git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Tyler Hicks <tyhicks@linux.microsoft.com>
	Thu, 9 Jul 2020 06:19:04 +0000 (01:19 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 19 Aug 2020 06:23:55 +0000 (08:23 +0200)
commit	dcc7ac519503cb77627ef013151bb81509270c64
tree	a050f1caf679bfc75dc9f17f3e4e7215d90ad748	tree
parent	be16c9107e9076d923d290e2e9ff21a8577280b2	commit \| diff

ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond

[ Upstream commit db2045f5892a9db7354442bf77f9b03b50ff9ee1 ]

The KEXEC_CMDLINE hook function only supports the pcr conditional. Make
this clear at policy load so that IMA policy authors don't assume that
other conditionals are supported.

Since KEXEC_CMDLINE's inception, ima_match_rules() has always returned
true on any loaded KEXEC_CMDLINE rule without any consideration for
other conditionals present in the rule. Make it clear that pcr is the
only supported KEXEC_CMDLINE conditional by returning an error during
policy load.

An example of why this is a problem can be explained with the following
rule:

dont_measure func=KEXEC_CMDLINE obj_type=foo_t

An IMA policy author would have assumed that rule is valid because the
parser accepted it but the result was that measurements for all
KEXEC_CMDLINE operations would be disabled.

Fixes: b0935123a183 ("IMA: Define a new hook to measure the kexec boot command line arguments")
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>