From: "Serge E. Hallyn" <serge@hallyn.com>
To: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
James Morris <jmorris@namei.org>,
David Safford <safford@watson.ibm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Greg KH <greg@kroah.com>,
Dmitry Kasatkin <dmitry.kasatkin@nokia.com>,
Mimi Zohar <zohar@us.ibm.com>
Subject: Re: [PATCH v5 01/21] integrity: move ima inode integrity data management
Date: Wed, 18 May 2011 21:06:20 -0500 [thread overview]
Message-ID: <20110519020619.GA10188@mail.hallyn.com> (raw)
In-Reply-To: <1305557115-15652-2-git-send-email-zohar@linux.vnet.ibm.com>
Quoting Mimi Zohar (zohar@linux.vnet.ibm.com):
> Move the inode integrity data(iint) management up to the integrity directory
> in order to share the iint among the different integrity models.
You also
rename several globally visible ima_* functions, structs, locks etc to
integrity_\0
replace '20' by SHA1_DIGEST_SIZE
remove unnecessary initialization of iint_initialized to 0
Which all are fine, but probably should be mentioned in changelog,
along with the magic phrase "no other functional changes" to aid
reviewers.
> Changelog:
> - Rebased on current ima_iint.c
> - Define integrity_iint_store/lock as static
>
> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
thanks,
-serge
> ---
> include/linux/ima.h | 13 ---
> include/linux/integrity.h | 30 +++++++
> security/Kconfig | 2 +-
> security/Makefile | 4 +-
> security/integrity/Kconfig | 6 ++
> security/integrity/Makefile | 10 ++
> security/integrity/iint.c | 170 +++++++++++++++++++++++++++++++++++++
> security/integrity/ima/Kconfig | 1 +
> security/integrity/ima/Makefile | 2 +-
> security/integrity/ima/ima.h | 29 ++-----
> security/integrity/ima/ima_api.c | 7 +-
> security/integrity/ima/ima_iint.c | 169 ------------------------------------
> security/integrity/ima/ima_main.c | 12 ++--
> security/integrity/integrity.h | 37 ++++++++
> security/security.c | 3 +-
> 15 files changed, 279 insertions(+), 216 deletions(-)
> create mode 100644 include/linux/integrity.h
> create mode 100644 security/integrity/Kconfig
> create mode 100644 security/integrity/Makefile
> create mode 100644 security/integrity/iint.c
> delete mode 100644 security/integrity/ima/ima_iint.c
> create mode 100644 security/integrity/integrity.h
>
> diff --git a/include/linux/ima.h b/include/linux/ima.h
> index 09e6e62..6ac8e50 100644
> --- a/include/linux/ima.h
> +++ b/include/linux/ima.h
> @@ -15,8 +15,6 @@ struct linux_binprm;
>
> #ifdef CONFIG_IMA
> extern int ima_bprm_check(struct linux_binprm *bprm);
> -extern int ima_inode_alloc(struct inode *inode);
> -extern void ima_inode_free(struct inode *inode);
> extern int ima_file_check(struct file *file, int mask);
> extern void ima_file_free(struct file *file);
> extern int ima_file_mmap(struct file *file, unsigned long prot);
> @@ -27,16 +25,6 @@ static inline int ima_bprm_check(struct linux_binprm *bprm)
> return 0;
> }
>
> -static inline int ima_inode_alloc(struct inode *inode)
> -{
> - return 0;
> -}
> -
> -static inline void ima_inode_free(struct inode *inode)
> -{
> - return;
> -}
> -
> static inline int ima_file_check(struct file *file, int mask)
> {
> return 0;
> @@ -51,6 +39,5 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot)
> {
> return 0;
> }
> -
> #endif /* CONFIG_IMA_H */
> #endif /* _LINUX_IMA_H */
> diff --git a/include/linux/integrity.h b/include/linux/integrity.h
> new file mode 100644
> index 0000000..9059812
> --- /dev/null
> +++ b/include/linux/integrity.h
> @@ -0,0 +1,30 @@
> +/*
> + * Copyright (C) 2009 IBM Corporation
> + * Author: Mimi Zohar <zohar@us.ibm.com>
> + *
> + * This program is free software; you can redistribute it and/or modify
> + * it under the terms of the GNU General Public License as published by
> + * the Free Software Foundation, version 2 of the License.
> + */
> +
> +#ifndef _LINUX_INTEGRITY_H
> +#define _LINUX_INTEGRITY_H
> +
> +#include <linux/fs.h>
> +
> +#ifdef CONFIG_INTEGRITY
> +extern int integrity_inode_alloc(struct inode *inode);
> +extern void integrity_inode_free(struct inode *inode);
> +
> +#else
> +static inline int integrity_inode_alloc(struct inode *inode)
> +{
> + return 0;
> +}
> +
> +static inline void integrity_inode_free(struct inode *inode)
> +{
> + return;
> +}
> +#endif /* CONFIG_INTEGRITY_H */
> +#endif /* _LINUX_INTEGRITY_H */
> diff --git a/security/Kconfig b/security/Kconfig
> index e0f08b5..22847a8 100644
> --- a/security/Kconfig
> +++ b/security/Kconfig
> @@ -186,7 +186,7 @@ source security/smack/Kconfig
> source security/tomoyo/Kconfig
> source security/apparmor/Kconfig
>
> -source security/integrity/ima/Kconfig
> +source security/integrity/Kconfig
>
> choice
> prompt "Default security module"
> diff --git a/security/Makefile b/security/Makefile
> index 8bb0fe9..a5e502f 100644
> --- a/security/Makefile
> +++ b/security/Makefile
> @@ -24,5 +24,5 @@ obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/built-in.o
> obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o
>
> # Object integrity file lists
> -subdir-$(CONFIG_IMA) += integrity/ima
> -obj-$(CONFIG_IMA) += integrity/ima/built-in.o
> +subdir-$(CONFIG_INTEGRITY) += integrity
> +obj-$(CONFIG_INTEGRITY) += integrity/built-in.o
> diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
> new file mode 100644
> index 0000000..2704691
> --- /dev/null
> +++ b/security/integrity/Kconfig
> @@ -0,0 +1,6 @@
> +#
> +config INTEGRITY
> + def_bool y
> + depends on IMA
> +
> +source security/integrity/ima/Kconfig
> diff --git a/security/integrity/Makefile b/security/integrity/Makefile
> new file mode 100644
> index 0000000..6eddd61
> --- /dev/null
> +++ b/security/integrity/Makefile
> @@ -0,0 +1,10 @@
> +#
> +# Makefile for caching inode integrity data (iint)
> +#
> +
> +obj-$(CONFIG_INTEGRITY) += integrity.o
> +
> +integrity-y := iint.o
> +
> +subdir-$(CONFIG_IMA) += ima
> +obj-$(CONFIG_IMA) += ima/built-in.o
> diff --git a/security/integrity/iint.c b/security/integrity/iint.c
> new file mode 100644
> index 0000000..d17de48
> --- /dev/null
> +++ b/security/integrity/iint.c
> @@ -0,0 +1,170 @@
> +/*
> + * Copyright (C) 2008 IBM Corporation
> + *
> + * Authors:
> + * Mimi Zohar <zohar@us.ibm.com>
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation, version 2 of the
> + * License.
> + *
> + * File: integrity_iint.c
> + * - implements the integrity hooks: integrity_inode_alloc,
> + * integrity_inode_free
> + * - cache integrity information associated with an inode
> + * using a rbtree tree.
> + */
> +#include <linux/slab.h>
> +#include <linux/module.h>
> +#include <linux/spinlock.h>
> +#include <linux/rbtree.h>
> +#include "integrity.h"
> +
> +static struct rb_root integrity_iint_tree = RB_ROOT;
> +static DEFINE_SPINLOCK(integrity_iint_lock);
> +static struct kmem_cache *iint_cache __read_mostly;
> +
> +int iint_initialized;
> +
> +/*
> + * __integrity_iint_find - return the iint associated with an inode
> + */
> +static struct integrity_iint_cache *__integrity_iint_find(struct inode *inode)
> +{
> + struct integrity_iint_cache *iint;
> + struct rb_node *n = integrity_iint_tree.rb_node;
> +
> + assert_spin_locked(&integrity_iint_lock);
> +
> + while (n) {
> + iint = rb_entry(n, struct integrity_iint_cache, rb_node);
> +
> + if (inode < iint->inode)
> + n = n->rb_left;
> + else if (inode > iint->inode)
> + n = n->rb_right;
> + else
> + break;
> + }
> + if (!n)
> + return NULL;
> +
> + return iint;
> +}
> +
> +/*
> + * integrity_iint_find - return the iint associated with an inode
> + */
> +struct integrity_iint_cache *integrity_iint_find(struct inode *inode)
> +{
> + struct integrity_iint_cache *iint;
> +
> + if (!IS_IMA(inode))
> + return NULL;
> +
> + spin_lock(&integrity_iint_lock);
> + iint = __integrity_iint_find(inode);
> + spin_unlock(&integrity_iint_lock);
> +
> + return iint;
> +}
> +
> +static void iint_free(struct integrity_iint_cache *iint)
> +{
> + iint->version = 0;
> + iint->flags = 0UL;
> + kmem_cache_free(iint_cache, iint);
> +}
> +
> +/**
> + * integrity_inode_alloc - allocate an iint associated with an inode
> + * @inode: pointer to the inode
> + */
> +int integrity_inode_alloc(struct inode *inode)
> +{
> + struct rb_node **p;
> + struct rb_node *new_node, *parent = NULL;
> + struct integrity_iint_cache *new_iint, *test_iint;
> + int rc;
> +
> + new_iint = kmem_cache_alloc(iint_cache, GFP_NOFS);
> + if (!new_iint)
> + return -ENOMEM;
> +
> + new_iint->inode = inode;
> + new_node = &new_iint->rb_node;
> +
> + mutex_lock(&inode->i_mutex); /* i_flags */
> + spin_lock(&integrity_iint_lock);
> +
> + p = &integrity_iint_tree.rb_node;
> + while (*p) {
> + parent = *p;
> + test_iint = rb_entry(parent, struct integrity_iint_cache,
> + rb_node);
> + rc = -EEXIST;
> + if (inode < test_iint->inode)
> + p = &(*p)->rb_left;
> + else if (inode > test_iint->inode)
> + p = &(*p)->rb_right;
> + else
> + goto out_err;
> + }
> +
> + inode->i_flags |= S_IMA;
> + rb_link_node(new_node, parent, p);
> + rb_insert_color(new_node, &integrity_iint_tree);
> +
> + spin_unlock(&integrity_iint_lock);
> + mutex_unlock(&inode->i_mutex); /* i_flags */
> +
> + return 0;
> +out_err:
> + spin_unlock(&integrity_iint_lock);
> + mutex_unlock(&inode->i_mutex); /* i_flags */
> + iint_free(new_iint);
> +
> + return rc;
> +}
> +
> +/**
> + * integrity_inode_free - called on security_inode_free
> + * @inode: pointer to the inode
> + *
> + * Free the integrity information(iint) associated with an inode.
> + */
> +void integrity_inode_free(struct inode *inode)
> +{
> + struct integrity_iint_cache *iint;
> +
> + if (!IS_IMA(inode))
> + return;
> +
> + spin_lock(&integrity_iint_lock);
> + iint = __integrity_iint_find(inode);
> + rb_erase(&iint->rb_node, &integrity_iint_tree);
> + spin_unlock(&integrity_iint_lock);
> +
> + iint_free(iint);
> +}
> +
> +static void init_once(void *foo)
> +{
> + struct integrity_iint_cache *iint = foo;
> +
> + memset(iint, 0, sizeof *iint);
> + iint->version = 0;
> + iint->flags = 0UL;
> + mutex_init(&iint->mutex);
> +}
> +
> +static int __init integrity_iintcache_init(void)
> +{
> + iint_cache =
> + kmem_cache_create("iint_cache", sizeof(struct integrity_iint_cache),
> + 0, SLAB_PANIC, init_once);
> + iint_initialized = 1;
> + return 0;
> +}
> +security_initcall(integrity_iintcache_init);
> diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
> index b6ecfd4..19c053b 100644
> --- a/security/integrity/ima/Kconfig
> +++ b/security/integrity/ima/Kconfig
> @@ -3,6 +3,7 @@
> config IMA
> bool "Integrity Measurement Architecture(IMA)"
> depends on SECURITY
> + select INTEGRITY
> select SECURITYFS
> select CRYPTO
> select CRYPTO_HMAC
> diff --git a/security/integrity/ima/Makefile b/security/integrity/ima/Makefile
> index 787c4cb..5690c02 100644
> --- a/security/integrity/ima/Makefile
> +++ b/security/integrity/ima/Makefile
> @@ -6,4 +6,4 @@
> obj-$(CONFIG_IMA) += ima.o
>
> ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \
> - ima_policy.o ima_iint.o ima_audit.o
> + ima_policy.o ima_audit.o
> diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
> index 08408bd..29d97af 100644
> --- a/security/integrity/ima/ima.h
> +++ b/security/integrity/ima/ima.h
> @@ -24,11 +24,13 @@
> #include <linux/tpm.h>
> #include <linux/audit.h>
>
> +#include "../integrity.h"
> +
> enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_ASCII };
> enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 };
>
> /* digest size for IMA, fits SHA1 or MD5 */
> -#define IMA_DIGEST_SIZE 20
> +#define IMA_DIGEST_SIZE SHA1_DIGEST_SIZE
> #define IMA_EVENT_NAME_LEN_MAX 255
>
> #define IMA_HASH_BITS 9
> @@ -96,34 +98,21 @@ static inline unsigned long ima_hash_key(u8 *digest)
> return hash_long(*digest, IMA_HASH_BITS);
> }
>
> -/* iint cache flags */
> -#define IMA_MEASURED 0x01
> -
> -/* integrity data associated with an inode */
> -struct ima_iint_cache {
> - struct rb_node rb_node; /* rooted in ima_iint_tree */
> - struct inode *inode; /* back pointer to inode in question */
> - u64 version; /* track inode changes */
> - unsigned char flags;
> - u8 digest[IMA_DIGEST_SIZE];
> - struct mutex mutex; /* protects: version, flags, digest */
> -};
> -
> /* LIM API function definitions */
> int ima_must_measure(struct inode *inode, int mask, int function);
> -int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file);
> -void ima_store_measurement(struct ima_iint_cache *iint, struct file *file,
> +int ima_collect_measurement(struct integrity_iint_cache *iint,
> + struct file *file);
> +void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file,
> const unsigned char *filename);
> int ima_store_template(struct ima_template_entry *entry, int violation,
> struct inode *inode);
> -void ima_template_show(struct seq_file *m, void *e,
> - enum ima_show_type show);
> +void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show);
>
> /* rbtree tree calls to lookup, insert, delete
> * integrity data associated with an inode.
> */
> -struct ima_iint_cache *ima_iint_insert(struct inode *inode);
> -struct ima_iint_cache *ima_iint_find(struct inode *inode);
> +struct integrity_iint_cache *integrity_iint_insert(struct inode *inode);
> +struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
>
> /* IMA policy related functions */
> enum ima_hooks { FILE_CHECK = 1, FILE_MMAP, BPRM_CHECK };
> diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
> index da36d2c..0d50df0 100644
> --- a/security/integrity/ima/ima_api.c
> +++ b/security/integrity/ima/ima_api.c
> @@ -126,7 +126,8 @@ int ima_must_measure(struct inode *inode, int mask, int function)
> *
> * Return 0 on success, error code otherwise
> */
> -int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file)
> +int ima_collect_measurement(struct integrity_iint_cache *iint,
> + struct file *file)
> {
> int result = -EEXIST;
>
> @@ -156,8 +157,8 @@ int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file)
> *
> * Must be called with iint->mutex held.
> */
> -void ima_store_measurement(struct ima_iint_cache *iint, struct file *file,
> - const unsigned char *filename)
> +void ima_store_measurement(struct integrity_iint_cache *iint,
> + struct file *file, const unsigned char *filename)
> {
> const char *op = "add_template_measure";
> const char *audit_cause = "ENOMEM";
> diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c
> deleted file mode 100644
> index 4ae7304..0000000
> --- a/security/integrity/ima/ima_iint.c
> +++ /dev/null
> @@ -1,169 +0,0 @@
> -/*
> - * Copyright (C) 2008 IBM Corporation
> - *
> - * Authors:
> - * Mimi Zohar <zohar@us.ibm.com>
> - *
> - * This program is free software; you can redistribute it and/or
> - * modify it under the terms of the GNU General Public License as
> - * published by the Free Software Foundation, version 2 of the
> - * License.
> - *
> - * File: ima_iint.c
> - * - implements the IMA hooks: ima_inode_alloc, ima_inode_free
> - * - cache integrity information associated with an inode
> - * using a rbtree tree.
> - */
> -#include <linux/slab.h>
> -#include <linux/module.h>
> -#include <linux/spinlock.h>
> -#include <linux/rbtree.h>
> -#include "ima.h"
> -
> -static struct rb_root ima_iint_tree = RB_ROOT;
> -static DEFINE_SPINLOCK(ima_iint_lock);
> -static struct kmem_cache *iint_cache __read_mostly;
> -
> -int iint_initialized = 0;
> -
> -/*
> - * __ima_iint_find - return the iint associated with an inode
> - */
> -static struct ima_iint_cache *__ima_iint_find(struct inode *inode)
> -{
> - struct ima_iint_cache *iint;
> - struct rb_node *n = ima_iint_tree.rb_node;
> -
> - assert_spin_locked(&ima_iint_lock);
> -
> - while (n) {
> - iint = rb_entry(n, struct ima_iint_cache, rb_node);
> -
> - if (inode < iint->inode)
> - n = n->rb_left;
> - else if (inode > iint->inode)
> - n = n->rb_right;
> - else
> - break;
> - }
> - if (!n)
> - return NULL;
> -
> - return iint;
> -}
> -
> -/*
> - * ima_iint_find - return the iint associated with an inode
> - */
> -struct ima_iint_cache *ima_iint_find(struct inode *inode)
> -{
> - struct ima_iint_cache *iint;
> -
> - if (!IS_IMA(inode))
> - return NULL;
> -
> - spin_lock(&ima_iint_lock);
> - iint = __ima_iint_find(inode);
> - spin_unlock(&ima_iint_lock);
> -
> - return iint;
> -}
> -
> -static void iint_free(struct ima_iint_cache *iint)
> -{
> - iint->version = 0;
> - iint->flags = 0UL;
> - kmem_cache_free(iint_cache, iint);
> -}
> -
> -/**
> - * ima_inode_alloc - allocate an iint associated with an inode
> - * @inode: pointer to the inode
> - */
> -int ima_inode_alloc(struct inode *inode)
> -{
> - struct rb_node **p;
> - struct rb_node *new_node, *parent = NULL;
> - struct ima_iint_cache *new_iint, *test_iint;
> - int rc;
> -
> - new_iint = kmem_cache_alloc(iint_cache, GFP_NOFS);
> - if (!new_iint)
> - return -ENOMEM;
> -
> - new_iint->inode = inode;
> - new_node = &new_iint->rb_node;
> -
> - mutex_lock(&inode->i_mutex); /* i_flags */
> - spin_lock(&ima_iint_lock);
> -
> - p = &ima_iint_tree.rb_node;
> - while (*p) {
> - parent = *p;
> - test_iint = rb_entry(parent, struct ima_iint_cache, rb_node);
> -
> - rc = -EEXIST;
> - if (inode < test_iint->inode)
> - p = &(*p)->rb_left;
> - else if (inode > test_iint->inode)
> - p = &(*p)->rb_right;
> - else
> - goto out_err;
> - }
> -
> - inode->i_flags |= S_IMA;
> - rb_link_node(new_node, parent, p);
> - rb_insert_color(new_node, &ima_iint_tree);
> -
> - spin_unlock(&ima_iint_lock);
> - mutex_unlock(&inode->i_mutex); /* i_flags */
> -
> - return 0;
> -out_err:
> - spin_unlock(&ima_iint_lock);
> - mutex_unlock(&inode->i_mutex); /* i_flags */
> - iint_free(new_iint);
> -
> - return rc;
> -}
> -
> -/**
> - * ima_inode_free - called on security_inode_free
> - * @inode: pointer to the inode
> - *
> - * Free the integrity information(iint) associated with an inode.
> - */
> -void ima_inode_free(struct inode *inode)
> -{
> - struct ima_iint_cache *iint;
> -
> - if (!IS_IMA(inode))
> - return;
> -
> - spin_lock(&ima_iint_lock);
> - iint = __ima_iint_find(inode);
> - rb_erase(&iint->rb_node, &ima_iint_tree);
> - spin_unlock(&ima_iint_lock);
> -
> - iint_free(iint);
> -}
> -
> -static void init_once(void *foo)
> -{
> - struct ima_iint_cache *iint = foo;
> -
> - memset(iint, 0, sizeof *iint);
> - iint->version = 0;
> - iint->flags = 0UL;
> - mutex_init(&iint->mutex);
> -}
> -
> -static int __init ima_iintcache_init(void)
> -{
> - iint_cache =
> - kmem_cache_create("iint_cache", sizeof(struct ima_iint_cache), 0,
> - SLAB_PANIC, init_once);
> - iint_initialized = 1;
> - return 0;
> -}
> -security_initcall(ima_iintcache_init);
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 39d66dc..25f9fe7 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -82,7 +82,7 @@ out:
> "open_writers");
> }
>
> -static void ima_check_last_writer(struct ima_iint_cache *iint,
> +static void ima_check_last_writer(struct integrity_iint_cache *iint,
> struct inode *inode,
> struct file *file)
> {
> @@ -105,12 +105,12 @@ static void ima_check_last_writer(struct ima_iint_cache *iint,
> void ima_file_free(struct file *file)
> {
> struct inode *inode = file->f_dentry->d_inode;
> - struct ima_iint_cache *iint;
> + struct integrity_iint_cache *iint;
>
> if (!iint_initialized || !S_ISREG(inode->i_mode))
> return;
>
> - iint = ima_iint_find(inode);
> + iint = integrity_iint_find(inode);
> if (!iint)
> return;
>
> @@ -121,7 +121,7 @@ static int process_measurement(struct file *file, const unsigned char *filename,
> int mask, int function)
> {
> struct inode *inode = file->f_dentry->d_inode;
> - struct ima_iint_cache *iint;
> + struct integrity_iint_cache *iint;
> int rc = 0;
>
> if (!ima_initialized || !S_ISREG(inode->i_mode))
> @@ -131,9 +131,9 @@ static int process_measurement(struct file *file, const unsigned char *filename,
> if (rc != 0)
> return rc;
> retry:
> - iint = ima_iint_find(inode);
> + iint = integrity_iint_find(inode);
> if (!iint) {
> - rc = ima_inode_alloc(inode);
> + rc = integrity_inode_alloc(inode);
> if (!rc || rc == -EEXIST)
> goto retry;
> return rc;
> diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
> new file mode 100644
> index 0000000..2217a28
> --- /dev/null
> +++ b/security/integrity/integrity.h
> @@ -0,0 +1,37 @@
> +/*
> + * Copyright (C) 2009-2010 IBM Corporation
> + *
> + * Authors:
> + * Mimi Zohar <zohar@us.ibm.com>
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation, version 2 of the
> + * License.
> + *
> + */
> +
> +#include <linux/types.h>
> +#include <linux/integrity.h>
> +#include <crypto/sha.h>
> +
> +#define MAX_DIGEST_SIZE SHA1_DIGEST_SIZE
> +
> +/* iint cache flags */
> +#define IMA_MEASURED 0x01
> +
> +/* integrity data associated with an inode */
> +struct integrity_iint_cache {
> + struct rb_node rb_node; /* rooted in integrity_iint_tree */
> + struct inode *inode; /* back pointer to inode in question */
> + u64 version; /* track inode changes */
> + unsigned char flags;
> + u8 digest[MAX_DIGEST_SIZE];
> + struct mutex mutex; /* protects: version, flags, digest */
> +};
> +
> +/* rbtree tree calls to lookup, insert, delete
> + * integrity data associated with an inode.
> + */
> +struct integrity_iint_cache *integrity_iint_insert(struct inode *inode);
> +struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
> diff --git a/security/security.c b/security/security.c
> index 1011423..d0c6576 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -16,6 +16,7 @@
> #include <linux/init.h>
> #include <linux/kernel.h>
> #include <linux/security.h>
> +#include <linux/integrity.h>
> #include <linux/ima.h>
>
> /* Boot-time LSM user choice */
> @@ -334,7 +335,7 @@ int security_inode_alloc(struct inode *inode)
>
> void security_inode_free(struct inode *inode)
> {
> - ima_inode_free(inode);
> + integrity_inode_free(inode);
> security_ops->inode_free_security(inode);
> }
>
> --
> 1.7.3.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
next prev parent reply other threads:[~2011-05-19 2:06 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-16 14:44 [PATCH v5 00/21] EVM Mimi Zohar
2011-05-16 14:44 ` [PATCH v5 01/21] integrity: move ima inode integrity data management Mimi Zohar
2011-05-19 2:06 ` Serge E. Hallyn [this message]
2011-05-19 22:45 ` Mimi Zohar
2011-05-16 14:44 ` [PATCH v5 02/21] xattr: define vfs_getxattr_alloc and vfs_xattr_cmp Mimi Zohar
2011-05-19 2:11 ` Serge E. Hallyn
2011-05-16 14:44 ` [PATCH v5 03/21] evm: re-release Mimi Zohar
2011-05-19 6:05 ` Serge E. Hallyn
2011-05-19 22:49 ` Mimi Zohar
2011-05-20 11:12 ` Harald Hoyer
2011-05-20 11:21 ` Mimi Zohar
2011-05-19 21:37 ` Serge E. Hallyn
2011-05-20 12:29 ` Mimi Zohar
2011-05-20 13:43 ` Serge E. Hallyn
2011-05-16 14:44 ` [PATCH v5 04/21] evm: add support for different security.evm data types Mimi Zohar
2011-05-16 14:44 ` [PATCH v5 05/21] ima: move ima_file_free before releasing the file Mimi Zohar
2011-05-19 22:06 ` Serge E. Hallyn
2011-05-20 0:55 ` Mimi Zohar
2011-05-20 13:40 ` Serge E. Hallyn
2011-05-20 14:34 ` Mimi Zohar
2011-05-20 15:25 ` Serge E. Hallyn
2011-05-16 14:45 ` [PATCH v5 06/21] security: imbed evm calls in security hooks Mimi Zohar
2011-05-19 22:13 ` Serge E. Hallyn
2011-05-16 14:45 ` [PATCH v5 07/21] evm: evm_inode_post_removexattr Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 08/21] evm: imbed evm_inode_post_setattr Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 09/21] evm: evm_inode_post_init Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 10/21] fs: add evm_inode_post_init calls Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 11/21] evm: crypto hash replaced by shash Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 12/21] evm: add evm_inode_post_init call in btrfs Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 13/21] evm: add evm_inode_post_init call in gfs2 Mimi Zohar
2011-05-16 15:30 ` [Cluster-devel] " Steven Whitehouse
2011-05-16 15:30 ` Steven Whitehouse
2011-05-16 15:50 ` Mimi Zohar
2011-05-16 16:14 ` [Cluster-devel] " Steven Whitehouse
2011-05-16 16:14 ` Steven Whitehouse
2011-05-16 16:14 ` Steven Whitehouse
2011-05-16 16:35 ` Mimi Zohar
2011-05-16 17:50 ` Mimi Zohar
2011-05-16 17:57 ` [Cluster-devel] " Steven Whitehouse
2011-05-16 17:57 ` Steven Whitehouse
2011-05-16 18:20 ` Mimi Zohar
2011-05-16 18:23 ` Casey Schaufler
2011-05-16 18:48 ` Mimi Zohar
2011-05-16 19:25 ` Casey Schaufler
2011-05-19 0:55 ` Mimi Zohar
2011-05-19 9:25 ` [Cluster-devel] " Steven Whitehouse
2011-05-19 9:25 ` Steven Whitehouse
2011-05-16 14:45 ` [PATCH v5 14/21] evm: add evm_inode_post_init call in jffs2 Mimi Zohar
2011-05-16 14:45 ` Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 15/21] evm: add evm_inode_post_init call in jfs Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 16/21] evm: add evm_inode_post_init call in xfs Mimi Zohar
2011-05-16 14:45 ` Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 17/21] evm: additional parameter to pass integrity cache entry 'iint' Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 18/21] evm: evm_verify_hmac must not return INTEGRITY_UNKNOWN Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 19/21] evm: replace hmac_status with evm_status Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 20/21] evm: permit only valid security.evm xattrs to be updated Mimi Zohar
2011-05-16 14:45 ` [PATCH v5 21/21] evm: add evm_inode_setattr to prevent updating an invalid security.evm Mimi Zohar
2011-05-19 0:25 ` [PATCH v5 00/21] EVM Andrew Morton
2011-05-19 1:51 ` Mimi Zohar
2011-05-20 0:51 ` James Morris
2011-05-20 1:07 ` Mimi Zohar
2011-05-20 13:06 ` David Safford
2011-05-20 14:13 ` Casey Schaufler
2011-05-26 6:08 ` Pavel Machek
2011-05-26 16:34 ` Casey Schaufler
2011-05-26 18:11 ` David Safford
2011-05-26 18:38 ` Pavel Machek
2011-05-26 19:30 ` Casey Schaufler
2011-05-26 20:02 ` Pavel Machek
2011-05-26 20:32 ` Casey Schaufler
2011-05-26 19:49 ` Mimi Zohar
2011-05-26 20:17 ` Pavel Machek
2011-05-27 17:45 ` David Safford
2011-05-29 6:58 ` Pavel Machek
2011-05-31 12:05 ` Mimi Zohar
2011-05-31 13:40 ` Valdis.Kletnieks
2011-06-01 22:11 ` Dmitry Kasatkin
2011-05-20 18:50 ` Serge E. Hallyn
2011-05-23 22:09 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110519020619.GA10188@mail.hallyn.com \
--to=serge@hallyn.com \
--cc=akpm@linux-foundation.org \
--cc=dmitry.kasatkin@nokia.com \
--cc=greg@kroah.com \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=zohar@linux.vnet.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.