integrity.h - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
integrity.h (9075B)
      1/* SPDX-License-Identifier: GPL-2.0-only */
      2/*
      3 * Copyright (C) 2009-2010 IBM Corporation
      4 *
      5 * Authors:
      6 * Mimi Zohar <zohar@us.ibm.com>
      7 */
      8
      9#ifdef pr_fmt
     10#undef pr_fmt
     11#endif
     12
     13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
     14
     15#include <linux/types.h>
     16#include <linux/integrity.h>
     17#include <crypto/sha1.h>
     18#include <crypto/hash.h>
     19#include <linux/key.h>
     20#include <linux/audit.h>
     21
     22/* iint action cache flags */
     23#define IMA_MEASURE		0x00000001
     24#define IMA_MEASURED		0x00000002
     25#define IMA_APPRAISE		0x00000004
     26#define IMA_APPRAISED		0x00000008
     27/*#define IMA_COLLECT		0x00000010  do not use this flag */
     28#define IMA_COLLECTED		0x00000020
     29#define IMA_AUDIT		0x00000040
     30#define IMA_AUDITED		0x00000080
     31#define IMA_HASH		0x00000100
     32#define IMA_HASHED		0x00000200
     33
     34/* iint policy rule cache flags */
     35#define IMA_NONACTION_FLAGS	0xff000000
     36#define IMA_DIGSIG_REQUIRED	0x01000000
     37#define IMA_PERMIT_DIRECTIO	0x02000000
     38#define IMA_NEW_FILE		0x04000000
     39#define EVM_IMMUTABLE_DIGSIG	0x08000000
     40#define IMA_FAIL_UNVERIFIABLE_SIGS	0x10000000
     41#define IMA_MODSIG_ALLOWED	0x20000000
     42#define IMA_CHECK_BLACKLIST	0x40000000
     43#define IMA_VERITY_REQUIRED	0x80000000
     44
     45#define IMA_DO_MASK		(IMA_MEASURE | IMA_APPRAISE | IMA_AUDIT | \
     46				 IMA_HASH | IMA_APPRAISE_SUBMASK)
     47#define IMA_DONE_MASK		(IMA_MEASURED | IMA_APPRAISED | IMA_AUDITED | \
     48				 IMA_HASHED | IMA_COLLECTED | \
     49				 IMA_APPRAISED_SUBMASK)
     50
     51/* iint subaction appraise cache flags */
     52#define IMA_FILE_APPRAISE	0x00001000
     53#define IMA_FILE_APPRAISED	0x00002000
     54#define IMA_MMAP_APPRAISE	0x00004000
     55#define IMA_MMAP_APPRAISED	0x00008000
     56#define IMA_BPRM_APPRAISE	0x00010000
     57#define IMA_BPRM_APPRAISED	0x00020000
     58#define IMA_READ_APPRAISE	0x00040000
     59#define IMA_READ_APPRAISED	0x00080000
     60#define IMA_CREDS_APPRAISE	0x00100000
     61#define IMA_CREDS_APPRAISED	0x00200000
     62#define IMA_APPRAISE_SUBMASK	(IMA_FILE_APPRAISE | IMA_MMAP_APPRAISE | \
     63				 IMA_BPRM_APPRAISE | IMA_READ_APPRAISE | \
     64				 IMA_CREDS_APPRAISE)
     65#define IMA_APPRAISED_SUBMASK	(IMA_FILE_APPRAISED | IMA_MMAP_APPRAISED | \
     66				 IMA_BPRM_APPRAISED | IMA_READ_APPRAISED | \
     67				 IMA_CREDS_APPRAISED)
     68
     69/* iint cache atomic_flags */
     70#define IMA_CHANGE_XATTR	0
     71#define IMA_UPDATE_XATTR	1
     72#define IMA_CHANGE_ATTR		2
     73#define IMA_DIGSIG		3
     74#define IMA_MUST_MEASURE	4
     75
     76enum evm_ima_xattr_type {
     77	IMA_XATTR_DIGEST = 0x01,
     78	EVM_XATTR_HMAC,
     79	EVM_IMA_XATTR_DIGSIG,
     80	IMA_XATTR_DIGEST_NG,
     81	EVM_XATTR_PORTABLE_DIGSIG,
     82	IMA_VERITY_DIGSIG,
     83	IMA_XATTR_LAST
     84};
     85
     86struct evm_ima_xattr_data {
     87	u8 type;
     88	u8 data[];
     89} __packed;
     90
     91/* Only used in the EVM HMAC code. */
     92struct evm_xattr {
     93	struct evm_ima_xattr_data data;
     94	u8 digest[SHA1_DIGEST_SIZE];
     95} __packed;
     96
     97#define IMA_MAX_DIGEST_SIZE	HASH_MAX_DIGESTSIZE
     98
     99struct ima_digest_data {
    100	u8 algo;
    101	u8 length;
    102	union {
    103		struct {
    104			u8 unused;
    105			u8 type;
    106		} sha1;
    107		struct {
    108			u8 type;
    109			u8 algo;
    110		} ng;
    111		u8 data[2];
    112	} xattr;
    113	u8 digest[];
    114} __packed;
    115
    116/*
    117 * Instead of wrapping the ima_digest_data struct inside a local structure
    118 * with the maximum hash size, define ima_max_digest_data struct.
    119 */
    120struct ima_max_digest_data {
    121	struct ima_digest_data hdr;
    122	u8 digest[HASH_MAX_DIGESTSIZE];
    123} __packed;
    124
    125/*
    126 * signature header format v2 - for using with asymmetric keys
    127 *
    128 * The signature_v2_hdr struct includes a signature format version
    129 * to simplify defining new signature formats.
    130 *
    131 * signature format:
    132 * version 2: regular file data hash based signature
    133 * version 3: struct ima_file_id data based signature
    134 */
    135struct signature_v2_hdr {
    136	uint8_t type;		/* xattr type */
    137	uint8_t version;	/* signature format version */
    138	uint8_t	hash_algo;	/* Digest algorithm [enum hash_algo] */
    139	__be32 keyid;		/* IMA key identifier - not X509/PGP specific */
    140	__be16 sig_size;	/* signature size */
    141	uint8_t sig[];		/* signature payload */
    142} __packed;
    143
    144/*
    145 * IMA signature version 3 disambiguates the data that is signed, by
    146 * indirectly signing the hash of the ima_file_id structure data,
    147 * containing either the fsverity_descriptor struct digest or, in the
    148 * future, the regular IMA file hash.
    149 *
    150 * (The hash of the ima_file_id structure is only of the portion used.)
    151 */
    152struct ima_file_id {
    153	__u8 hash_type;		/* xattr type [enum evm_ima_xattr_type] */
    154	__u8 hash_algorithm;	/* Digest algorithm [enum hash_algo] */
    155	__u8 hash[HASH_MAX_DIGESTSIZE];
    156} __packed;
    157
    158/* integrity data associated with an inode */
    159struct integrity_iint_cache {
    160	struct rb_node rb_node;	/* rooted in integrity_iint_tree */
    161	struct mutex mutex;	/* protects: version, flags, digest */
    162	struct inode *inode;	/* back pointer to inode in question */
    163	u64 version;		/* track inode changes */
    164	unsigned long flags;
    165	unsigned long measured_pcrs;
    166	unsigned long atomic_flags;
    167	enum integrity_status ima_file_status:4;
    168	enum integrity_status ima_mmap_status:4;
    169	enum integrity_status ima_bprm_status:4;
    170	enum integrity_status ima_read_status:4;
    171	enum integrity_status ima_creds_status:4;
    172	enum integrity_status evm_status:4;
    173	struct ima_digest_data *ima_hash;
    174};
    175
    176/* rbtree tree calls to lookup, insert, delete
    177 * integrity data associated with an inode.
    178 */
    179struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
    180
    181int integrity_kernel_read(struct file *file, loff_t offset,
    182			  void *addr, unsigned long count);
    183
    184#define INTEGRITY_KEYRING_EVM		0
    185#define INTEGRITY_KEYRING_IMA		1
    186#define INTEGRITY_KEYRING_PLATFORM	2
    187#define INTEGRITY_KEYRING_MACHINE	3
    188#define INTEGRITY_KEYRING_MAX		4
    189
    190extern struct dentry *integrity_dir;
    191
    192struct modsig;
    193
    194#ifdef CONFIG_INTEGRITY_SIGNATURE
    195
    196int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
    197			    const char *digest, int digestlen);
    198int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);
    199
    200int __init integrity_init_keyring(const unsigned int id);
    201int __init integrity_load_x509(const unsigned int id, const char *path);
    202int __init integrity_load_cert(const unsigned int id, const char *source,
    203			       const void *data, size_t len, key_perm_t perm);
    204#else
    205
    206static inline int integrity_digsig_verify(const unsigned int id,
    207					  const char *sig, int siglen,
    208					  const char *digest, int digestlen)
    209{
    210	return -EOPNOTSUPP;
    211}
    212
    213static inline int integrity_modsig_verify(unsigned int id,
    214					  const struct modsig *modsig)
    215{
    216	return -EOPNOTSUPP;
    217}
    218
    219static inline int integrity_init_keyring(const unsigned int id)
    220{
    221	return 0;
    222}
    223
    224static inline int __init integrity_load_cert(const unsigned int id,
    225					     const char *source,
    226					     const void *data, size_t len,
    227					     key_perm_t perm)
    228{
    229	return 0;
    230}
    231#endif /* CONFIG_INTEGRITY_SIGNATURE */
    232
    233#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
    234int asymmetric_verify(struct key *keyring, const char *sig,
    235		      int siglen, const char *data, int datalen);
    236#else
    237static inline int asymmetric_verify(struct key *keyring, const char *sig,
    238				    int siglen, const char *data, int datalen)
    239{
    240	return -EOPNOTSUPP;
    241}
    242#endif
    243
    244#ifdef CONFIG_IMA_APPRAISE_MODSIG
    245int ima_modsig_verify(struct key *keyring, const struct modsig *modsig);
    246#else
    247static inline int ima_modsig_verify(struct key *keyring,
    248				    const struct modsig *modsig)
    249{
    250	return -EOPNOTSUPP;
    251}
    252#endif
    253
    254#ifdef CONFIG_IMA_LOAD_X509
    255void __init ima_load_x509(void);
    256#else
    257static inline void ima_load_x509(void)
    258{
    259}
    260#endif
    261
    262#ifdef CONFIG_EVM_LOAD_X509
    263void __init evm_load_x509(void);
    264#else
    265static inline void evm_load_x509(void)
    266{
    267}
    268#endif
    269
    270#ifdef CONFIG_INTEGRITY_AUDIT
    271/* declarations */
    272void integrity_audit_msg(int audit_msgno, struct inode *inode,
    273			 const unsigned char *fname, const char *op,
    274			 const char *cause, int result, int info);
    275
    276void integrity_audit_message(int audit_msgno, struct inode *inode,
    277			     const unsigned char *fname, const char *op,
    278			     const char *cause, int result, int info,
    279			     int errno);
    280
    281static inline struct audit_buffer *
    282integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
    283{
    284	return audit_log_start(ctx, gfp_mask, type);
    285}
    286
    287#else
    288static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
    289				       const unsigned char *fname,
    290				       const char *op, const char *cause,
    291				       int result, int info)
    292{
    293}
    294
    295static inline void integrity_audit_message(int audit_msgno,
    296					   struct inode *inode,
    297					   const unsigned char *fname,
    298					   const char *op, const char *cause,
    299					   int result, int info, int errno)
    300{
    301}
    302
    303static inline struct audit_buffer *
    304integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
    305{
    306	return NULL;
    307}
    308
    309#endif
    310
    311#ifdef CONFIG_INTEGRITY_PLATFORM_KEYRING
    312void __init add_to_platform_keyring(const char *source, const void *data,
    313				    size_t len);
    314#else
    315static inline void __init add_to_platform_keyring(const char *source,
    316						  const void *data, size_t len)
    317{
    318}
    319#endif
    320
    321#ifdef CONFIG_INTEGRITY_MACHINE_KEYRING
    322void __init add_to_machine_keyring(const char *source, const void *data, size_t len);
    323bool __init trust_moklist(void);
    324#else
    325static inline void __init add_to_machine_keyring(const char *source,
    326						  const void *data, size_t len)
    327{
    328}
    329static inline bool __init trust_moklist(void)
    330{
    331	return false;
    332}
    333#endif