From: Mimi Zohar <zohar@linux.ibm.com>
To: Nayna Jain <nayna@linux.ibm.com>,
linuxppc-dev@ozlabs.org, linux-efi@vger.kernel.org,
linux-integrity@vger.kernel.org
Cc: linux-kernel@vger.kernel.org,
Michael Ellerman <mpe@ellerman.id.au>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Jeremy Kerr <jk@ozlabs.org>,
Matthew Garret <matthew.garret@nebula.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Claudio Carvalho <cclaudio@linux.ibm.com>,
George Wilson <gcwilson@linux.ibm.com>,
Elaine Palmer <erpalmer@us.ibm.com>,
Eric Ricther <erichte@linux.ibm.com>,
"Oliver O'Halloran" <oohall@gmail.com>,
Prakhar Srivastava <prsriva02@gmail.com>
Subject: Re: [PATCH v7 5/8] ima: make process_buffer_measurement() generic
Date: Fri, 11 Oct 2019 09:14:01 -0400 [thread overview]
Message-ID: <1570799641.5250.75.camel@linux.ibm.com> (raw)
In-Reply-To: <1570497267-13672-6-git-send-email-nayna@linux.ibm.com>
[Cc'ing Prakhar Srivastava]
On Mon, 2019-10-07 at 21:14 -0400, Nayna Jain wrote:
> An additional measurement record is needed to indicate the blacklisted
> binary. The record will measure the blacklisted binary hash.
>
> This patch makes the function process_buffer_measurement() generic to be
> called by the blacklisting function. It modifies the function to handle
> more than just the KEXEC_CMDLINE.
The purpose of this patch is to make process_buffer_measurement() more
generic. The patch description should simply say,
process_buffer_measurement() is limited to measuring the kexec boot
command line. This patch makes process_buffer_measurement() more
generic, allowing it to measure other types of buffer data (eg.
blacklisted binary hashes).
Mimi
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> security/integrity/ima/ima.h | 3 +++
> security/integrity/ima/ima_main.c | 29 ++++++++++++++---------------
> 2 files changed, 17 insertions(+), 15 deletions(-)
>
> diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> index 3689081aaf38..ed86c1f70d7f 100644
> --- a/security/integrity/ima/ima.h
> +++ b/security/integrity/ima/ima.h
> @@ -217,6 +217,9 @@ void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file,
> struct evm_ima_xattr_data *xattr_value,
> int xattr_len, const struct modsig *modsig, int pcr,
> struct ima_template_desc *template_desc);
> +void process_buffer_measurement(const void *buf, int size,
> + const char *eventname, int pcr,
> + struct ima_template_desc *template_desc);
> void ima_audit_measurement(struct integrity_iint_cache *iint,
> const unsigned char *filename);
> int ima_alloc_init_template(struct ima_event_data *event_data,
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 60027c643ecd..77115e884496 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -626,14 +626,14 @@ int ima_load_data(enum kernel_load_data_id id)
> * @buf: pointer to the buffer that needs to be added to the log.
> * @size: size of buffer(in bytes).
> * @eventname: event name to be used for the buffer entry.
> - * @cred: a pointer to a credentials structure for user validation.
> - * @secid: the secid of the task to be validated.
> + * @pcr: pcr to extend the measurement
> + * @template_desc: template description
> *
> * Based on policy, the buffer is measured into the ima log.
> */
> -static void process_buffer_measurement(const void *buf, int size,
> - const char *eventname,
> - const struct cred *cred, u32 secid)
> +void process_buffer_measurement(const void *buf, int size,
> + const char *eventname, int pcr,
> + struct ima_template_desc *template_desc)
> {
> int ret = 0;
> struct ima_template_entry *entry = NULL;
> @@ -642,19 +642,11 @@ static void process_buffer_measurement(const void *buf, int size,
> .filename = eventname,
> .buf = buf,
> .buf_len = size};
> - struct ima_template_desc *template_desc = NULL;
> struct {
> struct ima_digest_data hdr;
> char digest[IMA_MAX_DIGEST_SIZE];
> } hash = {};
> int violation = 0;
> - int pcr = CONFIG_IMA_MEASURE_PCR_IDX;
> - int action = 0;
> -
> - action = ima_get_action(NULL, cred, secid, 0, KEXEC_CMDLINE, &pcr,
> - &template_desc);
> - if (!(action & IMA_MEASURE))
> - return;
>
> iint.ima_hash = &hash.hdr;
> iint.ima_hash->algo = ima_hash_algo;
> @@ -686,12 +678,19 @@ static void process_buffer_measurement(const void *buf, int size,
> */
> void ima_kexec_cmdline(const void *buf, int size)
> {
> + int pcr = CONFIG_IMA_MEASURE_PCR_IDX;
> + struct ima_template_desc *template_desc = NULL;
> + int action;
> u32 secid;
>
> if (buf && size != 0) {
> security_task_getsecid(current, &secid);
> - process_buffer_measurement(buf, size, "kexec-cmdline",
> - current_cred(), secid);
> + action = ima_get_action(NULL, current_cred(), secid, 0,
> + KEXEC_CMDLINE, &pcr, &template_desc);
> + if (!(action & IMA_MEASURE))
> + return;
> + process_buffer_measurement(buf, size, "kexec-cmdline", pcr,
> + template_desc);
> }
> }
>
WARNING: multiple messages have this Message-ID (diff)
From: Mimi Zohar <zohar@linux.ibm.com>
To: Nayna Jain <nayna@linux.ibm.com>,
linuxppc-dev@ozlabs.org, linux-efi@vger.kernel.org,
linux-integrity@vger.kernel.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Eric Ricther <erichte@linux.ibm.com>,
Prakhar Srivastava <prsriva02@gmail.com>,
linux-kernel@vger.kernel.org,
Claudio Carvalho <cclaudio@linux.ibm.com>,
Matthew Garret <matthew.garret@nebula.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Paul Mackerras <paulus@samba.org>, Jeremy Kerr <jk@ozlabs.org>,
Elaine Palmer <erpalmer@us.ibm.com>,
Oliver O'Halloran <oohall@gmail.com>,
George Wilson <gcwilson@linux.ibm.com>
Subject: Re: [PATCH v7 5/8] ima: make process_buffer_measurement() generic
Date: Fri, 11 Oct 2019 09:14:01 -0400 [thread overview]
Message-ID: <1570799641.5250.75.camel@linux.ibm.com> (raw)
In-Reply-To: <1570497267-13672-6-git-send-email-nayna@linux.ibm.com>
[Cc'ing Prakhar Srivastava]
On Mon, 2019-10-07 at 21:14 -0400, Nayna Jain wrote:
> An additional measurement record is needed to indicate the blacklisted
> binary. The record will measure the blacklisted binary hash.
>
> This patch makes the function process_buffer_measurement() generic to be
> called by the blacklisting function. It modifies the function to handle
> more than just the KEXEC_CMDLINE.
The purpose of this patch is to make process_buffer_measurement() more
generic. The patch description should simply say,
process_buffer_measurement() is limited to measuring the kexec boot
command line. This patch makes process_buffer_measurement() more
generic, allowing it to measure other types of buffer data (eg.
blacklisted binary hashes).
Mimi
>
> Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
> ---
> security/integrity/ima/ima.h | 3 +++
> security/integrity/ima/ima_main.c | 29 ++++++++++++++---------------
> 2 files changed, 17 insertions(+), 15 deletions(-)
>
> diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> index 3689081aaf38..ed86c1f70d7f 100644
> --- a/security/integrity/ima/ima.h
> +++ b/security/integrity/ima/ima.h
> @@ -217,6 +217,9 @@ void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file,
> struct evm_ima_xattr_data *xattr_value,
> int xattr_len, const struct modsig *modsig, int pcr,
> struct ima_template_desc *template_desc);
> +void process_buffer_measurement(const void *buf, int size,
> + const char *eventname, int pcr,
> + struct ima_template_desc *template_desc);
> void ima_audit_measurement(struct integrity_iint_cache *iint,
> const unsigned char *filename);
> int ima_alloc_init_template(struct ima_event_data *event_data,
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 60027c643ecd..77115e884496 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -626,14 +626,14 @@ int ima_load_data(enum kernel_load_data_id id)
> * @buf: pointer to the buffer that needs to be added to the log.
> * @size: size of buffer(in bytes).
> * @eventname: event name to be used for the buffer entry.
> - * @cred: a pointer to a credentials structure for user validation.
> - * @secid: the secid of the task to be validated.
> + * @pcr: pcr to extend the measurement
> + * @template_desc: template description
> *
> * Based on policy, the buffer is measured into the ima log.
> */
> -static void process_buffer_measurement(const void *buf, int size,
> - const char *eventname,
> - const struct cred *cred, u32 secid)
> +void process_buffer_measurement(const void *buf, int size,
> + const char *eventname, int pcr,
> + struct ima_template_desc *template_desc)
> {
> int ret = 0;
> struct ima_template_entry *entry = NULL;
> @@ -642,19 +642,11 @@ static void process_buffer_measurement(const void *buf, int size,
> .filename = eventname,
> .buf = buf,
> .buf_len = size};
> - struct ima_template_desc *template_desc = NULL;
> struct {
> struct ima_digest_data hdr;
> char digest[IMA_MAX_DIGEST_SIZE];
> } hash = {};
> int violation = 0;
> - int pcr = CONFIG_IMA_MEASURE_PCR_IDX;
> - int action = 0;
> -
> - action = ima_get_action(NULL, cred, secid, 0, KEXEC_CMDLINE, &pcr,
> - &template_desc);
> - if (!(action & IMA_MEASURE))
> - return;
>
> iint.ima_hash = &hash.hdr;
> iint.ima_hash->algo = ima_hash_algo;
> @@ -686,12 +678,19 @@ static void process_buffer_measurement(const void *buf, int size,
> */
> void ima_kexec_cmdline(const void *buf, int size)
> {
> + int pcr = CONFIG_IMA_MEASURE_PCR_IDX;
> + struct ima_template_desc *template_desc = NULL;
> + int action;
> u32 secid;
>
> if (buf && size != 0) {
> security_task_getsecid(current, &secid);
> - process_buffer_measurement(buf, size, "kexec-cmdline",
> - current_cred(), secid);
> + action = ima_get_action(NULL, current_cred(), secid, 0,
> + KEXEC_CMDLINE, &pcr, &template_desc);
> + if (!(action & IMA_MEASURE))
> + return;
> + process_buffer_measurement(buf, size, "kexec-cmdline", pcr,
> + template_desc);
> }
> }
>
next prev parent reply other threads:[~2019-10-11 13:14 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-08 1:14 [PATCH v7 0/8] powerpc: Enabling IMA arch specific secure boot policies Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-08 1:14 ` [PATCH v7 1/8] powerpc: detect the secure boot mode of the system Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-15 11:30 ` Michael Ellerman
2019-10-15 11:30 ` Michael Ellerman
2019-10-08 1:14 ` [PATCH v7 2/8] powerpc: add support to initialize ima policy rules Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-11 13:12 ` Mimi Zohar
2019-10-11 13:12 ` Mimi Zohar
2019-10-15 9:59 ` Michael Ellerman
2019-10-15 9:59 ` Michael Ellerman
2019-10-15 11:29 ` Michael Ellerman
2019-10-15 11:29 ` Michael Ellerman
2019-10-17 12:58 ` Nayna
2019-10-17 12:58 ` Nayna
2019-10-08 1:14 ` [PATCH v7 3/8] powerpc: detect the trusted boot state of the system Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-15 10:23 ` Michael Ellerman
2019-10-15 10:23 ` Michael Ellerman
2019-10-08 1:14 ` [PATCH v7 4/8] powerpc/ima: add measurement rules to ima arch specific policy Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-15 11:29 ` Michael Ellerman
2019-10-15 11:29 ` Michael Ellerman
2019-10-19 18:27 ` Nayna
2019-10-19 18:27 ` Nayna
2019-10-08 1:14 ` [PATCH v7 5/8] ima: make process_buffer_measurement() generic Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-11 13:14 ` Mimi Zohar [this message]
2019-10-11 13:14 ` Mimi Zohar
2019-10-08 1:14 ` [PATCH v7 6/8] certs: add wrapper function to check blacklisted binary hash Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-11 13:18 ` Mimi Zohar
2019-10-11 13:18 ` Mimi Zohar
2019-10-08 1:14 ` [PATCH v7 7/8] ima: check against blacklisted hashes for files with modsig Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-11 13:19 ` Mimi Zohar
2019-10-11 13:19 ` Mimi Zohar
2019-10-19 18:30 ` Nayna
2019-10-19 18:30 ` Nayna
2019-10-08 1:14 ` [PATCH v7 8/8] powerpc/ima: update ima arch policy to check for blacklist Nayna Jain
2019-10-08 1:14 ` Nayna Jain
2019-10-11 13:19 ` Mimi Zohar
2019-10-11 13:19 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1570799641.5250.75.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=ard.biesheuvel@linaro.org \
--cc=benh@kernel.crashing.org \
--cc=cclaudio@linux.ibm.com \
--cc=erichte@linux.ibm.com \
--cc=erpalmer@us.ibm.com \
--cc=gcwilson@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=jk@ozlabs.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@ozlabs.org \
--cc=matthew.garret@nebula.com \
--cc=mpe@ellerman.id.au \
--cc=nayna@linux.ibm.com \
--cc=oohall@gmail.com \
--cc=paulus@samba.org \
--cc=prsriva02@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.