From: Roberto Sassu <roberto.sassu@huawei.com>
To: Shuah Khan <skhan@linuxfoundation.org>,
"zohar@linux.ibm.com" <zohar@linux.ibm.com>,
"shuah@kernel.org" <shuah@kernel.org>,
"ast@kernel.org" <ast@kernel.org>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"andrii@kernel.org" <andrii@kernel.org>,
"kpsingh@kernel.org" <kpsingh@kernel.org>,
"revest@chromium.org" <revest@chromium.org>
Cc: "linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file()
Date: Tue, 15 Feb 2022 16:20:17 +0000 [thread overview]
Message-ID: <509ea86d324445b59bedd4a93015d7c3@huawei.com> (raw)
In-Reply-To: <a06aaff2-2760-faff-db00-082543953bfe@linuxfoundation.org>
> From: Shuah Khan [mailto:skhan@linuxfoundation.org]
> Sent: Tuesday, February 15, 2022 5:11 PM
> On 2/15/22 5:40 AM, Roberto Sassu wrote:
> > Test the ability of bpf_lsm_kernel_read_file() to call the sleepable
> > functions bpf_ima_inode_hash() or bpf_ima_file_hash() to obtain a
> > measurement of a loaded IMA policy.
> >
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > ---
> > tools/testing/selftests/bpf/ima_setup.sh | 2 ++
> > .../selftests/bpf/prog_tests/test_ima.c | 3 +-
> > tools/testing/selftests/bpf/progs/ima.c | 28 ++++++++++++++++---
> > 3 files changed, 28 insertions(+), 5 deletions(-)
> >
> > diff --git a/tools/testing/selftests/bpf/ima_setup.sh
> b/tools/testing/selftests/bpf/ima_setup.sh
> > index 8e62581113a3..82530f19f85a 100755
> > --- a/tools/testing/selftests/bpf/ima_setup.sh
> > +++ b/tools/testing/selftests/bpf/ima_setup.sh
> > @@ -51,6 +51,7 @@ setup()
> >
> > ensure_mount_securityfs
> > echo "measure func=BPRM_CHECK fsuuid=${mount_uuid}" >
> ${IMA_POLICY_FILE}
> > + echo "measure func=BPRM_CHECK fsuuid=${mount_uuid}" >
> ${mount_dir}/policy_test
> > }
> >
> > cleanup() {
> > @@ -74,6 +75,7 @@ run()
> > local mount_dir="${tmp_dir}/mnt"
> > local copied_bin_path="${mount_dir}/$(basename ${TEST_BINARY})"
> >
> > + echo ${mount_dir}/policy_test > ${IMA_POLICY_FILE}
> > exec "${copied_bin_path}"
> > }
> >
> > diff --git a/tools/testing/selftests/bpf/prog_tests/test_ima.c
> b/tools/testing/selftests/bpf/prog_tests/test_ima.c
> > index 62bf0e830453..c4a62d7b70df 100644
> > --- a/tools/testing/selftests/bpf/prog_tests/test_ima.c
> > +++ b/tools/testing/selftests/bpf/prog_tests/test_ima.c
> > @@ -97,8 +97,9 @@ void test_test_ima(void)
> > /*
> > * 1 sample with use_ima_file_hash = false
> > * 2 samples with use_ima_file_hash = true (./ima_setup.sh, /bin/true)
> > + * 1 sample with use_ima_file_hash = true (IMA policy)
> > */
> > - ASSERT_EQ(err, 3, "num_samples_or_err");
> > + ASSERT_EQ(err, 4, "num_samples_or_err");
> > ASSERT_NEQ(ima_hash_from_bpf, 0, "ima_hash");
> >
> > close_clean:
> > diff --git a/tools/testing/selftests/bpf/progs/ima.c
> b/tools/testing/selftests/bpf/progs/ima.c
> > index 9bb63f96cfc0..9b4c03f30a1c 100644
> > --- a/tools/testing/selftests/bpf/progs/ima.c
> > +++ b/tools/testing/selftests/bpf/progs/ima.c
> > @@ -20,8 +20,7 @@ char _license[] SEC("license") = "GPL";
> >
> > bool use_ima_file_hash;
> >
> > -SEC("lsm.s/bprm_committed_creds")
> > -void BPF_PROG(ima, struct linux_binprm *bprm)
> > +static void ima_test_common(struct file *file)
> > {
> > u64 ima_hash = 0;
> > u64 *sample;
> > @@ -31,10 +30,10 @@ void BPF_PROG(ima, struct linux_binprm *bprm)
> > pid = bpf_get_current_pid_tgid() >> 32;
> > if (pid == monitored_pid) {
> > if (!use_ima_file_hash)
> > - ret = bpf_ima_inode_hash(bprm->file->f_inode,
> &ima_hash,
> > + ret = bpf_ima_inode_hash(file->f_inode, &ima_hash,
> > sizeof(ima_hash));
> > else
> > - ret = bpf_ima_file_hash(bprm->file, &ima_hash,
> > + ret = bpf_ima_file_hash(file, &ima_hash,
> > sizeof(ima_hash));
> > if (ret < 0 || ima_hash == 0)
>
> Is this considered an error? Does it make sense for this test to be
> void type and not return the error to its callers? One of the callers
> below seems to care for return values.
The user space side of the test (test_ima.c) seems to check the
number of samples obtained from the ring buffer. A failure here
would result in the sample not being sent to that component.
Another test, as you suggest, could be to ensure that the
kernel_read_file hook is able to deny operations. I would check
this in a separate test.
Thanks
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua
> > return;
> > @@ -49,3 +48,24 @@ void BPF_PROG(ima, struct linux_binprm *bprm)
> >
> > return;
> > }
> > +
> > +SEC("lsm.s/bprm_committed_creds")
> > +void BPF_PROG(ima, struct linux_binprm *bprm)
> > +{
> > + ima_test_common(bprm->file);
> > +}
> > +
> > +SEC("lsm.s/kernel_read_file")
> > +int BPF_PROG(kernel_read_file, struct file *file, enum kernel_read_file_id id,
> > + bool contents)
> > +{
> > + if (!contents)
> > + return 0;
> > +
> > + if (id != READING_POLICY)
> > + return 0;
> > +
> > + ima_test_common(file);
>
> This one here.
>
> > +
> > + return 0;
> > +}
> >
>
> thanks,
> -- Shuah
next prev parent reply other threads:[~2022-02-15 16:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-15 12:40 [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 1/6] ima: Fix documentation-related warnings in ima_main.c Roberto Sassu
2022-02-15 15:46 ` Shuah Khan
2022-02-15 15:58 ` Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 2/6] ima: Always return a file measurement in ima_file_hash() Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 3/6] bpf-lsm: Introduce new helper bpf_ima_file_hash() Roberto Sassu
2022-02-15 17:02 ` Yonghong Song
2022-02-15 17:04 ` Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 4/6] selftests/bpf: Add test for bpf_ima_file_hash() Roberto Sassu
2022-02-15 16:00 ` Shuah Khan
2022-02-15 12:40 ` [PATCH v2 5/6] bpf-lsm: Make bpf_lsm_kernel_read_file() as sleepable Roberto Sassu
2022-02-15 12:40 ` [PATCH v2 6/6] selftests/bpf: Add test for bpf_lsm_kernel_read_file() Roberto Sassu
2022-02-15 16:11 ` Shuah Khan
2022-02-15 16:20 ` Roberto Sassu [this message]
2022-02-18 15:01 ` [PATCH v2 0/6] bpf-lsm: Extend interoperability with IMA Roberto Sassu
2022-02-25 0:22 ` Mimi Zohar
2022-02-25 8:41 ` Roberto Sassu
2022-02-25 19:11 ` Mimi Zohar
2022-02-26 8:07 ` Greg Kroah-Hartman
2022-02-27 17:46 ` Mimi Zohar
2022-02-28 9:07 ` Roberto Sassu
2022-02-28 9:12 ` Roberto Sassu
2022-02-28 10:43 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=509ea86d324445b59bedd4a93015d7c3@huawei.com \
--to=roberto.sassu@huawei.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kpsingh@kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=revest@chromium.org \
--cc=shuah@kernel.org \
--cc=skhan@linuxfoundation.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).