]> git.ipfire.org Git - thirdparty/linux.git/blob - security/integrity/evm/evm_secfs.c
projects / thirdparty / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
io_uring: reset -EBUSY error when io sq thread is waken up
[thirdparty/linux.git] / security / integrity / evm / evm_secfs.c
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2010 IBM Corporation
4 *
5 * Authors:
6 * Mimi Zohar <zohar@us.ibm.com>
7 *
8 * File: evm_secfs.c
9 * - Used to signal when key is on keyring
10 * - Get the key and enable EVM
11 */
12
13 #include <linux/audit.h>
14 #include <linux/uaccess.h>
15 #include <linux/init.h>
16 #include <linux/mutex.h>
17 #include "evm.h"
18
19 static struct dentry *evm_dir;
20 static struct dentry *evm_init_tpm;
21 static struct dentry *evm_symlink;
22
23 #ifdef CONFIG_EVM_ADD_XATTRS
24 static struct dentry *evm_xattrs;
25 static DEFINE_MUTEX(xattr_list_mutex);
26 static int evm_xattrs_locked;
27 #endif
28
29 /**
30 * evm_read_key - read() for <securityfs>/evm
31 *
32 * @filp: file pointer, not actually used
33 * @buf: where to put the result
34 * @count: maximum to send along
35 * @ppos: where to start
36 *
37 * Returns number of bytes read or error code, as appropriate
38 */
39 static ssize_t evm_read_key(struct file *filp, char __user *buf,
40 size_t count, loff_t *ppos)
41 {
42 char temp[80];
43 ssize_t rc;
44
45 if (*ppos != 0)
46 return 0;
47
48 sprintf(temp, "%d", (evm_initialized & ~EVM_SETUP_COMPLETE));
49 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
50
51 return rc;
52 }
53
54 /**
55 * evm_write_key - write() for <securityfs>/evm
56 * @file: file pointer, not actually used
57 * @buf: where to get the data from
58 * @count: bytes sent
59 * @ppos: where to start
60 *
61 * Used to signal that key is on the kernel key ring.
62 * - get the integrity hmac key from the kernel key ring
63 * - create list of hmac protected extended attributes
64 * Returns number of bytes written or error code, as appropriate
65 */
66 static ssize_t evm_write_key(struct file *file, const char __user *buf,
67 size_t count, loff_t *ppos)
68 {
69 int i, ret;
70
71 if (!capable(CAP_SYS_ADMIN) || (evm_initialized & EVM_SETUP_COMPLETE))
72 return -EPERM;
73
74 ret = kstrtoint_from_user(buf, count, 0, &i);
75
76 if (ret)
77 return ret;
78
79 /* Reject invalid values */
80 if (!i || (i & ~EVM_INIT_MASK) != 0)
81 return -EINVAL;
82
83 /* Don't allow a request to freshly enable metadata writes if
84 * keys are loaded.
85 */
86 if ((i & EVM_ALLOW_METADATA_WRITES) &&
87 ((evm_initialized & EVM_KEY_MASK) != 0) &&
88 !(evm_initialized & EVM_ALLOW_METADATA_WRITES))
89 return -EPERM;
90
91 if (i & EVM_INIT_HMAC) {
92 ret = evm_init_key();
93 if (ret != 0)
94 return ret;
95 /* Forbid further writes after the symmetric key is loaded */
96 i |= EVM_SETUP_COMPLETE;
97 }
98
99 evm_initialized |= i;
100
101 /* Don't allow protected metadata modification if a symmetric key
102 * is loaded
103 */
104 if (evm_initialized & EVM_INIT_HMAC)
105 evm_initialized &= ~(EVM_ALLOW_METADATA_WRITES);
106
107 return count;
108 }
109
110 static const struct file_operations evm_key_ops = {
111 .read = evm_read_key,
112 .write = evm_write_key,
113 };
114
115 #ifdef CONFIG_EVM_ADD_XATTRS
116 /**
117 * evm_read_xattrs - read() for <securityfs>/evm_xattrs
118 *
119 * @filp: file pointer, not actually used
120 * @buf: where to put the result
121 * @count: maximum to send along
122 * @ppos: where to start
123 *
124 * Returns number of bytes read or error code, as appropriate
125 */
126 static ssize_t evm_read_xattrs(struct file *filp, char __user *buf,
127 size_t count, loff_t *ppos)
128 {
129 char *temp;
130 int offset = 0;
131 ssize_t rc, size = 0;
132 struct xattr_list *xattr;
133
134 if (*ppos != 0)
135 return 0;
136
137 rc = mutex_lock_interruptible(&xattr_list_mutex);
138 if (rc)
139 return -ERESTARTSYS;
140
141 list_for_each_entry(xattr, &evm_config_xattrnames, list)
142 size += strlen(xattr->name) + 1;
143
144 temp = kmalloc(size + 1, GFP_KERNEL);
145 if (!temp) {
146 mutex_unlock(&xattr_list_mutex);
147 return -ENOMEM;
148 }
149
150 list_for_each_entry(xattr, &evm_config_xattrnames, list) {
151 sprintf(temp + offset, "%s\n", xattr->name);
152 offset += strlen(xattr->name) + 1;
153 }
154
155 mutex_unlock(&xattr_list_mutex);
156 rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
157
158 kfree(temp);
159
160 return rc;
161 }
162
163 /**
164 * evm_write_xattrs - write() for <securityfs>/evm_xattrs
165 * @file: file pointer, not actually used
166 * @buf: where to get the data from
167 * @count: bytes sent
168 * @ppos: where to start
169 *
170 * Returns number of bytes written or error code, as appropriate
171 */
172 static ssize_t evm_write_xattrs(struct file *file, const char __user *buf,
173 size_t count, loff_t *ppos)
174 {
175 int len, err;
176 struct xattr_list *xattr, *tmp;
177 struct audit_buffer *ab;
178 struct iattr newattrs;
179 struct inode *inode;
180
181 if (!capable(CAP_SYS_ADMIN) || evm_xattrs_locked)
182 return -EPERM;
183
184 if (*ppos != 0)
185 return -EINVAL;
186
187 if (count > XATTR_NAME_MAX)
188 return -E2BIG;
189
190 ab = audit_log_start(audit_context(), GFP_KERNEL,
191 AUDIT_INTEGRITY_EVM_XATTR);
192 if (!ab)
193 return -ENOMEM;
194
195 xattr = kmalloc(sizeof(struct xattr_list), GFP_KERNEL);
196 if (!xattr) {
197 err = -ENOMEM;
198 goto out;
199 }
200
201 xattr->name = memdup_user_nul(buf, count);
202 if (IS_ERR(xattr->name)) {
203 err = PTR_ERR(xattr->name);
204 xattr->name = NULL;
205 goto out;
206 }
207
208 /* Remove any trailing newline */
209 len = strlen(xattr->name);
210 if (len && xattr->name[len-1] == '\n')
211 xattr->name[len-1] = '\0';
212
213 audit_log_format(ab, "xattr=");
214 audit_log_untrustedstring(ab, xattr->name);
215
216 if (strcmp(xattr->name, ".") == 0) {
217 evm_xattrs_locked = 1;
218 newattrs.ia_mode = S_IFREG | 0440;
219 newattrs.ia_valid = ATTR_MODE;
220 inode = evm_xattrs->d_inode;
221 inode_lock(inode);
222 err = simple_setattr(evm_xattrs, &newattrs);
223 inode_unlock(inode);
224 if (!err)
225 err = count;
226 goto out;
227 }
228
229 if (strncmp(xattr->name, XATTR_SECURITY_PREFIX,
230 XATTR_SECURITY_PREFIX_LEN) != 0) {
231 err = -EINVAL;
232 goto out;
233 }
234
235 /* Guard against races in evm_read_xattrs */
236 mutex_lock(&xattr_list_mutex);
237 list_for_each_entry(tmp, &evm_config_xattrnames, list) {
238 if (strcmp(xattr->name, tmp->name) == 0) {
239 err = -EEXIST;
240 mutex_unlock(&xattr_list_mutex);
241 goto out;
242 }
243 }
244 list_add_tail_rcu(&xattr->list, &evm_config_xattrnames);
245 mutex_unlock(&xattr_list_mutex);
246
247 audit_log_format(ab, " res=0");
248 audit_log_end(ab);
249 return count;
250 out:
251 audit_log_format(ab, " res=%d", err);
252 audit_log_end(ab);
253 if (xattr) {
254 kfree(xattr->name);
255 kfree(xattr);
256 }
257 return err;
258 }
259
260 static const struct file_operations evm_xattr_ops = {
261 .read = evm_read_xattrs,
262 .write = evm_write_xattrs,
263 };
264
265 static int evm_init_xattrs(void)
266 {
267 evm_xattrs = securityfs_create_file("evm_xattrs", 0660, evm_dir, NULL,
268 &evm_xattr_ops);
269 if (!evm_xattrs || IS_ERR(evm_xattrs))
270 return -EFAULT;
271
272 return 0;
273 }
274 #else
275 static int evm_init_xattrs(void)
276 {
277 return 0;
278 }
279 #endif
280
281 int __init evm_init_secfs(void)
282 {
283 int error = 0;
284
285 evm_dir = securityfs_create_dir("evm", integrity_dir);
286 if (!evm_dir || IS_ERR(evm_dir))
287 return -EFAULT;
288
289 evm_init_tpm = securityfs_create_file("evm", 0660,
290 evm_dir, NULL, &evm_key_ops);
291 if (!evm_init_tpm || IS_ERR(evm_init_tpm)) {
292 error = -EFAULT;
293 goto out;
294 }
295
296 evm_symlink = securityfs_create_symlink("evm", NULL,
297 "integrity/evm/evm", NULL);
298 if (!evm_symlink || IS_ERR(evm_symlink)) {
299 error = -EFAULT;
300 goto out;
301 }
302
303 if (evm_init_xattrs() != 0) {
304 error = -EFAULT;
305 goto out;
306 }
307
308 return 0;
309 out:
310 securityfs_remove(evm_symlink);
311 securityfs_remove(evm_init_tpm);
312 securityfs_remove(evm_dir);
313 return error;
314 }
A mirror of Linus' kernel repository