[thirdparty/kernel/linux.git] / security / integrity / integrity.h

/* SPDX-License-Identifier: GPL-2.0-only */
/*
 * Copyright (C) 2009-2010 IBM Corporation
 *
 * Authors:
 * Mimi Zohar <zohar@us.ibm.com>
 */

#ifdef pr_fmt
#undef pr_fmt
#endif

#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt

#include <linux/types.h>
#include <linux/integrity.h>
#include <crypto/sha1.h>
#include <crypto/hash.h>
#include <linux/key.h>
#include <linux/audit.h>
#include <linux/lsm_hooks.h>

enum evm_ima_xattr_type {
	IMA_XATTR_DIGEST = 0x01,
	EVM_XATTR_HMAC,
	EVM_IMA_XATTR_DIGSIG,
	IMA_XATTR_DIGEST_NG,
	EVM_XATTR_PORTABLE_DIGSIG,
	IMA_VERITY_DIGSIG,
	IMA_XATTR_LAST
};

struct evm_ima_xattr_data {
	/* New members must be added within the __struct_group() macro below. */
	__struct_group(evm_ima_xattr_data_hdr, hdr, __packed,
		u8 type;
	);
	u8 data[];
} __packed;

/* Only used in the EVM HMAC code. */
struct evm_xattr {
	struct evm_ima_xattr_data_hdr data;
	u8 digest[SHA1_DIGEST_SIZE];
} __packed;

#define IMA_MAX_DIGEST_SIZE	HASH_MAX_DIGESTSIZE

struct ima_digest_data {
	/* New members must be added within the __struct_group() macro below. */
	__struct_group(ima_digest_data_hdr, hdr, __packed,
	u8 algo;
	u8 length;
	union {
		struct {
			u8 unused;
			u8 type;
		} sha1;
		struct {
			u8 type;
			u8 algo;
		} ng;
		u8 data[2];
	} xattr;
	);
	u8 digest[];
} __packed;

/*
 * Instead of wrapping the ima_digest_data struct inside a local structure
 * with the maximum hash size, define ima_max_digest_data struct.
 */
struct ima_max_digest_data {
	struct ima_digest_data_hdr hdr;
	u8 digest[HASH_MAX_DIGESTSIZE];
} __packed;

/*
 * signature header format v2 - for using with asymmetric keys
 *
 * The signature_v2_hdr struct includes a signature format version
 * to simplify defining new signature formats.
 *
 * signature format:
 * version 2: regular file data hash based signature
 * version 3: struct ima_file_id data based signature
 */
struct signature_v2_hdr {
	uint8_t type;		/* xattr type */
	uint8_t version;	/* signature format version */
	uint8_t	hash_algo;	/* Digest algorithm [enum hash_algo] */
	__be32 keyid;		/* IMA key identifier - not X509/PGP specific */
	__be16 sig_size;	/* signature size */
	uint8_t sig[];		/* signature payload */
} __packed;

/*
 * IMA signature version 3 disambiguates the data that is signed, by
 * indirectly signing the hash of the ima_file_id structure data,
 * containing either the fsverity_descriptor struct digest or, in the
 * future, the regular IMA file hash.
 *
 * (The hash of the ima_file_id structure is only of the portion used.)
 */
struct ima_file_id {
	__u8 hash_type;		/* xattr type [enum evm_ima_xattr_type] */
	__u8 hash_algorithm;	/* Digest algorithm [enum hash_algo] */
	__u8 hash[HASH_MAX_DIGESTSIZE];
} __packed;

int integrity_kernel_read(struct file *file, loff_t offset,
			  void *addr, unsigned long count);

#define INTEGRITY_KEYRING_EVM		0
#define INTEGRITY_KEYRING_IMA		1
#define INTEGRITY_KEYRING_PLATFORM	2
#define INTEGRITY_KEYRING_MACHINE	3
#define INTEGRITY_KEYRING_MAX		4

extern struct dentry *integrity_dir;

struct modsig;

#ifdef CONFIG_INTEGRITY_SIGNATURE

int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
			    const char *digest, int digestlen);
int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);

int __init integrity_init_keyring(const unsigned int id);
int __init integrity_load_x509(const unsigned int id, const char *path);
int __init integrity_load_cert(const unsigned int id, const char *source,
			       const void *data, size_t len, key_perm_t perm);
#else

static inline int integrity_digsig_verify(const unsigned int id,
					  const char *sig, int siglen,
					  const char *digest, int digestlen)
{
	return -EOPNOTSUPP;
}

static inline int integrity_modsig_verify(unsigned int id,
					  const struct modsig *modsig)
{
	return -EOPNOTSUPP;
}

static inline int integrity_init_keyring(const unsigned int id)
{
	return 0;
}

static inline int __init integrity_load_cert(const unsigned int id,
					     const char *source,
					     const void *data, size_t len,
					     key_perm_t perm)
{
	return 0;
}
#endif /* CONFIG_INTEGRITY_SIGNATURE */

#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
int asymmetric_verify(struct key *keyring, const char *sig,
		      int siglen, const char *data, int datalen);
#else
static inline int asymmetric_verify(struct key *keyring, const char *sig,
				    int siglen, const char *data, int datalen)
{
	return -EOPNOTSUPP;
}
#endif

#ifdef CONFIG_IMA_APPRAISE_MODSIG
int ima_modsig_verify(struct key *keyring, const struct modsig *modsig);
#else
static inline int ima_modsig_verify(struct key *keyring,
				    const struct modsig *modsig)
{
	return -EOPNOTSUPP;
}
#endif

#ifdef CONFIG_IMA_LOAD_X509
void __init ima_load_x509(void);
#else
static inline void ima_load_x509(void)
{
}
#endif

#ifdef CONFIG_EVM_LOAD_X509
void __init evm_load_x509(void);
#else
static inline void evm_load_x509(void)
{
}
#endif

#ifdef CONFIG_INTEGRITY_AUDIT
/* declarations */
void integrity_audit_msg(int audit_msgno, struct inode *inode,
			 const unsigned char *fname, const char *op,
			 const char *cause, int result, int info);

void integrity_audit_message(int audit_msgno, struct inode *inode,
			     const unsigned char *fname, const char *op,
			     const char *cause, int result, int info,
			     int errno);

static inline struct audit_buffer *
integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
{
	return audit_log_start(ctx, gfp_mask, type);
}

#else
static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
				       const unsigned char *fname,
				       const char *op, const char *cause,
				       int result, int info)
{
}

static inline void integrity_audit_message(int audit_msgno,
					   struct inode *inode,
					   const unsigned char *fname,
					   const char *op, const char *cause,
					   int result, int info, int errno)
{
}

static inline struct audit_buffer *
integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
{
	return NULL;
}

#endif

#ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
void __init add_to_platform_keyring(const char *source, const void *data,
				    size_t len);
#else
static inline void __init add_to_platform_keyring(const char *source,
						  const void *data, size_t len)
{
}
#endif

#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
void __init add_to_machine_keyring(const char *source, const void *data, size_t len);
bool __init imputed_trust_enabled(void);
#else
static inline void __init add_to_machine_keyring(const char *source,
						  const void *data, size_t len)
{
}

static inline bool __init imputed_trust_enabled(void)
{
	return false;
}
#endif
Commit	Line	Data
b886d83c	1	/* SPDX-License-Identifier: GPL-2.0-only */
f381c272 MZ	2	/*
	3	* Copyright (C) 2009-2010 IBM Corporation
	4	*
	5	* Authors:
	6	* Mimi Zohar <zohar@us.ibm.com>
f381c272 MZ	7	*/
f381c272 MZ	8
555d6d71 TS	9	#ifdef pr_fmt
	10	#undef pr_fmt
	11	#endif
	12
	13	#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
	14
f381c272 MZ	15	#include <linux/types.h>
f381c272 MZ	16	#include <linux/integrity.h>
a24d22b2	17	#include <crypto/sha1.h>
8c54135e	18	#include <crypto/hash.h>
e0751257	19	#include <linux/key.h>
2afd020a	20	#include <linux/audit.h>
cd3cec0a	21	#include <linux/lsm_hooks.h>
f381c272	22
6be5cc52 DK	23	enum evm_ima_xattr_type {
	24	IMA_XATTR_DIGEST = 0x01,
	25	EVM_XATTR_HMAC,
	26	EVM_IMA_XATTR_DIGSIG,
3ea7a560	27	IMA_XATTR_DIGEST_NG,
50b97748	28	EVM_XATTR_PORTABLE_DIGSIG,
398c42e2	29	IMA_VERITY_DIGSIG,
a48fda9d	30	IMA_XATTR_LAST
6be5cc52 DK	31	};
	32
	33	struct evm_ima_xattr_data {
38aa3f5a GS	34	/* New members must be added within the __struct_group() macro below. */
	35	__struct_group(evm_ima_xattr_data_hdr, hdr, __packed,
	36	u8 type;
	37	);
650b29db TJB	38	u8 data[];
	39	} __packed;
	40
	41	/* Only used in the EVM HMAC code. */
	42	struct evm_xattr {
38aa3f5a	43	struct evm_ima_xattr_data_hdr data;
6be5cc52	44	u8 digest[SHA1_DIGEST_SIZE];
c7c8bb23 DK	45	} __packed;
c7c8bb23 DK	46
398c42e2	47	#define IMA_MAX_DIGEST_SIZE HASH_MAX_DIGESTSIZE
c7c8bb23 DK	48
c7c8bb23 DK	49	struct ima_digest_data {
38aa3f5a GS	50	/* New members must be added within the __struct_group() macro below. */
38aa3f5a GS	51	__struct_group(ima_digest_data_hdr, hdr, __packed,
c7c8bb23 DK	52	u8 algo;
c7c8bb23 DK	53	u8 length;
3ea7a560 DK	54	union {
	55	struct {
	56	u8 unused;
	57	u8 type;
	58	} sha1;
	59	struct {
	60	u8 type;
	61	u8 algo;
	62	} ng;
	63	u8 data[2];
	64	} xattr;
38aa3f5a	65	);
eb492c62	66	u8 digest[];
c7c8bb23	67	} __packed;
6be5cc52	68
8c54135e MZ	69	/*
	70	* Instead of wrapping the ima_digest_data struct inside a local structure
	71	* with the maximum hash size, define ima_max_digest_data struct.
	72	*/
	73	struct ima_max_digest_data {
38aa3f5a	74	struct ima_digest_data_hdr hdr;
8c54135e MZ	75	u8 digest[HASH_MAX_DIGESTSIZE];
	76	} __packed;
	77
d3634d0f	78	/*
398c42e2 MZ	79	* signature header format v2 - for using with asymmetric keys
	80	*
	81	* The signature_v2_hdr struct includes a signature format version
	82	* to simplify defining new signature formats.
	83	*
	84	* signature format:
	85	* version 2: regular file data hash based signature
	86	* version 3: struct ima_file_id data based signature
d3634d0f DK	87	*/
d3634d0f DK	88	struct signature_v2_hdr {
b1aaab22	89	uint8_t type; /* xattr type */
d3634d0f	90	uint8_t version; /* signature format version */
4e8ae72a	91	uint8_t hash_algo; /* Digest algorithm [enum hash_algo] */
bb543e39 TJB	92	__be32 keyid; /* IMA key identifier - not X509/PGP specific */
bb543e39 TJB	93	__be16 sig_size; /* signature size */
eb492c62	94	uint8_t sig[]; /* signature payload */
d3634d0f DK	95	} __packed;
d3634d0f DK	96
398c42e2 MZ	97	/*
	98	* IMA signature version 3 disambiguates the data that is signed, by
	99	* indirectly signing the hash of the ima_file_id structure data,
	100	* containing either the fsverity_descriptor struct digest or, in the
	101	* future, the regular IMA file hash.
	102	*
	103	* (The hash of the ima_file_id structure is only of the portion used.)
	104	*/
	105	struct ima_file_id {
	106	__u8 hash_type; /* xattr type [enum evm_ima_xattr_type] */
	107	__u8 hash_algorithm; /* Digest algorithm [enum hash_algo] */
	108	__u8 hash[HASH_MAX_DIGESTSIZE];
	109	} __packed;
	110
e3c4abbf	111	int integrity_kernel_read(struct file *file, loff_t offset,
bb543e39 TJB	112	void *addr, unsigned long count);
bb543e39 TJB	113
8607c501	114	#define INTEGRITY_KEYRING_EVM 0
f4dc3778	115	#define INTEGRITY_KEYRING_IMA 1
c7f7e58f	116	#define INTEGRITY_KEYRING_PLATFORM 2
d1996776 ES	117	#define INTEGRITY_KEYRING_MACHINE 3
d1996776 ES	118	#define INTEGRITY_KEYRING_MAX 4
8607c501	119
0c343af8 MG	120	extern struct dentry *integrity_dir;
0c343af8 MG	121
39b07096 TJB	122	struct modsig;
39b07096 TJB	123
f1be242c	124	#ifdef CONFIG_INTEGRITY_SIGNATURE
8607c501 DK	125
8607c501 DK	126	int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
089bc8e9	127	const char *digest, int digestlen);
39b07096	128	int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);
8607c501	129
d16a8585	130	int __init integrity_init_keyring(const unsigned int id);
9d03a721	131	int __init integrity_load_x509(const unsigned int id, const char *path);
60740acc	132	int __init integrity_load_cert(const unsigned int id, const char *source,
028db3e2	133	const void *data, size_t len, key_perm_t perm);
8607c501 DK	134	#else
	135
	136	static inline int integrity_digsig_verify(const unsigned int id,
	137	const char *sig, int siglen,
	138	const char *digest, int digestlen)
	139	{
	140	return -EOPNOTSUPP;
	141	}
	142
39b07096 TJB	143	static inline int integrity_modsig_verify(unsigned int id,
	144	const struct modsig *modsig)
	145	{
	146	return -EOPNOTSUPP;
	147	}
	148
7d2ce232 MZ	149	static inline int integrity_init_keyring(const unsigned int id)
	150	{
	151	return 0;
	152	}
60740acc NJ	153
	154	static inline int __init integrity_load_cert(const unsigned int id,
	155	const char *source,
	156	const void *data, size_t len,
028db3e2	157	key_perm_t perm)
60740acc NJ	158	{
	159	return 0;
	160	}
f1be242c	161	#endif /* CONFIG_INTEGRITY_SIGNATURE */
8607c501	162
e0751257 DK	163	#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
	164	int asymmetric_verify(struct key keyring, const char sig,
	165	int siglen, const char *data, int datalen);
	166	#else
	167	static inline int asymmetric_verify(struct key keyring, const char sig,
	168	int siglen, const char *data, int datalen)
	169	{
	170	return -EOPNOTSUPP;
	171	}
	172	#endif
	173
39b07096 TJB	174	#ifdef CONFIG_IMA_APPRAISE_MODSIG
	175	int ima_modsig_verify(struct key keyring, const struct modsig modsig);
	176	#else
	177	static inline int ima_modsig_verify(struct key *keyring,
	178	const struct modsig *modsig)
	179	{
	180	return -EOPNOTSUPP;
	181	}
	182	#endif
	183
fd5f4e90 DK	184	#ifdef CONFIG_IMA_LOAD_X509
	185	void __init ima_load_x509(void);
	186	#else
	187	static inline void ima_load_x509(void)
	188	{
	189	}
	190	#endif
	191
2ce523eb DK	192	#ifdef CONFIG_EVM_LOAD_X509
	193	void __init evm_load_x509(void);
	194	#else
	195	static inline void evm_load_x509(void)
	196	{
	197	}
	198	#endif
	199
d726d8d7 MZ	200	#ifdef CONFIG_INTEGRITY_AUDIT
	201	/* declarations */
	202	void integrity_audit_msg(int audit_msgno, struct inode *inode,
	203	const unsigned char fname, const char op,
	204	const char *cause, int result, int info);
2afd020a	205
2f845882 LR	206	void integrity_audit_message(int audit_msgno, struct inode *inode,
	207	const unsigned char fname, const char op,
	208	const char *cause, int result, int info,
	209	int errno);
	210
2afd020a SB	211	static inline struct audit_buffer *
	212	integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
	213	{
	214	return audit_log_start(ctx, gfp_mask, type);
	215	}
	216
d726d8d7 MZ	217	#else
	218	static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
	219	const unsigned char *fname,
	220	const char op, const char cause,
	221	int result, int info)
	222	{
	223	}
2afd020a	224
2f845882 LR	225	static inline void integrity_audit_message(int audit_msgno,
	226	struct inode *inode,
	227	const unsigned char *fname,
	228	const char op, const char cause,
	229	int result, int info, int errno)
	230	{
	231	}
	232
2afd020a SB	233	static inline struct audit_buffer *
	234	integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
	235	{
	236	return NULL;
	237	}
	238
d726d8d7	239	#endif
60740acc NJ	240
	241	#ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
	242	void __init add_to_platform_keyring(const char source, const void data,
	243	size_t len);
	244	#else
	245	static inline void __init add_to_platform_keyring(const char *source,
	246	const void *data, size_t len)
	247	{
	248	}
	249	#endif
d1996776 ES	250
	251	#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
	252	void __init add_to_machine_keyring(const char source, const void data, size_t len);
4cb1ed94	253	bool __init imputed_trust_enabled(void);
d1996776 ES	254	#else
	255	static inline void __init add_to_machine_keyring(const char *source,
	256	const void *data, size_t len)
	257	{
	258	}
4cb1ed94 NJ	259
4cb1ed94 NJ	260	static inline bool __init imputed_trust_enabled(void)
3d6ae1a5 ES	261	{
	262	return false;
	263	}
d1996776	264	#endif