[PATCH] 4 of 5 IMA: module measurement patch

[PATCH] 4 of 5 IMA: module measurement patch

[Reiner Sailer]

This patch applies against linux-2.6.12-rc6-mm1 and provides an additional
measurement hook for measuring kernel modules before they are relocated
and available. At this point, the modules are still an exact copy of the 
file on the disk and yield representative measurements.

This is a kernel patch because we could not find a fitting LSM-hook.

Signed-off-by: Reiner Sailer <sailer@watson.ibm.com>
---


diff -uprN linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h
--- linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h	2005-06-14 16:25:13.000000000 -0400
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2005 IBM Corporation
+ *
+ * Authors:
+ * Reiner Sailer <sailer@watson.ibm.com>
+ *
+ * Maintained by: Reiner Sailer <sailer@watson.ibm.com>
+ *
+ * LSM IBM Integrity Measurement Architecture.		  
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * File: ima_module.h
+ *             define modules measurement hook (no LSM hook) to measure
+ *             modules before they are relocated
+ */
+#ifdef CONFIG_IMA_MEASURE
+extern int ima_terminating;
+extern void measure_kernel_module(void *start, unsigned long len, const char __user *uargs);
+
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+	if (!ima_terminating)
+		measure_kernel_module(start, len, uargs);
+}
+#else
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+}
+#endif
diff -uprN linux-2.6.12-rc6-mm1_orig/kernel/module.c linux-2.6.12-rc6-mm1-ima/kernel/module.c
--- linux-2.6.12-rc6-mm1_orig/kernel/module.c	2005-06-14 11:34:27.000000000 -0400
+++ linux-2.6.12-rc6-mm1-ima/kernel/module.c	2005-06-14 16:25:13.000000000 -0400
@@ -39,6 +39,7 @@
 #include <asm/uaccess.h>
 #include <asm/semaphore.h>
 #include <asm/cacheflush.h>
+#include <linux/ima_module.h>
 
 #if 0
 #define DEBUGP printk
@@ -1531,6 +1532,8 @@ static struct module *load_module(void _
 	if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr))
 		goto truncated;
 
+	ima_measure_module((void *)hdr, len, uargs);
+
 	/* Convenience variables */
 	sechdrs = (void *)hdr + hdr->e_shoff;
 	secstrings = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;

Re: [PATCH] 4 of 5 IMA: module measurement patch

[Greg KH]

On Wed, Jun 15, 2005 at 10:57:23AM -0400, Reiner Sailer wrote:
> +extern int ima_terminating;
> +extern void measure_kernel_module(void *start, unsigned long len, const char __user *uargs);

These belong in a .h file somewhere.

The later one is not a good global symbol name either.

So, from what I can see, you dropped your sysfs interfaces entirely?

thanks,

greg k-h

Re: [PATCH] 4 of 5 IMA: module measurement patch

[Chris Wright]

* Greg KH (greg@kroah.com) wrote:
> On Wed, Jun 15, 2005 at 10:57:23AM -0400, Reiner Sailer wrote:
> > +extern int ima_terminating;
> > +extern void measure_kernel_module(void *start, unsigned long len, const char __user *uargs);
> 
> These belong in a .h file somewhere.

Well, I think they _are_ in a .h file (two of them, in fact), it's the
extern keyword that can be and dup declaration that can be dropped.
However, does this thing even compile w/ CONFIG_IMA_MEASURE=n?
Looks quite broken w.r.t. CONFIG_IMA_MEASURE to me.

thanks,
-chris