From patchwork Fri Jun 7 00:23:28 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prakhar Srivastava X-Patchwork-Id: 10980605 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 0E11A6C5 for ; Fri, 7 Jun 2019 00:24:03 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F048228AF3 for ; Fri, 7 Jun 2019 00:24:02 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E44A228AF7; Fri, 7 Jun 2019 00:24:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 347A728AF4 for ; Fri, 7 Jun 2019 00:24:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728201AbfFGAYB (ORCPT ); Thu, 6 Jun 2019 20:24:01 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:32914 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728164AbfFGAYB (ORCPT ); Thu, 6 Jun 2019 20:24:01 -0400 Received: by mail-pg1-f194.google.com with SMTP id h17so175791pgv.0; Thu, 06 Jun 2019 17:24:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=hckSLCeKIoVXacDaHtL22Ml1ZlZHnr9jEMcdvvjf21A=; b=V2BrLf52zYKJtKuhz9EPieT3mUwYCTvb3g3eRnfwEv9utmNgsUgY7+UuX2BISQxb0l sVaX2RY1IGXJSRkxvyw4s5zr9gjMue8YQfxVq7vivBPM1j7DO1DYa5BpU2BbUBoX88vw UAgUB6tafTZAjXB5RPmFQ7UNhFrGfbFPAA7f5KHf02oqYy8K+hDkwG6RWTdvTv5ylC5L QWTIHbZtX4BWa5HUvrV3R/o7d5mR9NInZJx0QyHNX723Z/Yr2RiaglvzrFWQlfnUcVHR EqcI8C3KVMBk2Sb8R2PR2SmZ7cBQT8VPeTrRFe9RhD4AF+gMZoAc+3TGq2VoEWryXoaJ NwKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hckSLCeKIoVXacDaHtL22Ml1ZlZHnr9jEMcdvvjf21A=; b=WM3ihONmLu0nxQmo95pR5AhbWLzASUScaK56X1Kjy5DeuzLl/jLBVaRD7HOWWaXq+b 9FIqlBGJWO6MBEENGnKkl1/Hevuzx7RoCWIAJqP0/MwS9OZGcxgD1AfGiRt4tLIxHfuJ 1MUDeJ3utwv3r64R8v7cGvTzzIdJ6Kv2yj8yfEnbhyoDz/Q4LFxjKRb0oTQxi2bjcGZ7 7Y77G7i0N5OUEWhYEYaGvaOXW7TtRP1VIORL/bxYMfJIRqnRvtiBF3GJvK5XVAvOkJeY OnsCYz2vryGzoO+BuIwwadZb1uNnj6n413G4W+z1vtetO7yAwnUFLhlbvFTPiobt8kFC wGhA== X-Gm-Message-State: APjAAAVoLuuuf0TeQt0ZPNruN1w7ioYorNiCIOuEsp7j8oa8VM3akEnb HyUGKKhS9FVIXpxA07jjiAp6i5CL X-Google-Smtp-Source: APXvYqxi7sHr8OXL/S7kcw7Tew3717zgBGZg5pnkMk0Bfl6VD1x2nwijHrWAmYRjDv3YotxhJF5pdg== X-Received: by 2002:a63:ff0c:: with SMTP id k12mr461445pgi.32.1559867040014; Thu, 06 Jun 2019 17:24:00 -0700 (PDT) Received: from localhost.localdomain ([167.220.98.69]) by smtp.gmail.com with ESMTPSA id o13sm324179pfh.23.2019.06.06.17.23.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 17:23:59 -0700 (PDT) From: Prakhar Srivastava To: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Cc: zohar@linux.ibm.com, roberto.sassu@huawei.com, vgoyal@redhat.com, Prakhar Srivastava Subject: [PATCH v7 1/3] Add a new ima hook ima_kexec_cmdline to measure cmdline args Date: Thu, 6 Jun 2019 17:23:28 -0700 Message-Id: <20190607002330.2999-2-prsriva02@gmail.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190607002330.2999-1-prsriva02@gmail.com> References: <20190607002330.2999-1-prsriva02@gmail.com> MIME-Version: 1.0 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This patch adds support in ima to measure kexec cmdline args during soft reboot kexec_file_load. - A new ima hook ima_kexec_cmdline is defined to be called by the kexec code. - A new function process_buffer_measurement is defined to measure the buffer hash into the ima log. - A new func policy KEXEC_CMDLINE is defined to control the measurement.[Suggested by Mimi] Hash computation can be tested using sudo cat /sys/kernel/security/integrity/ima/ascii_runtime_measurements | grep kexec-cmdline | cut -d' ' -f 6 | xxd -r -p | sha256sum Signed-off-by: Prakhar Srivastava --- Documentation/ABI/testing/ima_policy | 1 + include/linux/ima.h | 2 + security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_api.c | 1 + security/integrity/ima/ima_main.c | 77 ++++++++++++++++++++++++++++ security/integrity/ima/ima_policy.c | 9 ++++ 6 files changed, 91 insertions(+) diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy index b383c1763610..fc376a323908 100644 --- a/Documentation/ABI/testing/ima_policy +++ b/Documentation/ABI/testing/ima_policy @@ -28,6 +28,7 @@ Description: base: func:= [BPRM_CHECK][MMAP_CHECK][CREDS_CHECK][FILE_CHECK][MODULE_CHECK] [FIRMWARE_CHECK] [KEXEC_KERNEL_CHECK] [KEXEC_INITRAMFS_CHECK] + [KEXEC_CMDLINE] mask:= [[^]MAY_READ] [[^]MAY_WRITE] [[^]MAY_APPEND] [[^]MAY_EXEC] fsmagic:= hex value diff --git a/include/linux/ima.h b/include/linux/ima.h index fd9f7cf4cdf5..b42f5a006042 100644 --- a/include/linux/ima.h +++ b/include/linux/ima.h @@ -26,6 +26,7 @@ extern int ima_read_file(struct file *file, enum kernel_read_file_id id); extern int ima_post_read_file(struct file *file, void *buf, loff_t size, enum kernel_read_file_id id); extern void ima_post_path_mknod(struct dentry *dentry); +extern void ima_kexec_cmdline(const void *buf, int size); #ifdef CONFIG_IMA_KEXEC extern void ima_add_kexec_buffer(struct kimage *image); @@ -92,6 +93,7 @@ static inline void ima_post_path_mknod(struct dentry *dentry) return; } +static inline void ima_kexec_cmdline(const void *buf, int size) {} #endif /* CONFIG_IMA */ #ifndef CONFIG_IMA_KEXEC diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 18b48a6d0b80..a4ad1270bffa 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -185,6 +185,7 @@ static inline unsigned long ima_hash_key(u8 *digest) hook(KEXEC_KERNEL_CHECK) \ hook(KEXEC_INITRAMFS_CHECK) \ hook(POLICY_CHECK) \ + hook(KEXEC_CMDLINE) \ hook(MAX_CHECK) #define __ima_hook_enumify(ENUM) ENUM, diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 78eb11c7ac07..ea7d8cbf712f 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -176,6 +176,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, * subj=, obj=, type=, func=, mask=, fsmagic= * subj,obj, and type: are LSM specific. * func: FILE_CHECK | BPRM_CHECK | CREDS_CHECK | MMAP_CHECK | MODULE_CHECK + * | KEXEC_CMDLINE * mask: contains the permission mask * fsmagic: hex value * diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index af341a80118f..e4f301381ffb 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -605,6 +605,83 @@ int ima_load_data(enum kernel_load_data_id id) return 0; } +/* + * process_buffer_measurement - Measure the buffer to ima log. + * @buf: pointer to the buffer that needs to be added to the log. + * @size: size of buffer(in bytes). + * @eventname: event name to be used for the buffer entry. + * @cred: a pointer to a credentials structure for user validation. + * @secid: the secid of the task to be validated. + * + * Based on policy, the buffer is measured into the ima log. + */ +static void process_buffer_measurement(const void *buf, int size, + const char *eventname, const struct cred *cred, + u32 secid) +{ + int ret = 0; + struct ima_template_entry *entry = NULL; + struct integrity_iint_cache tmp_iint, *iint = &tmp_iint; + struct ima_event_data event_data = {.iint = iint}; + struct ima_template_desc *template_desc = NULL; + struct { + struct ima_digest_data hdr; + char digest[IMA_MAX_DIGEST_SIZE]; + } hash; + int violation = 0; + int pcr = CONFIG_IMA_MEASURE_PCR_IDX; + int action = 0; + + action = ima_get_action(NULL, cred, secid, 0, KEXEC_CMDLINE, &pcr, + &template_desc); + if (!(action & IMA_MEASURE)) + goto out; + + memset(iint, 0, sizeof(*iint)); + memset(&hash, 0, sizeof(hash)); + + event_data.filename = eventname; + + iint->ima_hash = &hash.hdr; + iint->ima_hash->algo = ima_hash_algo; + iint->ima_hash->length = hash_digest_size[ima_hash_algo]; + + ret = ima_calc_buffer_hash(buf, size, iint->ima_hash); + if (ret < 0) + goto out; + + ret = ima_alloc_init_template(&event_data, &entry, template_desc); + if (ret < 0) + goto out; + + if (action & IMA_MEASURE) + ret = ima_store_template(entry, violation, NULL, buf, pcr); + + if (ret < 0) + ima_free_template_entry(entry); + +out: + return; +} + +/** + * ima_kexec_cmdline - measure kexec cmdline boot args + * @buf: pointer to buffer + * @size: size of buffer + * + * Buffers can only be measured, not appraised. + */ +void ima_kexec_cmdline(const void *buf, int size) +{ + u32 secid; + + if (buf && size != 0) { + security_task_getsecid(current, &secid); + process_buffer_measurement(buf, size, "kexec-cmdline", + current_cred(), secid); + } +} + static int __init init_ima(void) { int error; diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index fd9b01881d17..98e351e13557 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -292,6 +292,13 @@ static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, { int i; + /* only incase of KEXEC_CMDLINE, inode is NULL */ + if (func == KEXEC_CMDLINE) { + if ((rule->flags & IMA_FUNC) && + (rule->func == func) && (!inode)) + return true; + return false; + } if ((rule->flags & IMA_FUNC) && (rule->func != func && func != POST_SETATTR)) return false; @@ -880,6 +887,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) entry->func = KEXEC_INITRAMFS_CHECK; else if (strcmp(args[0].from, "POLICY_CHECK") == 0) entry->func = POLICY_CHECK; + else if (strcmp(args[0].from, "KEXEC_CMDLINE") == 0) + entry->func = KEXEC_CMDLINE; else result = -EINVAL; if (!result) From patchwork Fri Jun 7 00:23:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prakhar Srivastava X-Patchwork-Id: 10980609 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id ADD6E14C0 for ; Fri, 7 Jun 2019 00:24:07 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9ACF328AF3 for ; Fri, 7 Jun 2019 00:24:07 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8F4FF28AF5; Fri, 7 Jun 2019 00:24:07 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DD75E28AF3 for ; Fri, 7 Jun 2019 00:24:06 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728228AbfFGAYG (ORCPT ); Thu, 6 Jun 2019 20:24:06 -0400 Received: from mail-pl1-f193.google.com ([209.85.214.193]:43585 "EHLO mail-pl1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728164AbfFGAYF (ORCPT ); Thu, 6 Jun 2019 20:24:05 -0400 Received: by mail-pl1-f193.google.com with SMTP id cl9so93218plb.10; Thu, 06 Jun 2019 17:24:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=shUvO/uALYYYiabiTVXXX7TFdnr0+YAGqwBC2xXOs1I=; b=DWA/uWxh1OP3EU4EMjkhhQXhKfoqXmaScZcQjE0WbT8pfwLPJFwEGMfZX+cELGcejD 9k4OPxmyapjjYXQGFXvZRY4UtDipQ/O0a4+ubsmTQ5I5Z/HlSZf6j/uaXbZ+aVJL5bxm Ly5JVAttV4IJbpsUgDCFycySASE6od+fLpId+5SQSYuCxwsqD1gEHy5SlFuuPCLMv0L9 PC1fgFYDc98YB3KWeNFinmpr+6kRrEx5hMyaa+uyZSUZbS6RKIuJ/e5FQhEHAMIqIhZy htVwL/aXQDd49Tpv6eP0MudbTOwW2FiRWiKWBEjrWN9UBrNyzmzPTgGH/PA6C7kBjSif +bGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=shUvO/uALYYYiabiTVXXX7TFdnr0+YAGqwBC2xXOs1I=; b=Vtn/0uypzDS/ktb/qSI9rIzHkLSgOjmbPzN/Ah4+7nV/8VxZfFRmOYg9JD/cgstIXc 5LLQyx5XQ4F2NpiFn3HLHjPmwW+Jnmkp7dPci1sYskSd0v2ud3VGd7NEQVtlzgduUflW PHRHm9EGcnvVWA8EIMzo569HcDyEdZBS+nWOyFp+4B2bAqgZIE6UJ2GzZtOu+kjSXDkd GyQiMHyBf5PQtz7XcOmWgIrRAW+Arf0YiGi3FmFlqbnqOf6/ZzEoRKZzpgQOpq/7R/Q1 8ZOgYrEn638gzyma6VseZEZrlb3zZ2FzCNCpmTmBR4yhNztclvoVMM+CAYBL+QUamVGD pH8w== X-Gm-Message-State: APjAAAWtthJNVPLoEmlJmWWQlv4EesHSvBVHlHgm1yAbNMjtSmNElN9T xQaBH+Mu34lV2ZmeMMGZycU9IwDV X-Google-Smtp-Source: APXvYqwjhmKcAaaGHYD0+lgDApcZ4N4LOCeGmxd5C8XRhg/VK9YK2h7VKOwdKXRLi/eyaHfI4jq5lQ== X-Received: by 2002:a17:902:bd46:: with SMTP id b6mr52625359plx.173.1559867044506; Thu, 06 Jun 2019 17:24:04 -0700 (PDT) Received: from localhost.localdomain ([167.220.98.69]) by smtp.gmail.com with ESMTPSA id o13sm324179pfh.23.2019.06.06.17.24.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 17:24:04 -0700 (PDT) From: Prakhar Srivastava To: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Cc: zohar@linux.ibm.com, roberto.sassu@huawei.com, vgoyal@redhat.com, Prakhar Srivastava Subject: [PATCH v7 2/3] add a new ima template field buf Date: Thu, 6 Jun 2019 17:23:29 -0700 Message-Id: <20190607002330.2999-3-prsriva02@gmail.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190607002330.2999-1-prsriva02@gmail.com> References: <20190607002330.2999-1-prsriva02@gmail.com> MIME-Version: 1.0 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A buffer(kexec cmdline args) measured into ima cannot be appraised without already being aware of the buffer contents. Since hashes are non-reversible, raw buffer is needed for validation or regenerating hash for appraisal/attestation. This patch adds support to ima to allow store/read the buffer contents in HEX. - Add two new fields to ima_event_data to hold the buf and buf_len [Suggested by Roberto] - Add a new temaplte field 'buf' to be used to store/read the buffer data.[Suggested by Mimi] - Updated process_buffer_meaurement to add the buffer to ima_event_data. process_buffer_measurement added in "Add a new ima hook ima_kexec_cmdline to measure cmdline args" Signed-off-by: Prakhar Srivastava Reviewed-by: Roberto Sassu --- Documentation/security/IMA-templates.rst | 4 ++-- security/integrity/ima/ima.h | 2 ++ security/integrity/ima/ima_api.c | 4 ++-- security/integrity/ima/ima_init.c | 2 +- security/integrity/ima/ima_main.c | 2 ++ security/integrity/ima/ima_template.c | 2 ++ security/integrity/ima/ima_template_lib.c | 20 ++++++++++++++++++++ security/integrity/ima/ima_template_lib.h | 4 ++++ 8 files changed, 35 insertions(+), 5 deletions(-) diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst index 2cd0e273cc9a..3e78ce3591db 100644 --- a/Documentation/security/IMA-templates.rst +++ b/Documentation/security/IMA-templates.rst @@ -69,8 +69,8 @@ descriptors by adding their identifier to the format string algorithm (field format: [:]digest, where the digest prefix is shown only if the hash algorithm is not SHA1 or MD5); - 'n-ng': the name of the event, without size limitations; - - 'sig': the file signature. - + - 'sig': the file signature; + - 'buf': the buffer data that was used to generate the hash without size limitations; Below, there is the list of defined template descriptors: diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index a4ad1270bffa..16110180545c 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -65,6 +65,8 @@ struct ima_event_data { struct evm_ima_xattr_data *xattr_value; int xattr_len; const char *violation; + const void *buf; + int buf_len; }; /* IMA template field data definition */ diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index ea7d8cbf712f..83ca99d65e4b 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -140,7 +140,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename, struct ima_template_entry *entry; struct inode *inode = file_inode(file); struct ima_event_data event_data = {iint, file, filename, NULL, 0, - cause}; + cause, NULL, 0}; int violation = 1; int result; @@ -296,7 +296,7 @@ void ima_store_measurement(struct integrity_iint_cache *iint, struct inode *inode = file_inode(file); struct ima_template_entry *entry; struct ima_event_data event_data = {iint, file, filename, xattr_value, - xattr_len, NULL}; + xattr_len, NULL, NULL, 0}; int violation = 0; if (iint->measured_pcrs & (0x1 << pcr)) diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index 993d0f1915ff..c8591406c0e2 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -50,7 +50,7 @@ static int __init ima_add_boot_aggregate(void) struct ima_template_entry *entry; struct integrity_iint_cache tmp_iint, *iint = &tmp_iint; struct ima_event_data event_data = {iint, NULL, boot_aggregate_name, - NULL, 0, NULL}; + NULL, 0, NULL, NULL, 0}; int result = -ENOMEM; int violation = 0; struct { diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index e4f301381ffb..9308d664f074 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -641,6 +641,8 @@ static void process_buffer_measurement(const void *buf, int size, memset(&hash, 0, sizeof(hash)); event_data.filename = eventname; + event_data.buf = buf; + event_data.buf_len = size; iint->ima_hash = &hash.hdr; iint->ima_hash->algo = ima_hash_algo; diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c index e6e892f31cbd..8c40de18a0aa 100644 --- a/security/integrity/ima/ima_template.c +++ b/security/integrity/ima/ima_template.c @@ -43,6 +43,8 @@ static const struct ima_template_field supported_fields[] = { .field_show = ima_show_template_string}, {.field_id = "sig", .field_init = ima_eventsig_init, .field_show = ima_show_template_sig}, + {.field_id = "buf", .field_init = ima_eventbuf_init, + .field_show = ima_show_template_buf}, }; #define MAX_TEMPLATE_NAME_LEN 15 diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c index 513b457ae900..43d1404141c1 100644 --- a/security/integrity/ima/ima_template_lib.c +++ b/security/integrity/ima/ima_template_lib.c @@ -162,6 +162,12 @@ void ima_show_template_sig(struct seq_file *m, enum ima_show_type show, ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data); } +void ima_show_template_buf(struct seq_file *m, enum ima_show_type show, + struct ima_field_data *field_data) +{ + ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data); +} + /** * ima_parse_buf() - Parses lengths and data from an input buffer * @bufstartp: Buffer start address. @@ -389,3 +395,17 @@ int ima_eventsig_init(struct ima_event_data *event_data, return ima_write_template_field_data(xattr_value, event_data->xattr_len, DATA_FMT_HEX, field_data); } + +/* + * ima_eventbuf_init - include the buffer(kexec-cmldine) as part of the + * template data. + */ +int ima_eventbuf_init(struct ima_event_data *event_data, + struct ima_field_data *field_data) +{ + if ((!event_data->buf) || (event_data->buf_len == 0)) + return 0; + + return ima_write_template_field_data(event_data->buf, event_data->buf_len, + DATA_FMT_HEX, field_data); +} diff --git a/security/integrity/ima/ima_template_lib.h b/security/integrity/ima/ima_template_lib.h index 6a3d8b831deb..f0178bc60c55 100644 --- a/security/integrity/ima/ima_template_lib.h +++ b/security/integrity/ima/ima_template_lib.h @@ -29,6 +29,8 @@ void ima_show_template_string(struct seq_file *m, enum ima_show_type show, struct ima_field_data *field_data); void ima_show_template_sig(struct seq_file *m, enum ima_show_type show, struct ima_field_data *field_data); +void ima_show_template_buf(struct seq_file *m, enum ima_show_type show, + struct ima_field_data *field_data); int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp, int maxfields, struct ima_field_data *fields, int *curfields, unsigned long *len_mask, int enforce_mask, char *bufname); @@ -42,4 +44,6 @@ int ima_eventname_ng_init(struct ima_event_data *event_data, struct ima_field_data *field_data); int ima_eventsig_init(struct ima_event_data *event_data, struct ima_field_data *field_data); +int ima_eventbuf_init(struct ima_event_data *event_data, + struct ima_field_data *field_data); #endif /* __LINUX_IMA_TEMPLATE_LIB_H */ From patchwork Fri Jun 7 00:23:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Prakhar Srivastava X-Patchwork-Id: 10980611 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9FD1514C0 for ; Fri, 7 Jun 2019 00:24:11 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DDAC28AF4 for ; Fri, 7 Jun 2019 00:24:11 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8010728AF5; Fri, 7 Jun 2019 00:24:11 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 2CA6E28AF3 for ; Fri, 7 Jun 2019 00:24:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728261AbfFGAYK (ORCPT ); Thu, 6 Jun 2019 20:24:10 -0400 Received: from mail-pl1-f194.google.com ([209.85.214.194]:42128 "EHLO mail-pl1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728164AbfFGAYJ (ORCPT ); Thu, 6 Jun 2019 20:24:09 -0400 Received: by mail-pl1-f194.google.com with SMTP id go2so95800plb.9; Thu, 06 Jun 2019 17:24:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=jdwxKl4wizRzQbk4/KFjYiC+r5p9VBOXnRG4nGLJdyM=; b=frlMsdvRlMIKMpedZliCN+HPffi6wAqXgAoTFT8Ks+g5V7zdE7bX8303KGk27gtbes KMHRG6XxHla+t/fP27Flq6gQ4Pv6SdLY5U4NbA2c1MIQuZwsttKx6pVpUxn8YO/EGFAX 9rgGij9qUU0JNksQt5hHOuXHl2Tzi2sluMKkmdzufcam7R2Q213zaozVtY3CHbANb1GT HD8d0cfs4kHCjLoETZCpWnSW/UMg8aPu92Aakyfpky0kzUO/hMKQNiwIEr19kzLJRFB0 2xqVrL6IHVIj7ycebNkSBfparupv7fFgKsy7dpANcDbDMl5NcIgik2M989+cU/l16kd/ rQQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=jdwxKl4wizRzQbk4/KFjYiC+r5p9VBOXnRG4nGLJdyM=; b=BeMZK73EAf0eP0xu1pqTrLYwbm4EJ1gP77xlrB5IhYXYm9ADjFNCwEFiTymd939fdA mqgRey5PdThzM1LCTHCgl3okYu1AAYsVGn+JuZljUoulV4fz2XTeBciv0Zj+xk7+b7VM 9hD0/MtiITgymti0YVoPskED46grgrgtuAvUVwKkE7l4KKj7jJCUMMmzHp6HX0h1pOA6 8WWDtUNw0HzFnwkeB/QAc+uCNuf869Iy/2uvEqSf/O+AYtWcBUODQGXDi0h2/dkeILD3 zwq+IxUyXFKsWDWc7e4I2o+BSseF+RxOicRY2k090SIN6Bpz6QZbnv3gSI5zuKL3HyjE qC8w== X-Gm-Message-State: APjAAAUtR2jea9/RxYBZgD+0Hb8OXE8iOV7lsMXL4O4i5/ANlTwfG0os 0PVTzB/ldxoetm32j2WNRPGzH7jT X-Google-Smtp-Source: APXvYqz/nkScLwgduXSW5wicT5ZRU/9QLcW+qAU40EZc1xQ7j9Og96KOCy6jxVbdHntHKFuBJ50DIA== X-Received: by 2002:a17:902:f01:: with SMTP id 1mr52664019ply.170.1559867048193; Thu, 06 Jun 2019 17:24:08 -0700 (PDT) Received: from localhost.localdomain ([167.220.98.69]) by smtp.gmail.com with ESMTPSA id o13sm324179pfh.23.2019.06.06.17.24.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 06 Jun 2019 17:24:07 -0700 (PDT) From: Prakhar Srivastava To: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Cc: zohar@linux.ibm.com, roberto.sassu@huawei.com, vgoyal@redhat.com, Prakhar Srivastava Subject: [PATCH v7 3/3] call ima_kexec_cmdline to measure the cmdline args Date: Thu, 6 Jun 2019 17:23:30 -0700 Message-Id: <20190607002330.2999-4-prsriva02@gmail.com> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20190607002330.2999-1-prsriva02@gmail.com> References: <20190607002330.2999-1-prsriva02@gmail.com> MIME-Version: 1.0 Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP During soft reboot(kexec_file_load) boot cmdline args are not measured.Thus the new kernel on load boots with an assumption of cold reboot. This patch makes a call to the ima hook ima_kexec_cmdline, added in "Add a new ima hook ima_kexec_cmdline to measure cmdline args" to measure the boot cmdline args into the ima log. - call ima_kexec_cmdline from kexec_file_load. - move the call ima_add_kexec_buffer after the cmdline args have been measured. Signed-off-by: Prakhar Srivastava --- kernel/kexec_file.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 072b6ee55e3f..ed4727586fc3 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -198,9 +198,6 @@ kimage_file_prepare_segments(struct kimage *image, int kernel_fd, int initrd_fd, return ret; image->kernel_buf_len = size; - /* IMA needs to pass the measurement list to the next kernel. */ - ima_add_kexec_buffer(image); - /* Call arch image probe handlers */ ret = arch_kexec_kernel_image_probe(image, image->kernel_buf, image->kernel_buf_len); @@ -241,8 +238,13 @@ kimage_file_prepare_segments(struct kimage *image, int kernel_fd, int initrd_fd, ret = -EINVAL; goto out; } + + ima_kexec_cmdline(image->cmdline_buf, image->cmdline_buf_len - 1); } + /* IMA needs to pass the measurement list to the next kernel. */ + ima_add_kexec_buffer(image); + /* Call arch image load handlers */ ldata = arch_kexec_kernel_image_load(image);