE's LSM blob.
> + * @bdev: Supplies a pointer to a block_device that contains the LSM blob.
> + * @key: Supplies the string key that uniquely identifies the value.
> + * @value: Supplies the value to store.
> + * @len: The length of @value.
> + */
> +int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
> +			 const void *value, size_t len)
> +{
> +	struct ipe_bdev *blob = ipe_bdev(bdev);
> +
> +	if (!strcmp(key, DM_VERITY_SIGNATURE_SEC_NAME)) {
> +		blob->siglen = len;
> +		blob->sigdata = kmemdup(value, len, GFP_KERNEL);
> +		if (!blob->sigdata)
> +			return -ENOMEM;
> +
> +		return 0;
> +	}
> +
> +	if (!strcmp(key, DM_VERITY_ROOTHASH_SEC_NAME)) {
> +		blob->hashlen = len;
> +		blob->hash = kmemdup(value, len, GFP_KERNEL);
> +		if (!blob->hash)
> +			return -ENOMEM;
> +
> +		return 0;
> +	}
> +
> +	return -ENOSYS;
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index e7f107ab5620..285f35187188 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -10,6 +10,7 @@
>  #include <linux/sched.h>
>  #include <linux/binfmts.h>
>  #include <linux/security.h>
> +#include <linux/device-mapper.h>
> 
>  enum ipe_hook {
>  	ipe_hook_exec = 0,
> @@ -40,4 +41,9 @@ int ipe_on_kernel_load_data(enum kernel_load_data_id
> id, bool contents);
> 
>  void ipe_sb_free_security(struct super_block *mnt_sb);
> 
> +void ipe_bdev_free_security(struct block_device *bdev);
> +
> +int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
> +			 const void *value, size_t len);
> +
>  #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 1382d50078ec..215936cb4574 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -9,6 +9,7 @@
>  #include "ipe_parser.h"
>  #include "modules/ipe_module.h"
>  #include "modules.h"
> +#include "eval.h"
> 
>  #include <linux/fs.h>
>  #include <linux/sched.h>
> @@ -20,8 +21,14 @@
> 
>  struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>  	.lbs_task = sizeof(struct ipe_context __rcu *),
> +	.lbs_bdev = sizeof(struct ipe_bdev),
>  };
> 
> +struct ipe_bdev *ipe_bdev(struct block_device *b)
> +{
> +	return b->security + ipe_blobs.lbs_bdev;
> +}
> +
>  static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
>  	LSM_HOOK_INIT(task_alloc, ipe_task_alloc),
>  	LSM_HOOK_INIT(task_free, ipe_task_free),
> @@ -31,6 +38,8 @@ static struct security_hook_list ipe_hooks[]
> __lsm_ro_after_init = {
>  	LSM_HOOK_INIT(kernel_read_file, ipe_on_kernel_read),
>  	LSM_HOOK_INIT(kernel_load_data, ipe_on_kernel_load_data),
>  	LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> +	LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
> +	LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
>  };
> 
>  /**
> diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
> index ad16d2bebfec..6b4c7e07f204 100644
> --- a/security/ipe/ipe.h
> +++ b/security/ipe/ipe.h
> @@ -14,10 +14,13 @@
> 
>  #include <linux/types.h>
>  #include <linux/sched.h>
> +#include <linux/blk_types.h>
>  #include <linux/lsm_hooks.h>
> 
>  extern struct lsm_blob_sizes ipe_blobs;
>  extern struct ipe_parser __start_ipe_parsers[], __end_ipe_parsers[];
>  extern struct ipe_module __start_ipe_modules[], __end_ipe_modules[];
> 
> +struct ipe_bdev *ipe_bdev(struct block_device *b);
> +
>  #endif /* IPE_H */
> diff --git a/security/ipe/modules/Kconfig b/security/ipe/modules/Kconfig
> index fad96ba534e2..a6ea06cf0737 100644
> --- a/security/ipe/modules/Kconfig
> +++ b/security/ipe/modules/Kconfig
> @@ -16,5 +16,28 @@ config IPE_PROP_BOOT_VERIFIED
> 
>  	  If unsure, answer N.
> 
> +config IPE_PROP_DM_VERITY_SIGNATURE
> +	bool "Enable support for signed dm-verity volumes"
> +	depends on DM_VERITY_VERIFY_ROOTHASH_SIG
> +	default Y
> +	help
> +	  This option enables the property 'dmverity_signature' in
> +	  IPE policy. This property evaluates to TRUE when a file
> +	  is evaluated against a dm-verity volume that was mounted
> +	  with a signed root-hash.
> +
> +	  If unsure, answer Y.
> +
> +config IPE_PROP_DM_VERITY_ROOTHASH
> +	bool "Enable support for dm-verity volumes"
> +	depends on DM_VERITY
> +	default Y
> +	help
> +	  This option enables the property 'dmverity_roothash' in
> +	  IPE policy. This property evaluates to TRUE when a file
> +	  is evaluated against a dm-verity volume whose root hash
> +	  matches the supplied value.
> +
> +	  If unsure, answer Y.
> 
>  endmenu
> diff --git a/security/ipe/modules/Makefile b/security/ipe/modules/Makefile
> index e0045ec65434..84fadce85193 100644
> --- a/security/ipe/modules/Makefile
> +++ b/security/ipe/modules/Makefile
> @@ -6,3 +6,5 @@
>  #
> 
>  obj-$(CONFIG_IPE_PROP_BOOT_VERIFIED) += boot_verified.o
> +obj-$(CONFIG_IPE_PROP_DM_VERITY_SIGNATURE) += dmverity_signature.o
> +obj-$(CONFIG_IPE_PROP_DM_VERITY_ROOTHASH) += dmverity_roothash.o
> diff --git a/security/ipe/modules/dmverity_roothash.c
> b/security/ipe/modules/dmverity_roothash.c
> new file mode 100644
> index 000000000000..0f82bec3b842
> --- /dev/null
> +++ b/security/ipe/modules/dmverity_roothash.c
> @@ -0,0 +1,80 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe_module.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +
> +struct counted_array {
> +	size_t	len;
> +	u8     *data;
> +};
> +
> +static int dvrh_parse(const char *valstr, void **value)
> +{
> +	int rv = 0;
> +	struct counted_array *arr;
> +
> +	arr = kzalloc(sizeof(*arr), GFP_KERNEL);
> +	if (!arr) {
> +		rv = -ENOMEM;
> +		goto err;
> +	}
> +
> +	arr->len = (strlen(valstr) / 2);
> +
> +	arr->data = kzalloc(arr->len, GFP_KERNEL);
> +	if (!arr->data) {
> +		rv = -ENOMEM;
> +		goto err;
> +	}
> +
> +	rv = hex2bin(arr->data, valstr, arr->len);
> +	if (rv != 0)
> +		goto err2;
> +
> +	*value = arr;
> +	return rv;
> +err2:
> +	kfree(arr->data);
> +err:
> +	kfree(arr);
> +	return rv;
> +}
> +
> +static bool dvrh_eval(const struct ipe_eval_ctx *ctx, const void *val)
> +{
> +	const u8 *src;
> +	struct counted_array *expect = (struct counted_array *)val;
> +
> +	if (!ctx->ipe_bdev)
> +		return false;
> +
> +	if (ctx->ipe_bdev->hashlen != expect->len)
> +		return false;
> +
> +	src = ctx->ipe_bdev->hash;
> +
> +	return !memcmp(expect->data, src, expect->len);

Hi Deven

I was curious to see if determining the property at run-time
could apply also to dm-verity. It seems it could be done
(I omit some checks, I also keep the expected value in hex
format):

---
        md = dm_get_md(file_inode(ctx->file)->i_sb->s_dev);
        table = dm_get_live_table(md, &srcu_idx);
        num_targets = dm_table_get_num_targets(table);

        for (i = 0; i < num_targets; i++) {
                struct dm_target *ti = dm_table_get_target(table, i);

                if (strcmp(ti->type->name, "verity"))
                        continue;

                ti->type->status(ti, STATUSTYPE_IMA, 0, result, sizeof(result));
        }

        dm_put_live_table(md, srcu_idx);
        dm_put(md);

        root_digest_ptr = strstr(result, "root_digest=");
        return !strncmp(expect->data, root_digest_ptr + 12, expect->len);
---

Only dm_table_get_target() is not exported yet, but I guess it could
be. dm_table_get_num_targets() is exported.

With this code, you would not have to manage security blobs
outside IPE. Maybe you could add a blob for the super block, so
that you verify the dm-verity property just once per filesystem.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> +}
> +
> +static int dvrh_free(void **val)
> +{
> +	struct counted_array *expect = (struct counted_array *)val;
> +
> +	kfree(expect->data);
> +	kfree(expect);
> +
> +	return 0;
> +}
> +
> +IPE_MODULE(dvrh) = {
> +	.name = "dmverity_roothash",
> +	.version = 1,
> +	.parse = dvrh_parse,
> +	.free = dvrh_free,
> +	.eval = dvrh_eval,
> +};
> diff --git a/security/ipe/modules/dmverity_signature.c
> b/security/ipe/modules/dmverity_signature.c
> new file mode 100644
> index 000000000000..08746fcbcb3e
> --- /dev/null
> +++ b/security/ipe/modules/dmverity_signature.c
> @@ -0,0 +1,25 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe_module.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +
> +static bool dvv_eval(const struct ipe_eval_ctx *ctx, const void *val)
> +{
> +	bool expect = (bool)val;
> +	bool eval = ctx->ipe_bdev && (!!ctx->ipe_bdev->sigdata);
> +
> +	return expect == eval;
> +}
> +
> +IPE_MODULE(dvv) = {
> +	.name = "dmverity_signature",
> +	.version = 1,
> +	.parse = ipe_bool_parse,
> +	.free = NULL,
> +	.eval = dvv_eval,
> +};
> --
> 2.33.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider
  2021-11-25  9:37   ` Roberto Sassu
@ 2021-11-30 18:55     ` Deven Bowers
  2021-12-01 16:37       ` [RFC][PATCH] device mapper: Add builtin function dm_get_status() Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Deven Bowers @ 2021-11-30 18:55 UTC (permalink / raw)
  To: Roberto Sassu, corbet, axboe, agk, snitzer, ebiggers, tytso,
	paul, eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu


On 11/25/2021 1:37 AM, Roberto Sassu wrote:
>> From: deven.desai@linux.microsoft.com
>> [mailto:deven.desai@linux.microsoft.com]
>> Sent: Wednesday, October 13, 2021 9:07 PM
>> From: Deven Bowers <deven.desai@linux.microsoft.com>

..snip

>> diff --git a/security/ipe/modules/Makefile b/security/ipe/modules/Makefile
>> index e0045ec65434..84fadce85193 100644
>> --- a/security/ipe/modules/Makefile
>> +++ b/security/ipe/modules/Makefile
>> @@ -6,3 +6,5 @@
>>   #
>>
>>   obj-$(CONFIG_IPE_PROP_BOOT_VERIFIED) += boot_verified.o
>> +obj-$(CONFIG_IPE_PROP_DM_VERITY_SIGNATURE) += dmverity_signature.o
>> +obj-$(CONFIG_IPE_PROP_DM_VERITY_ROOTHASH) += dmverity_roothash.o
>> diff --git a/security/ipe/modules/dmverity_roothash.c
>> b/security/ipe/modules/dmverity_roothash.c
>> new file mode 100644
>> index 000000000000..0f82bec3b842
>> --- /dev/null
>> +++ b/security/ipe/modules/dmverity_roothash.c
>> @@ -0,0 +1,80 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Copyright (C) Microsoft Corporation. All rights reserved.
>> + */
>> +
>> +#include "ipe_module.h"
>> +
>> +#include <linux/fs.h>
>> +#include <linux/types.h>
>> +
>> +struct counted_array {
>> +	size_t	len;
>> +	u8     *data;
>> +};
>> +
>> +static int dvrh_parse(const char *valstr, void **value)
>> +{
>> +	int rv = 0;
>> +	struct counted_array *arr;
>> +
>> +	arr = kzalloc(sizeof(*arr), GFP_KERNEL);
>> +	if (!arr) {
>> +		rv = -ENOMEM;
>> +		goto err;
>> +	}
>> +
>> +	arr->len = (strlen(valstr) / 2);
>> +
>> +	arr->data = kzalloc(arr->len, GFP_KERNEL);
>> +	if (!arr->data) {
>> +		rv = -ENOMEM;
>> +		goto err;
>> +	}
>> +
>> +	rv = hex2bin(arr->data, valstr, arr->len);
>> +	if (rv != 0)
>> +		goto err2;
>> +
>> +	*value = arr;
>> +	return rv;
>> +err2:
>> +	kfree(arr->data);
>> +err:
>> +	kfree(arr);
>> +	return rv;
>> +}
>> +
>> +static bool dvrh_eval(const struct ipe_eval_ctx *ctx, const void *val)
>> +{
>> +	const u8 *src;
>> +	struct counted_array *expect = (struct counted_array *)val;
>> +
>> +	if (!ctx->ipe_bdev)
>> +		return false;
>> +
>> +	if (ctx->ipe_bdev->hashlen != expect->len)
>> +		return false;
>> +
>> +	src = ctx->ipe_bdev->hash;
>> +
>> +	return !memcmp(expect->data, src, expect->len);
> Hi Deven
>
> I was curious to see if determining the property at run-time
> could apply also to dm-verity. It seems it could be done
> (I omit some checks, I also keep the expected value in hex
> format):
>
> ---
>          md = dm_get_md(file_inode(ctx->file)->i_sb->s_dev);
>          table = dm_get_live_table(md, &srcu_idx);
>          num_targets = dm_table_get_num_targets(table);
>
>          for (i = 0; i < num_targets; i++) {
>                  struct dm_target *ti = dm_table_get_target(table, i);
>
>                  if (strcmp(ti->type->name, "verity"))
>                          continue;
>
>                  ti->type->status(ti, STATUSTYPE_IMA, 0, result, sizeof(result));
>          }
>
>          dm_put_live_table(md, srcu_idx);
>          dm_put(md);
>
>          root_digest_ptr = strstr(result, "root_digest=");
>          return !strncmp(expect->data, root_digest_ptr + 12, expect->len);
> ---
>
> Only dm_table_get_target() is not exported yet, but I guess it could
> be. dm_table_get_num_targets() is exported.

I had tried something similar in a very early draft of IPE. The issue
that comes with this is that when you compile device-mapper as a module
(CONFIG_BLK_DEV_DM=m) you start to get linking errors with this
approach.

Obviously, we can fix this in the IPE's module Kconfig by setting the
dependency to be =y, but it's something to highlight. My general
preference is to support the =m configuration by using these blobs.

The runtime approach does work with fs-verity, because fs-verity is a
file-system level feature that cannot be compiled as a module.

> With this code, you would not have to manage security blobs
> outside IPE. Maybe you could add a blob for the super block, so
> that you verify the dm-verity property just once per filesystem.
>
> Roberto
>
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
>
>> +}
>> +
>> +static int dvrh_free(void **val)
>> +{
>> +	struct counted_array *expect = (struct counted_array *)val;
>> +
>> +	kfree(expect->data);
>> +	kfree(expect);
>> +
>> +	return 0;
>> +}
>> +
>> +IPE_MODULE(dvrh) = {
>> +	.name = "dmverity_roothash",
>> +	.version = 1,
>> +	.parse = dvrh_parse,
>> +	.free = dvrh_free,
>> +	.eval = dvrh_eval,
>> +};
>> diff --git a/security/ipe/modules/dmverity_signature.c
>> b/security/ipe/modules/dmverity_signature.c
>> new file mode 100644
>> index 000000000000..08746fcbcb3e
>> --- /dev/null
>> +++ b/security/ipe/modules/dmverity_signature.c
>> @@ -0,0 +1,25 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * Copyright (C) Microsoft Corporation. All rights reserved.
>> + */
>> +
>> +#include "ipe_module.h"
>> +
>> +#include <linux/fs.h>
>> +#include <linux/types.h>
>> +
>> +static bool dvv_eval(const struct ipe_eval_ctx *ctx, const void *val)
>> +{
>> +	bool expect = (bool)val;
>> +	bool eval = ctx->ipe_bdev && (!!ctx->ipe_bdev->sigdata);
>> +
>> +	return expect == eval;
>> +}
>> +
>> +IPE_MODULE(dvv) = {
>> +	.name = "dmverity_signature",
>> +	.version = 1,
>> +	.parse = ipe_bool_parse,
>> +	.free = NULL,
>> +	.eval = dvv_eval,
>> +};
>> --
>> 2.33.0

^ permalink raw reply	[flat|nested] 63+ messages in thread

* [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-11-30 18:55     ` Deven Bowers
@ 2021-12-01 16:37       ` Roberto Sassu
  2021-12-01 16:43         ` Roberto Sassu
  2021-12-02  7:20         ` Christoph Hellwig
  0 siblings, 2 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-12-01 16:37 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu, Roberto Sassu

Users of the device mapper driver might want to obtain a device status,
with status types defined in the status_type_t enumerator.

If a function to get the status is exported by the device mapper, when
compiled as a module, it is not suitable to use by callers compiled builtin
in the kernel.

Introduce the real function to get the status, _dm_get_status(), in the
device mapper module, and add the stub dm_get_status() in dm-builtin.c, so
that it can be invoked by builtin callers.

The stub calls the real function if the device mapper is compiled builtin
or the module has been loaded. Calls to the real function are safely
disabled if the module is unloaded. The race condition is avoided by
incrementing the reference count of the module.

_dm_get_status() invokes the status() method for each device mapper table,
which writes a string to the supplied buffer as output. The buffer might
contain multiple strings concatenated together. If there is not enough
space available, the string is truncated and a termination character is put
at the end.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 drivers/md/dm-builtin.c       | 13 +++++++
 drivers/md/dm-core.h          |  5 +++
 drivers/md/dm.c               | 71 +++++++++++++++++++++++++++++++++++
 include/linux/device-mapper.h |  3 ++
 4 files changed, 92 insertions(+)

diff --git a/drivers/md/dm-builtin.c b/drivers/md/dm-builtin.c
index 8eb52e425141..cc1e9c27ab41 100644
--- a/drivers/md/dm-builtin.c
+++ b/drivers/md/dm-builtin.c
@@ -47,3 +47,16 @@ void dm_kobject_release(struct kobject *kobj)
 }
 
 EXPORT_SYMBOL(dm_kobject_release);
+
+dm_get_status_fn status_fn;
+EXPORT_SYMBOL(status_fn);
+
+ssize_t dm_get_status(dev_t dev, status_type_t type, const char *target_name,
+		      u8 *buf, size_t buf_len)
+{
+	if (status_fn)
+		return status_fn(dev, type, target_name, buf, buf_len);
+
+	return -EOPNOTSUPP;
+}
+EXPORT_SYMBOL(dm_get_status);
diff --git a/drivers/md/dm-core.h b/drivers/md/dm-core.h
index b855fef4f38a..6600ec260558 100644
--- a/drivers/md/dm-core.h
+++ b/drivers/md/dm-core.h
@@ -259,4 +259,9 @@ extern atomic_t dm_global_event_nr;
 extern wait_queue_head_t dm_global_eventq;
 void dm_issue_global_event(void);
 
+typedef ssize_t (*dm_get_status_fn)(dev_t dev, status_type_t type,
+				    const char *target_name, u8 *buf,
+				    size_t buf_len);
+
+extern dm_get_status_fn status_fn;
 #endif
diff --git a/drivers/md/dm.c b/drivers/md/dm.c
index 662742a310cb..55e59a4e3661 100644
--- a/drivers/md/dm.c
+++ b/drivers/md/dm.c
@@ -192,6 +192,74 @@ static unsigned dm_get_numa_node(void)
 					 DM_NUMA_NODE, num_online_nodes() - 1);
 }
 
+static ssize_t _dm_get_status(dev_t dev, status_type_t type,
+			      const char *target_name, u8 *buf, size_t buf_len)
+{
+	struct mapped_device *md;
+	struct dm_table *table;
+	u8 *buf_ptr = buf;
+	ssize_t len, res = 0;
+	int srcu_idx, num_targets, i;
+
+	if (buf_len > INT_MAX)
+		return -EINVAL;
+
+	if (!buf_len)
+		return buf_len;
+
+	if (!try_module_get(THIS_MODULE))
+		return -EBUSY;
+
+	md = dm_get_md(dev);
+	if (!md) {
+		res = -ENOENT;
+		goto out_module;
+	}
+
+	table = dm_get_live_table(md, &srcu_idx);
+	if (!table) {
+		res = -ENOENT;
+		goto out_md;
+	}
+
+	memset(buf, 0, buf_len);
+
+	num_targets = dm_table_get_num_targets(table);
+
+	for (i = 0; i < num_targets; i++) {
+		struct dm_target *ti = dm_table_get_target(table, i);
+
+		if (!ti)
+			continue;
+
+		if (target_name && strcmp(ti->type->name, target_name))
+			continue;
+
+		if (!ti->type->status)
+			continue;
+
+		ti->type->status(ti, type, 0, buf_ptr, buf + buf_len - buf_ptr);
+
+		if (!*buf_ptr)
+			continue;
+
+		len = strlen(buf_ptr);
+		buf_ptr += len + 1;
+
+		if (buf_ptr == buf + buf_len)
+			break;
+
+		res += len + 1;
+	}
+
+	dm_put_live_table(md, srcu_idx);
+out_md:
+	dm_put(md);
+out_module:
+	module_put(THIS_MODULE);
+	return res;
+}
+
 static int __init local_init(void)
 {
 	int r;
@@ -275,6 +343,7 @@ static int __init dm_init(void)
 			goto bad;
 	}
 
+	status_fn = _dm_get_status;
 	return 0;
 bad:
 	while (i--)
@@ -287,6 +356,8 @@ static void __exit dm_exit(void)
 {
 	int i = ARRAY_SIZE(_exits);
 
+	status_fn = NULL;
+
 	while (i--)
 		_exits[i]();
 
diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h
index a7df155ea49b..d97b296d3104 100644
--- a/include/linux/device-mapper.h
+++ b/include/linux/device-mapper.h
@@ -487,6 +487,9 @@ int dm_report_zones(struct block_device *bdev, sector_t start, sector_t sector,
 		    struct dm_report_zones_args *args, unsigned int nr_zones);
 #endif /* CONFIG_BLK_DEV_ZONED */
 
+ssize_t dm_get_status(dev_t dev, status_type_t type, const char *target_name,
+		      u8 *buf, size_t buf_len);
+
 /*
  * Device mapper functions to parse and create devices specified by the
  * parameter "dm-mod.create="
-- 
2.32.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-01 16:37       ` [RFC][PATCH] device mapper: Add builtin function dm_get_status() Roberto Sassu
@ 2021-12-01 16:43         ` Roberto Sassu
  2021-12-02  7:20         ` Christoph Hellwig
  1 sibling, 0 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-12-01 16:43 UTC (permalink / raw)
  To: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge
  Cc: jannh, dm-devel, linux-doc, linux-kernel, linux-block,
	linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: Roberto Sassu
> Sent: Wednesday, December 1, 2021 5:37 PM
> Users of the device mapper driver might want to obtain a device status,
> with status types defined in the status_type_t enumerator.
> 
> If a function to get the status is exported by the device mapper, when
> compiled as a module, it is not suitable to use by callers compiled builtin
> in the kernel.
> 
> Introduce the real function to get the status, _dm_get_status(), in the
> device mapper module, and add the stub dm_get_status() in dm-builtin.c, so
> that it can be invoked by builtin callers.
> 
> The stub calls the real function if the device mapper is compiled builtin
> or the module has been loaded. Calls to the real function are safely
> disabled if the module is unloaded. The race condition is avoided by
> incrementing the reference count of the module.
> 
> _dm_get_status() invokes the status() method for each device mapper table,
> which writes a string to the supplied buffer as output. The buffer might
> contain multiple strings concatenated together. If there is not enough
> space available, the string is truncated and a termination character is put
> at the end.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---
>  drivers/md/dm-builtin.c       | 13 +++++++
>  drivers/md/dm-core.h          |  5 +++
>  drivers/md/dm.c               | 71 +++++++++++++++++++++++++++++++++++
>  include/linux/device-mapper.h |  3 ++
>  4 files changed, 92 insertions(+)
> 
> diff --git a/drivers/md/dm-builtin.c b/drivers/md/dm-builtin.c
> index 8eb52e425141..cc1e9c27ab41 100644
> --- a/drivers/md/dm-builtin.c
> +++ b/drivers/md/dm-builtin.c
> @@ -47,3 +47,16 @@ void dm_kobject_release(struct kobject *kobj)
>  }
> 
>  EXPORT_SYMBOL(dm_kobject_release);
> +
> +dm_get_status_fn status_fn;
> +EXPORT_SYMBOL(status_fn);
> +
> +ssize_t dm_get_status(dev_t dev, status_type_t type, const char
> *target_name,
> +		      u8 *buf, size_t buf_len)
> +{
> +	if (status_fn)
> +		return status_fn(dev, type, target_name, buf, buf_len);
> +
> +	return -EOPNOTSUPP;
> +}
> +EXPORT_SYMBOL(dm_get_status);
> diff --git a/drivers/md/dm-core.h b/drivers/md/dm-core.h
> index b855fef4f38a..6600ec260558 100644
> --- a/drivers/md/dm-core.h
> +++ b/drivers/md/dm-core.h
> @@ -259,4 +259,9 @@ extern atomic_t dm_global_event_nr;
>  extern wait_queue_head_t dm_global_eventq;
>  void dm_issue_global_event(void);
> 
> +typedef ssize_t (*dm_get_status_fn)(dev_t dev, status_type_t type,
> +				    const char *target_name, u8 *buf,
> +				    size_t buf_len);
> +
> +extern dm_get_status_fn status_fn;
>  #endif
> diff --git a/drivers/md/dm.c b/drivers/md/dm.c
> index 662742a310cb..55e59a4e3661 100644
> --- a/drivers/md/dm.c
> +++ b/drivers/md/dm.c
> @@ -192,6 +192,74 @@ static unsigned dm_get_numa_node(void)
>  					 DM_NUMA_NODE,
> num_online_nodes() - 1);
>  }
> 
> +static ssize_t _dm_get_status(dev_t dev, status_type_t type,
> +			      const char *target_name, u8 *buf, size_t buf_len)
> +{
> +	struct mapped_device *md;
> +	struct dm_table *table;
> +	u8 *buf_ptr = buf;
> +	ssize_t len, res = 0;
> +	int srcu_idx, num_targets, i;
> +
> +	if (buf_len > INT_MAX)
> +		return -EINVAL;
> +
> +	if (!buf_len)
> +		return buf_len;
> +
> +	if (!try_module_get(THIS_MODULE))
> +		return -EBUSY;
> +
> +	md = dm_get_md(dev);
> +	if (!md) {
> +		res = -ENOENT;
> +		goto out_module;
> +	}
> +
> +	table = dm_get_live_table(md, &srcu_idx);
> +	if (!table) {
> +		res = -ENOENT;
> +		goto out_md;
> +	}
> +
> +	memset(buf, 0, buf_len);
> +
> +	num_targets = dm_table_get_num_targets(table);
> +
> +	for (i = 0; i < num_targets; i++) {
> +		struct dm_target *ti = dm_table_get_target(table, i);
> +
> +		if (!ti)
> +			continue;
> +
> +		if (target_name && strcmp(ti->type->name, target_name))
> +			continue;
> +
> +		if (!ti->type->status)
> +			continue;
> +
> +		ti->type->status(ti, type, 0, buf_ptr, buf + buf_len - buf_ptr);
> +
> +		if (!*buf_ptr)
> +			continue;
> +
> +		len = strlen(buf_ptr);
> +		buf_ptr += len + 1;
> +
> +		if (buf_ptr == buf + buf_len)
> +			break;
> +
> +		res += len + 1;

The line above before the check.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> +	}
> +
> +	dm_put_live_table(md, srcu_idx);
> +out_md:
> +	dm_put(md);
> +out_module:
> +	module_put(THIS_MODULE);
> +	return res;
> +}
> +
>  static int __init local_init(void)
>  {
>  	int r;
> @@ -275,6 +343,7 @@ static int __init dm_init(void)
>  			goto bad;
>  	}
> 
> +	status_fn = _dm_get_status;
>  	return 0;
>  bad:
>  	while (i--)
> @@ -287,6 +356,8 @@ static void __exit dm_exit(void)
>  {
>  	int i = ARRAY_SIZE(_exits);
> 
> +	status_fn = NULL;
> +
>  	while (i--)
>  		_exits[i]();
> 
> diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h
> index a7df155ea49b..d97b296d3104 100644
> --- a/include/linux/device-mapper.h
> +++ b/include/linux/device-mapper.h
> @@ -487,6 +487,9 @@ int dm_report_zones(struct block_device *bdev,
> sector_t start, sector_t sector,
>  		    struct dm_report_zones_args *args, unsigned int nr_zones);
>  #endif /* CONFIG_BLK_DEV_ZONED */
> 
> +ssize_t dm_get_status(dev_t dev, status_type_t type, const char
> *target_name,
> +		      u8 *buf, size_t buf_len);
> +
>  /*
>   * Device mapper functions to parse and create devices specified by the
>   * parameter "dm-mod.create="
> --
> 2.32.0


^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-01 16:37       ` [RFC][PATCH] device mapper: Add builtin function dm_get_status() Roberto Sassu
  2021-12-01 16:43         ` Roberto Sassu
@ 2021-12-02  7:20         ` Christoph Hellwig
  2021-12-02  7:59           ` Roberto Sassu
  1 sibling, 1 reply; 63+ messages in thread
From: Christoph Hellwig @ 2021-12-02  7:20 UTC (permalink / raw)
  To: Roberto Sassu
  Cc: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, jannh, dm-devel, linux-doc, linux-kernel,
	linux-block, linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

On Wed, Dec 01, 2021 at 05:37:08PM +0100, Roberto Sassu wrote:
> Users of the device mapper driver might want to obtain a device status,
> with status types defined in the status_type_t enumerator.

The patch looks really odd.  And without the corresponding user of your
new functionality it is entirely unreviewable anyway.

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-02  7:20         ` Christoph Hellwig
@ 2021-12-02  7:59           ` Roberto Sassu
  2021-12-02  8:44             ` Christoph Hellwig
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-12-02  7:59 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, jannh, dm-devel, linux-doc, linux-kernel,
	linux-block, linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: Christoph Hellwig [mailto:hch@infradead.org]
> Sent: Thursday, December 2, 2021 8:21 AM
> On Wed, Dec 01, 2021 at 05:37:08PM +0100, Roberto Sassu wrote:
> > Users of the device mapper driver might want to obtain a device status,
> > with status types defined in the status_type_t enumerator.
> 
> The patch looks really odd.  And without the corresponding user of your
> new functionality it is entirely unreviewable anyway.

Hi Christoph

ok, I will send it together with a patch for a not yet accepted
software, Integrity Policy Enforcement (IPE), that will be
the primary user of the introduced functionality.

Regarding the patch itself, could you please provide a more
detailed explanation?

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-02  7:59           ` Roberto Sassu
@ 2021-12-02  8:44             ` Christoph Hellwig
  2021-12-02  9:29               ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Christoph Hellwig @ 2021-12-02  8:44 UTC (permalink / raw)
  To: Roberto Sassu
  Cc: Christoph Hellwig, deven.desai, corbet, axboe, agk, snitzer,
	ebiggers, tytso, paul, eparis, jmorris, serge, jannh, dm-devel,
	linux-doc, linux-kernel, linux-block, linux-fscrypt, linux-audit,
	linux-security-module, linux-integrity, tusharsu

On Thu, Dec 02, 2021 at 07:59:38AM +0000, Roberto Sassu wrote:
> ok, I will send it together with a patch for a not yet accepted
> software, Integrity Policy Enforcement (IPE), that will be
> the primary user of the introduced functionality.
> 
> Regarding the patch itself, could you please provide a more
> detailed explanation?

We don't build things into the kernel just as hooks.  So in doubt you
need to restructured the code.  And that a security module pokes into
a random block driver is a big hint that whatever you're trying to do is
completely broken.

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-02  8:44             ` Christoph Hellwig
@ 2021-12-02  9:29               ` Roberto Sassu
  2021-12-03  6:52                 ` Christoph Hellwig
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-12-02  9:29 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, jannh, dm-devel, linux-doc, linux-kernel,
	linux-block, linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: Christoph Hellwig [mailto:hch@infradead.org]
> Sent: Thursday, December 2, 2021 9:44 AM
> On Thu, Dec 02, 2021 at 07:59:38AM +0000, Roberto Sassu wrote:
> > ok, I will send it together with a patch for a not yet accepted
> > software, Integrity Policy Enforcement (IPE), that will be
> > the primary user of the introduced functionality.
> >
> > Regarding the patch itself, could you please provide a more
> > detailed explanation?
> 
> We don't build things into the kernel just as hooks.  So in doubt you
> need to restructured the code.  And that a security module pokes into
> a random block driver is a big hint that whatever you're trying to do is
> completely broken.

I will add more context to the discussion.

The problem being solved is how to grant access to files
which satisfy a property defined in the policy.

For example, a policy enforced by IPE could be:

policy_name="AllowDMVerityKmodules" policy_version=0.0.1
DEFAULT action=ALLOW
DEFAULT op=KMODULE action=DENY
op=KMODULE dmverity_roothash=3c64aae64ae5e8ca781df4d1fbff7c02cb78c4f18a79198263db192cc7f7ba11 action=ALLOW

This would require IPE to obtain somehow this property.

So far, there are two different approaches. The first one,
proposed by the IPE authors was to define a new LSM hook
for block devices, to append a security blob for those devices,
and to store the dm-verity root digest as soon as this information
can be determined. IPE will then access the security blob at
run-time and will match the blob content with the property
value in the policy.

The second one I'm proposing is to directly retrieve the
information at run-time, when files are accessed, and to
possibly cache the result of the evaluation per filesystem.
This would avoid to the introduction of a new LSM hook
and to append a security blob for the purpose of passing
information from the device mapper driver to IPE.

Security blobs are usually used to store LSM-specific
information such as a label (or a reference of it). Sometimes,
when the label must be stored persistently, the subsystem
responsible for this task, such as the VFS, uses subsystem-defined
methods to retrieve the label from the storage and copy it to
the security blob.

In this case, it is not an LSM-specific information but rather
an existing property of another subsystem IPE is interested in.
Since LSMs need anyway to inspect the object before making
the security decision, they could directly retrieve the information
that is already available, instead of making it redundant.

Even if I would prefer the second option, it would be fine for
me if the first is adopted.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

* Re: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-02  9:29               ` Roberto Sassu
@ 2021-12-03  6:52                 ` Christoph Hellwig
  2021-12-03 10:20                   ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Christoph Hellwig @ 2021-12-03  6:52 UTC (permalink / raw)
  To: Roberto Sassu
  Cc: Christoph Hellwig, deven.desai, corbet, axboe, agk, snitzer,
	ebiggers, tytso, paul, eparis, jmorris, serge, jannh, dm-devel,
	linux-doc, linux-kernel, linux-block, linux-fscrypt, linux-audit,
	linux-security-module, linux-integrity, tusharsu

On Thu, Dec 02, 2021 at 09:29:52AM +0000, Roberto Sassu wrote:
> The problem being solved is how to grant access to files
> which satisfy a property defined in the policy.

If you have want to enforce access to files in the block layer using
a specific stacking block driver you don't just have one layering
violation but a bunch of them.  Please go back to the drawing board.

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-03  6:52                 ` Christoph Hellwig
@ 2021-12-03 10:20                   ` Roberto Sassu
  2021-12-06 10:57                     ` Roberto Sassu
  0 siblings, 1 reply; 63+ messages in thread
From: Roberto Sassu @ 2021-12-03 10:20 UTC (permalink / raw)
  To: Christoph Hellwig
  Cc: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, jannh, dm-devel, linux-doc, linux-kernel,
	linux-block, linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: Christoph Hellwig [mailto:hch@infradead.org]
> Sent: Friday, December 3, 2021 7:52 AM
> On Thu, Dec 02, 2021 at 09:29:52AM +0000, Roberto Sassu wrote:
> > The problem being solved is how to grant access to files
> > which satisfy a property defined in the policy.
> 
> If you have want to enforce access to files in the block layer using
> a specific stacking block driver you don't just have one layering
> violation but a bunch of them.  Please go back to the drawing board.

Ok. I write my thoughts here, so that it is easier to align.

dm-verity provides block-level integrity, which means that
the block layer itself is responsible to not pass data to the
upper layer, the filesystem, if a block is found corrupted.

The dm-verity root digest represents the immutable state
of the block device. dm-verity is still responsible to enforce
accesses to the block device according to the root digest
passed at device setup time. Nothing changes, the block
layer still detects data corruption against the passed
reference value.

The task of the security layer is to decide whether or not
the root digest passed at device setup time is acceptable,
e.g. it represents a device containing genuine files coming
from a software vendor.

The mandatory policy can be enforced at different layers,
depending on whether the security controls are placed.
A possibility would be to deny mounting block devices that
don't satisfy the mandatory policy.

However, if the mandatory policy wants only to restrict
execution of approved files and allowing the rest, making
the decision at the block layer is too coarse and restrictive.
It would force the user to mount only approved block
devices. The security layer must operate on files to enforce
this policy.

Now probably there is the part where there is no agreement.

The integrity property of a block device applies also to the
files on the filesystem mounted from that device. User space
programs cannot access files in that filesystem coming from a
device with a different dm-verity root digest, or files stored
in a corrupted block device.

If what I wrote is correct, that the integrity property is preserved
across the layers, this would give enough flexibility to enforce
policies at a higher layer, although that property is guaranteed
by a lower layer.

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

* RE: [RFC][PATCH] device mapper: Add builtin function dm_get_status()
  2021-12-03 10:20                   ` Roberto Sassu
@ 2021-12-06 10:57                     ` Roberto Sassu
  0 siblings, 0 replies; 63+ messages in thread
From: Roberto Sassu @ 2021-12-06 10:57 UTC (permalink / raw)
  To: Roberto Sassu, Christoph Hellwig
  Cc: deven.desai, corbet, axboe, agk, snitzer, ebiggers, tytso, paul,
	eparis, jmorris, serge, jannh, dm-devel, linux-doc, linux-kernel,
	linux-block, linux-fscrypt, linux-audit, linux-security-module,
	linux-integrity, tusharsu

> From: Roberto Sassu [mailto:roberto.sassu@huawei.com]
> Sent: Friday, December 3, 2021 11:20 AM
> > From: Christoph Hellwig [mailto:hch@infradead.org]
> > Sent: Friday, December 3, 2021 7:52 AM
> > On Thu, Dec 02, 2021 at 09:29:52AM +0000, Roberto Sassu wrote:
> > > The problem being solved is how to grant access to files
> > > which satisfy a property defined in the policy.
> >
> > If you have want to enforce access to files in the block layer using
> > a specific stacking block driver you don't just have one layering
> > violation but a bunch of them.  Please go back to the drawing board.
> 
> Ok. I write my thoughts here, so that it is easier to align.
> 
> dm-verity provides block-level integrity, which means that
> the block layer itself is responsible to not pass data to the
> upper layer, the filesystem, if a block is found corrupted.
> 
> The dm-verity root digest represents the immutable state
> of the block device. dm-verity is still responsible to enforce
> accesses to the block device according to the root digest
> passed at device setup time. Nothing changes, the block
> layer still detects data corruption against the passed
> reference value.
> 
> The task of the security layer is to decide whether or not
> the root digest passed at device setup time is acceptable,
> e.g. it represents a device containing genuine files coming
> from a software vendor.
> 
> The mandatory policy can be enforced at different layers,
> depending on whether the security controls are placed.
> A possibility would be to deny mounting block devices that
> don't satisfy the mandatory policy.
> 
> However, if the mandatory policy wants only to restrict
> execution of approved files and allowing the rest, making
> the decision at the block layer is too coarse and restrictive.
> It would force the user to mount only approved block
> devices. The security layer must operate on files to enforce
> this policy.
> 
> Now probably there is the part where there is no agreement.
> 
> The integrity property of a block device applies also to the
> files on the filesystem mounted from that device. User space
> programs cannot access files in that filesystem coming from a
> device with a different dm-verity root digest, or files stored
> in a corrupted block device.
> 
> If what I wrote is correct, that the integrity property is preserved
> across the layers, this would give enough flexibility to enforce
> policies at a higher layer, although that property is guaranteed
> by a lower layer.

Hi Christoph

did I address your concerns? If yes, I could send the new patch
set, including the patch that uses the new functionality.

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

^ permalink raw reply	[flat|nested] 63+ messages in thread

end of thread, other threads:[~2021-12-06 10:57 UTC | newest]

Thread overview: 63+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-13 19:06 [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 01/16] security: add ipe lsm & initial context creation deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 02/16] ipe: add policy parser deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 03/16] ipe: add evaluation loop deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 04/16] ipe: add userspace interface deven.desai
2021-11-03  9:42   ` Roberto Sassu
2021-11-04 16:50     ` Deven Bowers
2021-10-13 19:06 ` [RFC PATCH v7 05/16] ipe: add LSM hooks on execution and kernel read deven.desai
2021-10-13 20:04   ` Casey Schaufler
2021-10-15 19:25     ` Deven Bowers
2021-10-25 12:22   ` Roberto Sassu
2021-10-26 19:03     ` Deven Bowers
2021-10-27  8:56       ` Roberto Sassu
2021-10-13 19:06 ` [RFC PATCH v7 06/16] uapi|audit: add trust audit message definitions deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 07/16] ipe: add auditing support deven.desai
2021-10-13 20:02   ` Steve Grubb
2021-10-15 19:25     ` Deven Bowers
2021-11-02 19:44       ` Steve Grubb
2021-11-04 16:59         ` Deven Bowers
2021-10-13 22:54   ` Randy Dunlap
2021-10-15 19:25     ` Deven Bowers
2021-10-15 19:50       ` Randy Dunlap
2021-10-26 19:03         ` Deven Bowers
2021-10-13 19:06 ` [RFC PATCH v7 08/16] ipe: add permissive toggle deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 09/16] ipe: introduce 'boot_verified' as a trust provider deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 10/16] fs|dm-verity: add block_dev LSM blob and submit dm-verity data deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 11/16] ipe: add support for dm-verity as a trust provider deven.desai
2021-11-25  9:37   ` Roberto Sassu
2021-11-30 18:55     ` Deven Bowers
2021-12-01 16:37       ` [RFC][PATCH] device mapper: Add builtin function dm_get_status() Roberto Sassu
2021-12-01 16:43         ` Roberto Sassu
2021-12-02  7:20         ` Christoph Hellwig
2021-12-02  7:59           ` Roberto Sassu
2021-12-02  8:44             ` Christoph Hellwig
2021-12-02  9:29               ` Roberto Sassu
2021-12-03  6:52                 ` Christoph Hellwig
2021-12-03 10:20                   ` Roberto Sassu
2021-12-06 10:57                     ` Roberto Sassu
2021-10-13 19:06 ` [RFC PATCH v7 12/16] fsverity|security: add security hooks to fsverity digest and signature deven.desai
2021-10-13 19:24   ` Eric Biggers
2021-10-15 19:25     ` Deven Bowers
2021-10-15 20:11       ` Eric Biggers
2021-10-20 15:08         ` Roberto Sassu
2021-10-22 16:31           ` Roberto Sassu
2021-10-26 19:03             ` Deven Bowers
2021-10-27  8:41               ` Roberto Sassu
2021-10-26 19:03         ` Deven Bowers
2021-10-27  9:34           ` Roberto Sassu
2021-10-28  3:48           ` Eric Biggers
2021-10-28 18:11             ` Deven Bowers
2021-11-03 12:28       ` Roberto Sassu
2021-11-04 17:12         ` Deven Bowers
2021-10-13 19:06 ` [RFC PATCH v7 13/16] ipe: enable support for fs-verity as a trust provider deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 14/16] scripts: add boot policy generation program deven.desai
2021-11-03 16:43   ` Roberto Sassu
2021-11-03 16:53     ` Roberto Sassu
2021-11-04 16:52       ` Deven Bowers
2021-10-13 19:06 ` [RFC PATCH v7 15/16] ipe: kunit tests deven.desai
2021-10-13 19:06 ` [RFC PATCH v7 16/16] documentation: add ipe documentation deven.desai
2021-10-25 11:30 ` [RFC PATCH v7 00/16] Integrity Policy Enforcement (IPE) Roberto Sassu
2021-10-26 19:03   ` Deven Bowers
2021-10-27  8:26     ` Roberto Sassu
2021-10-28 20:36       ` Deven Bowers

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).