From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: linux-security-module@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
James Morris <jmorris@namei.org>,
David Safford <safford@watson.ibm.com>,
Andrew Morton <akpm@linux-foundation.org>,
Greg KH <greg@kroah.com>,
Dmitry Kasatkin <dmitry.s.kasatkin@gmail.com>,
Mimi Zohar <zohar@us.ibm.com>
Subject: [PATCH v6 05/20] security: imbed evm calls in security hooks
Date: Thu, 2 Jun 2011 08:23:28 -0400 [thread overview]
Message-ID: <1307017423-15093-6-git-send-email-zohar@linux.vnet.ibm.com> (raw)
In-Reply-To: <1307017423-15093-1-git-send-email-zohar@linux.vnet.ibm.com>
Imbed the evm calls evm_inode_setxattr(), evm_inode_post_setxattr(),
evm_inode_removexattr() in the security hooks. evm_inode_setxattr()
protects security.evm xattr. evm_inode_post_setxattr() and
evm_inode_removexattr() updates the hmac associated with an inode.
(Assumes an LSM module protects the setting/removing of xattr.)
Changelog:
- Don't define evm_verifyxattr(), unless CONFIG_INTEGRITY is enabled.
- xattr_name is a 'const', value is 'void *'
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---
include/linux/evm.h | 56 +++++++++++++++++++++++++++++++++++++
security/integrity/evm/evm_main.c | 1 +
security/security.c | 16 +++++++++-
3 files changed, 71 insertions(+), 2 deletions(-)
create mode 100644 include/linux/evm.h
diff --git a/include/linux/evm.h b/include/linux/evm.h
new file mode 100644
index 0000000..8b4e9e3
--- /dev/null
+++ b/include/linux/evm.h
@@ -0,0 +1,56 @@
+/*
+ * evm.h
+ *
+ * Copyright (c) 2009 IBM Corporation
+ * Author: Mimi Zohar <zohar@us.ibm.com>
+ */
+
+#ifndef _LINUX_EVM_H
+#define _LINUX_EVM_H
+
+#include <linux/integrity.h>
+
+#ifdef CONFIG_EVM
+extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
+ const char *xattr_name,
+ void *xattr_value,
+ size_t xattr_value_len);
+extern int evm_inode_setxattr(struct dentry *dentry, const char *name,
+ const void *value, size_t size);
+extern void evm_inode_post_setxattr(struct dentry *dentry,
+ const char *xattr_name,
+ const void *xattr_value,
+ size_t xattr_value_len);
+extern int evm_inode_removexattr(struct dentry *dentry, const char *xattr_name);
+#else
+#ifdef CONFIG_INTEGRITY
+static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
+ const char *xattr_name,
+ void *xattr_value,
+ size_t xattr_value_len)
+{
+ return INTEGRITY_UNKNOWN;
+}
+#endif
+
+static inline int evm_inode_setxattr(struct dentry *dentry, const char *name,
+ const void *value, size_t size)
+{
+ return 0;
+}
+
+static inline void evm_inode_post_setxattr(struct dentry *dentry,
+ const char *xattr_name,
+ const void *xattr_value,
+ size_t xattr_value_len)
+{
+ return;
+}
+
+static inline int evm_inode_removexattr(struct dentry *dentry,
+ const char *xattr_name)
+{
+ return 0;
+}
+#endif /* CONFIG_EVM_H */
+#endif /* LINUX_EVM_H */
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index c0580dd1..1746c36 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -18,6 +18,7 @@
#include <linux/crypto.h>
#include <linux/xattr.h>
#include <linux/integrity.h>
+#include <linux/evm.h>
#include "evm.h"
int evm_initialized;
diff --git a/security/security.c b/security/security.c
index 88829a47..e00d2d7 100644
--- a/security/security.c
+++ b/security/security.c
@@ -18,6 +18,7 @@
#include <linux/security.h>
#include <linux/integrity.h>
#include <linux/ima.h>
+#include <linux/evm.h>
/* Boot-time LSM user choice */
static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] =
@@ -547,9 +548,14 @@ int security_inode_getattr(struct vfsmount *mnt, struct dentry *dentry)
int security_inode_setxattr(struct dentry *dentry, const char *name,
const void *value, size_t size, int flags)
{
+ int ret;
+
if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_setxattr(dentry, name, value, size, flags);
+ ret = security_ops->inode_setxattr(dentry, name, value, size, flags);
+ if (ret)
+ return ret;
+ return evm_inode_setxattr(dentry, name, value, size);
}
void security_inode_post_setxattr(struct dentry *dentry, const char *name,
@@ -558,6 +564,7 @@ void security_inode_post_setxattr(struct dentry *dentry, const char *name,
if (unlikely(IS_PRIVATE(dentry->d_inode)))
return;
security_ops->inode_post_setxattr(dentry, name, value, size, flags);
+ evm_inode_post_setxattr(dentry, name, value, size);
}
int security_inode_getxattr(struct dentry *dentry, const char *name)
@@ -576,9 +583,14 @@ int security_inode_listxattr(struct dentry *dentry)
int security_inode_removexattr(struct dentry *dentry, const char *name)
{
+ int ret;
+
if (unlikely(IS_PRIVATE(dentry->d_inode)))
return 0;
- return security_ops->inode_removexattr(dentry, name);
+ ret = security_ops->inode_removexattr(dentry, name);
+ if (ret)
+ return ret;
+ return evm_inode_removexattr(dentry, name);
}
int security_inode_need_killpriv(struct dentry *dentry)
--
1.7.3.4
next prev parent reply other threads:[~2011-06-02 12:23 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-02 12:23 [PATCH v6 00/20] EVM Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 01/20] integrity: move ima inode integrity data management Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 02/20] xattr: define vfs_getxattr_alloc and vfs_xattr_cmp Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 03/20] evm: re-release Mimi Zohar
2011-06-02 22:38 ` Serge E. Hallyn
2011-06-02 12:23 ` [PATCH v6 04/20] evm: add support for different security.evm data types Mimi Zohar
2011-06-02 22:50 ` Serge E. Hallyn
2011-06-03 12:31 ` Mimi Zohar
2011-06-02 12:23 ` Mimi Zohar [this message]
2011-06-02 12:23 ` [PATCH v6 06/20] evm: evm_inode_post_removexattr Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 07/20] evm: imbed evm_inode_post_setattr Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 08/20] evm: evm_inode_post_init Mimi Zohar
2011-06-03 2:21 ` Dave Chinner
2011-06-03 5:06 ` Mimi Zohar
2011-06-04 23:50 ` Dave Chinner
2011-06-05 2:46 ` Mimi Zohar
2011-06-07 15:56 ` Casey Schaufler
2011-06-02 12:23 ` [PATCH v6 09/20] fs: add evm_inode_post_init calls Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 10/20] evm: crypto hash replaced by shash Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 11/20] evm: add evm_inode_post_init call in btrfs Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 12/20] evm: add evm_inode_post_init call in gfs2 Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 13/20] evm: add evm_inode_post_init call in jffs2 Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 14/20] evm: add evm_inode_post_init call in jfs Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 15/20] evm: add evm_inode_post_init call in xfs Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 16/20] evm: additional parameter to pass integrity cache entry 'iint' Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 17/20] evm: evm_verify_hmac must not return INTEGRITY_UNKNOWN Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 18/20] evm: replace hmac_status with evm_status Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 19/20] evm: permit only valid security.evm xattrs to be updated Mimi Zohar
2011-06-02 12:23 ` [PATCH v6 20/20] evm: add evm_inode_setattr to prevent updating an invalid security.evm Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1307017423-15093-6-git-send-email-zohar@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=akpm@linux-foundation.org \
--cc=dmitry.s.kasatkin@gmail.com \
--cc=greg@kroah.com \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).