0001
0002
0003
0004
0005
0006
0007
0008
0009
0010
0011
0012
0013
0014
0015 #include <linux/fcntl.h>
0016 #include <linux/kernel_read_file.h>
0017 #include <linux/slab.h>
0018 #include <linux/init.h>
0019 #include <linux/seq_file.h>
0020 #include <linux/rculist.h>
0021 #include <linux/rcupdate.h>
0022 #include <linux/parser.h>
0023 #include <linux/vmalloc.h>
0024
0025 #include "ima.h"
0026
0027 static DEFINE_MUTEX(ima_write_mutex);
0028
0029 bool ima_canonical_fmt;
0030 static int __init default_canonical_fmt_setup(char *str)
0031 {
0032 #ifdef __BIG_ENDIAN
0033 ima_canonical_fmt = true;
0034 #endif
0035 return 1;
0036 }
0037 __setup("ima_canonical_fmt", default_canonical_fmt_setup);
0038
0039 static int valid_policy = 1;
0040
0041 static ssize_t ima_show_htable_value(char __user *buf, size_t count,
0042 loff_t *ppos, atomic_long_t *val)
0043 {
0044 char tmpbuf[32];
0045 ssize_t len;
0046
0047 len = scnprintf(tmpbuf, sizeof(tmpbuf), "%li\n", atomic_long_read(val));
0048 return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);
0049 }
0050
0051 static ssize_t ima_show_htable_violations(struct file *filp,
0052 char __user *buf,
0053 size_t count, loff_t *ppos)
0054 {
0055 return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);
0056 }
0057
0058 static const struct file_operations ima_htable_violations_ops = {
0059 .read = ima_show_htable_violations,
0060 .llseek = generic_file_llseek,
0061 };
0062
0063 static ssize_t ima_show_measurements_count(struct file *filp,
0064 char __user *buf,
0065 size_t count, loff_t *ppos)
0066 {
0067 return ima_show_htable_value(buf, count, ppos, &ima_htable.len);
0068
0069 }
0070
0071 static const struct file_operations ima_measurements_count_ops = {
0072 .read = ima_show_measurements_count,
0073 .llseek = generic_file_llseek,
0074 };
0075
0076
0077 static void *ima_measurements_start(struct seq_file *m, loff_t *pos)
0078 {
0079 loff_t l = *pos;
0080 struct ima_queue_entry *qe;
0081
0082
0083 rcu_read_lock();
0084 list_for_each_entry_rcu(qe, &ima_measurements, later) {
0085 if (!l--) {
0086 rcu_read_unlock();
0087 return qe;
0088 }
0089 }
0090 rcu_read_unlock();
0091 return NULL;
0092 }
0093
0094 static void *ima_measurements_next(struct seq_file *m, void *v, loff_t *pos)
0095 {
0096 struct ima_queue_entry *qe = v;
0097
0098
0099
0100
0101 rcu_read_lock();
0102 qe = list_entry_rcu(qe->later.next, struct ima_queue_entry, later);
0103 rcu_read_unlock();
0104 (*pos)++;
0105
0106 return (&qe->later == &ima_measurements) ? NULL : qe;
0107 }
0108
0109 static void ima_measurements_stop(struct seq_file *m, void *v)
0110 {
0111 }
0112
0113 void ima_putc(struct seq_file *m, void *data, int datalen)
0114 {
0115 while (datalen--)
0116 seq_putc(m, *(char *)data++);
0117 }
0118
0119
0120
0121
0122
0123
0124
0125
0126
0127 int ima_measurements_show(struct seq_file *m, void *v)
0128 {
0129
0130 struct ima_queue_entry *qe = v;
0131 struct ima_template_entry *e;
0132 char *template_name;
0133 u32 pcr, namelen, template_data_len;
0134 bool is_ima_template = false;
0135 int i;
0136
0137
0138 e = qe->entry;
0139 if (e == NULL)
0140 return -1;
0141
0142 template_name = (e->template_desc->name[0] != '\0') ?
0143 e->template_desc->name : e->template_desc->fmt;
0144
0145
0146
0147
0148
0149
0150 pcr = !ima_canonical_fmt ? e->pcr : (__force u32)cpu_to_le32(e->pcr);
0151 ima_putc(m, &pcr, sizeof(e->pcr));
0152
0153
0154 ima_putc(m, e->digests[ima_sha1_idx].digest, TPM_DIGEST_SIZE);
0155
0156
0157 namelen = !ima_canonical_fmt ? strlen(template_name) :
0158 (__force u32)cpu_to_le32(strlen(template_name));
0159 ima_putc(m, &namelen, sizeof(namelen));
0160
0161
0162 ima_putc(m, template_name, strlen(template_name));
0163
0164
0165 if (strcmp(template_name, IMA_TEMPLATE_IMA_NAME) == 0)
0166 is_ima_template = true;
0167
0168 if (!is_ima_template) {
0169 template_data_len = !ima_canonical_fmt ? e->template_data_len :
0170 (__force u32)cpu_to_le32(e->template_data_len);
0171 ima_putc(m, &template_data_len, sizeof(e->template_data_len));
0172 }
0173
0174
0175 for (i = 0; i < e->template_desc->num_fields; i++) {
0176 enum ima_show_type show = IMA_SHOW_BINARY;
0177 const struct ima_template_field *field =
0178 e->template_desc->fields[i];
0179
0180 if (is_ima_template && strcmp(field->field_id, "d") == 0)
0181 show = IMA_SHOW_BINARY_NO_FIELD_LEN;
0182 if (is_ima_template && strcmp(field->field_id, "n") == 0)
0183 show = IMA_SHOW_BINARY_OLD_STRING_FMT;
0184 field->field_show(m, show, &e->template_data[i]);
0185 }
0186 return 0;
0187 }
0188
0189 static const struct seq_operations ima_measurments_seqops = {
0190 .start = ima_measurements_start,
0191 .next = ima_measurements_next,
0192 .stop = ima_measurements_stop,
0193 .show = ima_measurements_show
0194 };
0195
0196 static int ima_measurements_open(struct inode *inode, struct file *file)
0197 {
0198 return seq_open(file, &ima_measurments_seqops);
0199 }
0200
0201 static const struct file_operations ima_measurements_ops = {
0202 .open = ima_measurements_open,
0203 .read = seq_read,
0204 .llseek = seq_lseek,
0205 .release = seq_release,
0206 };
0207
0208 void ima_print_digest(struct seq_file *m, u8 *digest, u32 size)
0209 {
0210 u32 i;
0211
0212 for (i = 0; i < size; i++)
0213 seq_printf(m, "%02x", *(digest + i));
0214 }
0215
0216
0217 static int ima_ascii_measurements_show(struct seq_file *m, void *v)
0218 {
0219
0220 struct ima_queue_entry *qe = v;
0221 struct ima_template_entry *e;
0222 char *template_name;
0223 int i;
0224
0225
0226 e = qe->entry;
0227 if (e == NULL)
0228 return -1;
0229
0230 template_name = (e->template_desc->name[0] != '\0') ?
0231 e->template_desc->name : e->template_desc->fmt;
0232
0233
0234 seq_printf(m, "%2d ", e->pcr);
0235
0236
0237 ima_print_digest(m, e->digests[ima_sha1_idx].digest, TPM_DIGEST_SIZE);
0238
0239
0240 seq_printf(m, " %s", template_name);
0241
0242
0243 for (i = 0; i < e->template_desc->num_fields; i++) {
0244 seq_puts(m, " ");
0245 if (e->template_data[i].len == 0)
0246 continue;
0247
0248 e->template_desc->fields[i]->field_show(m, IMA_SHOW_ASCII,
0249 &e->template_data[i]);
0250 }
0251 seq_puts(m, "\n");
0252 return 0;
0253 }
0254
0255 static const struct seq_operations ima_ascii_measurements_seqops = {
0256 .start = ima_measurements_start,
0257 .next = ima_measurements_next,
0258 .stop = ima_measurements_stop,
0259 .show = ima_ascii_measurements_show
0260 };
0261
0262 static int ima_ascii_measurements_open(struct inode *inode, struct file *file)
0263 {
0264 return seq_open(file, &ima_ascii_measurements_seqops);
0265 }
0266
0267 static const struct file_operations ima_ascii_measurements_ops = {
0268 .open = ima_ascii_measurements_open,
0269 .read = seq_read,
0270 .llseek = seq_lseek,
0271 .release = seq_release,
0272 };
0273
0274 static ssize_t ima_read_policy(char *path)
0275 {
0276 void *data = NULL;
0277 char *datap;
0278 size_t size;
0279 int rc, pathlen = strlen(path);
0280
0281 char *p;
0282
0283
0284 datap = path;
0285 strsep(&datap, "\n");
0286
0287 rc = kernel_read_file_from_path(path, 0, &data, INT_MAX, NULL,
0288 READING_POLICY);
0289 if (rc < 0) {
0290 pr_err("Unable to open file: %s (%d)", path, rc);
0291 return rc;
0292 }
0293 size = rc;
0294 rc = 0;
0295
0296 datap = data;
0297 while (size > 0 && (p = strsep(&datap, "\n"))) {
0298 pr_debug("rule: %s\n", p);
0299 rc = ima_parse_add_rule(p);
0300 if (rc < 0)
0301 break;
0302 size -= rc;
0303 }
0304
0305 vfree(data);
0306 if (rc < 0)
0307 return rc;
0308 else if (size)
0309 return -EINVAL;
0310 else
0311 return pathlen;
0312 }
0313
0314 static ssize_t ima_write_policy(struct file *file, const char __user *buf,
0315 size_t datalen, loff_t *ppos)
0316 {
0317 char *data;
0318 ssize_t result;
0319
0320 if (datalen >= PAGE_SIZE)
0321 datalen = PAGE_SIZE - 1;
0322
0323
0324 result = -EINVAL;
0325 if (*ppos != 0)
0326 goto out;
0327
0328 data = memdup_user_nul(buf, datalen);
0329 if (IS_ERR(data)) {
0330 result = PTR_ERR(data);
0331 goto out;
0332 }
0333
0334 result = mutex_lock_interruptible(&ima_write_mutex);
0335 if (result < 0)
0336 goto out_free;
0337
0338 if (data[0] == '/') {
0339 result = ima_read_policy(data);
0340 } else if (ima_appraise & IMA_APPRAISE_POLICY) {
0341 pr_err("signed policy file (specified as an absolute pathname) required\n");
0342 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL,
0343 "policy_update", "signed policy required",
0344 1, 0);
0345 result = -EACCES;
0346 } else {
0347 result = ima_parse_add_rule(data);
0348 }
0349 mutex_unlock(&ima_write_mutex);
0350 out_free:
0351 kfree(data);
0352 out:
0353 if (result < 0)
0354 valid_policy = 0;
0355
0356 return result;
0357 }
0358
0359 static struct dentry *ima_dir;
0360 static struct dentry *ima_symlink;
0361 static struct dentry *binary_runtime_measurements;
0362 static struct dentry *ascii_runtime_measurements;
0363 static struct dentry *runtime_measurements_count;
0364 static struct dentry *violations;
0365 static struct dentry *ima_policy;
0366
0367 enum ima_fs_flags {
0368 IMA_FS_BUSY,
0369 };
0370
0371 static unsigned long ima_fs_flags;
0372
0373 #ifdef CONFIG_IMA_READ_POLICY
0374 static const struct seq_operations ima_policy_seqops = {
0375 .start = ima_policy_start,
0376 .next = ima_policy_next,
0377 .stop = ima_policy_stop,
0378 .show = ima_policy_show,
0379 };
0380 #endif
0381
0382
0383
0384
0385 static int ima_open_policy(struct inode *inode, struct file *filp)
0386 {
0387 if (!(filp->f_flags & O_WRONLY)) {
0388 #ifndef CONFIG_IMA_READ_POLICY
0389 return -EACCES;
0390 #else
0391 if ((filp->f_flags & O_ACCMODE) != O_RDONLY)
0392 return -EACCES;
0393 if (!capable(CAP_SYS_ADMIN))
0394 return -EPERM;
0395 return seq_open(filp, &ima_policy_seqops);
0396 #endif
0397 }
0398 if (test_and_set_bit(IMA_FS_BUSY, &ima_fs_flags))
0399 return -EBUSY;
0400 return 0;
0401 }
0402
0403
0404
0405
0406
0407
0408
0409
0410 static int ima_release_policy(struct inode *inode, struct file *file)
0411 {
0412 const char *cause = valid_policy ? "completed" : "failed";
0413
0414 if ((file->f_flags & O_ACCMODE) == O_RDONLY)
0415 return seq_release(inode, file);
0416
0417 if (valid_policy && ima_check_policy() < 0) {
0418 cause = "failed";
0419 valid_policy = 0;
0420 }
0421
0422 pr_info("policy update %s\n", cause);
0423 integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL,
0424 "policy_update", cause, !valid_policy, 0);
0425
0426 if (!valid_policy) {
0427 ima_delete_rules();
0428 valid_policy = 1;
0429 clear_bit(IMA_FS_BUSY, &ima_fs_flags);
0430 return 0;
0431 }
0432
0433 ima_update_policy();
0434 #if !defined(CONFIG_IMA_WRITE_POLICY) && !defined(CONFIG_IMA_READ_POLICY)
0435 securityfs_remove(ima_policy);
0436 ima_policy = NULL;
0437 #elif defined(CONFIG_IMA_WRITE_POLICY)
0438 clear_bit(IMA_FS_BUSY, &ima_fs_flags);
0439 #elif defined(CONFIG_IMA_READ_POLICY)
0440 inode->i_mode &= ~S_IWUSR;
0441 #endif
0442 return 0;
0443 }
0444
0445 static const struct file_operations ima_measure_policy_ops = {
0446 .open = ima_open_policy,
0447 .write = ima_write_policy,
0448 .read = seq_read,
0449 .release = ima_release_policy,
0450 .llseek = generic_file_llseek,
0451 };
0452
0453 int __init ima_fs_init(void)
0454 {
0455 int ret;
0456
0457 ima_dir = securityfs_create_dir("ima", integrity_dir);
0458 if (IS_ERR(ima_dir))
0459 return PTR_ERR(ima_dir);
0460
0461 ima_symlink = securityfs_create_symlink("ima", NULL, "integrity/ima",
0462 NULL);
0463 if (IS_ERR(ima_symlink)) {
0464 ret = PTR_ERR(ima_symlink);
0465 goto out;
0466 }
0467
0468 binary_runtime_measurements =
0469 securityfs_create_file("binary_runtime_measurements",
0470 S_IRUSR | S_IRGRP, ima_dir, NULL,
0471 &ima_measurements_ops);
0472 if (IS_ERR(binary_runtime_measurements)) {
0473 ret = PTR_ERR(binary_runtime_measurements);
0474 goto out;
0475 }
0476
0477 ascii_runtime_measurements =
0478 securityfs_create_file("ascii_runtime_measurements",
0479 S_IRUSR | S_IRGRP, ima_dir, NULL,
0480 &ima_ascii_measurements_ops);
0481 if (IS_ERR(ascii_runtime_measurements)) {
0482 ret = PTR_ERR(ascii_runtime_measurements);
0483 goto out;
0484 }
0485
0486 runtime_measurements_count =
0487 securityfs_create_file("runtime_measurements_count",
0488 S_IRUSR | S_IRGRP, ima_dir, NULL,
0489 &ima_measurements_count_ops);
0490 if (IS_ERR(runtime_measurements_count)) {
0491 ret = PTR_ERR(runtime_measurements_count);
0492 goto out;
0493 }
0494
0495 violations =
0496 securityfs_create_file("violations", S_IRUSR | S_IRGRP,
0497 ima_dir, NULL, &ima_htable_violations_ops);
0498 if (IS_ERR(violations)) {
0499 ret = PTR_ERR(violations);
0500 goto out;
0501 }
0502
0503 ima_policy = securityfs_create_file("policy", POLICY_FILE_FLAGS,
0504 ima_dir, NULL,
0505 &ima_measure_policy_ops);
0506 if (IS_ERR(ima_policy)) {
0507 ret = PTR_ERR(ima_policy);
0508 goto out;
0509 }
0510
0511 return 0;
0512 out:
0513 securityfs_remove(ima_policy);
0514 securityfs_remove(violations);
0515 securityfs_remove(runtime_measurements_count);
0516 securityfs_remove(ascii_runtime_measurements);
0517 securityfs_remove(binary_runtime_measurements);
0518 securityfs_remove(ima_symlink);
0519 securityfs_remove(ima_dir);
0520
0521 return ret;
0522 }
