| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Mar 2024 20:35:46 -0700
From: Fan Wu <wufan@...ux.microsoft.com>
To: corbet@....net,
zohar@...ux.ibm.com,
jmorris@...ei.org,
serge@...lyn.com,
tytso@....edu,
ebiggers@...nel.org,
axboe@...nel.dk,
agk@...hat.com,
snitzer@...nel.org,
eparis@...hat.com,
paul@...l-moore.com
Cc: linux-doc@...r.kernel.org,
linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org,
fsverity@...ts.linux.dev,
linux-block@...r.kernel.org,
dm-devel@...ts.linux.dev,
audit@...r.kernel.org,
linux-kernel@...r.kernel.org,
Fan Wu <wufan@...ux.microsoft.com>
Subject: [RFC PATCH v15 16/21] security: add security_inode_setintegrity() hook
This patch introduces a new hook to save inode's integrity
data. For example, for fsverity enabled files, LSMs can use this hook to save
the verified fsverity builtin signature into the inode's security blob,
and LSMs can make access decisions based on the data inside the signature,
like the signer certificate.
Signed-off-by: Fan Wu <wufan@...ux.microsoft.com>
--
v1-v14:
+ Not present
v15:
+ Introduced
---
include/linux/lsm_hook_defs.h | 3 +++
include/linux/security.h | 10 ++++++++++
security/security.c | 28 ++++++++++++++++++++++++++++
3 files changed, 41 insertions(+)
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index 6808ae763913..c88587fc3691 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -177,6 +177,9 @@ LSM_HOOK(int, 0, inode_listsecurity, struct inode *inode, char *buffer,
LSM_HOOK(void, LSM_RET_VOID, inode_getsecid, struct inode *inode, u32 *secid)
LSM_HOOK(int, 0, inode_copy_up, struct dentry *src, struct cred **new)
LSM_HOOK(int, -EOPNOTSUPP, inode_copy_up_xattr, const char *name)
+LSM_HOOK(int, 0, inode_setintegrity, struct inode *inode,
+ enum lsm_intgr_type type, const void *value, size_t size)
+
LSM_HOOK(int, 0, kernfs_init_security, struct kernfs_node *kn_dir,
struct kernfs_node *kn)
LSM_HOOK(int, 0, file_permission, struct file *file, int mask)
diff --git a/include/linux/security.h b/include/linux/security.h
index 60b40b523d57..0885866b261e 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -405,6 +405,9 @@ int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer
void security_inode_getsecid(struct inode *inode, u32 *secid);
int security_inode_copy_up(struct dentry *src, struct cred **new);
int security_inode_copy_up_xattr(const char *name);
+int security_inode_setintegrity(struct inode *inode,
+ enum lsm_intgr_type type, const void *value,
+ size_t size);
int security_kernfs_init_security(struct kernfs_node *kn_dir,
struct kernfs_node *kn);
int security_file_permission(struct file *file, int mask);
@@ -1021,6 +1024,13 @@ static inline int security_inode_copy_up(struct dentry *src, struct cred **new)
return 0;
}
+static inline int security_inode_setintegrity(struct inode *inode,
+ enum lsm_intgr_type, type,
+ const void *value, size_t size)
+{
+ return 0;
+}
+
static inline int security_kernfs_init_security(struct kernfs_node *kn_dir,
struct kernfs_node *kn)
{
diff --git a/security/security.c b/security/security.c
index 8d88529ac904..c5d426d084ab 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2681,6 +2681,34 @@ int security_inode_copy_up_xattr(const char *name)
}
EXPORT_SYMBOL(security_inode_copy_up_xattr);
+/**
+ * security_inode_setintegrity() - Set the inode's integrity data
+ * @inode: inode
+ * @type: type of integrity, e.g. hash digest, signature, etc
+ * @value: the integrity value
+ * @size: size of the integrity value
+ *
+ * Register a verified integrity measurement of a inode with the LSM.
+ *
+ * Return: Returns 0 on success, negative values on failure.
+ */
+int security_inode_setintegrity(struct inode *inode,
+ enum lsm_intgr_type type, const void *value,
+ size_t size)
+{
+ int rc = 0;
+ struct security_hook_list *p;
+
+ hlist_for_each_entry(p, &security_hook_heads.inode_setintegrity, list) {
+ rc = p->hook.inode_setintegrity(inode, type, value, size);
+ if (rc)
+ return rc;
+ }
+
+ return LSM_RET_DEFAULT(inode_setintegrity);
+}
+EXPORT_SYMBOL(security_inode_setintegrity);
+
/**
* security_kernfs_init_security() - Init LSM context for a kernfs node
* @kn_dir: parent kernfs node
--
2.44.0
Powered by blists - more mailing lists