1 /*
2 * Copyright (C) 2005,2006,2007,2008 IBM Corporation
3 *
4 * Authors:
5 * Kylene Hall <kjhall@us.ibm.com>
6 * Reiner Sailer <sailer@us.ibm.com>
7 * Mimi Zohar <zohar@us.ibm.com>
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License as
11 * published by the Free Software Foundation, version 2 of the
12 * License.
13 *
14 * File: ima_fs.c
15 * implemenents security file system for reporting
16 * current measurement list and IMA statistics
17 */
18 #include <linux/fcntl.h>
19 #include <linux/module.h>
20 #include <linux/seq_file.h>
21 #include <linux/rculist.h>
22 #include <linux/rcupdate.h>
23 #include <linux/parser.h>
24
25 #include "ima.h"
26
27 static int valid_policy = 1;
28 #define TMPBUFLEN 12
29 static ssize_t ima_show_htable_value(char __user *buf, size_t count,
30 loff_t *ppos, atomic_long_t *val)
31 {
32 char tmpbuf[TMPBUFLEN];
33 ssize_t len;
34
35 len = scnprintf(tmpbuf, TMPBUFLEN, "%li\n", atomic_long_read(val));
36 return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);
37 }
38
39 static ssize_t ima_show_htable_violations(struct file *filp,
40 char __user *buf,
41 size_t count, loff_t *ppos)
42 {
43 return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);
44 }
45
46 static struct file_operations ima_htable_violations_ops = {
47 .read = ima_show_htable_violations
48 };
49
50 static ssize_t ima_show_measurements_count(struct file *filp,
51 char __user *buf,
52 size_t count, loff_t *ppos)
53 {
54 return ima_show_htable_value(buf, count, ppos, &ima_htable.len);
55
56 }
57
58 static struct file_operations ima_measurements_count_ops = {
59 .read = ima_show_measurements_count
60 };
61
62 /* returns pointer to hlist_node */
63 static void *ima_measurements_start(struct seq_file *m, loff_t *pos)
64 {
65 loff_t l = *pos;
66 struct ima_queue_entry *qe;
67
68 /* we need a lock since pos could point beyond last element */
69 rcu_read_lock();
70 list_for_each_entry_rcu(qe, &ima_measurements, later) {
71 if (!l--) {
72 rcu_read_unlock();
73 return qe;
74 }
75 }
76 rcu_read_unlock();
77 return NULL;
78 }
79
80 static void *ima_measurements_next(struct seq_file *m, void *v, loff_t *pos)
81 {
82 struct ima_queue_entry *qe = v;
83
84 /* lock protects when reading beyond last element
85 * against concurrent list-extension
86 */
87 rcu_read_lock();
88 qe = list_entry_rcu(qe->later.next,
89 struct ima_queue_entry, later);
90 rcu_read_unlock();
91 (*pos)++;
92
93 return (&qe->later == &ima_measurements) ? NULL : qe;
94 }
95
96 static void ima_measurements_stop(struct seq_file *m, void *v)
97 {
98 }
99
100 static void ima_putc(struct seq_file *m, void *data, int datalen)
101 {
102 while (datalen--)
103 seq_putc(m, *(char *)data++);
104 }
105
106 /* print format:
107 * 32bit-le=pcr#
108 * char[20]=template digest
109 * 32bit-le=template name size
110 * char[n]=template name
111 * eventdata[n]=template specific data
112 */
113 static int ima_measurements_show(struct seq_file *m, void *v)
114 {
115 /* the list never shrinks, so we don't need a lock here */
116 struct ima_queue_entry *qe = v;
117 struct ima_template_entry *e;
118 int namelen;
119 u32 pcr = CONFIG_IMA_MEASURE_PCR_IDX;
120
121 /* get entry */
122 e = qe->entry;
123 if (e == NULL)
124 return -1;
125
126 /*
127 * 1st: PCRIndex
128 * PCR used is always the same (config option) in
129 * little-endian format
130 */
131 ima_putc(m, &pcr, sizeof pcr);
132
133 /* 2nd: template digest */
134 ima_putc(m, e->digest, IMA_DIGEST_SIZE);
135
136 /* 3rd: template name size */
137 namelen = strlen(e->template_name);
138 ima_putc(m, &namelen, sizeof namelen);
139
140 /* 4th: template name */
141 ima_putc(m, (void *)e->template_name, namelen);
142
143 /* 5th: template specific data */
144 ima_template_show(m, (struct ima_template_data *)&e->template,
145 IMA_SHOW_BINARY);
146 return 0;
147 }
148
149 static struct seq_operations ima_measurments_seqops = {
150 .start = ima_measurements_start,
151 .next = ima_measurements_next,
152 .stop = ima_measurements_stop,
153 .show = ima_measurements_show
154 };
155
156 static int ima_measurements_open(struct inode *inode, struct file *file)
157 {
158 return seq_open(file, &ima_measurments_seqops);
159 }
160
161 static struct file_operations ima_measurements_ops = {
162 .open = ima_measurements_open,
163 .read = seq_read,
164 .llseek = seq_lseek,
165 .release = seq_release,
166 };
167
168 static void ima_print_digest(struct seq_file *m, u8 *digest)
169 {
170 int i;
171
172 for (i = 0; i < IMA_DIGEST_SIZE; i++)
173 seq_printf(m, "%02x", *(digest + i));
174 }
175
176 void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show)
177 {
178 struct ima_template_data *entry = e;
179 int namelen;
180
181 switch (show) {
182 case IMA_SHOW_ASCII:
183 ima_print_digest(m, entry->digest);
184 seq_printf(m, " %s\n", entry->file_name);
185 break;
186 case IMA_SHOW_BINARY:
187 ima_putc(m, entry->digest, IMA_DIGEST_SIZE);
188
189 namelen = strlen(entry->file_name);
190 ima_putc(m, &namelen, sizeof namelen);
191 ima_putc(m, entry->file_name, namelen);
192 default:
193 break;
194 }
195 }
196
197 /* print in ascii */
198 static int ima_ascii_measurements_show(struct seq_file *m, void *v)
199 {
200 /* the list never shrinks, so we don't need a lock here */
201 struct ima_queue_entry *qe = v;
202 struct ima_template_entry *e;
203
204 /* get entry */
205 e = qe->entry;
206 if (e == NULL)
207 return -1;
208
209 /* 1st: PCR used (config option) */
210 seq_printf(m, "%2d ", CONFIG_IMA_MEASURE_PCR_IDX);
211
212 /* 2nd: SHA1 template hash */
213 ima_print_digest(m, e->digest);
214
215 /* 3th: template name */
216 seq_printf(m, " %s ", e->template_name);
217
218 /* 4th: template specific data */
219 ima_template_show(m, (struct ima_template_data *)&e->template,
220 IMA_SHOW_ASCII);
221 return 0;
222 }
223
224 static struct seq_operations ima_ascii_measurements_seqops = {
225 .start = ima_measurements_start,
226 .next = ima_measurements_next,
227 .stop = ima_measurements_stop,
228 .show = ima_ascii_measurements_show
229 };
230
231 static int ima_ascii_measurements_open(struct inode *inode, struct file *file)
232 {
233 return seq_open(file, &ima_ascii_measurements_seqops);
234 }
235
236 static struct file_operations ima_ascii_measurements_ops = {
237 .open = ima_ascii_measurements_open,
238 .read = seq_read,
239 .llseek = seq_lseek,
240 .release = seq_release,
241 };
242
243 static ssize_t ima_write_policy(struct file *file, const char __user *buf,
244 size_t datalen, loff_t *ppos)
245 {
246 char *data;
247 int rc;
248
249 if (datalen >= PAGE_SIZE)
250 return -ENOMEM;
251 if (*ppos != 0) {
252 /* No partial writes. */
253 return -EINVAL;
254 }
255 data = kmalloc(datalen + 1, GFP_KERNEL);
256 if (!data)
257 return -ENOMEM;
258
259 if (copy_from_user(data, buf, datalen)) {
260 kfree(data);
261 return -EFAULT;
262 }
263 *(data + datalen) = '\0';
264 rc = ima_parse_add_rule(data);
265 if (rc < 0) {
266 datalen = -EINVAL;
267 valid_policy = 0;
268 }
269
270 kfree(data);
271 return datalen;
272 }
273
274 static struct dentry *ima_dir;
275 static struct dentry *binary_runtime_measurements;
276 static struct dentry *ascii_runtime_measurements;
277 static struct dentry *runtime_measurements_count;
278 static struct dentry *violations;
279 static struct dentry *ima_policy;
280
281 static atomic_t policy_opencount = ATOMIC_INIT(1);
282 /*
283 * ima_open_policy: sequentialize access to the policy file
284 */
285 int ima_open_policy(struct inode * inode, struct file * filp)
286 {
287 /* No point in being allowed to open it if you aren't going to write */
288 if (!(filp->f_flags & O_WRONLY))
289 return -EACCES;
290 if (atomic_dec_and_test(&policy_opencount))
291 return 0;
292 return -EBUSY;
293 }
294
295 /*
296 * ima_release_policy - start using the new measure policy rules.
297 *
298 * Initially, ima_measure points to the default policy rules, now
299 * point to the new policy rules, and remove the securityfs policy file,
300 * assuming a valid policy.
301 */
302 static int ima_release_policy(struct inode *inode, struct file *file)
303 {
304 if (!valid_policy) {
305 ima_delete_rules();
306 valid_policy = 1;
307 atomic_set(&policy_opencount, 1);
308 return 0;
309 }
310 ima_update_policy();
311 securityfs_remove(ima_policy);
312 ima_policy = NULL;
313 return 0;
314 }
315
316 static struct file_operations ima_measure_policy_ops = {
317 .open = ima_open_policy,
318 .write = ima_write_policy,
319 .release = ima_release_policy
320 };
321
322 int __init ima_fs_init(void)
323 {
324 ima_dir = securityfs_create_dir("ima", NULL);
325 if (IS_ERR(ima_dir))
326 return -1;
327
328 binary_runtime_measurements =
329 securityfs_create_file("binary_runtime_measurements",
330 S_IRUSR | S_IRGRP, ima_dir, NULL,
331 &ima_measurements_ops);
332 if (IS_ERR(binary_runtime_measurements))
333 goto out;
334
335 ascii_runtime_measurements =
336 securityfs_create_file("ascii_runtime_measurements",
337 S_IRUSR | S_IRGRP, ima_dir, NULL,
338 &ima_ascii_measurements_ops);
339 if (IS_ERR(ascii_runtime_measurements))
340 goto out;
341
342 runtime_measurements_count =
343 securityfs_create_file("runtime_measurements_count",
344 S_IRUSR | S_IRGRP, ima_dir, NULL,
345 &ima_measurements_count_ops);
346 if (IS_ERR(runtime_measurements_count))
347 goto out;
348
349 violations =
350 securityfs_create_file("violations", S_IRUSR | S_IRGRP,
351 ima_dir, NULL, &ima_htable_violations_ops);
352 if (IS_ERR(violations))
353 goto out;
354
355 ima_policy = securityfs_create_file("policy",
356 S_IWUSR,
357 ima_dir, NULL,
358 &ima_measure_policy_ops);
359 if (IS_ERR(ima_policy))
360 goto out;
361
362 return 0;
363 out:
364 securityfs_remove(runtime_measurements_count);
365 securityfs_remove(ascii_runtime_measurements);
366 securityfs_remove(binary_runtime_measurements);
367 securityfs_remove(ima_dir);
368 securityfs_remove(ima_policy);
369 return -1;
370 }
371
372 void __exit ima_fs_cleanup(void)
373 {
374 securityfs_remove(violations);
375 securityfs_remove(runtime_measurements_count);
376 securityfs_remove(ascii_runtime_measurements);
377 securityfs_remove(binary_runtime_measurements);
378 securityfs_remove(ima_dir);
379 securityfs_remove(ima_policy);
380 }
381
|
This page was automatically generated by the
LXR engine.
|