lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220215124042.186506-5-roberto.sassu@huawei.com>
Date:   Tue, 15 Feb 2022 13:40:40 +0100
From:   Roberto Sassu <roberto.sassu@...wei.com>
To:     <zohar@...ux.ibm.com>, <shuah@...nel.org>, <ast@...nel.org>,
        <daniel@...earbox.net>, <andrii@...nel.org>, <kpsingh@...nel.org>,
        <revest@...omium.org>
CC:     <linux-integrity@...r.kernel.org>,
        <linux-security-module@...r.kernel.org>,
        <linux-kselftest@...r.kernel.org>, <netdev@...r.kernel.org>,
        <bpf@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
        Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH v2 4/6] selftests/bpf: Add test for bpf_ima_file_hash()

Modify the existing IMA test to call bpf_ima_file_hash() and update the
expected result accordingly.

Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
---
 .../selftests/bpf/prog_tests/test_ima.c       | 29 ++++++++++++++++---
 tools/testing/selftests/bpf/progs/ima.c       | 10 +++++--
 2 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/tools/testing/selftests/bpf/prog_tests/test_ima.c b/tools/testing/selftests/bpf/prog_tests/test_ima.c
index 97d8a6f84f4a..62bf0e830453 100644
--- a/tools/testing/selftests/bpf/prog_tests/test_ima.c
+++ b/tools/testing/selftests/bpf/prog_tests/test_ima.c
@@ -13,9 +13,10 @@
 
 #include "ima.skel.h"
 
-static int run_measured_process(const char *measured_dir, u32 *monitored_pid)
+static int run_measured_process(const char *measured_dir, u32 *monitored_pid,
+				bool *use_ima_file_hash)
 {
-	int child_pid, child_status;
+	int err, child_pid, child_status;
 
 	child_pid = fork();
 	if (child_pid == 0) {
@@ -24,6 +25,21 @@ static int run_measured_process(const char *measured_dir, u32 *monitored_pid)
 		       NULL);
 		exit(errno);
 
+	} else if (child_pid > 0) {
+		waitpid(child_pid, &child_status, 0);
+		err = WEXITSTATUS(child_status);
+		if (err)
+			return err;
+	}
+
+	child_pid = fork();
+	if (child_pid == 0) {
+		*monitored_pid = getpid();
+		*use_ima_file_hash = true;
+		execlp("./ima_setup.sh", "./ima_setup.sh", "run", measured_dir,
+		       NULL);
+		exit(errno);
+
 	} else if (child_pid > 0) {
 		waitpid(child_pid, &child_status, 0);
 		return WEXITSTATUS(child_status);
@@ -72,12 +88,17 @@ void test_test_ima(void)
 	if (CHECK(err, "failed to run command", "%s, errno = %d\n", cmd, errno))
 		goto close_clean;
 
-	err = run_measured_process(measured_dir, &skel->bss->monitored_pid);
+	err = run_measured_process(measured_dir, &skel->bss->monitored_pid,
+				   &skel->bss->use_ima_file_hash);
 	if (CHECK(err, "run_measured_process", "err = %d\n", err))
 		goto close_clean;
 
 	err = ring_buffer__consume(ringbuf);
-	ASSERT_EQ(err, 1, "num_samples_or_err");
+	/*
+	 * 1 sample with use_ima_file_hash = false
+	 * 2 samples with use_ima_file_hash = true (./ima_setup.sh, /bin/true)
+	 */
+	ASSERT_EQ(err, 3, "num_samples_or_err");
 	ASSERT_NEQ(ima_hash_from_bpf, 0, "ima_hash");
 
 close_clean:
diff --git a/tools/testing/selftests/bpf/progs/ima.c b/tools/testing/selftests/bpf/progs/ima.c
index 96060ff4ffc6..9bb63f96cfc0 100644
--- a/tools/testing/selftests/bpf/progs/ima.c
+++ b/tools/testing/selftests/bpf/progs/ima.c
@@ -18,6 +18,8 @@ struct {
 
 char _license[] SEC("license") = "GPL";
 
+bool use_ima_file_hash;
+
 SEC("lsm.s/bprm_committed_creds")
 void BPF_PROG(ima, struct linux_binprm *bprm)
 {
@@ -28,8 +30,12 @@ void BPF_PROG(ima, struct linux_binprm *bprm)
 
 	pid = bpf_get_current_pid_tgid() >> 32;
 	if (pid == monitored_pid) {
-		ret = bpf_ima_inode_hash(bprm->file->f_inode, &ima_hash,
-					 sizeof(ima_hash));
+		if (!use_ima_file_hash)
+			ret = bpf_ima_inode_hash(bprm->file->f_inode, &ima_hash,
+						 sizeof(ima_hash));
+		else
+			ret = bpf_ima_file_hash(bprm->file, &ima_hash,
+						sizeof(ima_hash));
 		if (ret < 0 || ima_hash == 0)
 			return;
 
-- 
2.32.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ