From: Roberto Sassu <roberto.sassu@huawei.com>
To: <zohar@linux.ibm.com>, <jmorris@namei.org>, <paul@paul-moore.com>,
<casey@schaufler-ca.com>
Cc: <linux-integrity@vger.kernel.org>,
<linux-security-module@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <selinux@vger.kernel.org>,
<reiserfs-devel@vger.kernel.org>,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v2 6/6] evm: Support multiple LSMs providing an xattr
Date: Wed, 21 Apr 2021 18:19:25 +0200 [thread overview]
Message-ID: <20210421161925.968825-7-roberto.sassu@huawei.com> (raw)
In-Reply-To: <20210421161925.968825-1-roberto.sassu@huawei.com>
Currently, evm_inode_init_security() processes a single LSM xattr from
the array passed by security_inode_init_security(), and calculates the
HMAC on it and other inode metadata.
Given that initxattrs(), called by security_inode_init_security(), expects
that this array is terminated when the xattr name is set to NULL, this
patch reuses the same assumption for evm_inode_init_security() to scan all
xattrs and to calculate the HMAC on all of them.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
security/integrity/evm/evm.h | 2 ++
security/integrity/evm/evm_crypto.c | 9 ++++++++-
security/integrity/evm/evm_main.c | 15 +++++++++++----
3 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index ae590f71ce7d..24eac42b9f32 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -49,6 +49,8 @@ struct evm_digest {
char digest[IMA_MAX_DIGEST_SIZE];
} __packed;
+int evm_protected_xattr(const char *req_xattr_name);
+
int evm_init_key(void);
int __init evm_init_crypto(void);
int evm_update_evmxattr(struct dentry *dentry,
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index b66264b53d5d..35c5eec0517d 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -358,6 +358,7 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
char *hmac_val)
{
struct shash_desc *desc;
+ const struct xattr *xattr;
desc = init_desc(EVM_XATTR_HMAC, evm_hash_algo);
if (IS_ERR(desc)) {
@@ -365,7 +366,13 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
return PTR_ERR(desc);
}
- crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len);
+ for (xattr = lsm_xattr; xattr->name != NULL; xattr++) {
+ if (!evm_protected_xattr(xattr->name))
+ continue;
+
+ crypto_shash_update(desc, xattr->value, xattr->value_len);
+ }
+
hmac_add_misc(desc, inode, EVM_XATTR_HMAC, hmac_val);
kfree(desc);
return 0;
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 336a421e2e5a..c43e75cd37f3 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -261,7 +261,7 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
return evm_status;
}
-static int evm_protected_xattr(const char *req_xattr_name)
+int evm_protected_xattr(const char *req_xattr_name)
{
int namelen;
int found = 0;
@@ -712,14 +712,21 @@ int evm_inode_init_security(struct inode *inode, struct inode *dir,
struct xattr *xattrs, void *fs_data)
{
struct evm_xattr *xattr_data;
+ struct xattr *xattr;
struct xattr *evm_xattr = lsm_find_xattr_slot(xattrs);
- int rc;
+ int rc, evm_protected_xattrs = 0;
if (!xattrs || !xattrs->name)
return 0;
- if (!(evm_initialized & EVM_INIT_HMAC) ||
- !evm_protected_xattr(xattrs->name))
+ if (!(evm_initialized & EVM_INIT_HMAC))
+ return -EOPNOTSUPP;
+
+ for (xattr = xattrs; xattr->name != NULL; xattr++)
+ if (evm_protected_xattr(xattr->name))
+ evm_protected_xattrs++;
+
+ if (!evm_protected_xattrs)
return -EOPNOTSUPP;
xattr_data = kzalloc(sizeof(*xattr_data), GFP_NOFS);
--
2.25.1
WARNING: multiple messages have this Message-ID (diff)
From: Roberto Sassu <roberto.sassu@huawei.com>
To: zohar@linux.ibm.com, jmorris@namei.org, paul@paul-moore.com,
casey@schaufler-ca.com
Cc: linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, selinux@vger.kernel.org,
reiserfs-devel@vger.kernel.org,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v2 6/6] evm: Support multiple LSMs providing an xattr
Date: Wed, 21 Apr 2021 18:19:25 +0200 [thread overview]
Message-ID: <20210421161925.968825-7-roberto.sassu@huawei.com> (raw)
In-Reply-To: <20210421161925.968825-1-roberto.sassu@huawei.com>
Currently, evm_inode_init_security() processes a single LSM xattr from
the array passed by security_inode_init_security(), and calculates the
HMAC on it and other inode metadata.
Given that initxattrs(), called by security_inode_init_security(), expects
that this array is terminated when the xattr name is set to NULL, this
patch reuses the same assumption for evm_inode_init_security() to scan all
xattrs and to calculate the HMAC on all of them.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
security/integrity/evm/evm.h | 2 ++
security/integrity/evm/evm_crypto.c | 9 ++++++++-
security/integrity/evm/evm_main.c | 15 +++++++++++----
3 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index ae590f71ce7d..24eac42b9f32 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -49,6 +49,8 @@ struct evm_digest {
char digest[IMA_MAX_DIGEST_SIZE];
} __packed;
+int evm_protected_xattr(const char *req_xattr_name);
+
int evm_init_key(void);
int __init evm_init_crypto(void);
int evm_update_evmxattr(struct dentry *dentry,
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index b66264b53d5d..35c5eec0517d 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -358,6 +358,7 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
char *hmac_val)
{
struct shash_desc *desc;
+ const struct xattr *xattr;
desc = init_desc(EVM_XATTR_HMAC, evm_hash_algo);
if (IS_ERR(desc)) {
@@ -365,7 +366,13 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
return PTR_ERR(desc);
}
- crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len);
+ for (xattr = lsm_xattr; xattr->name != NULL; xattr++) {
+ if (!evm_protected_xattr(xattr->name))
+ continue;
+
+ crypto_shash_update(desc, xattr->value, xattr->value_len);
+ }
+
hmac_add_misc(desc, inode, EVM_XATTR_HMAC, hmac_val);
kfree(desc);
return 0;
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 336a421e2e5a..c43e75cd37f3 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -261,7 +261,7 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
return evm_status;
}
-static int evm_protected_xattr(const char *req_xattr_name)
+int evm_protected_xattr(const char *req_xattr_name)
{
int namelen;
int found = 0;
@@ -712,14 +712,21 @@ int evm_inode_init_security(struct inode *inode, struct inode *dir,
struct xattr *xattrs, void *fs_data)
{
struct evm_xattr *xattr_data;
+ struct xattr *xattr;
struct xattr *evm_xattr = lsm_find_xattr_slot(xattrs);
- int rc;
+ int rc, evm_protected_xattrs = 0;
if (!xattrs || !xattrs->name)
return 0;
- if (!(evm_initialized & EVM_INIT_HMAC) ||
- !evm_protected_xattr(xattrs->name))
+ if (!(evm_initialized & EVM_INIT_HMAC))
+ return -EOPNOTSUPP;
+
+ for (xattr = xattrs; xattr->name != NULL; xattr++)
+ if (evm_protected_xattr(xattr->name))
+ evm_protected_xattrs++;
+
+ if (!evm_protected_xattrs)
return -EOPNOTSUPP;
xattr_data = kzalloc(sizeof(*xattr_data), GFP_NOFS);
--
2.25.1
next prev parent reply other threads:[~2021-04-21 16:21 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-21 16:19 [PATCH v2 0/6] evm: Prepare for moving to the LSM infrastructure Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 16:19 ` [PATCH v2 1/6] xattr: Complete constify ->name member of "struct xattr" Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 16:19 ` [PATCH v2 2/6] reiserfs: Add missing calls to reiserfs_security_free() Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 16:19 ` [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 22:43 ` Casey Schaufler
2021-04-22 13:46 ` Roberto Sassu
2021-04-22 15:46 ` Casey Schaufler
2021-04-22 16:12 ` Roberto Sassu
2021-04-22 21:39 ` Casey Schaufler
2021-04-21 16:19 ` [PATCH v2 4/6] security: Support multiple LSMs implementing " Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 23:09 ` Casey Schaufler
2021-04-21 16:19 ` [PATCH v2 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu
2021-04-21 16:19 ` Roberto Sassu [this message]
2021-04-21 16:19 ` [PATCH v2 6/6] evm: Support multiple LSMs providing an xattr Roberto Sassu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210421161925.968825-7-roberto.sassu@huawei.com \
--to=roberto.sassu@huawei.com \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=reiserfs-devel@vger.kernel.org \
--cc=selinux@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.