From patchwork Thu May 9 11:24:20 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10937035 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 50A9A15A6 for ; Thu, 9 May 2019 11:29:16 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 412FE283C9 for ; Thu, 9 May 2019 11:29:16 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 34CAF28647; Thu, 9 May 2019 11:29:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CB56E28A47 for ; Thu, 9 May 2019 11:29:15 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726526AbfEIL3K (ORCPT ); Thu, 9 May 2019 07:29:10 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32930 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725869AbfEIL3K (ORCPT ); Thu, 9 May 2019 07:29:10 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id 9D6FBDF03E2FB9130A0C; Thu, 9 May 2019 12:29:08 +0100 (IST) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.154) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 9 May 2019 12:29:02 +0100 From: Roberto Sassu To: CC: , , , , , , , , , , , , , , , Roberto Sassu Subject: [PATCH v2 3/3] initramfs: introduce do_readxattrs() Date: Thu, 9 May 2019 13:24:20 +0200 Message-ID: <20190509112420.15671-4-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190509112420.15671-1-roberto.sassu@huawei.com> References: <20190509112420.15671-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.154] X-CFilter-Loop: Reflected Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This patch adds support for an alternative method to add xattrs to files in the rootfs filesystem. Instead of extracting them directly from the ram disk image, they are extracted from a regular file called .xattr-list, that can be added by any ram disk generator available today. .xattr-list can be generated by executing: $ getfattr --absolute-names -d -P -R -e hex -m - \ | xattr.awk -b > ${initdir}/.xattr-list where the content of the xattr.awk script is: #! /usr/bin/awk -f { if (!length($0)) { printf("%.10x%s\0", len, file); for (x in xattr) { printf("%.8x%s\0", xattr_len[x], x); for (i = 0; i < length(xattr[x]) / 2; i++) { printf("%c", strtonum("0x"substr(xattr[x], i * 2 + 1, 2))); } } i = 0; delete xattr; delete xattr_len; next; }; if (i == 0) { file=$3; len=length(file) + 8 + 1; } if (i > 0) { split($0, a, "="); xattr[a[1]]=substr(a[2], 3); xattr_len[a[1]]=length(a[1]) + 1 + 8 + length(xattr[a[1]]) / 2; len+=xattr_len[a[1]]; }; i++; } Signed-off-by: Roberto Sassu --- init/initramfs.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) diff --git a/init/initramfs.c b/init/initramfs.c index 98c2aa4b5ab4..91f35a84c592 100644 --- a/init/initramfs.c +++ b/init/initramfs.c @@ -11,6 +11,9 @@ #include #include +#define XATTR_LIST_FILENAME ".xattr-list" + + static ssize_t __init xwrite(int fd, const char *p, size_t count) { ssize_t out = 0; @@ -451,6 +454,91 @@ static int __init do_setxattrs(void) return 0; } +struct path_hdr { + char p_size[10]; /* total size including p_size field */ + char p_data[]; /* \0 */ +}; + +static int __init do_readxattrs(void) +{ + struct path_hdr hdr; + char str[sizeof(hdr.p_size) + 1]; + unsigned long file_entry_size; + size_t size, name_buf_size, total_size; + struct kstat st; + int ret, fd; + + ret = vfs_lstat(XATTR_LIST_FILENAME, &st); + if (ret < 0) + return ret; + + total_size = st.size; + + fd = ksys_open(XATTR_LIST_FILENAME, O_RDONLY, 0); + if (fd < 0) + return fd; + + while (total_size) { + size = ksys_read(fd, (char *)&hdr, sizeof(hdr)); + if (size != sizeof(hdr)) { + ret = -EIO; + goto out; + } + + total_size -= size; + + memcpy(str, hdr.p_size, sizeof(hdr.p_size)); + ret = kstrtoul(str, 16, &file_entry_size); + if (ret < 0) + goto out; + + file_entry_size -= sizeof(sizeof(hdr.p_size)); + if (file_entry_size > total_size) { + ret = -EINVAL; + goto out; + } + + name_buf = vmalloc(file_entry_size); + if (!name_buf) { + ret = -ENOMEM; + goto out; + } + + size = ksys_read(fd, name_buf, file_entry_size); + if (size != file_entry_size) { + ret = -EIO; + goto out_free; + } + + total_size -= size; + + name_buf_size = strnlen(name_buf, file_entry_size); + if (name_buf_size == file_entry_size) { + ret = -EINVAL; + goto out_free; + } + + xattr_buf = name_buf + name_buf_size + 1; + xattr_len = file_entry_size - name_buf_size - 1; + + ret = do_setxattrs(); + vfree(name_buf); + name_buf = NULL; + + if (ret < 0) + break; + } +out_free: + vfree(name_buf); +out: + ksys_close(fd); + + if (ret < 0) + error("Unable to parse xattrs"); + + return ret; +} + static __initdata int (*actions[])(void) = { [Start] = do_start, [Collect] = do_collect, @@ -554,6 +642,7 @@ static char * __init unpack_to_rootfs(char *buf, unsigned long len) buf += my_inptr; len -= my_inptr; } + do_readxattrs(); dir_utime(); kfree(name_buf); kfree(symlink_buf);