security/integrity/evm/evm_crypto.c at v5.0-rc8

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / security / integrity / evm / evm_crypto.c
at v5.0-rc8 375 lines 9.6 kB view raw
wrap content
  1/*
  2 * Copyright (C) 2005-2010 IBM Corporation
  3 *
  4 * Authors:
  5 * Mimi Zohar <zohar@us.ibm.com>
  6 * Kylene Hall <kjhall@us.ibm.com>
  7 *
  8 * This program is free software; you can redistribute it and/or modify
  9 * it under the terms of the GNU General Public License as published by
 10 * the Free Software Foundation, version 2 of the License.
 11 *
 12 * File: evm_crypto.c
 13 *	 Using root's kernel master key (kmk), calculate the HMAC
 14 */
 15
 16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
 17
 18#include <linux/export.h>
 19#include <linux/crypto.h>
 20#include <linux/xattr.h>
 21#include <linux/evm.h>
 22#include <keys/encrypted-type.h>
 23#include <crypto/hash.h>
 24#include <crypto/hash_info.h>
 25#include "evm.h"
 26
 27#define EVMKEY "evm-key"
 28#define MAX_KEY_SIZE 128
 29static unsigned char evmkey[MAX_KEY_SIZE];
 30static const int evmkey_len = MAX_KEY_SIZE;
 31
 32struct crypto_shash *hmac_tfm;
 33static struct crypto_shash *evm_tfm[HASH_ALGO__LAST];
 34
 35static DEFINE_MUTEX(mutex);
 36
 37#define EVM_SET_KEY_BUSY 0
 38
 39static unsigned long evm_set_key_flags;
 40
 41static const char evm_hmac[] = "hmac(sha1)";
 42
 43/**
 44 * evm_set_key() - set EVM HMAC key from the kernel
 45 * @key: pointer to a buffer with the key data
 46 * @size: length of the key data
 47 *
 48 * This function allows setting the EVM HMAC key from the kernel
 49 * without using the "encrypted" key subsystem keys. It can be used
 50 * by the crypto HW kernel module which has its own way of managing
 51 * keys.
 52 *
 53 * key length should be between 32 and 128 bytes long
 54 */
 55int evm_set_key(void *key, size_t keylen)
 56{
 57	int rc;
 58
 59	rc = -EBUSY;
 60	if (test_and_set_bit(EVM_SET_KEY_BUSY, &evm_set_key_flags))
 61		goto busy;
 62	rc = -EINVAL;
 63	if (keylen > MAX_KEY_SIZE)
 64		goto inval;
 65	memcpy(evmkey, key, keylen);
 66	evm_initialized |= EVM_INIT_HMAC;
 67	pr_info("key initialized\n");
 68	return 0;
 69inval:
 70	clear_bit(EVM_SET_KEY_BUSY, &evm_set_key_flags);
 71busy:
 72	pr_err("key initialization failed\n");
 73	return rc;
 74}
 75EXPORT_SYMBOL_GPL(evm_set_key);
 76
 77static struct shash_desc *init_desc(char type, uint8_t hash_algo)
 78{
 79	long rc;
 80	const char *algo;
 81	struct crypto_shash **tfm;
 82	struct shash_desc *desc;
 83
 84	if (type == EVM_XATTR_HMAC) {
 85		if (!(evm_initialized & EVM_INIT_HMAC)) {
 86			pr_err_once("HMAC key is not set\n");
 87			return ERR_PTR(-ENOKEY);
 88		}
 89		tfm = &hmac_tfm;
 90		algo = evm_hmac;
 91	} else {
 92		tfm = &evm_tfm[hash_algo];
 93		algo = hash_algo_name[hash_algo];
 94	}
 95
 96	if (*tfm == NULL) {
 97		mutex_lock(&mutex);
 98		if (*tfm)
 99			goto out;
100		*tfm = crypto_alloc_shash(algo, 0, CRYPTO_NOLOAD);
101		if (IS_ERR(*tfm)) {
102			rc = PTR_ERR(*tfm);
103			pr_err("Can not allocate %s (reason: %ld)\n", algo, rc);
104			*tfm = NULL;
105			mutex_unlock(&mutex);
106			return ERR_PTR(rc);
107		}
108		if (type == EVM_XATTR_HMAC) {
109			rc = crypto_shash_setkey(*tfm, evmkey, evmkey_len);
110			if (rc) {
111				crypto_free_shash(*tfm);
112				*tfm = NULL;
113				mutex_unlock(&mutex);
114				return ERR_PTR(rc);
115			}
116		}
117out:
118		mutex_unlock(&mutex);
119	}
120
121	desc = kmalloc(sizeof(*desc) + crypto_shash_descsize(*tfm),
122			GFP_KERNEL);
123	if (!desc)
124		return ERR_PTR(-ENOMEM);
125
126	desc->tfm = *tfm;
127	desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
128
129	rc = crypto_shash_init(desc);
130	if (rc) {
131		kfree(desc);
132		return ERR_PTR(rc);
133	}
134	return desc;
135}
136
137/* Protect against 'cutting & pasting' security.evm xattr, include inode
138 * specific info.
139 *
140 * (Additional directory/file metadata needs to be added for more complete
141 * protection.)
142 */
143static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
144			  char type, char *digest)
145{
146	struct h_misc {
147		unsigned long ino;
148		__u32 generation;
149		uid_t uid;
150		gid_t gid;
151		umode_t mode;
152	} hmac_misc;
153
154	memset(&hmac_misc, 0, sizeof(hmac_misc));
155	/* Don't include the inode or generation number in portable
156	 * signatures
157	 */
158	if (type != EVM_XATTR_PORTABLE_DIGSIG) {
159		hmac_misc.ino = inode->i_ino;
160		hmac_misc.generation = inode->i_generation;
161	}
162	/* The hmac uid and gid must be encoded in the initial user
163	 * namespace (not the filesystems user namespace) as encoding
164	 * them in the filesystems user namespace allows an attack
165	 * where first they are written in an unprivileged fuse mount
166	 * of a filesystem and then the system is tricked to mount the
167	 * filesystem for real on next boot and trust it because
168	 * everything is signed.
169	 */
170	hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
171	hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
172	hmac_misc.mode = inode->i_mode;
173	crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
174	if ((evm_hmac_attrs & EVM_ATTR_FSUUID) &&
175	    type != EVM_XATTR_PORTABLE_DIGSIG)
176		crypto_shash_update(desc, &inode->i_sb->s_uuid.b[0],
177				    sizeof(inode->i_sb->s_uuid));
178	crypto_shash_final(desc, digest);
179}
180
181/*
182 * Calculate the HMAC value across the set of protected security xattrs.
183 *
184 * Instead of retrieving the requested xattr, for performance, calculate
185 * the hmac using the requested xattr value. Don't alloc/free memory for
186 * each xattr, but attempt to re-use the previously allocated memory.
187 */
188static int evm_calc_hmac_or_hash(struct dentry *dentry,
189				 const char *req_xattr_name,
190				 const char *req_xattr_value,
191				 size_t req_xattr_value_len,
192				 uint8_t type, struct evm_digest *data)
193{
194	struct inode *inode = d_backing_inode(dentry);
195	struct xattr_list *xattr;
196	struct shash_desc *desc;
197	size_t xattr_size = 0;
198	char *xattr_value = NULL;
199	int error;
200	int size;
201	bool ima_present = false;
202
203	if (!(inode->i_opflags & IOP_XATTR) ||
204	    inode->i_sb->s_user_ns != &init_user_ns)
205		return -EOPNOTSUPP;
206
207	desc = init_desc(type, data->hdr.algo);
208	if (IS_ERR(desc))
209		return PTR_ERR(desc);
210
211	data->hdr.length = crypto_shash_digestsize(desc->tfm);
212
213	error = -ENODATA;
214	list_for_each_entry_rcu(xattr, &evm_config_xattrnames, list) {
215		bool is_ima = false;
216
217		if (strcmp(xattr->name, XATTR_NAME_IMA) == 0)
218			is_ima = true;
219
220		if ((req_xattr_name && req_xattr_value)
221		    && !strcmp(xattr->name, req_xattr_name)) {
222			error = 0;
223			crypto_shash_update(desc, (const u8 *)req_xattr_value,
224					     req_xattr_value_len);
225			if (is_ima)
226				ima_present = true;
227			continue;
228		}
229		size = vfs_getxattr_alloc(dentry, xattr->name,
230					  &xattr_value, xattr_size, GFP_NOFS);
231		if (size == -ENOMEM) {
232			error = -ENOMEM;
233			goto out;
234		}
235		if (size < 0)
236			continue;
237
238		error = 0;
239		xattr_size = size;
240		crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size);
241		if (is_ima)
242			ima_present = true;
243	}
244	hmac_add_misc(desc, inode, type, data->digest);
245
246	/* Portable EVM signatures must include an IMA hash */
247	if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present)
248		return -EPERM;
249out:
250	kfree(xattr_value);
251	kfree(desc);
252	return error;
253}
254
255int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
256		  const char *req_xattr_value, size_t req_xattr_value_len,
257		  struct evm_digest *data)
258{
259	return evm_calc_hmac_or_hash(dentry, req_xattr_name, req_xattr_value,
260				    req_xattr_value_len, EVM_XATTR_HMAC, data);
261}
262
263int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
264		  const char *req_xattr_value, size_t req_xattr_value_len,
265		  char type, struct evm_digest *data)
266{
267	return evm_calc_hmac_or_hash(dentry, req_xattr_name, req_xattr_value,
268				     req_xattr_value_len, type, data);
269}
270
271static int evm_is_immutable(struct dentry *dentry, struct inode *inode)
272{
273	const struct evm_ima_xattr_data *xattr_data = NULL;
274	struct integrity_iint_cache *iint;
275	int rc = 0;
276
277	iint = integrity_iint_find(inode);
278	if (iint && (iint->flags & EVM_IMMUTABLE_DIGSIG))
279		return 1;
280
281	/* Do this the hard way */
282	rc = vfs_getxattr_alloc(dentry, XATTR_NAME_EVM, (char **)&xattr_data, 0,
283				GFP_NOFS);
284	if (rc <= 0) {
285		if (rc == -ENODATA)
286			return 0;
287		return rc;
288	}
289	if (xattr_data->type == EVM_XATTR_PORTABLE_DIGSIG)
290		rc = 1;
291	else
292		rc = 0;
293
294	kfree(xattr_data);
295	return rc;
296}
297
298
299/*
300 * Calculate the hmac and update security.evm xattr
301 *
302 * Expects to be called with i_mutex locked.
303 */
304int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name,
305			const char *xattr_value, size_t xattr_value_len)
306{
307	struct inode *inode = d_backing_inode(dentry);
308	struct evm_digest data;
309	int rc = 0;
310
311	/*
312	 * Don't permit any transformation of the EVM xattr if the signature
313	 * is of an immutable type
314	 */
315	rc = evm_is_immutable(dentry, inode);
316	if (rc < 0)
317		return rc;
318	if (rc)
319		return -EPERM;
320
321	data.hdr.algo = HASH_ALGO_SHA1;
322	rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
323			   xattr_value_len, &data);
324	if (rc == 0) {
325		data.hdr.xattr.sha1.type = EVM_XATTR_HMAC;
326		rc = __vfs_setxattr_noperm(dentry, XATTR_NAME_EVM,
327					   &data.hdr.xattr.data[1],
328					   SHA1_DIGEST_SIZE + 1, 0);
329	} else if (rc == -ENODATA && (inode->i_opflags & IOP_XATTR)) {
330		rc = __vfs_removexattr(dentry, XATTR_NAME_EVM);
331	}
332	return rc;
333}
334
335int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
336		  char *hmac_val)
337{
338	struct shash_desc *desc;
339
340	desc = init_desc(EVM_XATTR_HMAC, HASH_ALGO_SHA1);
341	if (IS_ERR(desc)) {
342		pr_info("init_desc failed\n");
343		return PTR_ERR(desc);
344	}
345
346	crypto_shash_update(desc, lsm_xattr->value, lsm_xattr->value_len);
347	hmac_add_misc(desc, inode, EVM_XATTR_HMAC, hmac_val);
348	kfree(desc);
349	return 0;
350}
351
352/*
353 * Get the key from the TPM for the SHA1-HMAC
354 */
355int evm_init_key(void)
356{
357	struct key *evm_key;
358	struct encrypted_key_payload *ekp;
359	int rc;
360
361	evm_key = request_key(&key_type_encrypted, EVMKEY, NULL);
362	if (IS_ERR(evm_key))
363		return -ENOENT;
364
365	down_read(&evm_key->sem);
366	ekp = evm_key->payload.data[0];
367
368	rc = evm_set_key(ekp->decrypted_data, ekp->decrypted_datalen);
369
370	/* burn the original key contents */
371	memset(ekp->decrypted_data, 0, ekp->decrypted_datalen);
372	up_read(&evm_key->sem);
373	key_put(evm_key);
374	return rc;
375}
Configure Feed

Configure Feed
