From patchwork Wed Jun 21 18:18:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 9802557 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id F35256038C for ; Wed, 21 Jun 2017 18:22:08 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E62D8286D5 for ; Wed, 21 Jun 2017 18:22:08 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E489C286C5; Wed, 21 Jun 2017 18:22:08 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 76E41286C5 for ; Wed, 21 Jun 2017 18:21:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752352AbdFUSTr (ORCPT ); Wed, 21 Jun 2017 14:19:47 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:43984 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751085AbdFUSTp (ORCPT ); Wed, 21 Jun 2017 14:19:45 -0400 Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v5LIIV6U145305 for ; Wed, 21 Jun 2017 14:19:45 -0400 Received: from e23smtp07.au.ibm.com (e23smtp07.au.ibm.com [202.81.31.140]) by mx0a-001b2d01.pphosted.com with ESMTP id 2b7uxfe5dp-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Wed, 21 Jun 2017 14:19:45 -0400 Received: from localhost by e23smtp07.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 22 Jun 2017 04:19:42 +1000 Received: from d23relay06.au.ibm.com (202.81.31.225) by e23smtp07.au.ibm.com (202.81.31.204) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 22 Jun 2017 04:19:41 +1000 Received: from d23av05.au.ibm.com (d23av05.au.ibm.com [9.190.234.119]) by d23relay06.au.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v5LIJW1p66191440; Thu, 22 Jun 2017 04:19:40 +1000 Received: from d23av05.au.ibm.com (localhost [127.0.0.1]) by d23av05.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id v5LIJ8Df027640; Thu, 22 Jun 2017 04:19:08 +1000 Received: from localhost.localdomain.com ([9.80.97.110]) by d23av05.au.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id v5LIJ1gT027128; Thu, 22 Jun 2017 04:19:05 +1000 From: Mimi Zohar To: Christoph Hellwig , Al Viro Cc: Mimi Zohar , James Morris , linux-fsdevel@vger.kernel.org, linux-ima-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org Subject: [PATCH v2 01/10] ima: always measure and audit files in policy Date: Wed, 21 Jun 2017 14:18:21 -0400 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1498069110-10009-1-git-send-email-zohar@linux.vnet.ibm.com> References: <1498069110-10009-1-git-send-email-zohar@linux.vnet.ibm.com> X-TM-AS-MML: disable x-cbid: 17062118-0044-0000-0000-00000271C41C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17062118-0045-0000-0000-0000070179C9 Message-Id: <1498069110-10009-2-git-send-email-zohar@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-06-21_04:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1703280000 definitions=main-1706210306 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP All files matching a "measure" rule must be included in the IMA measurement list, even when the file hash cannot be calculated. Similarly, all files matching an "audit" rule must be audited, even when the file hash cannot be calculated. The file data hash field contained in the IMA measurement list template data will contain 0's instead of the actual file hash digest. Mimi Zohar --- security/integrity/ima/ima_api.c | 7 +++++-- security/integrity/ima/ima_main.c | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index c2edba8de35e..174cf2e8dd45 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -217,15 +217,18 @@ int ima_collect_measurement(struct integrity_iint_cache *iint, result = (!buf) ? ima_calc_file_hash(file, &hash.hdr) : ima_calc_buffer_hash(buf, size, &hash.hdr); - if (!result) { + if (!result || (result == -EBADF)) { int length = sizeof(hash.hdr) + hash.hdr.length; void *tmpbuf = krealloc(iint->ima_hash, length, GFP_NOFS); if (tmpbuf) { iint->ima_hash = tmpbuf; + if (result == -EBADF) + memset(&hash.digest, 0, hash.hdr.length); memcpy(iint->ima_hash, &hash, length); iint->version = i_version; - iint->flags |= IMA_COLLECTED; + if (result != -EBADF) + iint->flags |= IMA_COLLECTED; } else result = -ENOMEM; } diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 2aebb7984437..63777d1210b1 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -235,7 +235,7 @@ static int process_measurement(struct file *file, char *buf, loff_t size, hash_algo = ima_get_hash_algo(xattr_value, xattr_len); rc = ima_collect_measurement(iint, file, buf, size, hash_algo); - if (rc != 0) { + if (rc != 0 && rc != -EBADF) { if (file->f_flags & O_DIRECT) rc = (iint->flags & IMA_PERMIT_DIRECTIO) ? 0 : -EACCES; goto out_digsig; @@ -247,7 +247,7 @@ static int process_measurement(struct file *file, char *buf, loff_t size, if (action & IMA_MEASURE) ima_store_measurement(iint, file, pathname, xattr_value, xattr_len, pcr); - if (action & IMA_APPRAISE_SUBMASK) + if ((rc != -EBADF) && (action & IMA_APPRAISE_SUBMASK)) rc = ima_appraise_measurement(func, iint, file, pathname, xattr_value, xattr_len, opened); if (action & IMA_AUDIT)