2023-01-30 22:58:57

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 00/16] Integrity Policy Enforcement LSM (IPE)

Overview:
---------

IPE is a Linux Security Module which takes a complimentary approach to
access control. Whereas existing mandatory access control mechanisms
base their decisions on labels and paths, IPE instead determines
whether or not an operation should be allowed based on immutable
security properties of the system component the operation is being
performed on.

IPE itself does not mandate how the security property should be
evaluated, but relies on an extensible set of external property providers
to evaluate the component. IPE makes its decision based on reference
values for the selected properties, specified in the IPE policy.

The reference values represent the value that the policy writer and the
local system administrator (based on the policy signature) trust for the
system to accomplish the desired tasks.

One such provider is for example dm-verity, which is able to represent
the integrity property of a partition (its immutable state) with a digest.

IPE is compiled under CONFIG_SECURITY_IPE.

Use Cases
---------

IPE works best in fixed-function devices: Devices in which their purpose
is clearly defined and not supposed to be changed (e.g. network firewall
device in a data center, an IoT device, etcetera), where all software and
configuration is built and provisioned by the system owner.

IPE is a long-way off for use in general-purpose computing: the Linux
community as a whole tends to follow a decentralized trust model,
known as the web of trust, which IPE has no support for as of yet.
There are exceptions, such as the case where a Linux distribution
vendor trusts only their own keys, where IPE can successfully be used
to enforce the trust requirement.

Additionally, while most packages are signed today, the files inside
the packages (for instance, the executables), tend to be unsigned. This
makes it difficult to utilize IPE in systems where a package manager is
expected to be functional, without major changes to the package manager
and ecosystem behind it.

DIGLIM[1] is a system that when combined with IPE, could be used to
enable general purpose computing scenarios.

Policy:
-------

IPE policy is a plain-text policy composed of multiple statements
over several lines. There is one required line, at the top of the
policy, indicating the policy name, and the policy version, for
instance:

policy_name=Ex_Policy policy_version=0.0.0

The policy version indicates the current version of the policy. This is
used to prevent roll-back of policy to potentially insecure previous
versions of the policy.

The next portion of IPE policy, are rules. Rules are formed by key=value
pairs, known as properties. IPE rules require two keys: "action", which
determines what IPE does when it encounters a match against the policy
and "op", which determines when that rule should be evaluated.

Thus, a minimal rule is:

op=EXECUTE action=ALLOW

This example rule will allow any execution. A rule is required to have the
"op" property as the first token of a rule, and the "action" as the last
token of the rule.

Additional properties are used to restrict attributes about the files being
evaluated. These properties are intended to be deterministic attributes
that are resident in the kernel.

For example:

op=EXECUTE dmverity_signature=FALSE action=DENY

This rule with property dmverity_signature will deny any file not from
a signed dmverity volume to be executed.

All available properties for IPE described in the documentation patch of
this series.

Rules are evaluated top-to-bottom. As a result, any revocation rules,
or denies should be placed early in the file to ensure that these rules
are evaluated before a rule with "action=ALLOW" is hit.

Any unknown syntax in IPE policy will result in a fatal error to parse
the policy.

Additionally, a DEFAULT operation must be set for all understood
operations within IPE. For policies to remain completely forwards
compatible, it is recommended that users add a "DEFAULT action=ALLOW"
and override the defaults on a per-operation basis.

For more information about the policy syntax, see the kernel
documentation page.

Early Usermode Protection:
--------------------------

IPE can be provided with a policy at startup to load and enforce.
This is intended to be a minimal policy to get the system to a state
where userspace is setup and ready to receive commands, at which
point a policy can be deployed via securityfs. This "boot policy" can be
specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
to a plain-text version of the IPE policy to apply. This policy will be
compiled into the kernel. If not specified, IPE will be disabled until a
policy is deployed and activated through the method above.

Policy Examples:
----------------

Allow all:

policy_name=Allow_All policy_version=0.0.0
DEFAULT action=ALLOW

Allow only initial superblock:

policy_name=Allow_All_Initial_SB policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE boot_verified=TRUE action=ALLOW

Allow any signed dm-verity volume and the initial superblock:

policy_name=AllowSignedAndInitial policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE boot_verified=TRUE action=ALLOW
op=EXECUTE dmverity_signature=TRUE action=ALLOW

Prohibit execution from a specific dm-verity volume, while allowing
all signed volumes and the initial superblock:

policy_name=ProhibitSingleVolume policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=DENY
op=EXECUTE boot_verified=TRUE action=ALLOW
op=EXECUTE dmverity_signature=TRUE action=ALLOW

Allow only a specific dm-verity volume:

policy_name=AllowSpecific policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW

Allow any signed fs-verity file

policy_name="AllowSignedFSVerity" policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE fsverity_signature=TRUE action=ALLOW

Deny a specific fs-verity file:

policy_name="ProhibitSpecificFSVF" policy_version=0.0.0
DEFAULT action=DENY

op=EXECUTE fsverity_digest=sha256:fd88f2b8824e197f850bf4c5109bea5cf0ee38104f710843bb72da796ba5af9e action=DENY
op=EXECUTE boot_verified=TRUE action=ALLOW
op=EXECUTE dmverity_signature=TRUE action=ALLOW

Deploying Policies:
-------------------

First sign a plain text policy, with a certificate that is present in
the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
signing can be done via:

openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
-inkey "$MY_PRIVATE_KEY" -outform der -noattr -nodetach \
-out "$MY_POLICY.p7s"

Then, simply cat the file into the IPE's "new_policy" securityfs node:

cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy

The policy should now be present under the policies/ subdirectory, under
its "policy_name" attribute.

The policy is now present in the kernel and can be marked as active,
via the securityfs node:

echo 1 > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"

This will now mark the policy as active and the system will be enforcing
$MY_POLICY_NAME.

There is one requirement when marking a policy as active, the policy_version
attribute must either increase, or remain the same as the currently running
policy.

Policies can be updated via:

cat "$MY_UPDATED_POLICY.p7s" > \
"/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"

Additionally, policies can be deleted via the "delete" securityfs
node. Simply write "1" to the corresponding node in the policy folder:

echo 1 > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"

There is only one requirement to delete policies, the policy being
deleted must not be the active policy.

NOTE: Any securityfs write to IPE's nodes will require CAP_MAC_ADMIN.

Integrations:
-------------

This patch series adds support for fsverity via digest and signature
(fsverity_signature and fsverity_digest), dm-verity by digest and
signature (dmverity_signature and dmverity_roothash), and trust for
the initramfs (boot_verified).

Please see the documentation patch for more information about the
integrations available.

Testing:
--------

KUnit Tests are available. Recommended kunitconfig:

CONFIG_KUNIT=y
CONFIG_SECURITY=y
CONFIG_SECURITYFS=y
CONFIG_PKCS7_MESSAGE_PARSER=y
CONFIG_SYSTEM_DATA_VERIFICATION=y
CONFIG_FS_VERITY=y
CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
CONFIG_BLOCK=y
CONFIG_MD=y
CONFIG_BLK_DEV_DM=y
CONFIG_DM_VERITY=y
CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
CONFIG_NET=y
CONFIG_AUDIT=y
CONFIG_AUDITSYSCALL=y

CONFIG_SECURITY_IPE=y
CONFIG_IPE_PROP_DM_VERITY=y
CONFIG_IPE_PROP_FS_VERITY=y
CONFIG_SECURITY_IPE_KUNIT_TEST=y

Simply run:

make ARCH=um mrproper
./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>

And the tests will execute and report the result. For more indepth testing,
it will require you to create and mount a dm-verity volume or fs-verity
enabled file.

Documentation:
--------------

There is both documentation available on github at
https://microsoft.github.io/ipe, and Documentation in this patch series,
to be added in-tree.

Known Gaps:
-----------

IPE has two known gaps:

1. IPE cannot verify the integrity of anonymous executable memory, such as
the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
Unfortunately, as this is dynamically generated code, there is no way
for IPE to ensure the integrity of this code to form a trust basis. In all
cases, the return result for these operations will be whatever the admin
configures the DEFAULT action for "EXECUTE".

2. IPE cannot verify the integrity of interpreted languages' programs when
these scripts invoked via ``<interpreter> <file>``. This is because the
way interpreters execute these files, the scripts themselves are not
evaluated as executable code through one of IPE's hooks. Interpreters
can be enlightened to the usage of IPE by trying to mmap a file into
executable memory (+X), after opening the file and responding to the
error code appropriately. This also applies to included files, or high
value files, such as configuration files of critical system components.

Appendix:
---------

A. IPE Github Repository: https://github.com/microsoft/ipe
B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst

References:
-----------

1: https://lore.kernel.org/bpf/[email protected]/T/

FAQ:
----

Q: What is the difference between IMA and IPE?

A: See the documentation patch for more on this topic.

Previous Postings
-----------------

v1: https://lore.kernel.org/all/[email protected]/
v2: https://lore.kernel.org/all/[email protected]/
v3: https://lore.kernel.org/all/[email protected]/
v4: https://lore.kernel.org/all/[email protected]/
v5: https://lore.kernel.org/all/[email protected]/
v6: https://lore.kernel.org/all/[email protected]/
v7: https://lore.kernel.org/all/1634151995-16266-1-git-send-email-deven.desai@linux.microsoft.com/
v8: https://lore.kernel.org/all/1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com/

Changelog:
----------

v2:
Split the second patch of the previous series into two.
Minor corrections in the cover-letter and documentation
comments regarding CAP_MAC_ADMIN checks in IPE.

v3:
Address various comments by Jann Horn. Highlights:
Switch various audit allocators to GFP_KERNEL.
Utilize rcu_access_pointer() in various locations.
Strip out the caching system for properties
Strip comments from headers
Move functions around in patches
Remove kernel command line parameters
Reconcile the race condition on the delete node for policy by
expanding the policy critical section.

Address a few comments by Jonathan Corbet around the documentation
pages for IPE.

Fix an issue with the initialization of IPE policy with a "-0"
version, caused by not initializing the hlist entries before
freeing.

v4:
Address a concern around IPE's behavior with unknown syntax.
Specifically, make any unknown syntax a fatal error instead of a
warning, as suggested by Mickaël Salaün.
Introduce a new securityfs node, $securityfs/ipe/property_config,
which provides a listing of what properties are enabled by the
kernel and their versions. This allows usermode to predict what
policies should be allowed.
Strip some comments from c files that I missed.
Clarify some documentation comments around 'boot_verified'.
While this currently does not functionally change the property
itself, the distinction is important when IPE can enforce verified
reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
This has been corrected.
Change SecurityFS and SHA1 to a reverse dependency.
Update the cover-letter with the updated behavior of unknown syntax.
Remove all sysctls, making an equivalent function in securityfs.
Rework the active/delete mechanism to be a node under the policy in
$securityfs/ipe/policies.
The kernel command line parameters ipe.enforce and ipe.success_audit
have returned as this functionality is no longer exposed through
sysfs.

v5:
Correct some grammatical errors reported by Randy Dunlap.
Fix some warnings reported by kernel test bot.
Change convention around security_bdev_setsecurity. -ENOSYS
is now expected if an LSM does not implement a particular @name,
as suggested by Casey Schaufler.
Minor string corrections related to the move from sysfs to securityfs
Correct a spelling of an #ifdef for the permissive argument.
Add the kernel parameters re-added to the documentation.
Fix a minor bug where the mode being audited on permissive switch
was the original mode, not the mode being swapped to.
Cleanup doc comments, fix some whitespace alignment issues.

v6:
Change if statement condition in security_bdev_setsecurity to be
more concise, as suggested by Casey Schaufler and Al Viro
Drop the 6th patch in the series, "dm-verity move signature check..."
due to numerous issues, and it ultimately providing no real value.
Fix the patch tree - the previous iteration appears to have been in a
torn state (patches 8+9 were merged). This has since been corrected.

v7:
* Reword cover letter to more accurate convey IPE's purpose
and latest updates.
* Refactor series to:
1. Support a context structure, enabling:
1. Easier Testing via KUNIT
2. A better architecture for future designs
2. Make parser code cleaner
* Move patch 01/12 to [14/16] of the series
* Split up patch 02/12 into four parts:
1. context creation [01/16]
2. audit [07/16]
3. evaluation loop [03/16]
4. access control hooks [05/16]
5. permissive mode [08/16]
* Split up patch 03/12 into two parts:
1. parser [02/16]
2. userspace interface [04/16]
* Reword and refactor patch 04/12 to [09/16]
* Squash patch 05/12, 07/12, 09/12 to [10/16]
* Squash patch 08/12, 10/12 to [11/16]
* Change audit records to MAC region (14XX) from Integrity region (18XX)
* Add FSVerity Support
* Interface changes:
1. "raw" was renamed to "pkcs7" and made read only
2. "raw"'s write functionality (update a policy) moved to "update"
3. introduced "version", "policy_name" nodes.
4. "content" renamed to "policy"
5. The boot policy can now be updated like any other policy.
* Add additional developer-level documentation
* Update admin-guide docs to reflect changes.
* Kunit tests
* Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
easily come later with a small patch.
* Use partition0 for block_device for dm-verity patch

v8:
* Add changelog information to individual commits
* A large number of changes to the audit patch.
* split fs/ & security/ changes to two separate patches.
* split block/, security/ & drivers/md/ changes to separate patches.
* Add some historical context to what lead to the creation of IPE
in the documentation patch.
* Cover-letter changes suggested by Roberto Sassu.

v9:
* Rewrite IPE parser to use kernel match_table parser.
* Adapt existing IPE properties to the new parser.
* Remove ipe_context, quote policy syntax, kernel_read for simplicity.
* Add new function in the security file system to delete IPE policy.
* Make IPE audit builtin and change several audit formats.
* Make boot_verified property builtin

Deven Bowers (13):
security: add ipe lsm
ipe: add policy parser
ipe: add evaluation loop and introduce 'boot_verified' as a trust
provider
ipe: add userspace interface
ipe: add LSM hooks on execution and kernel read
uapi|audit|ipe: add ipe auditing support
ipe: add permissive toggle
block|security: add LSM blob to block_device
dm-verity: consume root hash digest and signature data via LSM hook
ipe: add support for dm-verity as a trust provider
scripts: add boot policy generation program
ipe: kunit test for parser
documentation: add ipe documentation

Fan Wu (3):
security: add new securityfs delete function
fsverity: consume builtin signature via LSM hook
ipe: enable support for fs-verity as a trust provider

Documentation/admin-guide/LSM/index.rst | 1 +
Documentation/admin-guide/LSM/ipe.rst | 729 ++++++++++++++++++
.../admin-guide/kernel-parameters.txt | 12 +
Documentation/security/index.rst | 1 +
Documentation/security/ipe.rst | 436 +++++++++++
MAINTAINERS | 8 +
block/bdev.c | 7 +
drivers/md/dm-verity-target.c | 25 +-
drivers/md/dm-verity-verify-sig.c | 16 +-
drivers/md/dm-verity-verify-sig.h | 10 +-
fs/verity/fsverity_private.h | 2 +-
fs/verity/open.c | 13 +-
fs/verity/signature.c | 1 +
include/linux/blk_types.h | 3 +
include/linux/dm-verity.h | 19 +
include/linux/fsverity.h | 2 +
include/linux/lsm_hook_defs.h | 5 +
include/linux/lsm_hooks.h | 12 +
include/linux/security.h | 23 +
include/uapi/linux/audit.h | 1 +
scripts/Makefile | 1 +
scripts/ipe/Makefile | 2 +
scripts/ipe/polgen/.gitignore | 1 +
scripts/ipe/polgen/Makefile | 6 +
scripts/ipe/polgen/polgen.c | 145 ++++
security/Kconfig | 11 +-
security/Makefile | 1 +
security/inode.c | 25 +
security/ipe/.gitignore | 1 +
security/ipe/Kconfig | 75 ++
security/ipe/Makefile | 32 +
security/ipe/audit.c | 279 +++++++
security/ipe/audit.h | 19 +
security/ipe/digest.c | 144 ++++
security/ipe/digest.h | 26 +
security/ipe/eval.c | 424 ++++++++++
security/ipe/eval.h | 60 ++
security/ipe/fs.c | 242 ++++++
security/ipe/fs.h | 17 +
security/ipe/hooks.c | 275 +++++++
security/ipe/hooks.h | 42 +
security/ipe/ipe.c | 97 +++
security/ipe/ipe.h | 22 +
security/ipe/policy.c | 259 +++++++
security/ipe/policy.h | 93 +++
security/ipe/policy_fs.c | 459 +++++++++++
security/ipe/policy_parser.c | 545 +++++++++++++
security/ipe/policy_parser.h | 11 +
security/ipe/policy_tests.c | 294 +++++++
security/security.c | 70 ++
50 files changed, 4988 insertions(+), 16 deletions(-)
create mode 100644 Documentation/admin-guide/LSM/ipe.rst
create mode 100644 Documentation/security/ipe.rst
create mode 100644 include/linux/dm-verity.h
create mode 100644 scripts/ipe/Makefile
create mode 100644 scripts/ipe/polgen/.gitignore
create mode 100644 scripts/ipe/polgen/Makefile
create mode 100644 scripts/ipe/polgen/polgen.c
create mode 100644 security/ipe/.gitignore
create mode 100644 security/ipe/Kconfig
create mode 100644 security/ipe/Makefile
create mode 100644 security/ipe/audit.c
create mode 100644 security/ipe/audit.h
create mode 100644 security/ipe/digest.c
create mode 100644 security/ipe/digest.h
create mode 100644 security/ipe/eval.c
create mode 100644 security/ipe/eval.h
create mode 100644 security/ipe/fs.c
create mode 100644 security/ipe/fs.h
create mode 100644 security/ipe/hooks.c
create mode 100644 security/ipe/hooks.h
create mode 100644 security/ipe/ipe.c
create mode 100644 security/ipe/ipe.h
create mode 100644 security/ipe/policy.c
create mode 100644 security/ipe/policy.h
create mode 100644 security/ipe/policy_fs.c
create mode 100644 security/ipe/policy_parser.c
create mode 100644 security/ipe/policy_parser.h
create mode 100644 security/ipe/policy_tests.c

--
2.39.0



2023-01-30 22:59:01

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 04/16] security: add new securityfs delete function

When deleting a directory in the security file system, the existing
securityfs_remove requires the directory to be empty, otherwise
it will do nothing. This leads to a potential risk that the security
file system might be in an unclean state when the intentded deletion
did not happen.

This commit introduces a new function securityfs_recursive_remove
to recursively delete a directory without leaving an unclean state.

Co-developed-by: Christian Brauner (Microsoft) <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v1-v8:
+ Not present
---
include/linux/security.h | 1 +
security/inode.c | 25 +++++++++++++++++++++++++
2 files changed, 26 insertions(+)

diff --git a/include/linux/security.h b/include/linux/security.h
index 5b67f208f7de..479e154a12b8 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1985,6 +1985,7 @@ struct dentry *securityfs_create_symlink(const char *name,
const char *target,
const struct inode_operations *iops);
extern void securityfs_remove(struct dentry *dentry);
+extern void securityfs_recursive_remove(struct dentry *dentry);

#else /* CONFIG_SECURITYFS */

diff --git a/security/inode.c b/security/inode.c
index 6c326939750d..13358e8547e8 100644
--- a/security/inode.c
+++ b/security/inode.c
@@ -313,6 +313,31 @@ void securityfs_remove(struct dentry *dentry)
}
EXPORT_SYMBOL_GPL(securityfs_remove);

+static void remove_one(struct dentry *victim)
+{
+ simple_release_fs(&mount, &mount_count);
+}
+
+/**
+ * securityfs_recursive_remove - recursively removes a file or directory from the securityfs filesystem
+ *
+ * @dentry: a pointer to a the dentry of the file or directory to be removed.
+ *
+ * This function recursively removes a file or directory in securityfs that was
+ * previously created with a call to another securityfs function (like
+ * securityfs_create_file() or variants thereof.)
+ */
+void securityfs_recursive_remove(struct dentry *dentry)
+{
+ if (IS_ERR_OR_NULL(dentry))
+ return;
+
+ simple_pin_fs(&fs_type, &mount, &mount_count);
+ simple_recursive_removal(dentry, remove_one);
+ simple_release_fs(&mount, &mount_count);
+}
+EXPORT_SYMBOL_GPL(securityfs_recursive_remove);
+
#ifdef CONFIG_SECURITY
static struct dentry *lsm_dentry;
static ssize_t lsm_read(struct file *filp, char __user *buf, size_t count,
--
2.39.0


2023-01-30 22:59:00

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 02/16] ipe: add policy parser

From: Deven Bowers <[email protected]>

IPE's interpretation of the what the user trusts is accomplished through
its policy. IPE's design is to not provide support for a single trust
provider, but to support multiple providers to enable the end-user to
choose the best one to seek their needs.

This requires the policy to be rather flexible and modular so that
integrity providers, like fs-verity, dm-verity, dm-integrity, or
some other system, can plug into the policy with minimal code changes.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move policy load and activation audit event to 03/12
+ Fix a potential panic when a policy failed to load.
+ use pr_warn for a failure to parse instead of an
audit record
+ Remove comments from headers
+ Add lockdep assertions to ipe_update_active_policy and
ipe_activate_policy
+ Fix up warnings with checkpatch --strict
+ Use file_ns_capable for CAP_MAC_ADMIN for securityfs
nodes.
+ Use memdup_user instead of kzalloc+simple_write_to_buffer.
+ Remove strict_parse command line parameter, as it is added
by the sysctl command line.
+ Prefix extern variables with ipe_

v4:
+ Remove securityfs to reverse-dependency
+ Add SHA1 reverse dependency.
+ Add versioning scheme for IPE properties, and associated
interface to query the versioning scheme.
+ Cause a parser to always return an error on unknown syntax.
+ Remove strict_parse option
+ Change active_policy interface from sysctl, to securityfs,
and change scheme.

v5:
+ Cause an error if a default action is not defined for each
operaiton.
+ Minor function renames

v6:
+ No changes

v7:
+ Further split parser and userspace interface into two
separate commits, for easier review.

+ Refactor policy parser to make code cleaner via introducing a
more modular design, for easier extension of policy, and
easier review.

v8:
+ remove unnecessary pr_info emission on parser loading

+ add explicit newline to the pr_err emitted when a parser
fails to load.

v9:
+ switch to match table to parse policy

+ remove quote syntax and KERNEL_READ operation
---
security/ipe/Makefile | 2 +
security/ipe/policy.c | 99 +++++++
security/ipe/policy.h | 77 ++++++
security/ipe/policy_parser.c | 515 +++++++++++++++++++++++++++++++++++
security/ipe/policy_parser.h | 11 +
5 files changed, 704 insertions(+)
create mode 100644 security/ipe/policy.c
create mode 100644 security/ipe/policy.h
create mode 100644 security/ipe/policy_parser.c
create mode 100644 security/ipe/policy_parser.h

diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 571648579991..16bbe80991f1 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -8,3 +8,5 @@
obj-$(CONFIG_SECURITY_IPE) += \
hooks.o \
ipe.o \
+ policy.o \
+ policy_parser.o \
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
new file mode 100644
index 000000000000..e446f4b84152
--- /dev/null
+++ b/security/ipe/policy.c
@@ -0,0 +1,99 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "policy.h"
+#include "policy_parser.h"
+#include "digest.h"
+
+#include <linux/verification.h>
+
+/**
+ * ipe_free_policy - Deallocate a given IPE policy.
+ * @p: Supplies the policy to free.
+ *
+ * Safe to call on IS_ERR/NULL.
+ */
+void ipe_free_policy(struct ipe_policy *p)
+{
+ if (IS_ERR_OR_NULL(p))
+ return;
+
+ free_parsed_policy(p->parsed);
+ if (!p->pkcs7)
+ kfree(p->text);
+ kfree(p->pkcs7);
+ kfree(p);
+}
+
+static int set_pkcs7_data(void *ctx, const void *data, size_t len,
+ size_t asn1hdrlen)
+{
+ struct ipe_policy *p = ctx;
+
+ p->text = (const char *)data;
+ p->textlen = len;
+
+ return 0;
+}
+
+/**
+ * ipe_new_policy - Allocate and parse an ipe_policy structure.
+ *
+ * @text: Supplies a pointer to the plain-text policy to parse.
+ * @textlen: Supplies the length of @text.
+ * @pkcs7: Supplies a pointer to a pkcs7-signed IPE policy.
+ * @pkcs7len: Supplies the length of @pkcs7.
+ *
+ * @text/@textlen Should be NULL/0 if @pkcs7/@pkcs7len is set.
+ *
+ * The result will still need to be associated with a context via
+ * ipe_add_policy.
+ *
+ * Return:
+ * * !IS_ERR - Success
+ * * -EBADMSG - Policy is invalid
+ * * -ENOMEM - Out of memory
+ */
+struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
+ const char *pkcs7, size_t pkcs7len)
+{
+ int rc = 0;
+ struct ipe_policy *new = NULL;
+
+ new = kzalloc(sizeof(*new), GFP_KERNEL);
+ if (!new)
+ return ERR_PTR(-ENOMEM);
+
+ if (!text) {
+ new->pkcs7len = pkcs7len;
+ new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL);
+ if (!new->pkcs7) {
+ rc = -ENOMEM;
+ goto err;
+ }
+
+ rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, NULL,
+ VERIFYING_UNSPECIFIED_SIGNATURE,
+ set_pkcs7_data, new);
+ if (rc)
+ goto err;
+ } else {
+ new->textlen = textlen;
+ new->text = kstrdup(text, GFP_KERNEL);
+ if (!new->text) {
+ rc = -ENOMEM;
+ goto err;
+ }
+ }
+
+ rc = parse_policy(new);
+ if (rc)
+ goto err;
+
+ return new;
+err:
+ return ERR_PTR(rc);
+}
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
new file mode 100644
index 000000000000..6af2d9a811ec
--- /dev/null
+++ b/security/ipe/policy.h
@@ -0,0 +1,77 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_POLICY_H
+#define IPE_POLICY_H
+
+#include <linux/list.h>
+#include <linux/types.h>
+
+enum ipe_op_type {
+ ipe_op_exec = 0,
+ ipe_op_firmware,
+ ipe_op_kernel_module,
+ ipe_op_kexec_image,
+ ipe_op_kexec_initramfs,
+ ipe_op_ima_policy,
+ ipe_op_ima_x509,
+ ipe_op_max
+};
+
+enum ipe_action_type {
+ ipe_action_allow = 0,
+ ipe_action_deny,
+ ipe_action_max
+};
+
+enum ipe_prop_type {
+ ipe_prop_max
+};
+
+struct ipe_prop {
+ struct list_head next;
+ enum ipe_prop_type type;
+ void *value;
+};
+
+struct ipe_rule {
+ enum ipe_op_type op;
+ enum ipe_action_type action;
+ struct list_head props;
+ struct list_head next;
+};
+
+struct ipe_op_table {
+ struct list_head rules;
+ enum ipe_action_type default_action;
+};
+
+struct ipe_parsed_policy {
+ const char *name;
+ struct {
+ u16 major;
+ u16 minor;
+ u16 rev;
+ } version;
+
+ enum ipe_action_type global_default_action;
+
+ struct ipe_op_table rules[ipe_op_max];
+};
+
+struct ipe_policy {
+ const char *pkcs7;
+ size_t pkcs7len;
+
+ const char *text;
+ size_t textlen;
+
+ struct ipe_parsed_policy *parsed;
+};
+
+struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
+ const char *pkcs7, size_t pkcs7len);
+void ipe_free_policy(struct ipe_policy *pol);
+
+#endif /* IPE_POLICY_H */
diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
new file mode 100644
index 000000000000..c7ba0e865366
--- /dev/null
+++ b/security/ipe/policy_parser.c
@@ -0,0 +1,515 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "policy.h"
+#include "policy_parser.h"
+#include "digest.h"
+
+#include <linux/parser.h>
+
+#define START_COMMENT '#'
+
+/**
+ * new_parsed_policy - Allocate and initialize a parsed policy.
+ *
+ * Return:
+ * * !IS_ERR - OK
+ * * -ENOMEM - Out of memory
+ */
+static struct ipe_parsed_policy *new_parsed_policy(void)
+{
+ size_t i = 0;
+ struct ipe_parsed_policy *p = NULL;
+ struct ipe_op_table *t = NULL;
+
+ p = kzalloc(sizeof(*p), GFP_KERNEL);
+ if (!p)
+ return ERR_PTR(-ENOMEM);
+
+ p->global_default_action = ipe_action_max;
+
+ for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
+ t = &p->rules[i];
+
+ t->default_action = ipe_action_max;
+ INIT_LIST_HEAD(&t->rules);
+ }
+
+ return p;
+}
+
+/**
+ * remove_comment - Truncate all chars following START_COMMENT in a string.
+ *
+ * @line: Supplies a poilcy line string for preprocessing.
+ */
+static void remove_comment(char *line)
+{
+ size_t i, len = 0;
+
+ len = strlen(line);
+ for (i = 0; i < len && line[i] != START_COMMENT; ++i)
+ ;
+
+ line[i] = '\0';
+}
+
+/**
+ * remove_trailing_spaces - Truncate all trailing spaces in a string.
+ *
+ * @line: Supplies a poilcy line string for preprocessing.
+ */
+static void remove_trailing_spaces(char *line)
+{
+ size_t i, len = 0;
+
+ len = strlen(line);
+ for (i = len; i > 0 && (line[i - 1] == ' ' || line[i - 1] == '\t'); --i)
+ ;
+
+ line[i] = '\0';
+}
+
+/**
+ * parse_version - Parse policy version.
+ * @ver: Supplies a version string to be parsed.
+ * @p: Supplies the partial parsed policy.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Standard errno
+ */
+static int parse_version(char *ver, struct ipe_parsed_policy *p)
+{
+ int rc = 0;
+ size_t sep_count = 0;
+ char *token;
+ u16 *const cv[] = { &p->version.major, &p->version.minor, &p->version.rev };
+
+ while ((token = strsep(&ver, ".")) != NULL) {
+ /* prevent overflow */
+ if (sep_count >= ARRAY_SIZE(cv)) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ rc = kstrtou16(token, 10, cv[sep_count]);
+ if (rc)
+ goto err;
+
+ ++sep_count;
+ }
+
+ /* prevent underflow */
+ if (sep_count != ARRAY_SIZE(cv))
+ rc = -EBADMSG;
+
+err:
+ return rc;
+}
+
+enum header_opt {
+ ipe_header_policy_name = 0,
+ ipe_header_policy_version,
+ ipe_header_max
+};
+
+static const match_table_t header_tokens = {
+ {ipe_header_policy_name, "policy_name=%s"},
+ {ipe_header_policy_version, "policy_version=%s"},
+ {ipe_header_max, NULL}
+};
+
+/**
+ * parse_header - Parse policy header information.
+ * @line: Supplies header line to be parsed.
+ * @p: Supplies the partial parsed policy.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Standard errno
+ */
+static int parse_header(char *line, struct ipe_parsed_policy *p)
+{
+ int rc = 0;
+ char *t, *ver = NULL;
+ substring_t args[MAX_OPT_ARGS];
+ size_t idx = 0;
+
+ while ((t = strsep(&line, " \t")) != NULL) {
+ int token;
+
+ if (*t == '\0')
+ continue;
+ if (idx >= ipe_header_max) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ token = match_token(t, header_tokens, args);
+ if (token != idx) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ switch (token) {
+ case ipe_header_policy_name:
+ p->name = match_strdup(&args[0]);
+ if (!p->name)
+ rc = -ENOMEM;
+ break;
+ case ipe_header_policy_version:
+ ver = match_strdup(&args[0]);
+ if (!ver) {
+ rc = -ENOMEM;
+ break;
+ }
+ rc = parse_version(ver, p);
+ break;
+ default:
+ rc = -EBADMSG;
+ }
+ if (rc)
+ goto err;
+ ++idx;
+ }
+
+ if (idx != ipe_header_max) {
+ rc = -EBADMSG;
+ goto err;
+ }
+ goto out;
+
+err:
+ kfree(p->name);
+ p->name = NULL;
+out:
+ kfree(ver);
+ return rc;
+}
+
+/**
+ * is_default - Determine if the given token is "DEFAULT".
+ * @token: Supplies the token string to be compared.
+ *
+ * Return:
+ * * 0 - The token is not "DEFAULT"
+ * * !0 - The token is "DEFAULT"
+ */
+static bool is_default(char *token)
+{
+ return !strcmp(token, "DEFAULT");
+}
+
+/**
+ * free_rule - Free the supplied ipe_rule struct.
+ * @r: Supplies the ipe_rule struct to be freed.
+ */
+static void free_rule(struct ipe_rule *r)
+{
+ struct ipe_prop *p, *t;
+
+ if (IS_ERR_OR_NULL(r))
+ return;
+
+ list_for_each_entry_safe(p, t, &r->props, next) {
+ kfree(p);
+ }
+
+ kfree(r);
+}
+
+static const match_table_t operation_tokens = {
+ {ipe_op_exec, "op=EXECUTE"},
+ {ipe_op_firmware, "op=FIRMWARE"},
+ {ipe_op_kernel_module, "op=KMODULE"},
+ {ipe_op_kexec_image, "op=KEXEC_IMAGE"},
+ {ipe_op_kexec_initramfs, "op=KEXEC_INITRAMFS"},
+ {ipe_op_ima_policy, "op=IMA_POLICY"},
+ {ipe_op_ima_x509, "op=IMA_X509_CERT"},
+ {ipe_op_max, NULL}
+};
+
+/**
+ * parse_operation - Parse the opeartion type given a token string.
+ * @t: Supplies the token string to be parsed.
+ *
+ * Return: The parsed opeartion type.
+ */
+static enum ipe_op_type parse_operation(char *t)
+{
+ substring_t args[MAX_OPT_ARGS];
+
+ return match_token(t, operation_tokens, args);
+}
+
+static const match_table_t action_tokens = {
+ {ipe_action_allow, "action=ALLOW"},
+ {ipe_action_deny, "action=DENY"},
+ {ipe_action_max, NULL}
+};
+
+/**
+ * parse_action - Parse the action type given a token string.
+ * @t: Supplies the token string to be parsed.
+ *
+ * Return: The parsed action type.
+ */
+static enum ipe_action_type parse_action(char *t)
+{
+ substring_t args[MAX_OPT_ARGS];
+
+ return match_token(t, action_tokens, args);
+}
+
+static const match_table_t property_tokens = {
+ {ipe_prop_max, NULL}
+};
+
+/**
+ * parse_property - Parse the property type given a token string.
+ * @t: Supplies the token string to be parsed.
+ * @r: Supplies the ipe_rule the parsed property will be associated with.
+ *
+ * Return:
+ * * !IS_ERR - OK
+ * * -ENOMEM - Out of memory
+ * * -EBADMSG - The supplied token cannot be parsed
+ */
+int parse_property(char *t, struct ipe_rule *r)
+{
+ substring_t args[MAX_OPT_ARGS];
+ struct ipe_prop *p = NULL;
+ int rc = 0;
+ int token;
+ char *dup = NULL;
+
+ p = kzalloc(sizeof(*p), GFP_KERNEL);
+ if (!p) {
+ rc = -ENOMEM;
+ goto err;
+ }
+
+ token = match_token(t, property_tokens, args);
+
+ switch (token) {
+ case ipe_prop_max:
+ default:
+ rc = -EBADMSG;
+ break;
+ }
+ list_add_tail(&p->next, &r->props);
+
+err:
+ kfree(dup);
+ return rc;
+}
+
+/**
+ * parse_rule - parse a policy rule line.
+ * @line: Supplies rule line to be parsed.
+ * @p: Supplies the partial parsed policy.
+ *
+ * Return:
+ * * !IS_ERR - OK
+ * * -ENOMEM - Out of memory
+ * * -EBADMSG - Policy syntax error
+ */
+static int parse_rule(char *line, struct ipe_parsed_policy *p)
+{
+ int rc = 0;
+ bool first_token = true, is_default_rule = false;
+ bool op_parsed = false;
+ enum ipe_op_type op = ipe_op_max;
+ enum ipe_action_type action = ipe_action_max;
+ struct ipe_rule *r = NULL;
+ char *t;
+
+ r = kzalloc(sizeof(*r), GFP_KERNEL);
+ if (!r) {
+ rc = -ENOMEM;
+ goto err;
+ }
+
+ INIT_LIST_HEAD(&r->next);
+ INIT_LIST_HEAD(&r->props);
+
+ while (t = strsep(&line, " \t"), line) {
+ if (*t == '\0')
+ continue;
+ if (first_token && is_default(t)) {
+ is_default_rule = true;
+ } else {
+ if (!op_parsed) {
+ op = parse_operation(t);
+ if (op == ipe_op_max)
+ rc = -EBADMSG;
+ else
+ op_parsed = true;
+ } else {
+ rc = parse_property(t, r);
+ }
+ }
+
+ if (rc)
+ goto err;
+ first_token = false;
+ }
+
+ action = parse_action(t);
+ if (action == ipe_action_max) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ if (is_default_rule) {
+ if (op == ipe_op_max) {
+ if (p->global_default_action != ipe_action_max)
+ rc = -EBADMSG;
+ else
+ p->global_default_action = action;
+ } else {
+ if (p->rules[op].default_action != ipe_action_max)
+ rc = -EBADMSG;
+ else
+ p->rules[op].default_action = action;
+ }
+ free_rule(r);
+ } else if (op != ipe_op_max && action != ipe_action_max) {
+ r->op = op;
+ r->action = action;
+ list_add_tail(&r->next, &p->rules[op].rules);
+ } else {
+ rc = -EBADMSG;
+ }
+
+ if (rc)
+ goto err;
+
+ goto out;
+
+err:
+ free_rule(r);
+out:
+ return rc;
+}
+
+/**
+ * free_parsed_policy - free a parsed policy structure.
+ * @p: Supplies the parsed policy.
+ */
+void free_parsed_policy(struct ipe_parsed_policy *p)
+{
+ size_t i = 0;
+ struct ipe_rule *pp, *t;
+
+ if (IS_ERR_OR_NULL(p))
+ return;
+
+ for (i = 0; i < ARRAY_SIZE(p->rules); ++i)
+ list_for_each_entry_safe(pp, t, &p->rules[i].rules, next)
+ free_rule(pp);
+
+ kfree(p);
+}
+
+/**
+ * validate_policy - validate a parsed policy.
+ * @p: Supplies the fully parsed policy.
+ *
+ * Given a policy structure that was just parsed, validate that all
+ * necessary fields are present, initialized correctly, and all lines
+ * parsed are have been consumed.
+ *
+ * A parsed policy can be an invalid state for use (a default was
+ * undefined, a header was undefined) by just parsing the policy.
+ *
+ * Return:
+ * * 0 - OK
+ * * -EBADMSG - Policy is invalid
+ */
+static int validate_policy(const struct ipe_parsed_policy *p)
+{
+ int i = 0;
+
+ if (p->global_default_action != ipe_action_max)
+ return 0;
+
+ for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
+ if (p->rules[i].default_action == ipe_action_max)
+ return -EBADMSG;
+ }
+
+ return 0;
+}
+
+/**
+ * parse_policy - Given a string, parse the string into an IPE policy.
+ * @p: partially filled ipe_policy structure to populate with the result.
+ * it must have text and textlen set.
+ *
+ * Return:
+ * * 0 - OK
+ * * -EBADMSG - Policy is invalid
+ * * -ENOMEM - Out of Memory
+ */
+int parse_policy(struct ipe_policy *p)
+{
+ int rc = 0;
+ size_t len;
+ char *policy = NULL, *dup = NULL;
+ char *line = NULL;
+ bool header_parsed = false;
+ struct ipe_parsed_policy *pp = NULL;
+
+ if (!p->textlen)
+ return -EBADMSG;
+
+ policy = kmemdup_nul(p->text, p->textlen, GFP_KERNEL);
+ if (!policy)
+ return -ENOMEM;
+ dup = policy;
+
+ pp = new_parsed_policy();
+ if (IS_ERR(pp)) {
+ rc = PTR_ERR(pp);
+ goto out;
+ }
+
+ while ((line = strsep(&policy, "\n\r")) != NULL) {
+ remove_comment(line);
+ remove_trailing_spaces(line);
+ len = strlen(line);
+ if (!len)
+ continue;
+
+ if (!header_parsed) {
+ rc = parse_header(line, pp);
+ if (rc)
+ goto err;
+ header_parsed = true;
+ continue;
+ }
+
+ rc = parse_rule(line, pp);
+ if (rc)
+ goto err;
+ }
+
+ if (!header_parsed || validate_policy(pp)) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ p->parsed = pp;
+
+ goto out;
+err:
+ free_parsed_policy(pp);
+out:
+ kfree(dup);
+
+ return rc;
+}
diff --git a/security/ipe/policy_parser.h b/security/ipe/policy_parser.h
new file mode 100644
index 000000000000..699ca58a5a32
--- /dev/null
+++ b/security/ipe/policy_parser.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_POLICY_PARSER_H
+#define IPE_POLICY_PARSER_H
+
+int parse_policy(struct ipe_policy *p);
+void free_parsed_policy(struct ipe_parsed_policy *p);
+
+#endif /* IPE_POLICY_PARSER */
--
2.39.0


2023-01-30 22:59:05

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 09/16] block|security: add LSM blob to block_device

From: Deven Bowers <[email protected]>

block_device structures can have valuable security properties,
based on how they are created, and what subsystem manages them.

By adding LSM storage to this structure, this data can be accessed
at the LSM layer.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
Reviewed-by: Casey Schaufler <[email protected]>
---
v2:
+ No Changes

v3:
+ Minor style changes from checkpatch --strict

v4:
+ No Changes

v5:
+ Allow multiple callers to call security_bdev_setsecurity

v6:
+ Simplify security_bdev_setsecurity break condition

v7:
+ Squash all dm-verity related patches to two patches,
the additions to dm-verity/fs, and the consumption of
the additions.

v8:
+ Split dm-verity related patches squashed in v7 to 3 commits based on
topic:
+ New LSM hook
+ Consumption of hook outside LSM
+ Consumption of hook inside LSM.

+ change return of security_bdev_alloc / security_bdev_setsecurity
to LSM_RET_DEFAULT instead of 0.

+ Change return code to -EOPNOTSUPP, bring inline with other
setsecurity hooks.

v9:
+ Add Reviewed-by: Casey Schaufler <[email protected]>
+ Remove unlikely when calling LSM hook
+ Make the security field dependent on CONFIG_SECURITY
---
block/bdev.c | 7 ++++
include/linux/blk_types.h | 3 ++
include/linux/lsm_hook_defs.h | 5 +++
include/linux/lsm_hooks.h | 12 ++++++
include/linux/security.h | 22 +++++++++++
security/security.c | 70 +++++++++++++++++++++++++++++++++++
6 files changed, 119 insertions(+)

diff --git a/block/bdev.c b/block/bdev.c
index edc110d90df4..f8db53b47c00 100644
--- a/block/bdev.c
+++ b/block/bdev.c
@@ -24,6 +24,7 @@
#include <linux/pseudo_fs.h>
#include <linux/uio.h>
#include <linux/namei.h>
+#include <linux/security.h>
#include <linux/part_stat.h>
#include <linux/uaccess.h>
#include <linux/stat.h>
@@ -396,6 +397,11 @@ static struct inode *bdev_alloc_inode(struct super_block *sb)
if (!ei)
return NULL;
memset(&ei->bdev, 0, sizeof(ei->bdev));
+
+ if (security_bdev_alloc(&ei->bdev)) {
+ kmem_cache_free(bdev_cachep, ei);
+ return NULL;
+ }
return &ei->vfs_inode;
}

@@ -405,6 +411,7 @@ static void bdev_free_inode(struct inode *inode)

free_percpu(bdev->bd_stats);
kfree(bdev->bd_meta_info);
+ security_bdev_free(bdev);

if (!bdev_is_partition(bdev)) {
if (bdev->bd_disk && bdev->bd_disk->bdi)
diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
index 99be590f952f..137a04f45c17 100644
--- a/include/linux/blk_types.h
+++ b/include/linux/blk_types.h
@@ -68,6 +68,9 @@ struct block_device {
#ifdef CONFIG_FAIL_MAKE_REQUEST
bool bd_make_it_fail;
#endif
+#ifdef CONFIG_SECURITY
+ void *security;
+#endif
} __randomize_layout;

#define bdev_whole(_bdev) \
diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
index ed6cb2ac55fa..1f79029c9e28 100644
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@@ -417,3 +417,8 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new)
LSM_HOOK(int, 0, uring_sqpoll, void)
LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd)
#endif /* CONFIG_IO_URING */
+
+LSM_HOOK(int, 0, bdev_alloc_security, struct block_device *bdev)
+LSM_HOOK(void, LSM_RET_VOID, bdev_free_security, struct block_device *bdev)
+LSM_HOOK(int, 0, bdev_setsecurity, struct block_device *bdev, const char *name,
+ const void *value, size_t size)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 0a5ba81f7367..b622ceb57d83 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1618,6 +1618,17 @@
* @what: kernel feature being accessed.
* Return 0 if permission is granted.
*
+ * @bdev_alloc_security:
+ * Initialize the security field inside a block_device structure.
+ *
+ * @bdev_free_security:
+ * Cleanup the security information stored inside a block_device structure.
+ *
+ * @bdev_setsecurity:
+ * Set a security property associated with @name for @bdev with
+ * value @value. @size indicates the size of @value in bytes.
+ * If a @name is not implemented, return -EOPNOTSUPP.
+ *
* Security hooks for perf events
*
* @perf_event_open:
@@ -1687,6 +1698,7 @@ struct lsm_blob_sizes {
int lbs_ipc;
int lbs_msg_msg;
int lbs_task;
+ int lbs_bdev;
};

/*
diff --git a/include/linux/security.h b/include/linux/security.h
index 479e154a12b8..7dea630bff5f 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -487,6 +487,11 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen);
int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen);
int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen);
int security_locked_down(enum lockdown_reason what);
+int security_bdev_alloc(struct block_device *bdev);
+void security_bdev_free(struct block_device *bdev);
+int security_bdev_setsecurity(struct block_device *bdev,
+ const char *name, const void *value,
+ size_t size);
#else /* CONFIG_SECURITY */

static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data)
@@ -1402,6 +1407,23 @@ static inline int security_locked_down(enum lockdown_reason what)
{
return 0;
}
+
+static inline int security_bdev_alloc(struct block_device *bdev)
+{
+ return 0;
+}
+
+static inline void security_bdev_free(struct block_device *bdev)
+{
+}
+
+static inline int security_bdev_setsecurity(struct block_device *bdev,
+ const char *name,
+ const void *value, size_t size)
+{
+ return 0;
+}
+
#endif /* CONFIG_SECURITY */

#if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE)
diff --git a/security/security.c b/security/security.c
index d1571900a8c7..5c81dd3b1350 100644
--- a/security/security.c
+++ b/security/security.c
@@ -29,6 +29,7 @@
#include <linux/string.h>
#include <linux/msg.h>
#include <net/flow.h>
+#include <linux/fs.h>

#define MAX_LSM_EVM_XATTR 2

@@ -211,6 +212,7 @@ static void __init lsm_set_blob_sizes(struct lsm_blob_sizes *needed)
lsm_set_blob_size(&needed->lbs_msg_msg, &blob_sizes.lbs_msg_msg);
lsm_set_blob_size(&needed->lbs_superblock, &blob_sizes.lbs_superblock);
lsm_set_blob_size(&needed->lbs_task, &blob_sizes.lbs_task);
+ lsm_set_blob_size(&needed->lbs_bdev, &blob_sizes.lbs_bdev);
}

/* Prepare LSM for initialization. */
@@ -370,6 +372,7 @@ static void __init ordered_lsm_init(void)
init_debug("msg_msg blob size = %d\n", blob_sizes.lbs_msg_msg);
init_debug("superblock blob size = %d\n", blob_sizes.lbs_superblock);
init_debug("task blob size = %d\n", blob_sizes.lbs_task);
+ init_debug("bdev blob size = %d\n", blob_sizes.lbs_bdev);

/*
* Create any kmem_caches needed for blobs
@@ -690,6 +693,28 @@ static int lsm_msg_msg_alloc(struct msg_msg *mp)
return 0;
}

+/**
+ * lsm_bdev_alloc - allocate a composite block_device blob
+ * @bdev: the block_device that needs a blob
+ *
+ * Allocate the block_device blob for all the modules
+ *
+ * Returns 0, or -ENOMEM if memory can't be allocated.
+ */
+static int lsm_bdev_alloc(struct block_device *bdev)
+{
+ if (blob_sizes.lbs_bdev == 0) {
+ bdev->security = NULL;
+ return 0;
+ }
+
+ bdev->security = kzalloc(blob_sizes.lbs_bdev, GFP_KERNEL);
+ if (!bdev->security)
+ return -ENOMEM;
+
+ return 0;
+}
+
/**
* lsm_early_task - during initialization allocate a composite task blob
* @task: the task that needs a blob
@@ -2705,6 +2730,51 @@ int security_locked_down(enum lockdown_reason what)
}
EXPORT_SYMBOL(security_locked_down);

+int security_bdev_alloc(struct block_device *bdev)
+{
+ int rc = 0;
+
+ rc = lsm_bdev_alloc(bdev);
+ if (unlikely(rc))
+ return rc;
+
+ rc = call_int_hook(bdev_alloc_security, 0, bdev);
+ if (unlikely(rc))
+ security_bdev_free(bdev);
+
+ return LSM_RET_DEFAULT(bdev_alloc_security);
+}
+EXPORT_SYMBOL(security_bdev_alloc);
+
+void security_bdev_free(struct block_device *bdev)
+{
+ if (!bdev->security)
+ return;
+
+ call_void_hook(bdev_free_security, bdev);
+
+ kfree(bdev->security);
+ bdev->security = NULL;
+}
+EXPORT_SYMBOL(security_bdev_free);
+
+int security_bdev_setsecurity(struct block_device *bdev,
+ const char *name, const void *value,
+ size_t size)
+{
+ int rc = 0;
+ struct security_hook_list *p;
+
+ hlist_for_each_entry(p, &security_hook_heads.bdev_setsecurity, list) {
+ rc = p->hook.bdev_setsecurity(bdev, name, value, size);
+ if (rc && rc != -EOPNOTSUPP)
+ return rc;
+ }
+
+ return LSM_RET_DEFAULT(bdev_setsecurity);
+}
+EXPORT_SYMBOL(security_bdev_setsecurity);
+
#ifdef CONFIG_PERF_EVENTS
int security_perf_event_open(struct perf_event_attr *attr, int type)
{
--
2.39.0


2023-01-30 22:59:08

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 15/16] ipe: kunit test for parser

From: Deven Bowers <[email protected]>

Add various happy/unhappy unit tests for both IPE's parser.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v1-v6:
+ Not present

v7:
Introduced

v8:
+ Remove the kunit tests with respect to the fsverity digest, as these
require significant changes to work with the new method of acquiring
the digest at runtime.

v9:
+ Remove the kunit tests related to ipe_context
---
security/ipe/Kconfig | 17 +++
security/ipe/Makefile | 3 +
security/ipe/policy_tests.c | 294 ++++++++++++++++++++++++++++++++++++
3 files changed, 314 insertions(+)
create mode 100644 security/ipe/policy_tests.c

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index 691fdb9ae60e..79e4fd677c19 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -55,4 +55,21 @@ config IPE_PROP_FS_VERITY

endmenu

+config SECURITY_IPE_KUNIT_TEST
+ bool "Build KUnit tests for IPE" if !KUNIT_ALL_TESTS
+ depends on KUNIT=y
+ default KUNIT_ALL_TESTS
+ help
+ This builds the IPE KUnit tests.
+
+ KUnit tests run during boot and output the results to the debug log
+ in TAP format (https://testanything.org/). Only useful for kernel devs
+ running KUnit test harness and are not for inclusion into a
+ production build.
+
+ For more information on KUnit and unit tests in general please refer
+ to the KUnit documentation in Documentation/dev-tools/kunit/.
+
+ If unsure, say N.
+
endif
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index e6d5176bc20b..285e0949db25 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -27,3 +27,6 @@ obj-$(CONFIG_SECURITY_IPE) += \
audit.o \

clean-files := boot-policy.c \
+
+obj-$(CONFIG_SECURITY_IPE_KUNIT_TEST) += \
+ policy_tests.o \
diff --git a/security/ipe/policy_tests.c b/security/ipe/policy_tests.c
new file mode 100644
index 000000000000..d09a1aca863d
--- /dev/null
+++ b/security/ipe/policy_tests.c
@@ -0,0 +1,294 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include <linux/slab.h>
+#include <linux/types.h>
+#include <linux/list.h>
+#include <kunit/test.h>
+#include "policy.h"
+struct policy_case {
+ const char *const policy;
+ int errno;
+ const char *const desc;
+};
+
+static const struct policy_case policy_cases[] = {
+ {
+ "policy_name=allowall policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW",
+ 0,
+ "basic",
+ },
+ {
+ "policy_name=trailing_comment policy_version=152.0.0 #This is comment\n"
+ "DEFAULT action=ALLOW",
+ 0,
+ "trailing comment",
+ },
+ {
+ "policy_name=allowallnewline policy_version=0.2.0\n"
+ "DEFAULT action=ALLOW\n"
+ "\n",
+ 0,
+ "trailing newline",
+ },
+ {
+ "policy_name=carriagereturnlinefeed policy_version=0.0.1\n"
+ "DEFAULT action=ALLOW\n"
+ "\r\n",
+ 0,
+ "clrf newline",
+ },
+ {
+ "policy_name=whitespace policy_version=0.0.0\n"
+ "DEFAULT\taction=ALLOW\n"
+ " \t DEFAULT \t op=EXECUTE action=DENY\n"
+ "op=EXECUTE boot_verified=TRUE action=ALLOW\n"
+ "# this is a\tcomment\t\t\t\t\n"
+ "DEFAULT \t op=KMODULE\t\t\t action=DENY\r\n"
+ "op=KMODULE boot_verified=TRUE action=ALLOW\n",
+ 0,
+ "various whitespaces and nested default",
+ },
+ {
+ "policy_name=boot_verified policy_version=-1236.0.0\n"
+ "DEFAULT\taction=ALLOW\n",
+ -EINVAL,
+ "negative version",
+ },
+ {
+ "policy_name=$@!*&^%%\\:;{}() policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW",
+ 0,
+ "special characters",
+ },
+ {
+ "policy_name=test policy_version=999999.0.0\n"
+ "DEFAULT action=ALLOW",
+ -ERANGE,
+ "overflow version",
+ },
+ {
+ "policy_name=test policy_version=255.0\n"
+ "DEFAULT action=ALLOW",
+ -EBADMSG,
+ "incomplete version",
+ },
+ {
+ "policy_name=test policy_version=111.0.0.0\n"
+ "DEFAULT action=ALLOW",
+ -EBADMSG,
+ "extra version",
+ },
+ {
+ "",
+ -EBADMSG,
+ "0-length policy",
+ },
+ {
+ "policy_name=test\0policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW",
+ -EBADMSG,
+ "random null in header",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "\0DEFAULT action=ALLOW",
+ -EBADMSG,
+ "incomplete policy from NULL",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=DENY\n\0"
+ "op=EXECUTE dmverity_signature=TRUE action=ALLOW\n",
+ 0,
+ "NULL truncates policy",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE dmverity_signature=abc action=ALLOW",
+ -EBADMSG,
+ "invalid property type",
+ },
+ {
+ "DEFAULT action=ALLOW",
+ -EBADMSG,
+ "missing policy header",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n",
+ -EBADMSG,
+ "missing default definition",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "dmverity_signature=TRUE op=EXECUTE action=ALLOW",
+ -EBADMSG,
+ "invalid rule ordering"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "action=ALLOW op=EXECUTE dmverity_signature=TRUE",
+ -EBADMSG,
+ "invalid rule ordering (2)",
+ },
+ {
+ "policy_name=test policy_version=0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE dmverity_signature=TRUE action=ALLOW",
+ -EBADMSG,
+ "invalid version",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=UNKNOWN dmverity_signature=TRUE action=ALLOW",
+ -EBADMSG,
+ "unknown operation",
+ },
+ {
+ "policy_name=asdvpolicy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n",
+ -EBADMSG,
+ "missing space after policy name",
+ },
+ {
+ "policy_name=test\xFF\xEF policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE dmverity_signature=TRUE action=ALLOW",
+ 0,
+ "expanded ascii",
+ },
+ {
+ "policy_name=test\xFF\xEF policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE dmverity_roothash=GOOD_DOG action=ALLOW",
+ -EBADMSG,
+ "invalid property value (2)",
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "policy_name=test policy_version=0.1.0\n"
+ "DEFAULT action=ALLOW",
+ -EBADMSG,
+ "double header"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "DEFAULT action=ALLOW\n",
+ -EBADMSG,
+ "double default"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "DEFAULT op=EXECUTE action=DENY\n"
+ "DEFAULT op=EXECUTE action=ALLOW\n",
+ -EBADMSG,
+ "double operation default"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "DEFAULT op=EXECUTE action=DEN\n",
+ -EBADMSG,
+ "invalid action value"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "DEFAULT op=EXECUTE action\n",
+ -EBADMSG,
+ "invalid action value (2)"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "UNKNOWN value=true\n",
+ -EBADMSG,
+ "unrecognized statement"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE dmverity_roothash=1c0d7ee1f8343b7fbe418378e8eb22c061d7dec7 action=DENY\n",
+ -EBADMSG,
+ "old-style digest"
+ },
+ {
+ "policy_name=test policy_version=0.0.0\n"
+ "DEFAULT action=ALLOW\n"
+ "op=EXECUTE fsverity_digest=1c0d7ee1f8343b7fbe418378e8eb22c061d7dec7 action=DENY\n",
+ -EBADMSG,
+ "old-style digest"
+ }
+};
+
+static void pol_to_desc(const struct policy_case *c, char *desc)
+{
+ strncpy(desc, c->desc, KUNIT_PARAM_DESC_SIZE);
+}
+
+KUNIT_ARRAY_PARAM(ipe_policies, policy_cases, pol_to_desc);
+
+/**
+ * ipe_parser_unsigned_test - Test the paser by passing unsigned policies.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness. This test does not check the correctness
+ * of the policy, but ensures that errors are handled correctly.
+ */
+static void ipe_parser_unsigned_test(struct kunit *test)
+{
+ const struct policy_case *p = test->param_value;
+ struct ipe_policy *pol = ipe_new_policy(p->policy, strlen(p->policy), NULL, 0);
+
+ if (p->errno) {
+ KUNIT_EXPECT_EQ(test, PTR_ERR(pol), p->errno);
+ return;
+ }
+
+ KUNIT_ASSERT_NOT_ERR_OR_NULL(test, pol);
+ KUNIT_EXPECT_NOT_ERR_OR_NULL(test, pol->parsed);
+ KUNIT_EXPECT_STREQ(test, pol->text, p->policy);
+ KUNIT_EXPECT_PTR_EQ(test, NULL, pol->pkcs7);
+ KUNIT_EXPECT_EQ(test, 0, pol->pkcs7len);
+
+ ipe_free_policy(pol);
+}
+
+/**
+ * ipe_parser_widestring_test - Ensure parser fail on a wide string policy.
+ * @test: Supplies a pointer to a kunit structure.
+ *
+ * This is called by the kunit harness.
+ */
+static void ipe_parser_widestring_test(struct kunit *test)
+{
+ struct ipe_policy *pol = NULL;
+ const unsigned short policy[] = L"policy_name=Test policy_version=0.0.0\n"
+ L"DEFAULT action=ALLOW";
+
+ pol = ipe_new_policy((const char *)policy, (ARRAY_SIZE(policy) - 1) * 2, NULL, 0);
+ KUNIT_EXPECT_TRUE(test, IS_ERR_OR_NULL(pol));
+
+ ipe_free_policy(pol);
+}
+
+static struct kunit_case ipe_parser_test_cases[] = {
+ KUNIT_CASE_PARAM(ipe_parser_unsigned_test, ipe_policies_gen_params),
+ KUNIT_CASE(ipe_parser_widestring_test),
+};
+
+static struct kunit_suite ipe_parser_test_suite = {
+ .name = "ipe-parser",
+ .test_cases = ipe_parser_test_cases,
+};
+
+kunit_test_suite(ipe_parser_test_suite);
--
2.39.0


2023-01-30 22:59:14

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 13/16] ipe: enable support for fs-verity as a trust provider

Enable IPE policy authors to indicate trust for a singular fsverity
file, identified by the digest information, through "fsverity_digest"
and all files using fsverity's builtin signatures via
"fsverity_signature".

This enables file-level integrity claims to be expressed in IPE,
allowing individual files to be authorized, giving some flexibility
for policy authors. Such file-level claims are important to be expressed
for enforcing the integrity of packages, as well as address some of the
scalability issues in a sole dm-verity based solution (# of loop back
devices, etc).

This solution cannot be done in userspace as the minimum threat that
IPE should mitigate is an attacker downloads malicious payload with
all required dependencies. These dependencies can lack the userspace
check, bypassing the protection entirely. A similar attack succeeds if
the userspace component is replaced with a version that does not
perform the check. As a result, this can only be done in the common
entry point - the kernel.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v1-v6:
+ Not present

v7:
Introduced

v8:
* Undo squash of 08/12, 10/12 - separating drivers/md/ from security/
* Use common-audit function for fsverity_signature.
+ Change fsverity implementation to use fsverity_get_digest
+ prevent unnecessary copy of fs-verity signature data, instead
just check for presence of signature data.
+ Remove free_inode_security hook, as the digest is now acquired
at runtime instead of via LSM blob.

v9:
+ Adapt to the new parser
---
security/ipe/Kconfig | 11 ++++
security/ipe/audit.c | 23 +++++++
security/ipe/eval.c | 112 +++++++++++++++++++++++++++++++++++
security/ipe/eval.h | 10 ++++
security/ipe/hooks.c | 30 ++++++++++
security/ipe/hooks.h | 7 +++
security/ipe/ipe.c | 13 ++++
security/ipe/ipe.h | 3 +
security/ipe/policy.h | 3 +
security/ipe/policy_parser.c | 8 +++
10 files changed, 220 insertions(+)

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index 16e835ce61b0..dd9a066dd35a 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -32,6 +32,17 @@ config IPE_PROP_DM_VERITY

If unsure, answer Y.

+config IPE_PROP_FS_VERITY
+ bool "Enable property for fs-verity files"
+ depends on FS_VERITY && FS_VERITY_BUILTIN_SIGNATURES
+ help
+ This option enables the usage of properties "fsverity_signature"
+ and "fsverity_digest". These properties evaluates to TRUE when
+ a file is fsverity enabled and with a signed digest or its
+ diegst matches the supplied value in the policy.
+
+ if unsure, answer Y.
+
endmenu

endif
diff --git a/security/ipe/audit.c b/security/ipe/audit.c
index 769ba95d9b0d..16d81645e53c 100644
--- a/security/ipe/audit.c
+++ b/security/ipe/audit.c
@@ -46,6 +46,11 @@ static const char *const audit_prop_names[ipe_prop_max] = {
"dmverity_signature=FALSE",
"dmverity_signature=TRUE",
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+ "fsverity_digest=",
+ "fsverity_signature=FALSE",
+ "fsverity_signature=TRUE"
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
};

#ifdef CONFIG_IPE_PROP_DM_VERITY
@@ -64,6 +69,22 @@ static void audit_dmv_roothash(struct audit_buffer *ab, const void *rh)
}
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+/**
+ * audit_fsv_digest - audit a digest of a fsverity file.
+ * @ab: Supplies a poniter to the audit_buffer to append to.
+ * @d: Supplies a pointer to the digest structure.
+ */
+static void audit_fsv_digest(struct audit_buffer *ab, const void *d)
+{
+ ipe_digest_audit(ab, d);
+}
+#else
+static void audit_fsv_digest(struct audit_buffer *ab, const void *d)
+{
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
/**
* audit_rule - audit an IPE policy rule approximation.
* @ab: Supplies a poniter to the audit_buffer to append to.
@@ -79,6 +100,8 @@ static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
if (ptr->type == ipe_prop_dmv_roothash)
audit_dmv_roothash(ab, ptr->value);
+ if (ptr->type == ipe_prop_fsv_digest)
+ audit_fsv_digest(ab, ptr->value);

audit_log_format(ab, " ");
}
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index 538af4195ba7..210d3926c0a8 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -81,6 +81,23 @@ static void build_ipe_bdev_ctx(struct ipe_eval_ctx *ctx, const struct inode *con
}
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+/**
+ * build_ipe_inode_ctx - Build inode fields of an evaluation context.
+ * @ctx: Supplies a pointer to the context to be populdated.
+ * @ino: Supplies the inode struct of the file triggered IPE event.
+ */
+static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
+{
+ ctx->ino = ino;
+ ctx->ipe_inode = ipe_inode(ctx->ino);
+}
+#else
+static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
+{
+}
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
+
/**
* build_eval_ctx - Build an evaluation context.
* @ctx: Supplies a pointer to the context to be populdated.
@@ -99,6 +116,7 @@ void build_eval_ctx(struct ipe_eval_ctx *ctx,
if (file) {
ino = d_real_inode(file->f_path.dentry);
build_ipe_bdev_ctx(ctx, ino);
+ build_ipe_inode_ctx(ctx, ino);
}
}

@@ -171,6 +189,91 @@ static bool evaluate_dmv_sig_true(const struct ipe_eval_ctx *const ctx,
}
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+/**
+ * evaluate_fsv_digest - Analyze @ctx against a fsv digest property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ enum hash_algo alg;
+ u8 digest[FS_VERITY_MAX_DIGEST_SIZE];
+
+ if (!ctx->ino)
+ return false;
+ if (fsverity_get_digest((struct inode *)ctx->ino,
+ digest,
+ &alg)) {
+ return false;
+ }
+
+ return ipe_digest_eval(p->value,
+ digest,
+ hash_digest_size[alg],
+ hash_algo_name[alg]);
+}
+
+/**
+ * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return !ctx->ino ||
+ !IS_VERITY(ctx->ino) ||
+ !ctx->ipe_inode ||
+ !ctx->ipe_inode->fs_verity_signed;
+}
+
+/**
+ * evaluate_fsv_sig_true - Analyze @ctx against a fsv sig true property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return ctx->ino &&
+ IS_VERITY(ctx->ino) &&
+ ctx->ipe_inode &&
+ ctx->ipe_inode->fs_verity_signed;
+}
+#else
+static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
+}
+
+static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
+}
+
+static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
+}
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
+
/**
* evaluate_property - Analyze @ctx against a property.
* @ctx: Supplies a pointer to the context to be evaluated.
@@ -201,6 +304,15 @@ static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
case ipe_prop_dmv_sig_true:
eval = evaluate_dmv_sig_true(ctx, p);
break;
+ case ipe_prop_fsv_digest:
+ eval = evaluate_fsv_digest(ctx, p);
+ break;
+ case ipe_prop_fsv_sig_false:
+ eval = evaluate_fsv_sig_false(ctx, p);
+ break;
+ case ipe_prop_fsv_sig_true:
+ eval = evaluate_fsv_sig_true(ctx, p);
+ break;
default:
eval = false;
}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 4fd832c6893e..d3dce4f04cb4 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -26,6 +26,12 @@ struct ipe_bdev {
};
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+struct ipe_inode {
+ bool fs_verity_signed;
+};
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
+
struct ipe_eval_ctx {
enum ipe_op_type op;

@@ -34,6 +40,10 @@ struct ipe_eval_ctx {
#ifdef CONFIG_IPE_PROP_DM_VERITY
const struct ipe_bdev *ipe_bdev;
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+ const struct inode *ino;
+ const struct ipe_inode *ipe_inode;
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
};

enum ipe_match {
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index 735375d2f858..836f08240372 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -243,3 +243,33 @@ int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
return -EOPNOTSUPP;
}
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+/**
+ * ipe_inode_setsecurity - Sets fields of a inode security blob from @key.
+ * @inode: The inode to source the security blob from.
+ * @name: The name representing the information to be stored.
+ * @value: The value to be stored.
+ * @size: The size of @value.
+ * @flags: unused
+ *
+ * Saves fsverity signature & digest into inode security blob
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_inode_setsecurity(struct inode *inode, const char *name,
+ const void *value, size_t size,
+ int flags)
+{
+ struct ipe_inode *inode_sec = ipe_inode(inode);
+
+ if (!strcmp(name, FS_VERITY_INODE_SEC_NAME)) {
+ inode_sec->fs_verity_signed = size > 0 && value;
+ return 0;
+ }
+
+ return -EOPNOTSUPP;
+}
+#endif /* CONFIG_CONFIG_IPE_PROP_FS_VERITY */
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index 16611a149158..654aba584a44 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -8,6 +8,7 @@
#include <linux/fs.h>
#include <linux/binfmts.h>
#include <linux/security.h>
+#include <linux/fsverity.h>
#include <linux/device-mapper.h>

void ipe_sb_free_security(struct super_block *mnt_sb);
@@ -32,4 +33,10 @@ int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
const void *value, size_t len);
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+int ipe_inode_setsecurity(struct inode *inode, const char *name,
+ const void *value, size_t size,
+ int flags);
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
+
#endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 5612cb3cf1e5..705ce9a003de 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -13,6 +13,9 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
#ifdef CONFIG_IPE_PROP_DM_VERITY
.lbs_bdev = sizeof(struct ipe_bdev),
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+ .lbs_inode = sizeof(struct ipe_inode),
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
};

#ifdef CONFIG_IPE_PROP_DM_VERITY
@@ -22,6 +25,13 @@ struct ipe_bdev *ipe_bdev(struct block_device *b)
}
#endif /* CONFIG_IPE_PROP_DM_VERITY */

+#ifdef CONFIG_IPE_PROP_FS_VERITY
+struct ipe_inode *ipe_inode(const struct inode *inode)
+{
+ return inode->i_security + ipe_blobs.lbs_inode;
+}
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
+
static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
@@ -33,6 +43,9 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
#endif
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+ LSM_HOOK_INIT(inode_setsecurity, ipe_inode_setsecurity),
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
};

/**
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index c2594a45b8f2..138fda645ecf 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -15,5 +15,8 @@ extern bool ipe_enabled;
#ifdef CONFIG_IPE_PROP_DM_VERITY
struct ipe_bdev *ipe_bdev(struct block_device *b);
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+struct ipe_inode *ipe_inode(const struct inode *inode);
+#endif /* CONFIG_IPE_PROP_FS_VERITY */

#endif /* IPE_H */
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 324eb76c6067..50b8f4c49bc7 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -31,6 +31,9 @@ enum ipe_prop_type {
ipe_prop_dmv_roothash,
ipe_prop_dmv_sig_false,
ipe_prop_dmv_sig_true,
+ ipe_prop_fsv_digest,
+ ipe_prop_fsv_sig_false,
+ ipe_prop_fsv_sig_true,
ipe_prop_max
};

diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
index 50a6a763e842..799ee7fda974 100644
--- a/security/ipe/policy_parser.c
+++ b/security/ipe/policy_parser.c
@@ -273,6 +273,11 @@ static const match_table_t property_tokens = {
{ipe_prop_dmv_sig_false, "dmverity_signature=FALSE"},
{ipe_prop_dmv_sig_true, "dmverity_signature=TRUE"},
#endif /* CONFIG_IPE_PROP_DM_VERITY */
+#ifdef CONFIG_IPE_PROP_FS_VERITY
+ {ipe_prop_fsv_digest, "fsverity_digest=%s"},
+ {ipe_prop_fsv_sig_false, "fsverity_signature=FALSE"},
+ {ipe_prop_fsv_sig_true, "fsverity_signature=TRUE"},
+#endif /* CONFIG_IPE_PROP_FS_VERITY */
{ipe_prop_max, NULL}
};

@@ -304,6 +309,7 @@ int parse_property(char *t, struct ipe_rule *r)

switch (token) {
case ipe_prop_dmv_roothash:
+ case ipe_prop_fsv_digest:
dup = match_strdup(&args[0]);
if (!dup) {
rc = -ENOMEM;
@@ -315,6 +321,8 @@ int parse_property(char *t, struct ipe_rule *r)
case ipe_prop_boot_verified_true:
case ipe_prop_dmv_sig_false:
case ipe_prop_dmv_sig_true:
+ case ipe_prop_fsv_sig_false:
+ case ipe_prop_fsv_sig_true:
p->type = token;
break;
case ipe_prop_max:
--
2.39.0


2023-01-30 22:59:18

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 14/16] scripts: add boot policy generation program

From: Deven Bowers <[email protected]>

Enables an IPE policy to be enforced from kernel start, enabling access
control based on trust from kernel startup. This is accomplished by
transforming an IPE policy indicated by CONFIG_IPE_BOOT_POLICY into a
c-string literal that is parsed at kernel startup as an unsigned policy.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v2:
+ No Changes

v3:
+ No Changes

v4:
+ No Changes

v5:
+ No Changes

v6:
+ No Changes

v7:
+ Move from 01/11 to 14/16
+ Don't return errno directly.
+ Make output of script more user-friendly
+ Add escaping for tab and '?'
+ Mark argv pointer const
+ Invert return code check in the boot policy parsing code path.

v8:
+ No significant changes.

v9:
+ no changes
---
MAINTAINERS | 1 +
scripts/Makefile | 1 +
scripts/ipe/Makefile | 2 +
scripts/ipe/polgen/.gitignore | 1 +
scripts/ipe/polgen/Makefile | 6 ++
scripts/ipe/polgen/polgen.c | 145 ++++++++++++++++++++++++++++++++++
security/ipe/.gitignore | 1 +
security/ipe/Kconfig | 10 +++
security/ipe/Makefile | 11 +++
security/ipe/fs.c | 8 ++
security/ipe/ipe.c | 19 +++++
11 files changed, 205 insertions(+)
create mode 100644 scripts/ipe/Makefile
create mode 100644 scripts/ipe/polgen/.gitignore
create mode 100644 scripts/ipe/polgen/Makefile
create mode 100644 scripts/ipe/polgen/polgen.c
create mode 100644 security/ipe/.gitignore

diff --git a/MAINTAINERS b/MAINTAINERS
index 5e27e84763cc..d5b4a6636b0d 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -10276,6 +10276,7 @@ F: security/integrity/
INTEGRITY POLICY ENFORCEMENT (IPE)
M: Fan Wu <[email protected]>
S: Supported
+F: scripts/ipe/
F: security/ipe/

INTEL 810/815 FRAMEBUFFER DRIVER
diff --git a/scripts/Makefile b/scripts/Makefile
index 1575af84d557..5d1def33df82 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -41,6 +41,7 @@ targets += module.lds
subdir-$(CONFIG_GCC_PLUGINS) += gcc-plugins
subdir-$(CONFIG_MODVERSIONS) += genksyms
subdir-$(CONFIG_SECURITY_SELINUX) += selinux
+subdir-$(CONFIG_SECURITY_IPE) += ipe

# Let clean descend into subdirs
subdir- += basic dtc gdb kconfig mod
diff --git a/scripts/ipe/Makefile b/scripts/ipe/Makefile
new file mode 100644
index 000000000000..e87553fbb8d6
--- /dev/null
+++ b/scripts/ipe/Makefile
@@ -0,0 +1,2 @@
+# SPDX-License-Identifier: GPL-2.0-only
+subdir-y := polgen
diff --git a/scripts/ipe/polgen/.gitignore b/scripts/ipe/polgen/.gitignore
new file mode 100644
index 000000000000..80f32f25d200
--- /dev/null
+++ b/scripts/ipe/polgen/.gitignore
@@ -0,0 +1 @@
+polgen
diff --git a/scripts/ipe/polgen/Makefile b/scripts/ipe/polgen/Makefile
new file mode 100644
index 000000000000..066060c22b4a
--- /dev/null
+++ b/scripts/ipe/polgen/Makefile
@@ -0,0 +1,6 @@
+# SPDX-License-Identifier: GPL-2.0
+hostprogs-always-y := polgen
+HOST_EXTRACFLAGS += \
+ -I$(srctree)/include \
+ -I$(srctree)/include/uapi \
+
diff --git a/scripts/ipe/polgen/polgen.c b/scripts/ipe/polgen/polgen.c
new file mode 100644
index 000000000000..40b6fe07f47b
--- /dev/null
+++ b/scripts/ipe/polgen/polgen.c
@@ -0,0 +1,145 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include <stdlib.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <errno.h>
+
+static void usage(const char *const name)
+{
+ printf("Usage: %s OutputFile (PolicyFile)\n", name);
+ exit(EINVAL);
+}
+
+static int policy_to_buffer(const char *pathname, char **buffer, size_t *size)
+{
+ int rc = 0;
+ FILE *fd;
+ char *lbuf;
+ size_t fsize;
+ size_t read;
+
+ fd = fopen(pathname, "r");
+ if (!fd) {
+ rc = errno;
+ goto out;
+ }
+
+ fseek(fd, 0, SEEK_END);
+ fsize = ftell(fd);
+ rewind(fd);
+
+ lbuf = malloc(fsize);
+ if (!lbuf) {
+ rc = ENOMEM;
+ goto out_close;
+ }
+
+ read = fread((void *)lbuf, sizeof(*lbuf), fsize, fd);
+ if (read != fsize) {
+ rc = -1;
+ goto out_free;
+ }
+
+ *buffer = lbuf;
+ *size = fsize;
+ fclose(fd);
+
+ return rc;
+
+out_free:
+ free(lbuf);
+out_close:
+ fclose(fd);
+out:
+ return rc;
+}
+
+static int write_boot_policy(const char *pathname, const char *buf, size_t size)
+{
+ int rc = 0;
+ FILE *fd;
+ size_t i;
+
+ fd = fopen(pathname, "w");
+ if (!fd) {
+ rc = errno;
+ goto err;
+ }
+
+ fprintf(fd, "/* This file is automatically generated.");
+ fprintf(fd, " Do not edit. */\n");
+ fprintf(fd, "#include <linux/stddef.h>\n");
+ fprintf(fd, "\nextern const char *const ipe_boot_policy;\n\n");
+ fprintf(fd, "const char *const ipe_boot_policy =\n");
+
+ if (!buf || size == 0) {
+ fprintf(fd, "\tNULL;\n");
+ fclose(fd);
+ return 0;
+ }
+
+ fprintf(fd, "\t\"");
+
+ for (i = 0; i < size; ++i) {
+ switch (buf[i]) {
+ case '"':
+ fprintf(fd, "\\\"");
+ break;
+ case '\'':
+ fprintf(fd, "'");
+ break;
+ case '\n':
+ fprintf(fd, "\\n\"\n\t\"");
+ break;
+ case '\\':
+ fprintf(fd, "\\\\");
+ break;
+ case '\t':
+ fprintf(fd, "\\t");
+ break;
+ case '\?':
+ fprintf(fd, "\\?");
+ break;
+ default:
+ fprintf(fd, "%c", buf[i]);
+ }
+ }
+ fprintf(fd, "\";\n");
+ fclose(fd);
+
+ return 0;
+
+err:
+ if (fd)
+ fclose(fd);
+ return rc;
+}
+
+int main(int argc, const char *const argv[])
+{
+ int rc = 0;
+ size_t len = 0;
+ char *policy = NULL;
+
+ if (argc < 2)
+ usage(argv[0]);
+
+ if (argc > 2) {
+ rc = policy_to_buffer(argv[2], &policy, &len);
+ if (rc != 0)
+ goto cleanup;
+ }
+
+ rc = write_boot_policy(argv[1], policy, len);
+cleanup:
+ if (policy)
+ free(policy);
+ if (rc != 0)
+ perror("An error occurred during policy conversion: ");
+ return rc;
+}
diff --git a/security/ipe/.gitignore b/security/ipe/.gitignore
new file mode 100644
index 000000000000..eca22ad5ed22
--- /dev/null
+++ b/security/ipe/.gitignore
@@ -0,0 +1 @@
+boot-policy.c
\ No newline at end of file
diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index dd9a066dd35a..691fdb9ae60e 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -17,6 +17,16 @@ menuconfig SECURITY_IPE
If unsure, answer N.

if SECURITY_IPE
+config IPE_BOOT_POLICY
+ string "Integrity policy to apply on system startup"
+ help
+ This option specifies a filepath to a IPE policy that is compiled
+ into the kernel. This policy will be enforced until a policy update
+ is deployed via the $securityfs/ipe/policies/$policy_name/active
+ interface.
+
+ If unsure, leave blank.
+
menu "IPE Trust Providers"

config IPE_PROP_DM_VERITY
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 90203daf0dbb..e6d5176bc20b 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -5,7 +5,16 @@
# Makefile for building the IPE module as part of the kernel tree.
#

+quiet_cmd_polgen = IPE_POL $(2)
+ cmd_polgen = scripts/ipe/polgen/polgen security/ipe/boot-policy.c $(2)
+
+targets += boot-policy.c
+
+$(obj)/boot-policy.c: scripts/ipe/polgen/polgen $(CONFIG_IPE_BOOT_POLICY) FORCE
+ $(call if_changed,polgen,$(CONFIG_IPE_BOOT_POLICY))
+
obj-$(CONFIG_SECURITY_IPE) += \
+ boot-policy.o \
digest.o \
eval.o \
fs.o \
@@ -16,3 +25,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
policy_parser.o \
digest.o \
audit.o \
+
+clean-files := boot-policy.c \
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
index bbee17b59b1b..0a371c785e3b 100644
--- a/security/ipe/fs.c
+++ b/security/ipe/fs.c
@@ -185,6 +185,7 @@ static const struct file_operations enforce_fops = {
static int __init ipe_init_securityfs(void)
{
int rc = 0;
+ struct ipe_policy *p = NULL;

if (!ipe_enabled)
return -EOPNOTSUPP;
@@ -221,6 +222,13 @@ static int __init ipe_init_securityfs(void)
goto err;
}

+ p = ipe_get_policy_rcu(ipe_active_policy);
+ if (p) {
+ rc = ipe_new_policyfs_node(p);
+ if (rc)
+ goto err;
+ }
+
return 0;
err:
securityfs_remove(np);
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 705ce9a003de..458f7a542c66 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -7,6 +7,7 @@
#include "hooks.h"
#include "eval.h"

+extern const char *const ipe_boot_policy;
bool ipe_enabled;

static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
@@ -64,10 +65,28 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
static int __init ipe_init(void)
{
int rc = 0;
+ struct ipe_policy *p = NULL;

security_add_hooks(ipe_hooks, ARRAY_SIZE(ipe_hooks), "ipe");
ipe_enabled = true;

+ if (ipe_boot_policy) {
+ p = ipe_new_policy(ipe_boot_policy, strlen(ipe_boot_policy),
+ NULL, 0);
+ if (IS_ERR(p)) {
+ rc = PTR_ERR(p);
+ goto err;
+ }
+
+ rc = ipe_set_active_pol(p);
+ if (rc)
+ goto err;
+ }
+
+ goto out;
+err:
+ ipe_free_policy(p);
+out:
return rc;
}

--
2.39.0


2023-01-30 22:59:34

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 11/16] ipe: add support for dm-verity as a trust provider

From: Deven Bowers <[email protected]>

Allows author of IPE policy to indicate trust for a singular dm-verity
volume, identified by roothash, through "dmverity_roothash" and all
signed dm-verity volumes, through "dmverity_signature".

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v2:
+ No Changes

v3:
+ No changes

v4:
+ No changes

v5:
+ No changes

v6:
+ Fix an improper cleanup that can result in
a leak

v7:
+ Squash patch 08/12, 10/12 to [11/16]

v8:
+ Undo squash of 08/12, 10/12 - separating drivers/md/ from security/
& block/
+ Use common-audit function for dmverity_signature.
+ Change implementation for storing the dm-verity digest to use the
newly introduced dm_verity_digest structure introduced in patch
14/20.

v9:
+ Adapt to the new parser
---
security/ipe/Kconfig | 20 +++++
security/ipe/Makefile | 2 +
security/ipe/audit.c | 24 ++++++
security/ipe/digest.c | 144 +++++++++++++++++++++++++++++++++++
security/ipe/digest.h | 26 +++++++
security/ipe/eval.c | 103 +++++++++++++++++++++++++
security/ipe/eval.h | 13 ++++
security/ipe/hooks.c | 51 +++++++++++++
security/ipe/hooks.h | 8 ++
security/ipe/ipe.c | 15 ++++
security/ipe/ipe.h | 4 +
security/ipe/policy.h | 3 +
security/ipe/policy_parser.c | 16 ++++
13 files changed, 429 insertions(+)
create mode 100644 security/ipe/digest.c
create mode 100644 security/ipe/digest.h

diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index ac4d558e69d5..16e835ce61b0 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -15,3 +15,23 @@ menuconfig SECURITY_IPE
admins to reconfigure trust requirements on the fly.

If unsure, answer N.
+
+if SECURITY_IPE
+menu "IPE Trust Providers"
+
+config IPE_PROP_DM_VERITY
+ bool "Enable support for dm-verity volumes"
+ depends on DM_VERITY && DM_VERITY_VERIFY_ROOTHASH_SIG
+ default Y
+ help
+ This option enables the properties 'dmverity_signature' and
+ 'dmverity_roothash' in IPE policy. These properties evaluates
+ to TRUE when a file is evaluated against a dm-verity volume
+ that was mounted with a signed root-hash or the volume's
+ root hash matches the supplied value in the policy.
+
+ If unsure, answer Y.
+
+endmenu
+
+endif
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 89a76ad72301..90203daf0dbb 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -6,6 +6,7 @@
#

obj-$(CONFIG_SECURITY_IPE) += \
+ digest.o \
eval.o \
fs.o \
hooks.o \
@@ -13,4 +14,5 @@ obj-$(CONFIG_SECURITY_IPE) += \
policy.o \
policy_fs.o \
policy_parser.o \
+ digest.o \
audit.o \
diff --git a/security/ipe/audit.c b/security/ipe/audit.c
index ff74026a595f..769ba95d9b0d 100644
--- a/security/ipe/audit.c
+++ b/security/ipe/audit.c
@@ -41,8 +41,29 @@ static const char *const audit_op_names[ipe_op_max] = {
static const char *const audit_prop_names[ipe_prop_max] = {
"boot_verified=FALSE",
"boot_verified=TRUE",
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+ "dmverity_roothash=",
+ "dmverity_signature=FALSE",
+ "dmverity_signature=TRUE",
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
};

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+/**
+ * audit_dmv_roothash - audit a roothash of a dmverity volume.
+ * @ab: Supplies a poniter to the audit_buffer to append to.
+ * @r: Supplies a pointer to the digest structure.
+ */
+static void audit_dmv_roothash(struct audit_buffer *ab, const void *rh)
+{
+ ipe_digest_audit(ab, rh);
+}
+#else
+static void audit_dmv_roothash(struct audit_buffer *ab, const void *rh)
+{
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
/**
* audit_rule - audit an IPE policy rule approximation.
* @ab: Supplies a poniter to the audit_buffer to append to.
@@ -56,6 +77,9 @@ static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)

list_for_each_entry(ptr, &r->props, next) {
audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
+ if (ptr->type == ipe_prop_dmv_roothash)
+ audit_dmv_roothash(ab, ptr->value);
+
audit_log_format(ab, " ");
}

diff --git a/security/ipe/digest.c b/security/ipe/digest.c
new file mode 100644
index 000000000000..9fdb091f329b
--- /dev/null
+++ b/security/ipe/digest.c
@@ -0,0 +1,144 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "digest.h"
+
+/**
+ * ipe_digest_parse - parse a digest in IPE's policy.
+ * @valstr: Supplies the string parsed from the policy.
+ * @value: Supplies a pointer to be populated with the result.
+ *
+ * Digests in IPE are defined in a standard way:
+ * <alg_name>:<hex>
+ *
+ * Use this function to create a property to parse the digest
+ * consistently. The parsed digest will be saved in @value in IPE's
+ * policy.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_digest_parse(const char *valstr, void **value)
+{
+ char *sep, *raw_digest;
+ size_t raw_digest_len;
+ int rc = 0;
+ u8 *digest = NULL;
+ struct digest_info *info = NULL;
+
+ info = kzalloc(sizeof(*info), GFP_KERNEL);
+ if (!info) {
+ rc = -ENOMEM;
+ goto err;
+ }
+
+ sep = strchr(valstr, ':');
+ if (!sep) {
+ rc = -EBADMSG;
+ goto err;
+ }
+
+ info->alg = kstrndup(valstr, sep - valstr, GFP_KERNEL);
+ if (!info->alg) {
+ rc = -ENOMEM;
+ goto err;
+ }
+
+ raw_digest = sep + 1;
+ raw_digest_len = strlen(raw_digest);
+ info->raw_digest = kstrndup(raw_digest, raw_digest_len, GFP_KERNEL);
+ if (!info->raw_digest) {
+ rc = -ENOMEM;
+ goto err_free_alg;
+ }
+
+ info->digest_len = (raw_digest_len + 1) / 2;
+ digest = kzalloc(info->digest_len, GFP_KERNEL);
+ if (!digest) {
+ rc = -ENOMEM;
+ goto err_free_raw;
+ }
+
+ rc = hex2bin(digest, raw_digest, info->digest_len);
+ if (rc < 0) {
+ rc = -EINVAL;
+ goto err_free_raw;
+ }
+
+ info->digest = digest;
+ *value = info;
+ return 0;
+
+err_free_raw:
+ kfree(info->raw_digest);
+err_free_alg:
+ kfree(info->alg);
+err:
+ kfree(digest);
+ kfree(info);
+ return rc;
+}
+
+/**
+ * ipe_digest_eval - evaluate an IPE digest against another digest.
+ * @expect: Supplies the policy-provided digest value.
+ * @digest: Supplies the digest to compare against the policy digest value.
+ * @digest_len: The length of @digest.
+ * @alg: Supplies the name of the algorithm used to calculated @digest.
+ *
+ * Return:
+ * * true - digests match
+ * * false - digests do not match
+ */
+bool ipe_digest_eval(const void *expect, const u8 *digest, size_t digest_len,
+ const char *alg)
+{
+ const struct digest_info *info = (struct digest_info *)expect;
+
+ return (digest_len == info->digest_len) && !strcmp(alg, info->alg) &&
+ (!memcmp(info->digest, digest, info->digest_len));
+}
+
+/**
+ * ipe_digest_free - free an IPE digest.
+ * @value: Supplies a pointer the policy-provided digest value to free.
+ */
+void ipe_digest_free(void **value)
+{
+ struct digest_info *info = (struct digest_info *)(*value);
+
+ if (IS_ERR_OR_NULL(info))
+ return;
+
+ kfree(info->alg);
+ kfree(info->raw_digest);
+ kfree(info->digest);
+ kfree(info);
+}
+
+/**
+ * ipe_digest_audit - audit a digest that was sourced from IPE's policy.
+ * @ab: Supplies the audit_buffer to append the formatted result.
+ * @val: Supplies a pointer to source the audit record from.
+ *
+ * Digests in IPE are defined in a standard way:
+ * <alg_name>:<hex>
+ *
+ * Use this function to create a property to audit the digest
+ * consistently.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+void ipe_digest_audit(struct audit_buffer *ab, const void *val)
+{
+ const struct digest_info *info = (struct digest_info *)val;
+
+ audit_log_untrustedstring(ab, info->alg);
+ audit_log_format(ab, ":");
+ audit_log_untrustedstring(ab, info->raw_digest);
+}
diff --git a/security/ipe/digest.h b/security/ipe/digest.h
new file mode 100644
index 000000000000..42f7a0f28e45
--- /dev/null
+++ b/security/ipe/digest.h
@@ -0,0 +1,26 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef DIGEST_H
+#define DIGEST_H
+
+#include "policy.h"
+#include <linux/types.h>
+#include <linux/audit.h>
+
+struct digest_info {
+ const char *alg;
+ const char *raw_digest;
+ const u8 *digest;
+ size_t digest_len;
+};
+
+int ipe_digest_parse(const char *valstr, void **value);
+void ipe_digest_free(void **value);
+void ipe_digest_audit(struct audit_buffer *ab, const void *val);
+bool ipe_digest_eval(const void *expect, const u8 *digest, size_t digest_len,
+ const char *alg);
+
+#endif /* DIGEST_H */
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index 499314554b1d..538af4195ba7 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -8,6 +8,7 @@
#include "hooks.h"
#include "policy.h"
#include "audit.h"
+#include "digest.h"

#include <linux/fs.h>
#include <linux/types.h>
@@ -21,6 +22,7 @@
struct ipe_policy __rcu *ipe_active_policy;
bool success_audit;
bool enforce = true;
+#define INO_BLOCK_DEV(ino) ((ino)->i_sb->s_bdev)

static struct super_block *pinned_sb;
static DEFINE_SPINLOCK(pin_lock);
@@ -62,6 +64,23 @@ static bool from_pinned(const struct file *f)
return rv;
}

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+/**
+ * build_ipe_bdev_ctx - Build ipe_bdev field of an evaluation context.
+ * @ctx: Supplies a pointer to the context to be populdated.
+ * @ino: Supplies the inode struct of the file triggered IPE event.
+ */
+static void build_ipe_bdev_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
+{
+ if (INO_BLOCK_DEV(ino))
+ ctx->ipe_bdev = ipe_bdev(INO_BLOCK_DEV(ino));
+}
+#else
+static void build_ipe_bdev_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
+{
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
/**
* build_eval_ctx - Build an evaluation context.
* @ctx: Supplies a pointer to the context to be populdated.
@@ -72,11 +91,86 @@ void build_eval_ctx(struct ipe_eval_ctx *ctx,
const struct file *file,
enum ipe_op_type op)
{
+ struct inode *ino = NULL;
+
ctx->file = file;
ctx->op = op;
ctx->from_init_sb = from_pinned(file);
+ if (file) {
+ ino = d_real_inode(file->f_path.dentry);
+ build_ipe_bdev_ctx(ctx, ino);
+ }
+}
+
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+/**
+ * evaluate_dmv_roothash - Evaluate @ctx against a dmv roothash property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_dmv_roothash(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return !!ctx->ipe_bdev &&
+ ipe_digest_eval(p->value,
+ ctx->ipe_bdev->digest,
+ ctx->ipe_bdev->digest_len,
+ ctx->ipe_bdev->digest_algo);
+}
+
+/**
+ * evaluate_dmv_sig_false: Analyze @ctx against a dmv sig false property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_dmv_sig_false(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return !ctx->ipe_bdev || (!ctx->ipe_bdev->dm_verity_signed);
+}
+
+/**
+ * evaluate_dmv_sig_true: Analyze @ctx against a dmv sig true property.
+ * @ctx: Supplies a pointer to the context being evaluated.
+ * @p: Supplies a pointer to the property being evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_dmv_sig_true(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return ctx->ipe_bdev && (!!ctx->ipe_bdev->dm_verity_signed);
+}
+#else
+static bool evaluate_dmv_roothash(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
+}
+
+static bool evaluate_dmv_sig_false(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
}

+static bool evaluate_dmv_sig_true(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ return false;
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
/**
* evaluate_property - Analyze @ctx against a property.
* @ctx: Supplies a pointer to the context to be evaluated.
@@ -98,6 +192,15 @@ static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
case ipe_prop_boot_verified_true:
eval = ctx->from_init_sb;
break;
+ case ipe_prop_dmv_roothash:
+ eval = evaluate_dmv_roothash(ctx, p);
+ break;
+ case ipe_prop_dmv_sig_false:
+ eval = evaluate_dmv_sig_false(ctx, p);
+ break;
+ case ipe_prop_dmv_sig_true:
+ eval = evaluate_dmv_sig_true(ctx, p);
+ break;
default:
eval = false;
}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 64369c3b8cf9..4fd832c6893e 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -16,11 +16,24 @@ extern struct ipe_policy __rcu *ipe_active_policy;
extern bool success_audit;
extern bool enforce;

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+struct ipe_bdev {
+ bool dm_verity_signed;
+
+ const u8 *digest;
+ size_t digest_len;
+ const char *digest_algo;
+};
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
struct ipe_eval_ctx {
enum ipe_op_type op;

const struct file *file;
bool from_init_sb;
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+ const struct ipe_bdev *ipe_bdev;
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
};

enum ipe_match {
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index fd5109e29c76..735375d2f858 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -11,6 +11,9 @@
#include <linux/types.h>
#include <linux/binfmts.h>
#include <linux/mman.h>
+#include <linux/blk_types.h>
+#include <linux/dm-verity.h>
+#include <crypto/hash_info.h>

/**
* ipe_sb_free_security - ipe security hook function for super_block.
@@ -192,3 +195,51 @@ int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents)
build_eval_ctx(&ctx, NULL, op);
return ipe_evaluate_event(&ctx);
}
+
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+/**
+ * ipe_bdev_free_security - free IPE's LSM blob of block_devices.
+ * @bdev: Supplies a pointer to a block_device that contains the structure
+ * to free.
+ */
+void ipe_bdev_free_security(struct block_device *bdev)
+{
+ struct ipe_bdev *blob = ipe_bdev(bdev);
+
+ kfree(blob->digest);
+ kfree(blob->digest_algo);
+}
+
+/**
+ * ipe_bdev_setsecurity - save data from a bdev to IPE's LSM blob.
+ * @bdev: Supplies a pointer to a block_device that contains the LSM blob.
+ * @key: Supplies the string key that uniquely identifies the value.
+ * @value: Supplies the value to store.
+ * @len: The length of @value.
+ */
+int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
+ const void *value, size_t len)
+{
+ struct ipe_bdev *blob = ipe_bdev(bdev);
+
+ if (!strcmp(key, DM_VERITY_ROOTHASH_SEC_NAME)) {
+ const struct dm_verity_digest *digest = value;
+
+ blob->digest = kmemdup(digest->digest, digest->digest_len, GFP_KERNEL);
+ if (!blob->digest)
+ return -ENOMEM;
+
+ blob->digest_algo = kstrdup_const(digest->algo, GFP_KERNEL);
+ if (!blob->digest_algo)
+ return -ENOMEM;
+
+ blob->digest_len = digest->digest_len;
+ return 0;
+ } else if (!strcmp(key, DM_VERITY_SIGNATURE_SEC_NAME)) {
+ blob->dm_verity_signed = true;
+ return 0;
+ }
+
+ return -EOPNOTSUPP;
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index 857cae69678c..16611a149158 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -8,6 +8,7 @@
#include <linux/fs.h>
#include <linux/binfmts.h>
#include <linux/security.h>
+#include <linux/device-mapper.h>

void ipe_sb_free_security(struct super_block *mnt_sb);

@@ -24,4 +25,11 @@ int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,

int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+void ipe_bdev_free_security(struct block_device *bdev);
+
+int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
+ const void *value, size_t len);
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
#endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 7af2f942decd..5612cb3cf1e5 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -5,12 +5,23 @@

#include "ipe.h"
#include "hooks.h"
+#include "eval.h"

bool ipe_enabled;

static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+ .lbs_bdev = sizeof(struct ipe_bdev),
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
};

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+struct ipe_bdev *ipe_bdev(struct block_device *b)
+{
+ return b->security + ipe_blobs.lbs_bdev;
+}
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
@@ -18,6 +29,10 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+ LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
+ LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
+#endif
};

/**
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index 43cc132ed048..c2594a45b8f2 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -12,4 +12,8 @@

extern bool ipe_enabled;

+#ifdef CONFIG_IPE_PROP_DM_VERITY
+struct ipe_bdev *ipe_bdev(struct block_device *b);
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
+
#endif /* IPE_H */
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 0cb42b6f246e..324eb76c6067 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -28,6 +28,9 @@ enum ipe_action_type {
enum ipe_prop_type {
ipe_prop_boot_verified_false,
ipe_prop_boot_verified_true,
+ ipe_prop_dmv_roothash,
+ ipe_prop_dmv_sig_false,
+ ipe_prop_dmv_sig_true,
ipe_prop_max
};

diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
index 7efafc482e46..50a6a763e842 100644
--- a/security/ipe/policy_parser.c
+++ b/security/ipe/policy_parser.c
@@ -215,6 +215,7 @@ static void free_rule(struct ipe_rule *r)
return;

list_for_each_entry_safe(p, t, &r->props, next) {
+ ipe_digest_free(&p->value);
kfree(p);
}

@@ -267,6 +268,11 @@ static enum ipe_action_type parse_action(char *t)
static const match_table_t property_tokens = {
{ipe_prop_boot_verified_false, "boot_verified=FALSE"},
{ipe_prop_boot_verified_true, "boot_verified=TRUE"},
+#ifdef CONFIG_IPE_PROP_DM_VERITY
+ {ipe_prop_dmv_roothash, "dmverity_roothash=%s"},
+ {ipe_prop_dmv_sig_false, "dmverity_signature=FALSE"},
+ {ipe_prop_dmv_sig_true, "dmverity_signature=TRUE"},
+#endif /* CONFIG_IPE_PROP_DM_VERITY */
{ipe_prop_max, NULL}
};

@@ -297,8 +303,18 @@ int parse_property(char *t, struct ipe_rule *r)
token = match_token(t, property_tokens, args);

switch (token) {
+ case ipe_prop_dmv_roothash:
+ dup = match_strdup(&args[0]);
+ if (!dup) {
+ rc = -ENOMEM;
+ goto err;
+ }
+ rc = ipe_digest_parse(dup, &p->value);
+ fallthrough;
case ipe_prop_boot_verified_false:
case ipe_prop_boot_verified_true:
+ case ipe_prop_dmv_sig_false:
+ case ipe_prop_dmv_sig_true:
p->type = token;
break;
case ipe_prop_max:
--
2.39.0


2023-01-30 22:59:24

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 16/16] documentation: add ipe documentation

From: Deven Bowers <[email protected]>

Add IPE's admin and developer documentation to the kernel tree.

Co-developed-by: Fan Wu <[email protected]>
Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v2:
+ No Changes

v3:
+ Add Acked-by
+ Fixup code block syntax
+ Fix a minor grammatical issue.

v4:
+ Update documentation with the results of other
code changes.

v5:
+ No changes

v6:
+ No changes

v7:
+ Add additional developer-level documentation
+ Update admin-guide docs to reflect changes.
+ Drop Acked-by due to significant changes
+ Added section about audit events in admin-guide

v8:
+ Correct terminology from "audit event" to "audit record"
+ Add associated documentation with the correct "audit event"
terminology.
+ Add some context to the historical motivation for IPE and design
philosophy.
+ Add some content about the securityfs layout in the policies
directory.
+ Various spelling and grammatical corrections.

v9:
+ Correct spelling of "pitfalls"
+ Update the docs w.r.t the new parser and new audit formats
---
Documentation/admin-guide/LSM/index.rst | 1 +
Documentation/admin-guide/LSM/ipe.rst | 729 ++++++++++++++++++
.../admin-guide/kernel-parameters.txt | 12 +
Documentation/security/index.rst | 1 +
Documentation/security/ipe.rst | 436 +++++++++++
MAINTAINERS | 2 +
6 files changed, 1181 insertions(+)
create mode 100644 Documentation/admin-guide/LSM/ipe.rst
create mode 100644 Documentation/security/ipe.rst

diff --git a/Documentation/admin-guide/LSM/index.rst b/Documentation/admin-guide/LSM/index.rst
index a6ba95fbaa9f..ce63be6d64ad 100644
--- a/Documentation/admin-guide/LSM/index.rst
+++ b/Documentation/admin-guide/LSM/index.rst
@@ -47,3 +47,4 @@ subdirectories.
tomoyo
Yama
SafeSetID
+ ipe
diff --git a/Documentation/admin-guide/LSM/ipe.rst b/Documentation/admin-guide/LSM/ipe.rst
new file mode 100644
index 000000000000..b676cea62b2e
--- /dev/null
+++ b/Documentation/admin-guide/LSM/ipe.rst
@@ -0,0 +1,729 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+Integrity Policy Enforcement (IPE)
+==================================
+
+.. NOTE::
+
+ This is the documentation for admins, system builders, or individuals
+ attempting to use IPE. If you're looking for more developer-focused
+ documentation about IPE please see `Documentation/security/ipe.rst`
+
+Overview
+--------
+
+IPE is a Linux Security Module which takes a complimentary approach to
+access control. Whereas existing mandatory access control mechanisms
+base their decisions on labels and paths, IPE instead determines
+whether or not an operation should be allowed based on immutable
+security properties of the system component the operation is being
+performed on.
+
+IPE itself does not mandate how the security property should be
+evaluated, but relies on an extensible set of external property providers
+to evaluate the component. IPE makes its decision based on reference
+values for the selected properties, specified in the IPE policy.
+
+The reference values represent the value that the policy writer and the
+local system administrator (based on the policy signature) trust for the
+system to accomplish the desired tasks.
+
+One such provider is for example dm-verity, which is able to represent
+the integrity property of a partition (its immutable state) with a digest.
+
+IPE is compiled under ``CONFIG_SECURITY_IPE`` (Security -> Integrity Policy Enforcement (IPE)).
+
+Use Cases
+---------
+
+IPE works best in fixed-function devices: devices in which their purpose
+is clearly defined and not supposed to be changed (e.g. network firewall
+device in a data center, an IoT device, etcetera), where all software and
+configuration is built and provisioned by the system owner.
+
+IPE is a long-way off for use in general-purpose computing: the Linux
+community as a whole tends to follow a decentralized trust model,
+known as the web of trust, which IPE has no support for as of yet.
+
+IPE, instead of supporting web of trust, supports PKI, which generally
+designates a set of entities that provide a measure of absolute trust.
+
+Additionally, while most packages are signed today, the files inside
+the packages (for instance, the executables), tend to be unsigned. This
+makes it difficult to utilize IPE in systems where a package manager is
+expected to be functional, without major changes to the package manager
+and ecosystem behind it.
+
+DIGLIM [#diglim]_ is a system that when combined with IPE, could be used to
+enable general purpose computing scenarios.
+
+Known Gaps
+----------
+
+IPE cannot verify the integrity of anonymous executable memory, such as
+the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
+Unfortunately, as this is dynamically generated code, there is no way
+for IPE to ensure the integrity of this code to form a trust basis. In all
+cases, the return result for these operations will be whatever the admin
+configures as the ``DEFAULT`` action for ``EXECUTE``.
+
+IPE cannot verify the integrity of interpreted languages' programs when
+these scripts are invoked via ``<interpreter> <file>``. This is because
+the way interpreters execute these files, the scripts themselves are not
+evaluated as executable code through one of IPE's hooks, as they are merely
+files that are read (as opposed to executable code) [#interpreters]_.
+
+Threat Model
+------------
+
+The threat type addressed by IPE is tampering of executable userspace
+code beyond the initially booted kernel, and the initial verification of
+kernel modules that are loaded in userspace through ``modprobe`` or
+``insmod``.
+
+A bare-minimum example of a threat that should be mitigated by IPE, is
+a hostile binary is downloaded with all required binaries (including
+a loader, libc, etc). With IPE, this hostile binary should not able to
+be executed, nor any of the downloaded binaries.
+
+Tampering violates integrity, and being unable to verify the integrity,
+results in a lack of trust. IPE's role in mitigating this threat is to
+verify the integrity (and authenticity) of all executable code and to
+deny their use if they cannot be trusted (as integrity verification fails,
+or the authorization check fails against the reference value in the policy).
+IPE generates audit logs which may be utilized to detect failures resulting
+from failure to pass policy.
+
+Tampering threat scenarios include modification or replacement of
+executable code by a range of actors including:
+
+- Actors with physical access to the hardware
+- Actors with local network access to the system
+- Actors with access to the deployment system
+- Compromised internal systems under external control
+- Malicious end users of the system
+- Compromised end users of the system
+- Remote (external) compromise of the system
+
+IPE does not mitigate threats arising from malicious authorized
+developers (with access to a signing certificate), or compromised
+developer tools used by authorized developers (i.e. Return Oriented
+Programming attacks). Additionally, IPE draws hard security boundary
+between userspace and kernelspace. As a result, IPE does not provide
+any protections against a kernel level exploit, and a kernel-level
+exploit can disable or tamper with IPE's protections.
+
+Policy
+------
+
+IPE policy is a plain-text [#devdoc]_ policy composed of multiple statements
+over several lines. There is one required line, at the top of the
+policy, indicating the policy name, and the policy version, for
+instance::
+
+ policy_name=Ex_Policy policy_version=0.0.0
+
+The policy name is a unique key identifying this policy in a human
+readable name. This is used to create nodes under securityfs as well as
+uniquely identify policies to deploy new policies vs update existing
+policies.
+
+The policy version indicates the current version of the policy (NOT the
+policy syntax version). This is used to prevent rollback of policy to
+potentially insecure previous versions of the policy.
+
+The next portion of IPE policy are rules. Rules are formed by key=value
+pairs, known as properties. IPE rules require two properties: "action",
+which determines what IPE does when it encounters a match against the
+rule, and "op", which determines when that rule should be evaluated.
+The ordering is significant, a rule must start with "op", and end with
+"action". Thus, a minimal rule is::
+
+ op=EXECUTE action=ALLOW
+
+This example will allow any execution. Additional properties are used to
+restrict attributes about the files being evaluated. These properties
+are intended to be descriptions of systems within the kernel that can
+provide a measure of integrity verification, such that IPE can determine
+the trust of the resource based on the "value" half of the property.
+
+Rules are evaluated top-to-bottom. As a result, any revocation rules,
+or denies should be placed early in the file to ensure that these rules
+are evaluated before a rule with "action=ALLOW" is hit.
+
+IPE policy supports comments. The character '#' will function as a
+comment, ignoring all characters to the right of '#' until the newline.
+
+The default behavior of IPE evaluations can also be expressed in policy,
+through the ``DEFAULT`` statement. This can be done at a global level,
+or a per-operation level::
+
+ # Global
+ DEFAULT action=ALLOW
+
+ # Operation Specific
+ DEFAULT op=EXECUTE action=ALLOW
+
+A default must be set for all known operations in IPE. If you want to
+preserve older policies being compatible with newer kernels that can introduce
+new operations, please set a global default of 'ALLOW', and override the
+defaults on a per-operation basis.
+
+With configurable policy-based LSMs, there's several issues with
+enforcing the configurable policies at startup, around reading and
+parsing the policy:
+
+1. The kernel *should* not read files from userspace, so directly reading
+ the policy file is prohibited.
+2. The kernel command line has a character limit, and one kernel module
+ should not reserve the entire character limit for its own
+ configuration.
+3. There are various boot loaders in the kernel ecosystem, so handing
+ off a memory block would be costly to maintain.
+
+As a result, IPE has addressed this problem through a concept of a "boot
+policy". A boot policy is a minimal policy, compiled into the kernel.
+This policy is intended to get the system to a state where userspace is
+set up and ready to receive commands, at which point a more complex
+policy can be deployed via securityfs. The boot policy can be specified
+via the Kconfig, ``SECURITY_IPE_BOOT_POLICY``, which accepts a path to
+a plain-text version of the IPE policy to apply. This policy will be
+compiled into the kernel. If not specified, IPE will be disabled until
+a policy is deployed and activated through securityfs.
+
+Deploying Policies
+~~~~~~~~~~~~~~~~~~
+
+Policies can be deployed from userspace through securityfs. These policies
+are signed through the PKCS#7 message format to enforce some level of
+authorization of the policies (prohibiting an attacker from gaining
+unconstrained root, and deploying an "allow all" policy). These
+policies must be signed by a certificate that chains to the
+``SYSTEM_TRUSTED_KEYRING``. Through openssl, the signing can be done via::
+
+ openssl smime -sign \
+ -in "$MY_POLICY" \
+ -signer "$MY_CERTIFICATE" \
+ -inkey "$MY_PRIVATE_KEY" \
+ -noattr \
+ -nodetach \
+ -nosmimecap \
+ -outform der \
+ -out "$MY_POLICY.p7b"
+
+Deploying the policies is done through securityfs, through the
+``new_policy`` node. To deploy a policy, simply cat the file into the
+securityfs node::
+
+ cat "$MY_POLICY.p7b" > /sys/kernel/security/ipe/new_policy
+
+Upon success, this will create one subdirectory under
+``/sys/kernel/security/ipe/policies/``. The subdirectory will be the
+``policy_name`` field of the policy deployed, so for the example above,
+the directory will be ``/sys/kernel/security/ipe/policies/Ex_Policy``.
+Within this directory, there will be five files: ``pkcs7``, ``policy``,
+``active``, ``update``, and ``delete``.
+
+The ``pkcs7`` file is read only. Reading will provide the raw PKCS#7 data
+that was provided to the kernel, representing the policy. Writing, will
+deploy an in-place policy update.If the policy being read is the boot
+policy, when read, this will return ENOENT, as this policy is not signed.
+
+The ``policy`` file is read only. Reading will provide the PKCS#7 inner
+content of the policy, which will be the plain text policy.
+
+The ``active`` file is used to set a policy as the currently active policy.
+This file is rw, and accepts a value of ``"1"`` to set the policy as active.
+Since only a single policy can be active at one time, all other policies
+will be marked inactive. The policy being marked active must have a policy
+version greater or equal to the currently-running version.
+
+The ``update`` file is used to update a policy that is already present in
+the kernel. This file is write-only and accepts a PKCS#7 signed policy.
+One check will always be performed on this policy: the policy_names must
+match with the updated version and the existing version. One additional check
+may be made: If the policy being updated is the active policy, the updated
+policy must have a policy version greater than or equal to the currently-running
+version; This is to prevent rollback attacks.
+
+The ``delete`` file is used to remove a policy that is no longer needed.
+This file is write-only and accepts a value of ``1`` to delete the policy.
+On deletion, the securityfs node representing the policy will be removed.
+The policy that is currently active cannot be deleted.
+
+Similarly, the writes to both ``update`` and ``new_policy`` above will
+result in an error upon syntactically invalid or untrusted policies.
+In the case of ``new_policy``, it will also error if a policy already
+exists with the same ``policy_name``.
+
+Deploying these policies will *not* cause IPE to start enforcing this
+policy. Once deployment is successful, a policy can be marked as active,
+via ``/sys/kernel/security/ipe/$policy_name/active``. IPE will enforce
+whatever policy is marked as active. For our example, we can activate
+the ``Ex_Policy`` via::
+
+ echo 1 > "/sys/kernel/security/ipe/Ex_Policy/active"
+
+At which point, ``Ex_Policy`` will now be the enforced policy on the
+system.
+
+IPE also provides a way to delete policies. This can be done via the
+``delete`` securityfs node, ``/sys/kernel/security/ipe/$policy_name/delete``.
+Writing ``1`` to that file will delete that node::
+
+ echo 1 > "/sys/kernel/security/ipe/$policy_name/delete"
+
+There is only one requirement to delete a policy:
+
+1. The policy being deleted must not be the active policy.
+
+.. NOTE::
+
+ If a traditional MAC system is enabled (SELinux, apparmor, smack), all
+ writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Modes
+~~~~~
+
+IPE supports two modes of operation: permissive (similar to SELinux's
+permissive mode) and enforce. Permissive mode performs the same checks
+as enforce mode, and logs policy violations, but will not enforce the
+policy. This allows users to test policies before enforcing them.
+
+The default mode is enforce, and can be changed via the kernel command
+line parameter ``ipe.enforce=(0|1)``, or the securityfs node
+``/sys/kernel/security/ipe/enforce``.
+
+.. NOTE::
+
+ If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
+ all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Audit Events
+~~~~~~~~~~~~
+
+1420 AUDIT_IPE_ACCESS
+^^^^^^^^^^^^^^^^^^^^^
+Event Examples::
+
+ type=1420 audit(1653364370.067:61): path="/root/fs/rw/plain/execve" dev="vdc1" ino=16 rule="DEFAULT op=EXECUTE action=DENY"
+ type=1300 audit(1653364370.067:61): arch=c000003e syscall=10 success=no exit=-13 a0=7f0bf0644000 a1=4f80 a2=5 a3=7f0bf043d300 items=0 ppid=455 pid=737 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=3 comm="mprotect" exe="/root/host/mprotect" subj=kernel key=(null)
+ type=1327 audit(1653364370.067:61): proctitle=686F73742F6D70726F7465637400534800527C5700527C5800706C61696E2F657865637665
+
+ type=1420 audit(1653364735.161:64): rule="DEFAULT op=EXECUTE action=DENY"
+ type=1300 audit(1653364735.161:64): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=1000 a2=4 a3=20 items=0 ppid=455 pid=774 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=3 comm="mmap" exe="/root/host/mmap" subj=kernel key=(null)
+ type=1327 audit(1653364735.161:64): proctitle=686F73742F6D6D617000410058⏎
+
+This event indicates that IPE made an access control decision; the IPE specific
+record (1420) will always be emitted in conjunction with a ``AUDITSYSCALL`` record.
+
+Determining whether IPE is in permissive can be derived from the success and exit
+field of the AUDITSYSCALL record
+
+
+
+Field descriptions:
+
++---------------+------------+-----------+-------------------------------------------------------------------------+
+| Field | Value Type | Optional? | Description of Value |
++===============+============+===========+=========================================================================+
+| path | string | Yes | The absolute path to the file that was the subject of the evaluation |
++---------------+------------+-----------+-------------------------------------------------------------------------+
+| ino | integer | Yes | The inode number of the file that was the subject of the evaluation |
++---------------+------------+-----------+-------------------------------------------------------------------------+
+| dev | string | Yes | The device name that the file under evaluation belongs to, e.g. vda |
++---------------+------------+-----------+-------------------------------------------------------------------------+
+| rule | string | No | The exact rule in IPE's policy that the evaluation matched |
++---------------+------------+-----------+-------------------------------------------------------------------------+
+
+1403 AUDIT_MAC_POLICY_LOAD
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Event Example::
+
+ type=1403 audit(1653425529.927:53): policy_name="dmverity_roothash" policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2 auid=4294967295 ses=4294967295 lsm=ipe res=1
+ type=1300 audit(1653425529.927:53): arch=c000003e syscall=1 success=yes exit=2567 a0=3 a1=5596fcae1fb0 a2=a07 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10" key=(null)
+ type=1327 audit(1653425529.927:53): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
+
+This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
+
++----------------+------------+-----------+--------------------------------------------------------------+
+| Field | Value Type | Optional? | Description of Value |
++================+============+===========+==============================================================+
+| policy_name | string | No | The policy_name field of the policy. |
++----------------+------------+-----------+--------------------------------------------------------------+
+| policy_version | string | No | The policy_version field of the policy |
++----------------+------------+-----------+--------------------------------------------------------------+
+| sha256 | string | Yes* | A flat hash of the policy. Can be used to identify a policy. |
++----------------+------------+-----------+--------------------------------------------------------------+
+| auid | integer | No | The audit user ID. |
++----------------+------------+-----------+--------------------------------------------------------------+
+| ses | integer | No | The session ID. |
++----------------+------------+-----------+--------------------------------------------------------------+
+| lsm | string | No | The lsm name associated with the event. |
++----------------+------------+-----------+--------------------------------------------------------------+
+| res | integer | No | The operation result. |
++----------------+------------+-----------+--------------------------------------------------------------+
+
+1405 AUDIT_MAC_CONFIG_CHANGE
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Event Example::
+
+ type=1405 audit(1653425583.136:54): old_active_pol_name="Allow_All" old_active_pol_version=0.0.0 old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0 new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2 auid=4294967295 ses=4294967295 lsm=ipe res=1
+ type=1300 audit(1653425583.136:54): SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=3 a1=5596fcae1fb0 a2=2 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10" key=(null)
+ type=1327 audit(1653425583.136:54): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2
+
+This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
+
++------------------------+------------+-----------+----------------------------------------------------+
+| Field | Value Type | Optional? | Description of Value |
++========================+============+===========+====================================================+
+| old_active_pol_name | string | No | The policy_name field of the old active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| old_active_pol_version | string | No | The policy_version field of the old active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| old_sha256 | string | Yes* | A flat hash of the old active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| new_active_pol_name | string | No | The policy_name field of the new active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| new_active_pol_version | string | No | The policy_version field of the new active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| new_sha256 | string | Yes* | A flat hash of the new active policy. |
++------------------------+------------+-----------+----------------------------------------------------+
+| auid | integer | No | The audit user ID. |
++------------------------+------------+-----------+----------------------------------------------------+
+| ses | integer | No | The session ID. |
++------------------------+------------+-----------+----------------------------------------------------+
+| lsm | string | No | The lsm name associated with the event. |
++------------------------+------------+-----------+----------------------------------------------------+
+| res | integer | No | The operation result. |
++------------------------+------------+-----------+----------------------------------------------------+
+
+1404 AUDIT_MAC_STATUS
+^^^^^^^^^^^^^^^^^^^^^
+
+Event Examples::
+
+ type=1404 audit(1653425689.008:55): permissive=1 auid=0 ses=4294967295 lsm=ipe res=1
+ type=1300 audit(1653425689.008:55): arch=c000003e syscall=1 success=yes exit=2 a0=1 a1=55c1065e5c60 a2=2 a3=0 items=0 ppid=405 pid=441 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=)
+ type=1327 audit(1653425689.008:55): proctitle="-bash"
+
+ type=1404 audit(1653425689.008:55): permissive=0 auid=0 ses=4294967295 lsm=ipe res=1
+ type=1300 audit(1653425689.008:55): arch=c000003e syscall=1 success=yes exit=2 a0=1 a1=55c1065e5c60 a2=2 a3=0 items=0 ppid=405 pid=441 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=)
+ type=1327 audit(1653425689.008:55): proctitle="-bash"
+
+This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
+
++------------+------------+-----------+-------------------------------------------------------------------+
+| Field | Value Type | Optional? | Description of Value |
++============+============+===========+===================================================================+
+| permissive | integer | No | The state IPE is being switched to. 1 is permissive, 0 is enforce |
++------------+------------+-----------+-------------------------------------------------------------------+
+| auid | integer | No | The audit user ID. |
++------------+------------+-----------+-------------------------------------------------------------------+
+| ses | integer | No | The session ID. |
++------------+------------+-----------+-------------------------------------------------------------------+
+| lsm | string | No | The lsm name associated with the event. |
++------------+------------+-----------+-------------------------------------------------------------------+
+| res | integer | No | The operation result. |
++------------+------------+-----------+-------------------------------------------------------------------+
+
+Success Auditing
+^^^^^^^^^^^^^^^^
+
+IPE supports success auditing. When enabled, all events that pass IPE
+policy and are not blocked will emit an audit event. This is disabled by
+default, and can be enabled via the kernel command line
+``ipe.success_audit=(0|1)`` or the securityfs node,
+``/sys/kernel/security/ipe/success_audit``.
+
+This is *very* noisy, as IPE will check every userspace binary on the
+system, but is useful for debugging policies.
+
+.. NOTE::
+
+ If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
+ all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
+
+Properties
+----------
+
+As explained above, IPE properties are ``key=value`` pairs expressed in
+IPE policy. Two properties are built-into the policy parser: 'op' and
+'action'. The other properties are determinstic attributes to express
+across files. Currently those properties are: '``boot_verified``',
+'``dmverity_signature``', '``dmverity_roothash``', '``fsverity_signature``',
+'``fsverity_digest``'. A description of all properties supported by IPE
+are listed below:
+
+op
+~~
+
+Indicates the operation for a rule to apply to. Must be in every rule,
+as the first token. IPE supports the following operations:
+
+ ``EXECUTE``
+
+ Pertains to any file attempting to be executed, or loaded as an
+ executable.
+
+ ``FIRMWARE``:
+
+ Pertains to firmware being loaded via the firmware_class interface.
+ This covers both the preallocated buffer and the firmware file
+ itself.
+
+ ``KMODULE``:
+
+ Pertains to loading kernel modules via ``modprobe`` or ``insmod``.
+
+ ``KEXEC_IMAGE``:
+
+ Pertains to kernel images loading via ``kexec``.
+
+ ``KEXEC_INITRAMFS``
+
+ Pertains to initrd images loading via ``kexec --initrd``.
+
+ ``POLICY``:
+
+ Controls loading polcies via reading a kernel-space initiated read.
+
+ An example of such is loading IMA policies by writing the path
+ to the policy file to ``$securityfs/ima/policy``
+
+ ``X509_CERT``:
+
+ Controls loading IMA certificates through the Kconfigs,
+ ``CONFIG_IMA_X509_PATH`` and ``CONFIG_EVM_X509_PATH``.
+
+action
+~~~~~~
+
+ Determines what IPE should do when a rule matches. Must be in every
+ rule, as the final clause. Can be one of:
+
+ ``ALLOW``:
+
+ If the rule matches, explicitly allow access to the resource to proceed
+ without executing any more rules.
+
+ ``DENY``:
+
+ If the rule matches, explicitly prohibit access to the resource to
+ proceed without executing any more rules.
+
+boot_verified
+~~~~~~~~~~~~~
+
+ This property can be utilized for authorization of the first super-block
+ that executes a file. This is almost always init. Typically this is used
+ for systems with an initramfs or other initial disk, where this is unmounted
+ before the system becomes available, and is not covered by any other property.
+ The format of this property is::
+
+ boot_verified=(TRUE|FALSE)
+
+
+ .. WARNING::
+
+ This property will trust any disk where the first execution evaluation
+ occurs. If you do *NOT* have a startup disk that is unpacked and unmounted
+ (like initramfs), then it will automatically trust the root filesystem and
+ potentially overauthorize the entire disk.
+
+dmverity_roothash
+~~~~~~~~~~~~~~~~~
+
+ This property can be utilized for authorization or revocation of
+ specific dm-verity volumes, identified via root hash. It has a
+ dependency on the DM_VERITY module. This property is controlled by the
+ Kconfig ``CONFIG_IPE_PROP_DM_VERITY``. The format of this property
+ is::
+
+ dmverity_roothash=DigestName:HexadecimalString
+
+ The supported DigestNames for dmverity_roothash are [#dmveritydigests]_ [#securedigest]_ :
+
+ + blake2b-512
+ + blake2s-256
+ + sha1
+ + sha256
+ + sha384
+ + sha512
+ + sha3-224
+ + sha3-256
+ + sha3-384
+ + sha3-512
+ + md4
+ + md5
+ + sm3
+ + rmd160
+
+dmverity_signature
+~~~~~~~~~~~~~~~~~~
+
+ This property can be utilized for authorization of all dm-verity volumes
+ that have a signed roothash that chains to a keyring specified by dm-verity's
+ configuration, either the system trusted keyring, or the secondary keyring.
+ It has an additional dependency on the ``DM_VERITY_VERIFY_ROOTHASH_SIG``
+ Kconfig. This property is controlled by the Kconfig
+ ``CONFIG_IPE_PROP_DM_VERITY``. The format of this property is::
+
+ dmverity_signature=(TRUE|FALSE)
+
+fsverity_digest
+~~~~~~~~~~~~~~~
+
+ This property can be utilized for authorization or revocation of
+ specific fsverity enabled file, identified via its fsverity digest.
+ It has a dependency on the FS_VERITY module. This property is
+ controlled by the Kconfig ``CONFIG_IPE_PROP_FS_VERITY``.
+ The format of this property is::
+
+ fsverity_digest=DigestName:HexadecimalString
+
+ The supported DigestNames for dmverity_roothash are [#fsveritydigest] [#securedigest]_ :
+
+ + sha256
+ + sha512
+
+fsverity_signature
+~~~~~~~~~~~~~~~~~~
+
+Version 1
+
+ This property can be utilized for authorization of all fsverity enabled
+ files that is verified by fsverity. The keyring that the signature is
+ verified against is subject to fsverity's configuration, typically the fsverity
+ keyring. It has a dependency on the ``CONFIG_FS_VERITY_BUILTIN_SIGNATURES``
+ Kconfig. This property is controlled by the Kconfig
+ ``CONFIG_IPE_PROP_FS_VERITY``. The format of this property is::
+
+ fsverity_signature=(TRUE|FALSE)
+
+Policy Examples
+---------------
+
+Allow all
+~~~~~~~~~
+
+::
+
+ policy_name=Allow_All policy_version=0.0.0
+ DEFAULT action=ALLOW
+
+Allow only initial superblock
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=Allow_All_Initial_SB policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE boot_verified=TRUE action=ALLOW
+
+Allow any signed dm-verity volume and the initial superblock
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=AllowSignedAndInitial policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE boot_verified=TRUE action=ALLOW
+ op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Prohibit execution from a specific dm-verity volume
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=AllowSignedAndInitial policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE dmverity_roothash=sha256:cd2c5bae7c6c579edaae4353049d58eb5f2e8be0244bf05345bc8e5ed257baff action=DENY
+
+ op=EXECUTE boot_verified=TRUE action=ALLOW
+ op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Allow only a specific dm-verity volume
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=AllowSignedAndInitial policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW
+
+Allow any signed fs-verity file
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=AllowSignedFSVerity policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE fsverity_signature=TRUE action=ALLOW
+
+Prohibit execution of a specific fs-verity file
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+::
+
+ policy_name=ProhibitSpecificFSVF policy_version=0.0.0
+ DEFAULT action=DENY
+
+ op=EXECUTE fsverity_digest=sha256:fd88f2b8824e197f850bf4c5109bea5cf0ee38104f710843bb72da796ba5af9e action=DENY
+ op=EXECUTE boot_verified=TRUE action=ALLOW
+ op=EXECUTE dmverity_signature=TRUE action=ALLOW
+
+Additional Information
+----------------------
+
+- `Github Repository <https://github.com/microsoft/ipe>`_
+- `Design Documentation </security/ipe>`_
+
+FAQ
+---
+
+Q:
+ What's the difference between other LSMs which provide a measure of
+ trust-based access control?
+
+A:
+
+ In general, there's two other LSMs that can provide similar functionality:
+ IMA, and Loadpin.
+
+ IMA and IPE are functionally very similar. The significant difference between
+ the two is the policy. [#devdoc]_
+
+ Loadpin and IPE differ fairly dramatically, as Loadpin controls only the IPE
+ equivalent of ``KERNEL_READ``, whereas IPE is capable of controlling execution,
+ on top of ``KERNEL_READ``. The trust model is also different; Loadpin roots its
+ trust in the initial super-block, instead, IPE roots its trust in the kernel
+ itself (via ``SYSTEM_TRUSTED_KEYS``).
+
+-----------
+
+.. [#diglim] 1: https://lore.kernel.org/bpf/[email protected]/T/
+
+.. [#interpreters] There is `some interest in solving this issue <https://lore.kernel.org/lkml/[email protected]/>`_.
+
+.. [#devdoc] Please see `Documentation/security/ipe.rst` for more on this topic.
+
+.. [#fsveritydigest] These hash algorithms are based on values accepted by fsverity-utils;
+ IPE does not impose any restrictions on the digest algorithm itself;
+ thus, this list may be out of date.
+
+.. [#dmveritydigests] These hash algorithms are based on values accepted by dm-verity,
+ specifically ``crypto_alloc_ahash`` in ``verity_ctr``; ``veritysetup``
+ does support more algorithms than the list above. IPE does not impose
+ any restrictions on the digest algorithm itself; thus, this list
+ may be out of date.
+
+.. [#securedigest] Please ensure you are using cryptographically secure hash functions;
+ just because something is *supported* does not mean it is *secure*.
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 6cfa6e3996cf..6f2868113135 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2209,6 +2209,18 @@
ipcmni_extend [KNL] Extend the maximum number of unique System V
IPC identifiers from 32,768 to 16,777,216.

+ ipe.enforce= [IPE]
+ Format: <bool>
+ Determine whether IPE starts in permissive (0) or
+ enforce (1) mode. The default is enforce.
+
+ ipe.success_audit=
+ [IPE]
+ Format: <bool>
+ Start IPE with success auditing enabled, emitting
+ an audit event when a binary is allowed. The default
+ is 0.
+
irqaffinity= [SMP] Set the default irq affinity mask
The argument is a cpu list, as described above.

diff --git a/Documentation/security/index.rst b/Documentation/security/index.rst
index 6ed8d2fa6f9e..a5248d4fd510 100644
--- a/Documentation/security/index.rst
+++ b/Documentation/security/index.rst
@@ -18,3 +18,4 @@ Security Documentation
digsig
landlock
secrets/index
+ ipe
diff --git a/Documentation/security/ipe.rst b/Documentation/security/ipe.rst
new file mode 100644
index 000000000000..85e170ce864a
--- /dev/null
+++ b/Documentation/security/ipe.rst
@@ -0,0 +1,436 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+Integrity Policy Enforcement (IPE) - Kernel Documentation
+=========================================================
+
+.. NOTE::
+
+ This is documentation targeted at developers, instead of administrators.
+ If you're looking for documentation on the usage of IPE, please see
+ `Documentation/admin-guide/LSM/ipe.rst`
+
+Historical Motivation
+---------------------
+
+The original issue that prompted IPE's implementation was the creation
+of a locked-down system. This system would be born-secure, and have
+strong integrity guarantees over both the executable code, and specific
+*data files* on the system, that were critical to its function. These
+specific data files would not be readable unless they passed integrity
+policy. A mandatory access control system would be present, and
+as a result, xattrs would have to be protected. This lead to a selection
+of what would provide the integrity claims. At the time, there were two
+main mechanisms considered that could guarantee integrity for the system
+with these requirements:
+
+ 1. IMA + EVM Signatures
+ 2. DM-Verity
+
+Both options were carefully considered, however the choice to use DM-Verity
+over IMA+EVM as the *integrity mechanism* in the original use case of IPE
+was due to three main reasons:
+
+ 1. Protection of additional attack vectors:
+
+ * With IMA+EVM, without an encryption solution, the system is vulnerable
+ to offline attack against the aforemetioned specific data files.
+
+ Unlike executables, read operations (like those on the protected data
+ files), cannot be enforced to be globally integrtiy verified. This means
+ there must be some form of selector to determine whether a read should
+ enforce the integrity policy, or it should not.
+
+ At the time, this was done with mandatory access control labels. An IMA
+ policy would indicate what labels required integrity verification, which
+ presented an issue: EVM would protect the label, but if an attacker could
+ modify filesystem offline, the attacker could wipe all the xattrs -
+ including the SELinux labels that would be used to determine whether the
+ file should be subject to integrity policy.
+
+ With DM-Verity, as the xattrs are saved as part of the merkel tree, if
+ offline mount occurs against the filesystem protected by dm-verity, the
+ checksum no longer matches and the file fails to be read.
+
+ * As userspace binaries are paged in Linux, dm-verity also offers the
+ additional protection against a hostile block device. In such an attack,
+ the block device reports the appropriate content for the IMA hash
+ initially, passing the required integrity check. Then, on the page fault
+ that accesses the real data, will report the attacker's payload. Since
+ dm-verity will check the data when the page fault occurs (and the disk
+ access), this attack is mitigated.
+
+ 2. Performance:
+
+ * dm-verity provides integrity verification on demand as blocks are
+ read versus requiring the entire file being read into memory for
+ validation.
+
+ 3. Simplicity of signing:
+
+ * No need for two signatures (IMA, then EVM): one signature covers
+ an entire block device.
+ * Signatures can be stored externally to the filesystem metadata.
+ * The signature supports an x.509-based signing infrastructure.
+
+The next step was to choose a *policy* to enforce the integrity mechanism.
+The minimum requirements for the policy were:
+
+ 1. The policy itself must be integrity verified (preventing trivial
+ attack against it).
+ 2. The policy itself must be resistant to rollback attacks.
+ 3. The policy enforcement must have a permissive-like mode.
+ 4. The policy must be able to be updated, in its entirety, without
+ a reboot.
+ 5. Policy updates must be atomic.
+ 6. The policy must support *revocations* of previously authored
+ components.
+ 7. The policy must be auditable, at any point-of-time.
+
+IMA, as the only integrity policy mechanism at the time, was
+considered against these list of requirements, and did not fulfill
+all of the minimum requirements. Extending IMA to cover these
+requirements was considered, but ultimately discarded for a
+two reasons:
+
+ 1. Regression risk; many of these changes would result in
+ dramatic code changes to IMA, which is already present in the
+ kernel, and therefore might impact users.
+
+ 2. IMA was used in the system for measurement and attestation;
+ separation of measurement policy from local integrity policy
+ enforcement was considered favorable.
+
+Due to these reasons, it was decided that a new LSM should be created,
+whose responsibility would be only the local integrity policy enforcement.
+
+Role and Scope
+--------------
+
+IPE, as its name implies, is fundamentally an integrity policy enforcement
+solution; IPE does not mandate how integrity is provided, but instead
+leaves that decision to the system administrator to set the security bar,
+via the mechanisms that they select that suit their individual needs.
+There are several different integrity solutions that provide a different
+level of security guarantees; and IPE allows sysadmins to express policy for
+theoretically all of them.
+
+IPE additionally does not provide a mechanism that provides integrity
+by itself: there are better layers to create such systems, and a mechanism
+of proving integrity has next to nothing to do with the policy of enforcing
+that integrity claim.
+
+Therefore, IPE was designed around:
+
+ 1. Easy integrations with integrity providers.
+ 2. Ease of use for platform administrators/sysadmins.
+
+Design Rationale:
+-----------------
+
+IPE was designed after evluating existing integrity policy solutions
+in other operating systems and environments. In this survey of other
+implementations, there were a few pitfalls identified:
+
+ 1. Policies were not readable by humans, usually requiring a binary
+ intermediary format.
+ 2. A single, non-customizable action was implicitly taken as a default.
+ 3. Debugging the policy required manual steps to determine what rule was violated.
+ 4. Authoring a policy required an in-depth knowledge of the larger system,
+ or operating system.
+
+IPE attempts to avoid all of these pitfalls.
+
+Policy
+~~~~~~
+
+Plain Text
+^^^^^^^^^^
+
+IPE's policy is plain-text. This introduces slightly larger policy files than
+other LSMs, but solves two major problems that occurs with some integrity policy
+solutions on other platforms.
+
+The first issue is one of code maintenance and duplication. To author policies,
+the policy has to be some form of string representation (be it structured,
+through XML, JSON, YAML, etcetera), to allow the policy author to understand
+what is being written. In a hypothetical binary policy design, a serializer
+is necessary to write the policy from the human readable form, to the binary
+form, and a deserializer is needed to interpret the binary form into a data
+structure in the kernel.
+
+Eventually, another deserializer will be needed to transform the binary from
+back into the human-readable form with as much information preserved. This is because a
+user of this access control system will have to keep a lookup table of a checksum
+and the original file itself to try to understand what policies have been deployed
+on this system and what policies have not. For a single user, this may be alright,
+as old policies can be discarded almost immediately after the update takes hold.
+For users that manage computer fleets in the thousands, if not hundreds of thousands,
+with multiple different operating systems, and multiple different operational needs,
+this quickly becomes an issue, as stale policies from years ago may be present,
+quickly resulting in the need to recover the policy or fund extensive infrastructure
+to track what each policy contains.
+
+With now three separate serializer/deserializers, maintenance becomes costly. If the
+policy avoids the binary format, there is only one required serializer: from the
+human-readable form to the data structure ine kernel, saving on code maintenance,
+and retaining operability.
+
+The second issue with a binary format is one of transparency. As IPE controls
+access based on the trust of the system's resources, it's policy must also be
+trusted to be changed. This is done through signatures, resulting in needing
+signing as a process. Signing, as a process, is typically done with a
+high security bar, as anything signed can be used to attack integrity
+enforcement systems. It is also important that, when signing something, that
+the signer is aware of what they are signing. A binary policy can cause
+obfuscation of that fact; what signers see is an opaque binary blob. A
+plain-text policy, on the other hand, the signers see the actual policy
+submitted for signing.
+
+Boot Policy
+~~~~~~~~~~~
+
+IPE, if configured appropriately, is able to enforce a policy as soon as a
+kernel is booted and usermode starts. That implies some level of storage
+of the policy to apply the minute usermode starts. Generally, that storage
+can be handled in one of three ways:
+
+ 1. The policy file(s) live on disk and the kernel loads the policy prior
+ to an code path that would result in an enforcement decision.
+ 2. The policy file(s) are passed by the bootloader to the kernel, who
+ parses the policy.
+ 3. There is a policy file that is compiled into the kernel that is
+ parsed and enforced on initialization.
+
+The first option has problems: the kernel reading files from userspace
+is typically discouraged and very uncommon in the kernel.
+
+The second option also has problems: Linux supports a variety of bootloaders
+across its entire ecosystem - every bootloader would have to support this
+new methodology or there must be an independent source. It would likely
+result in more drastic changes to the kernel startup than necessary.
+
+The third option is the best but it's important to be aware that the policy
+will take disk space against the kernel it's compiled in. It's important to
+keep this policy generalized enough that userspace can load a new, more
+complicated policy, but restrictive enough that it will not overauthorize
+and cause security issues.
+
+The initramfs provides a way that this bootup path can be established. The
+kernel starts with a minimal policy, that trusts the initramfs only. Inside
+the initramfs, when the real rootfs is mounted, but not yet transferred to,
+it deploys and activates a policy that trusts the new root filesystem.
+This prevents overauthorization at any step, and keeps the kernel policy
+to a minimal size.
+
+Startup
+^^^^^^^
+
+Not every system, however starts with an initramfs, so the startup policy
+compiled into the kernel will need some flexibility to express how trust
+is established for the next phase of the bootup. To this end, if we just
+make the compiled-in policy a full IPE policy, it allows system builders
+to express the first stage bootup requirements appropriately.
+
+Updatable, Rebootless Policy
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+As requirements change over time (vulnerabilities are found in previously
+trusted applcations, keys roll, etcetera). Updating a kernel to change the
+meet those security goals is not always a suitable option, as updates are not
+always risk-free, and blocking a security update leaves systems vulnerable.
+This means IPE requires a policy that can be completely updated (allowing
+revocations of existing policy) from a source external to the kernel (allowing
+policies to be updated without updating the kernel).
+
+Additionally, since the kernel is stateless between invocations, and reading
+policy files off the disk from kernel space is a bad idea(tm), then the
+policy updates have to be done rebootlessly.
+
+To allow an update from an external source, it could be potentially malicious,
+so this policy needs to have a way to be identified as trusted. This is
+done via a signature chained to a trust source in the kernel. Arbitrarily,
+this is the ``SYSTEM_TRUSTED_KEYRING``, a keyring that is initially
+populated at kernel compile-time, as this matches the expectation that the
+author of the compiled-in policy described above is the same entity that can
+deploy policy updates.
+
+Anti-Rollback / Anti-Replay
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Over time, vulnerabilities are found and trusted resources may not be
+trusted anymore. IPE's policy has no exception to this. There can be
+instances where a mistaken policy author deploys an insecure policy,
+before correcting it with a secure policy.
+
+Assuming that as soon as the insecure policy is signed, and an attacker
+acquires the insecure policy, IPE needs a way to prevent rollback
+from the secure policy update to the insecure policy update.
+
+Initially, IPE's policy can have a policy_version that states the
+minimum required version across all policies that can be active on
+the system. This will prevent rollback while the system is live.
+
+.. WARNING::
+
+ However, since the kernel is stateless across boots, this policy
+ version will be reset to 0.0.0 on the next boot. System builders
+ need to be aware of this, and ensure the new secure policies are
+ deployed ASAP after a boot to ensure that the window of
+ opportunity is minimal for an attacker to deploy the insecure policy.
+
+Implicit Actions:
+~~~~~~~~~~~~~~~~~
+
+The issue of impicit actions only becomes visible when you consider
+a mixed level of security bars across multiple operations in a system.
+For example, consider a system that has strong integrity guarantees
+over both the executable code, and specific *data files* on the system,
+that were critical to its function. In this system, three types of policies
+are possible:
+
+ 1. A policy in which failure to match any rules in the policy results
+ in the action being denied.
+ 2. A policy in which failure to match any rules in the policy results
+ in the action being allowed.
+ 3. A policy in which the action taken when no rules are matched is
+ specified by the policy author.
+
+The first option could make a policy like this::
+
+ op=EXECUTE integrity_verified=YES action=DENY
+
+In the example system, this works well for the executables, as all
+executables should have integrity guarantees, without exception. The
+issue becomes with the second requirement about specific data files.
+This would result in a policy like this (assuming each line is
+evaluated in order)::
+
+ op=EXECUTE integrity_verified=YES action=DENY
+
+ op=READ integrity_verified=NO label=critical_t action=DENY
+ op=READ action=ALLOW
+
+This is somewhat clear if you read the docs, understand the policy
+is executed in order and that the default is a denial; however, the
+last line effectively changes that default to an ALLOW. This is
+required, because in a realistic system, there are some unverified
+reads (imagine appending to a log file).
+
+The second option, matching no rules results in an allow, is clearer
+for the specific data files::
+
+ op=READ integrity_verified=NO label=critical_t action=DENY
+
+And, like the first option, falls short with the opposite scenario,
+effectively needing to override the default::
+
+ op=EXECUTE integrity_verified=YES action=ALLOW
+ op=EXECUTE action=DENY
+
+ op=READ integrity_verified=NO label=critical_t action=DENY
+
+This leaves the third option. Instead of making users be clever
+and override the default with an empty rule, force the end-user
+to consider what the appropriate default should be for their
+scenario and explicitly state it::
+
+ DEFAULT op=EXECUTE action=DENY
+ op=EXECUTE integrity_verified=YES action=ALLOW
+
+ DEFAULT op=READ action=ALLOW
+ op=READ integrity_verified=NO label=critical_t action=DENY
+
+Policy Debugging:
+~~~~~~~~~~~~~~~~~
+
+When developing a policy, it is useful to know what line of the policy
+is being violated to reduce debugging costs; narrowing the scope of the
+investigation to the exact line that resulted in the action. Some integrity
+policy systems do not provide this information, instead providing the
+information that was used in the evaluation. This then requires a correlation
+with the policy to evaluate what went wrong.
+
+Instead, IPE just emits the rule that was matched. This limits the scope
+of the investigation to the exact policy line (in the case of a specific
+rule), or the section (in the case of a DEFAULT). This decreases iteration
+and investigation times when policy failures are observed while evaluating
+policies.
+
+IPE's policy engine is also designed in a way that it makes it obvious to
+a human of how to investigate a policy failure. Each line is evaluated in
+the sequence that is written, so the algorithm is very simple to follow
+for humans to recreate the steps and could have caused the failure. In other
+surveyed systems, optimizations occur (sorting rules, for instance) when loading
+the policy. In those systems, it requires multiple steps to debug, and the
+algorithm may not always be clear to the end-user without reading the code first.
+
+Simplified Policy:
+~~~~~~~~~~~~~~~~~~
+
+Finally, IPE's policy is designed for sysadmins, not kernel developers. Instead
+of covering individual LSM hooks (or syscalls), IPE covers operations. This means
+instead of sysadmins needing to know that the syscalls ``mmap``, ``mprotect``,
+``execve``, and ``uselib`` must have rules protecting them, they must simple know
+that they want to restrict code execution. This limits the amount of bypasses that
+could occur due to a lack of knowledge of the underlying system; whereas the
+maintainers of IPE, being kernel developers can make the correct choice to determine
+whether something maps to these operations, and under what conditions.
+
+Implementation Notes
+--------------------
+
+Anonymous Memory
+~~~~~~~~~~~~~~~~
+
+Anonymous memory isn't treated any differently from any other access in IPE.
+When anonymous memory is mapped with ``+X``, it still comes into the ``file_mmap``
+or ``file_mprotect`` hook, but with a ``NULL`` file object. This is submitted to
+the evaluation, like any other file, however, all current trust mechanisms will
+return false as there is nothing to evaluate. This means anonymous memory
+execution is subject to whatever the ``DEFAULT`` is for ``EXECUTE``.
+
+.. WARNING::
+
+ This also occurs with the ``kernel_load_data`` hook, which is used by signed
+ and compressed kernel modules. Using signed and compressed kernel modules with
+ IPE will always result in the ``DEFAULT`` action for ``KMODULE``.
+
+Securityfs Interface
+~~~~~~~~~~~~~~~~~~~~
+
+The per-policy securityfs tree is somewhat unique. For example, for
+a standard securityfs policy tree::
+
+ MyPolicy
+ |- active
+ |- raw
+ |- policy
+ |- name
+ |- version
+ |- update
+
+The policy is stored in the ``->i_private`` data of the MyPolicy inode,
+while each child's ``->i_private``, it stores the MyPolicy inode. This
+simplifies policy updates massively, as the alternative designs are to:
+
+ 1. Use d_parent, which has potential issues with flexibility, if there
+ eventually becomes a subdirectory underneath MyPolicy; as it's unclear
+ how many levels of ``d_parent`` you have to iterate up to.
+
+ 2. Store the policy data in each inode's ``->i_private``. This has issues
+ when it comes to updating a policy - every update needs to cascade to
+ each ``->i_private``, and if it fails, for whatever reason, the
+ operation has to be reverted on each inode.
+
+With this implementation, you can solve the flexibility problem of 1, as
+now when you create a theoretical subdirectory you just set the
+``->i_private`` data appropriately. You also solve the update problem of
+two, as you simply update or revert on the one inode that all other inodes
+reference.
+
+Tests
+-----
+
+IPE has KUnit Tests, testing primarily the parser. In addition, IPE has a
+python based integration test suits that can test both user interfaces and
+enforcement functionalities.
diff --git a/MAINTAINERS b/MAINTAINERS
index d5b4a6636b0d..969c6a7845ed 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -10276,6 +10276,8 @@ F: security/integrity/
INTEGRITY POLICY ENFORCEMENT (IPE)
M: Fan Wu <[email protected]>
S: Supported
+F: Documentation/admin-guide/LSM/ipe.rst
+F: Documentation/security/ipe.rst
F: scripts/ipe/
F: security/ipe/

--
2.39.0


2023-01-30 22:59:41

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

From: Deven Bowers <[email protected]>

Users of IPE require a way to identify when and why an operation fails,
allowing them to both respond to violations of policy and be notified
of potentially malicious actions on their systens with respect to IPE
itself.

The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
kernel and the currently active policy changed, respectively.

This patch also adds support for success auditing, allowing users to
identify how a resource passed policy. It is recommended to use this
option with caution, as it is quite noisy.

This patch adds the following audit records:

audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
ino=72 rule="DEFAULT op=EXECUTE action=DENY"

The above audit record shows IPE blocked a file
/tmp/tmpwxmam366/deny/bin/hello in the temp file system.

audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
ino=157 rule="DEFAULT action=DENY"

The above audit record shows IPE blocked a file
/tmp/tmpxkvb3d9x/deny/bin/hello in the temp file system via another
rule.

audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
auid=4294967295 ses=4294967295 lsm=ipe res=1

The above audit record shows IPE loaded a new policy named
"dmverity_roothash" with the sha256 hash of the policy.

audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
old_active_pol_version=0.0.0
old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
auid=4294967295 ses=4294967295 lsm=ipe res=1

The above audit record shows IPE's active policy switched from
"Allow_All" to "dmverity_roothash".

These result in the following events (the audit records are always
prior to a SYSCALL record):

audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
ino=72 rule="DEFAULT op=EXECUTE action=DENY"
audit[476]: SYSCALL arch=c000003e syscall=59 success=no exit=-13
a0=7f7d01b5e890 a1=7f7d01f80e80 a2=7ffde535f230 a3=0 items=0 ppid=229
pid=476 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10"
key=(null)
audit: PROCTITLE
proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E

The above events shows IPE blocked the hello file which python was
trying to execute.

audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
ino=157 rule="DEFAULT action=DENY"
audit[1195]: SYSCALL arch=c000003e syscall=9 success=no
exit=-13 a0=0 a1=18020 a2=6 a3=2 items=0 ppid=997 pid=1195
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=pts0 ses=4294967295 comm="mmap_test"
exe="/tmp/ipe-test/bin/mmap_test" key=(null)
audit: PROCTITLE
proctitle=2F746D702F6970652D746573742F62696E2F6D6D61705F746573

The above events shows IPE blocked the hello file which
/tmp/ipe-test/bin/mmap_test was trying to mmap.

audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
auid=4294967295 ses=4294967295 lsm=ipe res=1
audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2567 a0=3
a1=5596fcae1fb0 a2=a07 a3=2 items=0 ppid=184 pid=229 auid=4294967295
uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sg
id=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3"
exe="/usr/bin/python3.10" key=(null)
audit: PROCTITLE
proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E

The above events shows IPE loaded a new policy "dmverity_roothash"
because python used write system call.

audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
old_active_pol_version=0.0.0
old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
auid=4294967295 ses=4294967295 lsm=ipe res=1
audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=3
a1=5596fcae1fb0 a2=2 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10"
key=(null)
audit: PROCTITLE
proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2
The above events shows IPE switched to a new active policy
"dmverity_roothash" because python used write system call.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---

v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move ipe_load_properties to patch 04.
+ Remove useless 0-initializations
+ Prefix extern variables with ipe_
+ Remove kernel module parameters, as these are
exposed through sysctls.
+ Add more prose to the IPE base config option
help text.
+ Use GFP_KERNEL for audit_log_start.
+ Remove unnecessary caching system.
+ Remove comments from headers
+ Use rcu_access_pointer for rcu-pointer null check
+ Remove usage of reqprot; use prot only.
+ Move policy load and activation audit event to 03/12

v4:
+ Remove sysctls in favor of securityfs nodes
+ Re-add kernel module parameters, as these are now
exposed through securityfs.
+ Refactor property audit loop to a separate function.

v5:
+ fix minor grammatical errors
+ do not group rule by curly-brace in audit record,
reconstruct the exact rule.

v6:
+ No changes

v7:
+ Further split lsm creation, the audit system, the evaluation loop,
and access control hooks into separate patches.
+ Further split audit system patch into two separate patches; one
for include/uapi, and the usage of the new defines.
+ Split out the permissive functionality into another separate patch,
for easier review.
+ Correct misuse of audit_log_n_untrusted string to audit_log_format
+ Use get_task_comm instead of comm directly.
+ Quote certain audit values
+ Remove unnecessary help text on choice options - these were
previously
idented at the wrong level
+ Correct a stale string constant (ctx_ns_enforce to ctx_enforce)

v8:

+ Change dependency for CONFIG_AUDIT to CONFIG_AUDITSYSCALL
+ Drop ctx_* prefix
+ Reuse, where appropriate, the audit fields from the field
dictionary. This transforms:
ctx_pathname -> path
ctx_ino -> ino
ctx_dev -> dev

+ Add audit records and event examples to commit description.
+ Remove new_audit_ctx, replace with audit_log_start. All data that
would provided by new_audit_ctx is already present in the syscall
audit record, that is always emitted on these actions. The audit
records should be correlated as such.
+ Change audit types:
+ AUDIT_TRUST_RESULT -> AUDIT_IPE_ACCESS
+ This prevents overloading of the AVC type.
+ AUDIT_TRUST_POLICY_ACTIVATE -> AUDIT_MAC_CONFIG_CHANGE
+ AUDIT_TRUST_POLICY_LOAD -> AUDIT_MAC_POLICY_LOAD
+ There were no significant difference in meaning between
these types.

+ Remove enforcing parameter passed from the context structure
for AUDIT_IPE_ACCESS.
+ This field can be inferred from the SYSCALL audit event,
based on the success field.

+ Remove all fields already captured in the syscall record. "hook",
an IPE specific field, can be determined via the syscall field in
the syscall record itself, so it has been removed.
+ ino, path, and dev in IPE's record refer to the subject of the
syscall, while the syscall record refers to the calling process.

+ remove IPE prefix from policy load/policy activation events
+ fix a bug wherein a policy change audit record was not fired when
updating a policy

v9:
+ Merge the AUDIT_IPE_ACCESS definition with the audit support commit
+ Change the audit format of policy load and siwtch
+ Remove the ipe audit kernel switch
---
include/uapi/linux/audit.h | 1 +
security/ipe/Kconfig | 2 +-
security/ipe/Makefile | 1 +
security/ipe/audit.c | 196 +++++++++++++++++++++++++++++++++++++
security/ipe/audit.h | 18 ++++
security/ipe/eval.c | 26 ++++-
security/ipe/eval.h | 8 ++
security/ipe/fs.c | 68 +++++++++++++
security/ipe/policy.c | 5 +
9 files changed, 321 insertions(+), 4 deletions(-)
create mode 100644 security/ipe/audit.c
create mode 100644 security/ipe/audit.h

diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
index d676ed2b246e..ee3b3db95076 100644
--- a/include/uapi/linux/audit.h
+++ b/include/uapi/linux/audit.h
@@ -143,6 +143,7 @@
#define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */
#define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry */
#define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI entry */
+#define AUDIT_IPE_ACCESS 1420 /* IPE Denial or Grant */

#define AUDIT_FIRST_KERN_ANOM_MSG 1700
#define AUDIT_LAST_KERN_ANOM_MSG 1799
diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
index e4875fb04883..ac4d558e69d5 100644
--- a/security/ipe/Kconfig
+++ b/security/ipe/Kconfig
@@ -5,7 +5,7 @@

menuconfig SECURITY_IPE
bool "Integrity Policy Enforcement (IPE)"
- depends on SECURITY && SECURITYFS
+ depends on SECURITY && SECURITYFS && AUDIT && AUDITSYSCALL
select PKCS7_MESSAGE_PARSER
select SYSTEM_DATA_VERIFICATION
help
diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 8602d71250b4..89a76ad72301 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -13,3 +13,4 @@ obj-$(CONFIG_SECURITY_IPE) += \
policy.o \
policy_fs.o \
policy_parser.o \
+ audit.o \
diff --git a/security/ipe/audit.c b/security/ipe/audit.c
new file mode 100644
index 000000000000..295e9f9f5146
--- /dev/null
+++ b/security/ipe/audit.c
@@ -0,0 +1,196 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "eval.h"
+#include "hooks.h"
+#include "policy.h"
+#include "audit.h"
+#include "digest.h"
+
+#include <linux/slab.h>
+#include <linux/audit.h>
+#include <linux/types.h>
+#include <crypto/hash.h>
+
+#define ACTSTR(x) ((x) == ipe_action_allow ? "ALLOW" : "DENY")
+
+#define IPE_AUDIT_HASH_ALG "sha256"
+
+#define AUDIT_POLICY_LOAD_FMT "policy_name=\"%s\" policy_version=%hu.%hu.%hu "\
+ IPE_AUDIT_HASH_ALG "="
+#define AUDIT_OLD_ACTIVE_POLICY_FMT "old_active_pol_name=\"%s\" "\
+ "old_active_pol_version=%hu.%hu.%hu "\
+ "old_" IPE_AUDIT_HASH_ALG "="
+#define AUDIT_NEW_ACTIVE_POLICY_FMT "new_active_pol_name=\"%s\" "\
+ "new_active_pol_version=%hu.%hu.%hu "\
+ "new_" IPE_AUDIT_HASH_ALG "="
+
+static const char *const audit_op_names[ipe_op_max] = {
+ "EXECUTE",
+ "FIRMWARE",
+ "KMODULE",
+ "KEXEC_IMAGE",
+ "KEXEC_INITRAMFS",
+ "IMA_POLICY",
+ "IMA_X509_CERT",
+};
+
+static const char *const audit_prop_names[ipe_prop_max] = {
+ "boot_verified=FALSE",
+ "boot_verified=TRUE",
+};
+
+/**
+ * audit_rule - audit an IPE policy rule approximation.
+ * @ab: Supplies a poniter to the audit_buffer to append to.
+ * @r: Supplies a pointer to the ipe_rule to approximate a string form for.
+ */
+static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
+{
+ const struct ipe_prop *ptr;
+
+ audit_log_format(ab, "rule=\"op=%s ", audit_op_names[r->op]);
+
+ list_for_each_entry(ptr, &r->props, next) {
+ audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
+ audit_log_format(ab, " ");
+ }
+
+ audit_log_format(ab, "action=%s\"", ACTSTR(r->action));
+}
+
+/**
+ * ipe_audit_match - audit a match for IPE policy.
+ * @ctx: Supplies a poniter to the evaluation context that was used in the
+ * evaluation.
+ * @match_type: Supplies the scope of the match: rule, operation default,
+ * global default.
+ * @act: Supplies the IPE's evaluation decision, deny or allow.
+ * @r: Supplies a pointer to the rule that was matched, if possible.
+ * @enforce: Supplies the enforcement/permissive state at the point
+ * the enforcement decision was made.
+ */
+void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
+ enum ipe_match match_type,
+ enum ipe_action_type act, const struct ipe_rule *const r)
+{
+ struct inode *inode;
+ struct audit_buffer *ab;
+ const char *op = audit_op_names[ctx->op];
+
+ if (act != ipe_action_deny && !READ_ONCE(success_audit))
+ return;
+
+ ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_IPE_ACCESS);
+ if (!ab)
+ return;
+
+ if (ctx->file) {
+ audit_log_d_path(ab, "path=", &ctx->file->f_path);
+ inode = file_inode(ctx->file);
+ if (inode) {
+ audit_log_format(ab, " dev=");
+ audit_log_untrustedstring(ab, inode->i_sb->s_id);
+ audit_log_format(ab, " ino=%lu ", inode->i_ino);
+ }
+ }
+
+ if (match_type == ipe_match_rule)
+ audit_rule(ab, r);
+ else if (match_type == ipe_match_table)
+ audit_log_format(ab, "rule=\"DEFAULT op=%s action=%s\"", op,
+ ACTSTR(act));
+ else
+ audit_log_format(ab, "rule=\"DEFAULT action=%s\"",
+ ACTSTR(act));
+
+ audit_log_end(ab);
+}
+
+/**
+ * audit_policy - Audit a policy's name, version and thumbprint to @ab.
+ * @ab: Supplies a pointer to the audit buffer to append to.
+ * @p: Supplies a pointer to the policy to audit.
+ */
+static void audit_policy(struct audit_buffer *ab,
+ const char *audit_format,
+ const struct ipe_policy *const p)
+{
+ u8 *digest = NULL;
+ struct crypto_shash *tfm;
+ SHASH_DESC_ON_STACK(desc, tfm);
+
+ tfm = crypto_alloc_shash(IPE_AUDIT_HASH_ALG, 0, 0);
+ if (IS_ERR(tfm))
+ return;
+
+ desc->tfm = tfm;
+
+ digest = kzalloc(crypto_shash_digestsize(tfm), GFP_KERNEL);
+ if (!digest)
+ goto out;
+
+ if (crypto_shash_init(desc))
+ goto out;
+
+ if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len))
+ goto out;
+
+ if (crypto_shash_final(desc, digest))
+ goto out;
+
+ audit_log_format(ab, audit_format, p->parsed->name,
+ p->parsed->version.major, p->parsed->version.minor,
+ p->parsed->version.rev);
+ audit_log_n_hex(ab, digest, crypto_shash_digestsize(tfm));
+
+out:
+ kfree(digest);
+ crypto_free_shash(tfm);
+}
+
+/**
+ * ipe_audit_policy_activation - Audit a policy being made the active policy.
+ * @p: Supplies a pointer to the policy to audit.
+ */
+void ipe_audit_policy_activation(const struct ipe_policy *const op,
+ const struct ipe_policy *const np)
+{
+ struct audit_buffer *ab;
+
+ ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_CONFIG_CHANGE);
+ if (!ab)
+ return;
+
+ audit_policy(ab, AUDIT_OLD_ACTIVE_POLICY_FMT, op);
+ audit_log_format(ab, " ");
+ audit_policy(ab, AUDIT_NEW_ACTIVE_POLICY_FMT, np);
+ audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
+ from_kuid(&init_user_ns, audit_get_loginuid(current)),
+ audit_get_sessionid(current));
+
+ audit_log_end(ab);
+}
+
+/**
+ * ipe_audit_policy_load - Audit a policy being loaded into the kernel.
+ * @p: Supplies a pointer to the policy to audit.
+ */
+void ipe_audit_policy_load(const struct ipe_policy *const p)
+{
+ struct audit_buffer *ab;
+
+ ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD);
+ if (!ab)
+ return;
+
+ audit_policy(ab, AUDIT_POLICY_LOAD_FMT, p);
+ audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
+ from_kuid(&init_user_ns, audit_get_loginuid(current)),
+ audit_get_sessionid(current));
+
+ audit_log_end(ab);
+}
diff --git a/security/ipe/audit.h b/security/ipe/audit.h
new file mode 100644
index 000000000000..2e9b99737f97
--- /dev/null
+++ b/security/ipe/audit.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_AUDIT_H
+#define IPE_AUDIT_H
+
+#include "policy.h"
+
+void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
+ enum ipe_match match_type,
+ enum ipe_action_type act, const struct ipe_rule *const r);
+void ipe_audit_policy_load(const struct ipe_policy *const p);
+void ipe_audit_policy_activation(const struct ipe_policy *const op,
+ const struct ipe_policy *const np);
+
+#endif /* IPE_AUDIT_H */
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index 48b5104a3463..d713808cad9c 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -7,6 +7,7 @@
#include "eval.h"
#include "hooks.h"
#include "policy.h"
+#include "audit.h"

#include <linux/fs.h>
#include <linux/types.h>
@@ -15,8 +16,10 @@
#include <linux/sched.h>
#include <linux/rcupdate.h>
#include <linux/spinlock.h>
+#include <linux/moduleparam.h>

struct ipe_policy __rcu *ipe_active_policy;
+bool success_audit;

static struct super_block *pinned_sb;
static DEFINE_SPINLOCK(pin_lock);
@@ -117,6 +120,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
int rc = 0;
bool match = false;
enum ipe_action_type action;
+ enum ipe_match match_type;
struct ipe_policy *pol = NULL;
const struct ipe_rule *rule = NULL;
const struct ipe_op_table *rules = NULL;
@@ -131,6 +135,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)

if (ctx->op == ipe_op_max) {
action = pol->parsed->global_default_action;
+ match_type = ipe_match_global;
goto eval;
}

@@ -146,14 +151,20 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
break;
}

- if (match)
+ if (match) {
action = rule->action;
- else if (rules->default_action != ipe_action_max)
+ match_type = ipe_match_rule;
+ } else if (rules->default_action != ipe_action_max) {
action = rules->default_action;
- else
+ match_type = ipe_match_table;
+ } else {
action = pol->parsed->global_default_action;
+ match_type = ipe_match_global;
+ }

eval:
+ ipe_audit_match(ctx, match_type, action, rule);
+
if (action == ipe_action_deny)
rc = -EACCES;

@@ -178,3 +189,12 @@ void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)

spin_unlock(&pin_lock);
}
+
+/* Set the right module name */
+#ifdef KBUILD_MODNAME
+#undef KBUILD_MODNAME
+#define KBUILD_MODNAME "ipe"
+#endif
+
+module_param(success_audit, bool, 0400);
+MODULE_PARM_DESC(success_audit, "Start IPE with success auditing enabled");
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index 887797438b9b..b83730d0b5ae 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -13,6 +13,7 @@
#include "policy.h"

extern struct ipe_policy __rcu *ipe_active_policy;
+extern bool success_audit;

struct ipe_eval_ctx {
enum ipe_op_type op;
@@ -21,6 +22,13 @@ struct ipe_eval_ctx {
bool from_init_sb;
};

+enum ipe_match {
+ ipe_match_rule = 0,
+ ipe_match_table,
+ ipe_match_global,
+ ipe_match_max
+};
+
void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
index 9f6a4867bec2..c99616f36f32 100644
--- a/security/ipe/fs.c
+++ b/security/ipe/fs.c
@@ -4,7 +4,9 @@
*/
#include "ipe.h"
#include "fs.h"
+#include "eval.h"
#include "policy.h"
+#include "audit.h"

#include <linux/dcache.h>
#include <linux/security.h>
@@ -12,6 +14,57 @@
static struct dentry *np __ro_after_init;
static struct dentry *root __ro_after_init;
struct dentry *policy_root __ro_after_init;
+static struct dentry *audit_node __ro_after_init;
+
+/**
+ * setaudit - Write handler for the securityfs node, "ipe/success_audit"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t setaudit(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ bool value;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ rc = kstrtobool_from_user(data, len, &value);
+ if (rc)
+ return rc;
+
+ WRITE_ONCE(success_audit, value);
+
+ return len;
+}
+
+/**
+ * getaudit - Read handler for the securityfs node, "ipe/success_audit"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the read syscall
+ * @len: Supplies the length of @data
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t getaudit(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ const char *result;
+
+ result = ((READ_ONCE(success_audit)) ? "1" : "0");
+
+ return simple_read_from_buffer(data, len, offset, result, 1);
+}

/**
* new_policy - Write handler for the securityfs node, "ipe/new_policy".
@@ -50,6 +103,8 @@ static ssize_t new_policy(struct file *f, const char __user *data,
if (rc)
goto err;

+ ipe_audit_policy_load(p);
+
err:
return (rc < 0) ? rc : len;
}
@@ -58,6 +113,11 @@ static const struct file_operations np_fops = {
.write = new_policy,
};

+static const struct file_operations audit_fops = {
+ .write = setaudit,
+ .read = getaudit,
+};
+
/**
* ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
*
@@ -84,6 +144,13 @@ static int __init ipe_init_securityfs(void)
goto err;
}

+ audit_node = securityfs_create_file("success_audit", 0600, root,
+ NULL, &audit_fops);
+ if (IS_ERR(audit_node)) {
+ rc = PTR_ERR(audit_node);
+ goto err;
+ }
+
policy_root = securityfs_create_dir("policies", root);
if (IS_ERR(policy_root)) {
rc = PTR_ERR(policy_root);
@@ -94,6 +161,7 @@ static int __init ipe_init_securityfs(void)
err:
securityfs_remove(np);
securityfs_remove(root);
+ securityfs_remove(audit_node);
securityfs_remove(policy_root);
return rc;
}
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index a5e9c6e5691b..703b3fd9cf4c 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -9,6 +9,7 @@
#include "policy.h"
#include "policy_parser.h"
#include "digest.h"
+#include "audit.h"

#include <linux/verification.h>

@@ -124,6 +125,9 @@ struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
swap(new->policyfs, old->policyfs);
ipe_free_policy(old);

+ if (!rc)
+ ipe_audit_policy_load(new);
+
goto out;
err:
ipe_free_policy(new);
@@ -230,6 +234,7 @@ int ipe_set_active_pol(const struct ipe_policy *p)
spin_unlock(&ipe_policy_lock);
synchronize_rcu();

+ ipe_audit_policy_activation(ap, p);
out:
return rc;
}
--
2.39.0


2023-01-30 22:59:50

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 05/16] ipe: add userspace interface

From: Deven Bowers <[email protected]>

As is typical with LSMs, IPE uses securityfs as its interface with
userspace. for a complete list of the interfaces and the respective
inputs/outputs, please see the documentation under
admin-guide/LSM/ipe.rst

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move policy load and activation audit event to 03/12
+ Fix a potential panic when a policy failed to load.
+ use pr_warn for a failure to parse instead of an
audit record
+ Remove comments from headers
+ Add lockdep assertions to ipe_update_active_policy and
ipe_activate_policy
+ Fix up warnings with checkpatch --strict
+ Use file_ns_capable for CAP_MAC_ADMIN for securityfs
nodes.
+ Use memdup_user instead of kzalloc+simple_write_to_buffer.
+ Remove strict_parse command line parameter, as it is added
by the sysctl command line.
+ Prefix extern variables with ipe_

v4:
+ Remove securityfs to reverse-dependency
+ Add SHA1 reverse dependency.
+ Add versioning scheme for IPE properties, and associated
interface to query the versioning scheme.
+ Cause a parser to always return an error on unknown syntax.
+ Remove strict_parse option
+ Change active_policy interface from sysctl, to securityfs,
and change scheme.

v5:
+ Cause an error if a default action is not defined for each
operaiton.
+ Minor function renames

v6:
+ No changes

v7:
+ Propogating changes to support the new ipe_context structure in the
evaluation loop.

+ Further split the parser and userspace interface changes into
separate commits.

+ "raw" was renamed to "pkcs7" and made read only
+ "raw"'s write functionality (update a policy) moved to "update"
+ introduced "version", "policy_name" nodes.
+ "content" renamed to "policy"
+ changes to allow the compiled-in policy to be treated
identical to deployed-after-the-fact policies.

v8:
+ Prevent securityfs initialization if the LSM is disabled

v9:
+ Switch to securityfs_recursive_remove for policy folder deletion
---
security/ipe/Makefile | 2 +
security/ipe/fs.c | 101 +++++++++
security/ipe/fs.h | 17 ++
security/ipe/ipe.c | 3 +
security/ipe/ipe.h | 2 +
security/ipe/policy.c | 135 ++++++++++++
security/ipe/policy.h | 7 +
security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
8 files changed, 726 insertions(+)
create mode 100644 security/ipe/fs.c
create mode 100644 security/ipe/fs.h
create mode 100644 security/ipe/policy_fs.c

diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index d7f2870d7c09..8602d71250b4 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -7,7 +7,9 @@

obj-$(CONFIG_SECURITY_IPE) += \
eval.o \
+ fs.o \
hooks.o \
ipe.o \
policy.o \
+ policy_fs.o \
policy_parser.o \
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
new file mode 100644
index 000000000000..9f6a4867bec2
--- /dev/null
+++ b/security/ipe/fs.c
@@ -0,0 +1,101 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#include "ipe.h"
+#include "fs.h"
+#include "policy.h"
+
+#include <linux/dcache.h>
+#include <linux/security.h>
+
+static struct dentry *np __ro_after_init;
+static struct dentry *root __ro_after_init;
+struct dentry *policy_root __ro_after_init;
+
+/**
+ * new_policy - Write handler for the securityfs node, "ipe/new_policy".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t new_policy(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ char *copy = NULL;
+ struct ipe_policy *p = NULL;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ copy = memdup_user_nul(data, len);
+ if (IS_ERR(copy)) {
+ rc = PTR_ERR(copy);
+ goto err;
+ }
+
+ p = ipe_new_policy(NULL, 0, copy, len);
+ if (IS_ERR(p)) {
+ rc = PTR_ERR(p);
+ goto err;
+ }
+
+ rc = ipe_new_policyfs_node(p);
+ if (rc)
+ goto err;
+
+err:
+ return (rc < 0) ? rc : len;
+}
+
+static const struct file_operations np_fops = {
+ .write = new_policy,
+};
+
+/**
+ * ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
+ *
+ * Return:
+ * * !0 - Error
+ * * 0 - OK
+ */
+static int __init ipe_init_securityfs(void)
+{
+ int rc = 0;
+
+ if (!ipe_enabled)
+ return -EOPNOTSUPP;
+
+ root = securityfs_create_dir("ipe", NULL);
+ if (IS_ERR(root)) {
+ rc = PTR_ERR(root);
+ goto err;
+ }
+
+ np = securityfs_create_file("new_policy", 0200, root, NULL, &np_fops);
+ if (IS_ERR(np)) {
+ rc = PTR_ERR(np);
+ goto err;
+ }
+
+ policy_root = securityfs_create_dir("policies", root);
+ if (IS_ERR(policy_root)) {
+ rc = PTR_ERR(policy_root);
+ goto err;
+ }
+
+ return 0;
+err:
+ securityfs_remove(np);
+ securityfs_remove(root);
+ securityfs_remove(policy_root);
+ return rc;
+}
+
+fs_initcall(ipe_init_securityfs);
diff --git a/security/ipe/fs.h b/security/ipe/fs.h
new file mode 100644
index 000000000000..fa105d9d6fc5
--- /dev/null
+++ b/security/ipe/fs.h
@@ -0,0 +1,17 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_FS_H
+#define IPE_FS_H
+
+#include "policy.h"
+
+extern struct dentry *policy_root __ro_after_init;
+
+void ipe_soft_del_policyfs(struct ipe_policy *p);
+int ipe_new_policyfs_node(struct ipe_policy *p);
+void ipe_del_policyfs_node(struct ipe_policy *p);
+
+#endif /* IPE_FS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 551c6d90ac11..bef923026b50 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -5,6 +5,8 @@

#include "ipe.h"

+bool ipe_enabled;
+
static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
};

@@ -30,6 +32,7 @@ static int __init ipe_init(void)
int rc = 0;

security_add_hooks(ipe_hooks, ARRAY_SIZE(ipe_hooks), "ipe");
+ ipe_enabled = true;

return rc;
}
diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
index ee7ec3f3b55d..43cc132ed048 100644
--- a/security/ipe/ipe.h
+++ b/security/ipe/ipe.h
@@ -10,4 +10,6 @@

#include <linux/lsm_hooks.h>

+extern bool ipe_enabled;
+
#endif /* IPE_H */
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index 772d876b1087..a5e9c6e5691b 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -4,12 +4,39 @@
*/

#include "ipe.h"
+#include "eval.h"
+#include "fs.h"
#include "policy.h"
#include "policy_parser.h"
#include "digest.h"

#include <linux/verification.h>

+/* lock for synchronizing writers across ipe policy */
+DEFINE_SPINLOCK(ipe_policy_lock);
+
+/**
+ * ver_to_u64 - Convert an internal ipe_policy_version to a u64.
+ * @p: Policy to extract the version from.
+ *
+ * Bits (LSB is index 0):
+ * [48,32] -> Major
+ * [32,16] -> Minor
+ * [16, 0] -> Revision
+ *
+ * Return: u64 version of the embedded version structure.
+ */
+static inline u64 ver_to_u64(const struct ipe_policy *const p)
+{
+ u64 r = 0;
+
+ r = (((u64)p->parsed->version.major) << 32)
+ | (((u64)p->parsed->version.minor) << 16)
+ | ((u64)(p->parsed->version.rev));
+
+ return r;
+}
+
/**
* ipe_free_policy - Deallocate a given IPE policy.
* @p: Supplies the policy to free.
@@ -21,6 +48,7 @@ void ipe_free_policy(struct ipe_policy *p)
if (IS_ERR_OR_NULL(p))
return;

+ ipe_del_policyfs_node(p);
free_parsed_policy(p->parsed);
if (!p->pkcs7)
kfree(p->text);
@@ -39,6 +67,70 @@ static int set_pkcs7_data(void *ctx, const void *data, size_t len,
return 0;
}

+/**
+ * ipe_update_policy - parse a new policy and replace @old with it.
+ * @addr: Supplies a pointer to the i_private for saving policy.
+ * @text: Supplies a pointer to the plain text policy.
+ * @textlen: Supplies the length of @text.
+ * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
+ * @pkcs7len: Supplies the length of @pkcs7len.
+ *
+ * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
+ * ipe_new_policy.
+ *
+ * Return:
+ * * !IS_ERR - OK
+ * * -ENOENT - Policy doesn't exist
+ * * -EINVAL - New policy is invalid
+ */
+struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
+ const char *text, size_t textlen,
+ const char *pkcs7, size_t pkcs7len)
+{
+ int rc = 0;
+ struct ipe_policy *old, *new;
+
+ old = ipe_get_policy_rcu(*addr);
+ if (!old) {
+ rc = -ENOENT;
+ goto err;
+ }
+
+ new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
+ if (IS_ERR(new)) {
+ rc = PTR_ERR(new);
+ goto err;
+ }
+
+ if (strcmp(new->parsed->name, old->parsed->name)) {
+ rc = -EINVAL;
+ goto err;
+ }
+
+ if (ver_to_u64(old) > ver_to_u64(new)) {
+ rc = -EINVAL;
+ goto err;
+ }
+
+ if (ipe_is_policy_active(old)) {
+ spin_lock(&ipe_policy_lock);
+ rcu_assign_pointer(ipe_active_policy, new);
+ spin_unlock(&ipe_policy_lock);
+ synchronize_rcu();
+ }
+
+ rcu_assign_pointer(*addr, new);
+
+ swap(new->policyfs, old->policyfs);
+ ipe_free_policy(old);
+
+ goto out;
+err:
+ ipe_free_policy(new);
+out:
+ return (rc < 0) ? ERR_PTR(rc) : new;
+}
+
/**
* ipe_new_policy - Allocate and parse an ipe_policy structure.
*
@@ -117,3 +209,46 @@ struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)

return rv;
}
+
+/**
+ * ipe_set_active_pol - Make @p the active policy.
+ * @p: Supplies a pointer to the policy to make active.
+ */
+int ipe_set_active_pol(const struct ipe_policy *p)
+{
+ int rc = 0;
+ struct ipe_policy *ap = NULL;
+
+ ap = ipe_get_policy_rcu(ipe_active_policy);
+ if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
+ rc = -EINVAL;
+ goto out;
+ }
+
+ spin_lock(&ipe_policy_lock);
+ rcu_assign_pointer(ipe_active_policy, p);
+ spin_unlock(&ipe_policy_lock);
+ synchronize_rcu();
+
+out:
+ return rc;
+}
+
+/**
+ * ipe_is_policy_active - Determine wehther @p is the active policy.
+ * @p: Supplies a pointer to the policy to check.
+ *
+ * Return:
+ * * true - @p is the active policy
+ * * false - @p is not the active policy
+ */
+bool ipe_is_policy_active(const struct ipe_policy *p)
+{
+ bool rv;
+
+ rcu_read_lock();
+ rv = rcu_access_pointer(ipe_active_policy) == p;
+ rcu_read_unlock();
+
+ return rv;
+}
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 967d816cd5cd..0cb42b6f246e 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -70,11 +70,18 @@ struct ipe_policy {
size_t textlen;

struct ipe_parsed_policy *parsed;
+
+ struct dentry *policyfs;
};

struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
const char *pkcs7, size_t pkcs7len);
void ipe_free_policy(struct ipe_policy *pol);
struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
+struct ipe_policy *ipe_update_policy(struct ipe_policy **addr, const char *text,
+ size_t textlen, const char *pkcs7,
+ size_t pkcs7len);
+int ipe_set_active_pol(const struct ipe_policy *p);
+bool ipe_is_policy_active(const struct ipe_policy *p);

#endif /* IPE_POLICY_H */
diff --git a/security/ipe/policy_fs.c b/security/ipe/policy_fs.c
new file mode 100644
index 000000000000..72759cc8938d
--- /dev/null
+++ b/security/ipe/policy_fs.c
@@ -0,0 +1,459 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#include "ipe.h"
+#include "policy.h"
+#include "fs.h"
+
+#include <linux/fs.h>
+#include <linux/namei.h>
+#include <linux/types.h>
+#include <linux/dcache.h>
+#include <linux/security.h>
+
+#define MAX_VERSION_SIZE ARRAY_SIZE("65535.65535.65535")
+
+/**
+ * find_policy - return a policy pointer saved in i_private of a dentry.
+ * @f: Securityfs object that contains a link to the dentry containing the
+ * policy structure.
+ *
+ * Return: Always-Valid Address Pointer
+ */
+static inline struct ipe_policy __rcu **find_policy(struct file *f)
+{
+ struct dentry *link;
+
+ link = d_inode(f->f_path.dentry)->i_private;
+
+ return (struct ipe_policy __rcu **)&(d_inode(link)->i_private);
+}
+
+/**
+ * ipefs_file - defines a file in securityfs.
+ */
+struct ipefs_file {
+ const char *name;
+ umode_t access;
+ const struct file_operations *fops;
+};
+
+/**
+ * read_pkcs7 - Read handler for "ipe/policies/$name/pkcs7".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * @data will be populated with the pkcs7 blob representing the policy
+ * on success. If the policy is unsigned (like the boot policy), this
+ * will return -ENOENT.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t read_pkcs7(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ struct ipe_policy *p = NULL;
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p)
+ return -ENOENT;
+
+ if (!p->pkcs7) {
+ rc = -ENOENT;
+ goto out;
+ }
+
+ rc = simple_read_from_buffer(data, len, offset, p->pkcs7, p->pkcs7len);
+
+out:
+ return rc;
+}
+
+/**
+ * read_policy - Read handler for "ipe/policies/$name/policy".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * @data will be populated with the plain-text version of the policy
+ * on success.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t read_policy(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ struct ipe_policy *p = NULL;
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p)
+ return -ENOENT;
+
+ rc = simple_read_from_buffer(data, len, offset, p->text, p->textlen);
+
+ return rc;
+}
+
+/**
+ * read_name: Read handler for "ipe/policies/$name/name".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * @data will be populated with the policy_name attribute on success.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t read_name(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ struct ipe_policy *p = NULL;
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p)
+ return -ENOENT;
+
+ rc = simple_read_from_buffer(data, len, offset, p->parsed->name,
+ strlen(p->parsed->name));
+
+ return rc;
+}
+
+/**
+ * read_version - Read handler for "ipe/policies/$name/version".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * @data will be populated with the version string on success.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t read_version(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ ssize_t rc = 0;
+ size_t bufsize = 0;
+ struct ipe_policy *p = NULL;
+ char buffer[MAX_VERSION_SIZE] = { 0 };
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p)
+ return -ENOENT;
+
+ bufsize = scnprintf(buffer, ARRAY_SIZE(buffer), "%hu.%hu.%hu",
+ p->parsed->version.major, p->parsed->version.minor,
+ p->parsed->version.rev);
+
+ rc = simple_read_from_buffer(data, len, offset, buffer, bufsize);
+
+ return rc;
+}
+
+/**
+ * setactive - Write handler for "ipe/policies/$name/active".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t setactive(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ bool value = false;
+ struct ipe_policy *p = NULL;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ rc = kstrtobool_from_user(data, len, &value);
+ if (rc)
+ goto out;
+
+ if (!value) {
+ rc = -EINVAL;
+ goto out;
+ }
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p) {
+ rc = -ENOENT;
+ goto out;
+ }
+
+ rc = ipe_set_active_pol(p);
+
+out:
+ return (rc < 0) ? rc : len;
+}
+
+/**
+ * getactive - Read handler for "ipe/policies/$name/active".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Suppleis a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * @data will be populated with the 1 or 0 depending on if the
+ * corresponding policy is active.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t getactive(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ const char *str;
+ struct ipe_policy *p = NULL;
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p) {
+ rc = -ENOENT;
+ goto out;
+ }
+
+ str = ipe_is_policy_active(p) ? "1" : "0";
+ rc = simple_read_from_buffer(data, len, offset, str, 1);
+
+out:
+ return rc;
+}
+
+/**
+ * update_policy - Write handler for "ipe/policies/$name/update".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * On success this updates the policy represented by $name,
+ * in-place.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t update_policy(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ char *copy = NULL;
+ struct inode *ino = NULL;
+ struct ipe_policy *new = NULL;
+ struct ipe_policy __rcu **addr = NULL;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ copy = memdup_user(data, len);
+ if (IS_ERR(copy)) {
+ rc = PTR_ERR(copy);
+ goto err;
+ }
+
+ ino = d_inode(f->f_path.dentry->d_parent);
+ inode_lock(ino);
+ addr = find_policy(f);
+ new = ipe_update_policy(addr, NULL, 0, copy, len);
+ inode_unlock(ino);
+ synchronize_rcu();
+ if (IS_ERR(new)) {
+ rc = PTR_ERR(new);
+ goto err;
+ }
+
+ kfree(copy);
+ return len;
+err:
+ kfree(copy);
+ return rc;
+}
+
+/**
+ * delete_policy - write handler for "ipe/policies/$name/delete".
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * On success this deletes the policy represented by $name.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t delete_policy(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ bool value = false;
+ struct ipe_policy *p = NULL;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ rc = kstrtobool_from_user(data, len, &value);
+ if (rc)
+ goto out;
+
+ if (!value) {
+ rc = -EINVAL;
+ goto out;
+ }
+
+ p = ipe_get_policy_rcu(*find_policy(f));
+ if (!p) {
+ rc = -ENOENT;
+ goto out;
+ }
+
+ if (ipe_is_policy_active(p)) {
+ rc = -EPERM;
+ goto out;
+ }
+
+ ipe_free_policy(p);
+out:
+ return (rc < 0) ? rc : len;
+}
+
+static const struct file_operations content_fops = {
+ .read = read_policy,
+};
+
+static const struct file_operations pkcs7_fops = {
+ .read = read_pkcs7,
+};
+
+static const struct file_operations name_fops = {
+ .read = read_name,
+};
+
+static const struct file_operations ver_fops = {
+ .read = read_version,
+};
+
+static const struct file_operations active_fops = {
+ .write = setactive,
+ .read = getactive,
+};
+
+static const struct file_operations update_fops = {
+ .write = update_policy,
+};
+
+static const struct file_operations delete_fops = {
+ .write = delete_policy,
+};
+
+/**
+ * policy_subdir - files under a policy subdirectory
+ */
+static const struct ipefs_file policy_subdir[] = {
+ { "pkcs7", 0444, &pkcs7_fops },
+ { "policy", 0444, &content_fops },
+ { "name", 0444, &name_fops },
+ { "version", 0444, &ver_fops },
+ { "active", 0600, &active_fops },
+ { "update", 0200, &update_fops },
+ { "delete", 0200, &delete_fops },
+};
+
+/**
+ * soft_del_policyfs - soft delete a policyfs node.
+ * @p: Supplies a ipe_policy associated with the node to delete.
+ *
+ * This deletes the i_private field of a policyfs node.
+ */
+static void soft_del_policyfs(struct ipe_policy *p)
+{
+ struct inode *ino = NULL;
+ struct ipe_policy __rcu **addr = NULL;
+
+ ino = d_inode(p->policyfs);
+ addr = (struct ipe_policy __rcu **)&ino->i_private;
+
+ inode_lock(ino);
+ rcu_assign_pointer(*addr, NULL);
+ inode_unlock(ino);
+ synchronize_rcu();
+}
+
+/**
+ * ipe_del_policyfs_node - Delete a securityfs entry for @p.
+ * @p: Supplies a pointer to the policy to delete a securityfs entry for.
+ */
+void ipe_del_policyfs_node(struct ipe_policy *p)
+{
+ if (IS_ERR_OR_NULL(p->policyfs))
+ return;
+
+ soft_del_policyfs(p);
+ securityfs_recursive_remove(p->policyfs);
+}
+
+/**
+ * ipe_new_policyfs_node - Create a securityfs entry for @p.
+ * @p: Supplies a pointer to the policy to create a securityfs entry for.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_new_policyfs_node(struct ipe_policy *p)
+{
+ int rc = 0;
+ size_t i = 0;
+ struct dentry *d = NULL;
+ struct ipe_policy **addr = NULL;
+ const struct ipefs_file *f = NULL;
+
+ p->policyfs = securityfs_create_dir(p->parsed->name, policy_root);
+ if (IS_ERR(p->policyfs)) {
+ rc = PTR_ERR(p->policyfs);
+ goto err;
+ }
+
+ addr = (struct ipe_policy **)&(d_inode(p->policyfs)->i_private);
+ *addr = p;
+
+ for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
+ f = &policy_subdir[i];
+
+ d = securityfs_create_file(f->name, f->access, p->policyfs, p->policyfs,
+ f->fops);
+ if (IS_ERR(d)) {
+ rc = PTR_ERR(d);
+ goto err;
+ }
+ }
+
+ return 0;
+err:
+ ipe_del_policyfs_node(p);
+ return rc;
+}
--
2.39.0


2023-01-30 22:59:53

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 08/16] ipe: add permissive toggle

From: Deven Bowers <[email protected]>

IPE, like SELinux, supports a permissive mode. This mode allows policy
authors to test and evaluate IPE policy without it effecting their
programs. When the mode is changed, a 1404 AUDIT_MAC_STATUS
be reported.

This patch adds the following audit records:

audit: MAC_STATUS permissive=1 auid=4294967295 ses=4294967295 lsm=ipe
res=1
audit: MAC_STATUS permissive=0 auid=4294967295 ses=4294967295 lsm=ipe
res=1

These records are emitted within the following events:

audit: MAC_STATUS permissive=1 auid=4294967295 ses=4294967295 lsm=ipe
res=1
audit[185]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=1
a1=56308bb3ecc0 a2=2 a3=7f290fdc53e0 items=0 ppid=183 pid=185
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=pts0 ses=4294967295 comm="bash" exe="/usr/bin/bash" key=(null)
audit: PROCTITLE proctitle="-bash"
audit: MAC_STATUS permissive=0 auid=4294967295 ses=4294967295 lsm=ipe
res=1
audit[185]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=1
a1=56308bb3ecc0 a2=2 a3=7f290fdc53e0 items=0 ppid=183 pid=185
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=pts0 ses=4294967295 comm="bash" exe="/usr/bin/bash" key=(null)
audit: PROCTITLE proctitle="-bash"

Implying user used bash to toggle the switch.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move ipe_load_properties to patch 04.
+ Remove useless 0-initializations
+ Prefix extern variables with ipe_
+ Remove kernel module parameters, as these are
exposed through sysctls.
+ Add more prose to the IPE base config option
help text.
+ Use GFP_KERNEL for audit_log_start.
+ Remove unnecessary caching system.
+ Remove comments from headers
+ Use rcu_access_pointer for rcu-pointer null check
+ Remove usage of reqprot; use prot only.
+ Move policy load and activation audit event to 03/12

v4:
+ Remove sysctls in favor of securityfs nodes
+ Re-add kernel module parameters, as these are now
exposed through securityfs.
+ Refactor property audit loop to a separate function.

v5:
+ fix minor grammatical errors
+ do not group rule by curly-brace in audit record,
reconstruct the exact rule.

v6:
+ No changes

v7:
+ Further split lsm creation into a separate commit from the
evaluation loop and audit system, for easier review.
+ Propogating changes to support the new ipe_context structure in the
evaluation loop.
+ Split out permissive functionality into a separate patch for easier
review.
+ Remove permissive switch compile-time configuration option - this
is trivial to add later.

v8:
+ Remove "IPE" prefix from permissive audit record
+ align fields to the linux-audit field dictionary. This causes the
following fields to change:
enforce -> permissive

+ Remove duplicated information correlated with syscall record, that
will always be present in the audit event.
+ Change audit types:
+ AUDIT_TRUST_STATUS -> AUDIT_MAC_STATUS
+ There is no significant difference in meaning between
these types.

v9:
+ Clean up ipe_context related code
---
security/ipe/audit.c | 36 +++++++++++++++++++++++
security/ipe/audit.h | 1 +
security/ipe/eval.c | 9 ++++++
security/ipe/eval.h | 1 +
security/ipe/fs.c | 69 ++++++++++++++++++++++++++++++++++++++++++--
5 files changed, 114 insertions(+), 2 deletions(-)

diff --git a/security/ipe/audit.c b/security/ipe/audit.c
index 295e9f9f5146..ff74026a595f 100644
--- a/security/ipe/audit.c
+++ b/security/ipe/audit.c
@@ -194,3 +194,39 @@ void ipe_audit_policy_load(const struct ipe_policy *const p)

audit_log_end(ab);
}
+
+/**
+ * ipe_audit_enforce - Audit a change in IPE's enforcement state.
+ */
+void ipe_audit_enforce(void)
+{
+ struct audit_buffer *ab;
+
+ ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS);
+ if (!ab)
+ return;
+
+ audit_log_format(ab, "permissive=%d", !READ_ONCE(enforce));
+ audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
+ from_kuid(&init_user_ns, audit_get_loginuid(current)),
+ audit_get_sessionid(current));
+
+ audit_log_end(ab);
+}
+
+/**
+ * emit_enforcement - Emit the enforcement state of IPE started with.
+ *
+ * Return:
+ * 0 - Always
+ */
+static int emit_enforcement(void)
+{
+ if (!ipe_enabled)
+ return -EOPNOTSUPP;
+
+ ipe_audit_enforce();
+ return 0;
+}
+
+late_initcall(emit_enforcement);
diff --git a/security/ipe/audit.h b/security/ipe/audit.h
index 2e9b99737f97..4c676ed32846 100644
--- a/security/ipe/audit.h
+++ b/security/ipe/audit.h
@@ -14,5 +14,6 @@ void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
void ipe_audit_policy_load(const struct ipe_policy *const p);
void ipe_audit_policy_activation(const struct ipe_policy *const op,
const struct ipe_policy *const np);
+void ipe_audit_enforce(void);

#endif /* IPE_AUDIT_H */
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
index d713808cad9c..499314554b1d 100644
--- a/security/ipe/eval.c
+++ b/security/ipe/eval.c
@@ -20,6 +20,7 @@

struct ipe_policy __rcu *ipe_active_policy;
bool success_audit;
+bool enforce = true;

static struct super_block *pinned_sb;
static DEFINE_SPINLOCK(pin_lock);
@@ -119,6 +120,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
{
int rc = 0;
bool match = false;
+ bool enforcing = true;
enum ipe_action_type action;
enum ipe_match match_type;
struct ipe_policy *pol = NULL;
@@ -133,6 +135,8 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
if (!pol)
goto out;

+ enforcing = READ_ONCE(enforce);
+
if (ctx->op == ipe_op_max) {
action = pol->parsed->global_default_action;
match_type = ipe_match_global;
@@ -168,6 +172,9 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
if (action == ipe_action_deny)
rc = -EACCES;

+ if (!enforcing)
+ rc = 0;
+
out:
return rc;
}
@@ -198,3 +205,5 @@ void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)

module_param(success_audit, bool, 0400);
MODULE_PARM_DESC(success_audit, "Start IPE with success auditing enabled");
+module_param(enforce, bool, 0400);
+MODULE_PARM_DESC(enforce, "Start IPE in enforce or permissive mode");
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
index b83730d0b5ae..64369c3b8cf9 100644
--- a/security/ipe/eval.h
+++ b/security/ipe/eval.h
@@ -14,6 +14,7 @@

extern struct ipe_policy __rcu *ipe_active_policy;
extern bool success_audit;
+extern bool enforce;

struct ipe_eval_ctx {
enum ipe_op_type op;
diff --git a/security/ipe/fs.c b/security/ipe/fs.c
index c99616f36f32..bbee17b59b1b 100644
--- a/security/ipe/fs.c
+++ b/security/ipe/fs.c
@@ -15,6 +15,7 @@ static struct dentry *np __ro_after_init;
static struct dentry *root __ro_after_init;
struct dentry *policy_root __ro_after_init;
static struct dentry *audit_node __ro_after_init;
+static struct dentry *enforce_node __ro_after_init;

/**
* setaudit - Write handler for the securityfs node, "ipe/success_audit"
@@ -48,8 +49,8 @@ static ssize_t setaudit(struct file *f, const char __user *data,
/**
* getaudit - Read handler for the securityfs node, "ipe/success_audit"
* @f: Supplies a file structure representing the securityfs node.
- * @data: Supplies a buffer passed to the read syscall
- * @len: Supplies the length of @data
+ * @data: Supplies a buffer passed to the read syscall.
+ * @len: Supplies the length of @data.
* @offset: unused.
*
* Return:
@@ -66,6 +67,57 @@ static ssize_t getaudit(struct file *f, char __user *data,
return simple_read_from_buffer(data, len, offset, result, 1);
}

+/**
+ * setenforce - Write handler for the securityfs node, "ipe/enforce"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the write syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t setenforce(struct file *f, const char __user *data,
+ size_t len, loff_t *offset)
+{
+ int rc = 0;
+ bool value;
+
+ if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
+ return -EPERM;
+
+ rc = kstrtobool_from_user(data, len, &value);
+ if (rc)
+ return rc;
+
+ WRITE_ONCE(enforce, value);
+ ipe_audit_enforce();
+
+ return len;
+}
+
+/**
+ * getenforce - Read handler for the securityfs node, "ipe/enforce"
+ * @f: Supplies a file structure representing the securityfs node.
+ * @data: Supplies a buffer passed to the read syscall.
+ * @len: Supplies the length of @data.
+ * @offset: unused.
+ *
+ * Return:
+ * * >0 - Success, Length of buffer written
+ * * <0 - Error
+ */
+static ssize_t getenforce(struct file *f, char __user *data,
+ size_t len, loff_t *offset)
+{
+ const char *result;
+
+ result = ((READ_ONCE(enforce)) ? "1" : "0");
+
+ return simple_read_from_buffer(data, len, offset, result, 1);
+}
+
/**
* new_policy - Write handler for the securityfs node, "ipe/new_policy".
* @f: Supplies a file structure representing the securityfs node.
@@ -118,6 +170,11 @@ static const struct file_operations audit_fops = {
.read = getaudit,
};

+static const struct file_operations enforce_fops = {
+ .write = setenforce,
+ .read = getenforce,
+};
+
/**
* ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
*
@@ -151,6 +208,13 @@ static int __init ipe_init_securityfs(void)
goto err;
}

+ enforce_node = securityfs_create_file("enforce", 0600, root, NULL,
+ &enforce_fops);
+ if (IS_ERR(enforce_node)) {
+ rc = PTR_ERR(enforce_node);
+ goto err;
+ }
+
policy_root = securityfs_create_dir("policies", root);
if (IS_ERR(policy_root)) {
rc = PTR_ERR(policy_root);
@@ -162,6 +226,7 @@ static int __init ipe_init_securityfs(void)
securityfs_remove(np);
securityfs_remove(root);
securityfs_remove(audit_node);
+ securityfs_remove(enforce_node);
securityfs_remove(policy_root);
return rc;
}
--
2.39.0


2023-01-30 22:59:55

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 12/16] fsverity: consume builtin signature via LSM hook

fsverity represents a mechanism to support both integrity and
authenticity protection of a file, supporting both signed and unsigned
digests.

An LSM which controls access to a resource based on authenticity and
integrity of said resource, can then use this data to make an informed
decision on the authorization (provided by the LSM's policy) of said
claim.

This effectively allows the extension of a policy enforcement layer in
LSM for fsverity, allowing for more granular control of how a
particular authenticity claim can be used. For example, "all (built-in)
signed fsverity files should be allowed to execute, but only these
hashes are allowed to be loaded as kernel modules".

This enforcement must be done in kernel space, as a userspace only
solution would fail a simple litmus test: Download a self-contained
malicious binary that never touches the userspace stack. This
binary would still be able to execute.

Signed-off-by: Fan Wu <[email protected]>
Signed-off-by: Deven Bowers <[email protected]>
---
v1-v6:
+ Not present

v7:
Introduced

v8:
+ Split fs/verity/ changes and security/ changes into separate patches
+ Change signature of fsverity_create_info to accept non-const inode
+ Change signature of fsverity_verify_signature to accept non-const inode
+ Don't cast-away const from inode.
+ Digest functionality dropped in favor of:
("fs-verity: define a function to return the integrity protected
file digest")
+ Reworded commit description and title to match changes.
+ Fix a bug wherein no LSM implements the particular fsverity @name
(or LSM is disabled), and returns -EOPNOTSUPP, causing errors.

v9:
+ No changes
---
fs/verity/fsverity_private.h | 2 +-
fs/verity/open.c | 13 ++++++++++++-
fs/verity/signature.c | 1 +
include/linux/fsverity.h | 2 ++
4 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/fs/verity/fsverity_private.h b/fs/verity/fsverity_private.h
index c7fcb855e068..3194a1f4a705 100644
--- a/fs/verity/fsverity_private.h
+++ b/fs/verity/fsverity_private.h
@@ -117,7 +117,7 @@ int fsverity_init_merkle_tree_params(struct merkle_tree_params *params,
unsigned int log_blocksize,
const u8 *salt, size_t salt_size);

-struct fsverity_info *fsverity_create_info(const struct inode *inode,
+struct fsverity_info *fsverity_create_info(struct inode *inode,
struct fsverity_descriptor *desc);

void fsverity_set_info(struct inode *inode, struct fsverity_info *vi);
diff --git a/fs/verity/open.c b/fs/verity/open.c
index 81ff94442f7b..7e6fa52c0e9c 100644
--- a/fs/verity/open.c
+++ b/fs/verity/open.c
@@ -7,7 +7,9 @@

#include "fsverity_private.h"

+#include <linux/security.h>
#include <linux/slab.h>
+#include <crypto/public_key.h>

static struct kmem_cache *fsverity_info_cachep;

@@ -146,7 +148,7 @@ static int compute_file_digest(struct fsverity_hash_alg *hash_alg,
* appended signature), and check the signature if present. The
* fsverity_descriptor must have already undergone basic validation.
*/
-struct fsverity_info *fsverity_create_info(const struct inode *inode,
+struct fsverity_info *fsverity_create_info(struct inode *inode,
struct fsverity_descriptor *desc)
{
struct fsverity_info *vi;
@@ -182,6 +184,15 @@ struct fsverity_info *fsverity_create_info(const struct inode *inode,

err = fsverity_verify_signature(vi, desc->signature,
le32_to_cpu(desc->sig_size));
+ if (err) {
+ fsverity_err(inode, "Error %d verifying signature", err);
+ goto out;
+ }
+
+ err = security_inode_setsecurity(inode, FS_VERITY_INODE_SEC_NAME, desc->signature,
+ le32_to_cpu(desc->sig_size), 0);
+ if (err == -EOPNOTSUPP)
+ err = 0;
out:
if (err) {
fsverity_free_info(vi);
diff --git a/fs/verity/signature.c b/fs/verity/signature.c
index 143a530a8008..5d7b9496f9c4 100644
--- a/fs/verity/signature.c
+++ b/fs/verity/signature.c
@@ -9,6 +9,7 @@

#include <linux/cred.h>
#include <linux/key.h>
+#include <linux/security.h>
#include <linux/slab.h>
#include <linux/verification.h>

diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 40f14e5fed9d..29e9888287ba 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -254,4 +254,6 @@ static inline bool fsverity_active(const struct inode *inode)
return fsverity_get_info(inode) != NULL;
}

+#define FS_VERITY_INODE_SEC_NAME "fsverity.inode-info"
+
#endif /* _LINUX_FSVERITY_H */
--
2.39.0


2023-01-30 22:59:59

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 06/16] ipe: add LSM hooks on execution and kernel read

From: Deven Bowers <[email protected]>

IPE's initial goal is to control both execution and the loading of
kernel modules based on the system's definition of trust. It
accomplishes this by plugging into the security hooks for
bprm_check_security, file_mprotect, mmap_file, kernel_load_data,
and kernel_read_data.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move ipe_load_properties to patch 04.
+ Remove useless 0-initializations
+ Prefix extern variables with ipe_
+ Remove kernel module parameters, as these are
exposed through sysctls.
+ Add more prose to the IPE base config option
help text.
+ Use GFP_KERNEL for audit_log_start.
+ Remove unnecessary caching system.
+ Remove comments from headers
+ Use rcu_access_pointer for rcu-pointer null check
+ Remove usage of reqprot; use prot only.
+ Move policy load and activation audit event to 03/12

v4:
+ Remove sysctls in favor of securityfs nodes
+ Re-add kernel module parameters, as these are now
exposed through securityfs.
+ Refactor property audit loop to a separate function.

v5:
+ fix minor grammatical errors
+ do not group rule by curly-brace in audit record,
reconstruct the exact rule.

v6:
+ No changes

v7:
+ Further split lsm creation, the audit system, the evaluation loop
and access control hooks into separate commits.

v8:
+ Rename hook functions to follow the lsmname_hook_name convention
+ Remove ipe_hook enumeration, can be derived from correlation with
syscall audit record.

v9:
+ Minor changes for adapting to the new parser
---
security/ipe/hooks.c | 169 +++++++++++++++++++++++++++++++++++++++++++
security/ipe/hooks.h | 13 ++++
security/ipe/ipe.c | 6 ++
3 files changed, 188 insertions(+)

diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
index 335b773c7ae1..fd5109e29c76 100644
--- a/security/ipe/hooks.c
+++ b/security/ipe/hooks.c
@@ -23,3 +23,172 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
{
ipe_invalidate_pinned_sb(mnt_sb);
}
+
+/**
+ * ipe_bprm_check_security - ipe security hook function for bprm check.
+ * @bprm: Supplies a pointer to a linux_binprm structure to source the file
+ * being evaluated.
+ *
+ * This LSM hook is called when a binary is loaded through the exec
+ * family of system calls.
+ * Return:
+ * *0 - OK
+ * *!0 - Error
+ */
+int ipe_bprm_check_security(struct linux_binprm *bprm)
+{
+ struct ipe_eval_ctx ctx = { 0 };
+
+ build_eval_ctx(&ctx, bprm->file, ipe_op_exec);
+ return ipe_evaluate_event(&ctx);
+}
+
+/**
+ * ipe_mmap_file - ipe security hook function for mmap check.
+ * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
+ * @reqprot: The requested protection on the mmap, passed from usermode.
+ * @prot: The effective protection on the mmap, resolved from reqprot and
+ * system configuration.
+ * @flags: Unused.
+ *
+ * This hook is called when a file is loaded through the mmap
+ * family of system calls.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
+ unsigned long flags)
+{
+ struct ipe_eval_ctx ctx = { 0 };
+
+ if (prot & PROT_EXEC || reqprot & PROT_EXEC) {
+ build_eval_ctx(&ctx, f, ipe_op_exec);
+ return ipe_evaluate_event(&ctx);
+ }
+
+ return 0;
+}
+
+/**
+ * ipe_file_mprotect - ipe security hook function for mprotect check.
+ * @vma: Existing virtual memory area created by mmap or similar.
+ * @reqprot: The requested protection on the mmap, passed from usermode.
+ * @prot: The effective protection on the mmap, resolved from reqprot and
+ * system configuration.
+ *
+ * This LSM hook is called when a mmap'd region of memory is changing
+ * its protections via mprotect.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot)
+{
+ struct ipe_eval_ctx ctx = { 0 };
+
+ /* Already Executable */
+ if (vma->vm_flags & VM_EXEC)
+ return 0;
+
+ if (prot & PROT_EXEC) {
+ build_eval_ctx(&ctx, vma->vm_file, ipe_op_exec);
+ return ipe_evaluate_event(&ctx);
+ }
+
+ return 0;
+}
+
+/**
+ * ipe_kernel_read_file - ipe security hook function for kernel read.
+ * @file: Supplies a pointer to the file structure being read in from disk.
+ * @id: Supplies the enumeration identifying the purpose of the read.
+ * @contents: Unused.
+ *
+ * This LSM hook is called when a file is being read in from disk from
+ * the kernel.
+ *
+ * Return:
+ * 0 - OK
+ * !0 - Error
+ */
+int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
+ bool contents)
+{
+ enum ipe_op_type op;
+ struct ipe_eval_ctx ctx;
+
+ switch (id) {
+ case READING_FIRMWARE:
+ op = ipe_op_firmware;
+ break;
+ case READING_MODULE:
+ op = ipe_op_kernel_module;
+ break;
+ case READING_KEXEC_INITRAMFS:
+ op = ipe_op_kexec_initramfs;
+ break;
+ case READING_KEXEC_IMAGE:
+ op = ipe_op_kexec_image;
+ break;
+ case READING_POLICY:
+ op = ipe_op_ima_policy;
+ break;
+ case READING_X509_CERTIFICATE:
+ op = ipe_op_ima_x509;
+ break;
+ default:
+ op = ipe_op_max;
+ WARN(op == ipe_op_max, "no rule setup for enum %d", id);
+ }
+
+ build_eval_ctx(&ctx, file, op);
+ return ipe_evaluate_event(&ctx);
+}
+
+/**
+ * ipe_kernel_load_data - ipe security hook function for kernel load data.
+ * @id: Supplies the enumeration identifying the purpose of the read.
+ * @contents: Unused.
+ *
+ * This LSM hook is called when a buffer is being read in from disk.
+ *
+ * Return:
+ * * 0 - OK
+ * * !0 - Error
+ */
+int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents)
+{
+ enum ipe_op_type op;
+ struct ipe_eval_ctx ctx = { 0 };
+
+ switch (id) {
+ case LOADING_FIRMWARE:
+ op = ipe_op_firmware;
+ break;
+ case LOADING_MODULE:
+ op = ipe_op_kernel_module;
+ break;
+ case LOADING_KEXEC_INITRAMFS:
+ op = ipe_op_kexec_initramfs;
+ break;
+ case LOADING_KEXEC_IMAGE:
+ op = ipe_op_kexec_image;
+ break;
+ case LOADING_POLICY:
+ op = ipe_op_ima_policy;
+ break;
+ case LOADING_X509_CERTIFICATE:
+ op = ipe_op_ima_x509;
+ break;
+ default:
+ op = ipe_op_max;
+ WARN(op == ipe_op_max, "no rule setup for enum %d", id);
+ }
+
+ build_eval_ctx(&ctx, NULL, op);
+ return ipe_evaluate_event(&ctx);
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
index 30fe455389bf..857cae69678c 100644
--- a/security/ipe/hooks.h
+++ b/security/ipe/hooks.h
@@ -11,4 +11,17 @@

void ipe_sb_free_security(struct super_block *mnt_sb);

+int ipe_bprm_check_security(struct linux_binprm *bprm);
+
+int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
+ unsigned long flags);
+
+int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
+ unsigned long prot);
+
+int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
+ bool contents);
+
+int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);
+
#endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index bef923026b50..7af2f942decd 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -4,6 +4,7 @@
*/

#include "ipe.h"
+#include "hooks.h"

bool ipe_enabled;

@@ -12,6 +13,11 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {

static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
+ LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
+ LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
+ LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
+ LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
+ LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
};

/**
--
2.39.0


2023-01-30 23:00:02

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 10/16] dm-verity: consume root hash digest and signature data via LSM hook

From: Deven Bowers <[email protected]>

dm-verity provides a strong guarantee of a block device's integrity. As
a generic way to check the integrity of a block device, it provides
those integrity guarantees to its higher layers, including the filesystem
level.

An LSM that control access to a resource on the system based on the
available integrity claims can use this transitive property of
dm-verity, by querying the underlying block_device of a particular
file.

The digest and signature information need to be stored in the block
device to fulfill the next requirement of authorization via LSM policy.
This will enable the LSM to perform revocation of devices that are still
mounted, prohibiting execution of files that are no longer authorized
by the LSM in question.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>
---
v2:
+ No Changes

v3:
+ No changes

v4:
+ No changes

v5:
+ No changes

v6:
+ Fix an improper cleanup that can result in
a leak

v7:
+ Squash patch 08/12, 10/12 to [11/16]
+ Use part0 for block_device, to retrieve the block_device, when
calling security_bdev_setsecurity

v8:
+ Undo squash of 08/12, 10/12 - separating drivers/md/ from
security/ & block/
+ Use common-audit function for dmverity_signature.
+ Change implementation for storing the dm-verity digest to use the
newly introduced dm_verity_digest structure introduced in patch
14/20.
+ Create new structure, dm_verity_digest, containing digest algorithm,
size, and digest itself to pass to the LSM layer. V7 was missing the
algorithm.
+ Create an associated public header containing this new structure and
the key values for the LSM hook, specific to dm-verity.
+ Additional information added to commit, discussing the layering of
the changes and how the information passed will be used.

v9:
+ No changes
---
drivers/md/dm-verity-target.c | 25 +++++++++++++++++++++++--
drivers/md/dm-verity-verify-sig.c | 16 +++++++++++++---
drivers/md/dm-verity-verify-sig.h | 10 ++++++----
include/linux/dm-verity.h | 19 +++++++++++++++++++
4 files changed, 61 insertions(+), 9 deletions(-)
create mode 100644 include/linux/dm-verity.h

diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c
index ccf5b852fbf7..afea61eed4ec 100644
--- a/drivers/md/dm-verity-target.c
+++ b/drivers/md/dm-verity-target.c
@@ -13,6 +13,7 @@
* access behavior.
*/

+#include "dm-core.h"
#include "dm-verity.h"
#include "dm-verity-fec.h"
#include "dm-verity-verify-sig.h"
@@ -21,6 +22,9 @@
#include <linux/scatterlist.h>
#include <linux/string.h>
#include <linux/jump_label.h>
+#include <linux/security.h>
+#include <linux/dm-verity.h>
+#include <crypto/hash_info.h>

#define DM_MSG_PREFIX "verity"

@@ -1169,6 +1173,8 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
sector_t hash_position;
char dummy;
char *root_hash_digest_to_validate;
+ struct block_device *bdev;
+ struct dm_verity_digest root_digest;

v = kzalloc(sizeof(struct dm_verity), GFP_KERNEL);
if (!v) {
@@ -1211,6 +1217,13 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
}
v->version = num;

+ bdev = dm_table_get_md(ti->table)->disk->part0;
+ if (!bdev) {
+ ti->error = "Mapped device lookup failed";
+ r = -ENOMEM;
+ goto bad;
+ }
+
r = dm_get_device(ti, argv[1], FMODE_READ, &v->data_dev);
if (r) {
ti->error = "Data device lookup failed";
@@ -1343,7 +1356,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
}

/* Root hash signature is a optional parameter*/
- r = verity_verify_root_hash(root_hash_digest_to_validate,
+ r = verity_verify_root_hash(bdev, root_hash_digest_to_validate,
strlen(root_hash_digest_to_validate),
verify_args.sig,
verify_args.sig_size);
@@ -1428,12 +1441,20 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
ti->per_io_data_size = roundup(ti->per_io_data_size,
__alignof__(struct dm_verity_io));

+ root_digest.digest = v->root_digest;
+ root_digest.digest_len = v->digest_size;
+ root_digest.algo = v->alg_name;
+
+ r = security_bdev_setsecurity(bdev, DM_VERITY_ROOTHASH_SEC_NAME, &root_digest,
+ sizeof(root_digest));
+ if (r)
+ goto bad;
+
verity_verify_sig_opts_cleanup(&verify_args);

return 0;

bad:
-
verity_verify_sig_opts_cleanup(&verify_args);
verity_dtr(ti);

diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c
index db61a1f43ae9..5a73b91157d5 100644
--- a/drivers/md/dm-verity-verify-sig.c
+++ b/drivers/md/dm-verity-verify-sig.c
@@ -9,6 +9,9 @@
#include <linux/verification.h>
#include <keys/user-type.h>
#include <linux/module.h>
+#include <linux/security.h>
+#include <linux/dm-verity.h>
+#include "dm-core.h"
#include "dm-verity.h"
#include "dm-verity-verify-sig.h"

@@ -97,14 +100,17 @@ int verity_verify_sig_parse_opt_args(struct dm_arg_set *as,
* verify_verify_roothash - Verify the root hash of the verity hash device
* using builtin trusted keys.
*
+ * @bdev: block_device representing the device-mapper created block device.
+ * Used by the security hook, to set information about the block_device.
* @root_hash: For verity, the roothash/data to be verified.
* @root_hash_len: Size of the roothash/data to be verified.
* @sig_data: The trusted signature that verifies the roothash/data.
* @sig_len: Size of the signature.
*
*/
-int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
- const void *sig_data, size_t sig_len)
+int verity_verify_root_hash(struct block_device *bdev, const void *root_hash,
+ size_t root_hash_len, const void *sig_data,
+ size_t sig_len)
{
int ret;

@@ -126,8 +132,12 @@ int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
NULL,
#endif
VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
+ if (ret)
+ return ret;

- return ret;
+ return security_bdev_setsecurity(bdev,
+ DM_VERITY_SIGNATURE_SEC_NAME,
+ sig_data, sig_len);
}

void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts)
diff --git a/drivers/md/dm-verity-verify-sig.h b/drivers/md/dm-verity-verify-sig.h
index 3987c7141f79..31692fff92e4 100644
--- a/drivers/md/dm-verity-verify-sig.h
+++ b/drivers/md/dm-verity-verify-sig.h
@@ -20,8 +20,9 @@ struct dm_verity_sig_opts {

#define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 2

-int verity_verify_root_hash(const void *data, size_t data_len,
- const void *sig_data, size_t sig_len);
+int verity_verify_root_hash(struct block_device *bdev, const void *data,
+ size_t data_len, const void *sig_data,
+ size_t sig_len);
bool verity_verify_is_sig_opt_arg(const char *arg_name);

int verity_verify_sig_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v,
@@ -34,8 +35,9 @@ void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts);

#define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 0

-static inline int verity_verify_root_hash(const void *data, size_t data_len,
- const void *sig_data, size_t sig_len)
+int verity_verify_root_hash(struct block_device *bdev, const void *data,
+ size_t data_len, const void *sig_data,
+ size_t sig_len)
{
return 0;
}
diff --git a/include/linux/dm-verity.h b/include/linux/dm-verity.h
new file mode 100644
index 000000000000..bb0413d55d72
--- /dev/null
+++ b/include/linux/dm-verity.h
@@ -0,0 +1,19 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+
+#ifndef _LINUX_DM_VERITY_H
+#define _LINUX_DM_VERITY_H
+
+#include <linux/types.h>
+#include <crypto/hash_info.h>
+#include <linux/device-mapper.h>
+
+struct dm_verity_digest {
+ const char *algo;
+ const u8 *digest;
+ size_t digest_len;
+};
+
+#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME ".verity-signature"
+#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME ".verity-roothash"
+
+#endif /* _LINUX_DM_VERITY_H */
--
2.39.0


2023-01-30 23:00:06

by Fan Wu

[permalink] [raw]
Subject: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

From: Deven Bowers <[email protected]>

IPE must have a centralized function to evaluate incoming callers
against IPE's policy. This iteration of the policy against the rules
for that specific caller is known as the evaluation loop.

In addition, IPE is designed to provide system level trust guarantees,
this usually implies that trust starts from bootup with a hardware root
of trust, which validates the bootloader. After this, the bootloader
verifies the kernel and the initramfs.

As there's no currently supported integrity method for initramfs, and
it's typically already verified by the bootloader, introduce a property
that causes the first superblock to have an execution to be "pinned",
which is typically initramfs.

Signed-off-by: Deven Bowers <[email protected]>
Signed-off-by: Fan Wu <[email protected]>

---
v2:
+ Split evaluation loop, access control hooks,
and evaluation loop from policy parser and userspace
interface to pass mailing list character limit

v3:
+ Move ipe_load_properties to patch 04.
+ Remove useless 0-initializations
+ Prefix extern variables with ipe_
+ Remove kernel module parameters, as these are
exposed through sysctls.
+ Add more prose to the IPE base config option
help text.
+ Use GFP_KERNEL for audit_log_start.
+ Remove unnecessary caching system.
+ Remove comments from headers
+ Use rcu_access_pointer for rcu-pointer null check
+ Remove usage of reqprot; use prot only.
+ Move policy load and activation audit event to 03/12

v4:
+ Remove sysctls in favor of securityfs nodes
+ Re-add kernel module parameters, as these are now
exposed through securityfs.
+ Refactor property audit loop to a separate function.

v5:
+ fix minor grammatical errors
+ do not group rule by curly-brace in audit record,
reconstruct the exact rule.

v6:
+ No changes

v7:
+ Further split lsm creation into a separate commit from the
evaluation loop and audit system, for easier review.

+ Propogating changes to support the new ipe_context structure in the
evaluation loop.

v8:
+ Remove ipe_hook enumeration; hooks can be correlated via syscall
record.

v9:
+ Remove ipe_context related code and simplify the evaluation loop.
+ Merge the evaluation loop commit with the boot_verified commit.
---
security/ipe/Makefile | 1 +
security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
security/ipe/eval.h | 28 ++++++
security/ipe/hooks.c | 25 +++++
security/ipe/hooks.h | 14 +++
security/ipe/ipe.c | 1 +
security/ipe/policy.c | 20 ++++
security/ipe/policy.h | 3 +
security/ipe/policy_parser.c | 8 +-
9 files changed, 279 insertions(+), 1 deletion(-)
create mode 100644 security/ipe/eval.c
create mode 100644 security/ipe/eval.h
create mode 100644 security/ipe/hooks.c
create mode 100644 security/ipe/hooks.h

diff --git a/security/ipe/Makefile b/security/ipe/Makefile
index 16bbe80991f1..d7f2870d7c09 100644
--- a/security/ipe/Makefile
+++ b/security/ipe/Makefile
@@ -6,6 +6,7 @@
#

obj-$(CONFIG_SECURITY_IPE) += \
+ eval.o \
hooks.o \
ipe.o \
policy.o \
diff --git a/security/ipe/eval.c b/security/ipe/eval.c
new file mode 100644
index 000000000000..48b5104a3463
--- /dev/null
+++ b/security/ipe/eval.c
@@ -0,0 +1,180 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "eval.h"
+#include "hooks.h"
+#include "policy.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+#include <linux/slab.h>
+#include <linux/file.h>
+#include <linux/sched.h>
+#include <linux/rcupdate.h>
+#include <linux/spinlock.h>
+
+struct ipe_policy __rcu *ipe_active_policy;
+
+static struct super_block *pinned_sb;
+static DEFINE_SPINLOCK(pin_lock);
+#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
+
+/**
+ * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
+ * @f: Supplies a file structure to source the super_block from.
+ */
+static void pin_sb(const struct file *f)
+{
+ if (!f)
+ return;
+ spin_lock(&pin_lock);
+ if (pinned_sb)
+ goto out;
+ pinned_sb = FILE_SUPERBLOCK(f);
+out:
+ spin_unlock(&pin_lock);
+}
+
+/**
+ * from_pinned - Determine whether @f is source from the pinned super_block.
+ * @f: Supplies a file structure to check against the pinned super_block.
+ *
+ * Return:
+ * * true - @f is sourced from the pinned super_block
+ * * false - @f is not sourced from the pinned super_block
+ */
+static bool from_pinned(const struct file *f)
+{
+ bool rv;
+
+ if (!f)
+ return false;
+ spin_lock(&pin_lock);
+ rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
+ spin_unlock(&pin_lock);
+ return rv;
+}
+
+/**
+ * build_eval_ctx - Build an evaluation context.
+ * @ctx: Supplies a pointer to the context to be populdated.
+ * @file: Supplies a pointer to the file to associated with the evaluation.
+ * @op: Supplies the IPE policy operation associated with the evaluation.
+ */
+void build_eval_ctx(struct ipe_eval_ctx *ctx,
+ const struct file *file,
+ enum ipe_op_type op)
+{
+ ctx->file = file;
+ ctx->op = op;
+ ctx->from_init_sb = from_pinned(file);
+}
+
+/**
+ * evaluate_property - Analyze @ctx against a property.
+ * @ctx: Supplies a pointer to the context to be evaluated.
+ * @p: Supplies a pointer to the property to be evaluated.
+ *
+ * Return:
+ * * true - The current @ctx match the @p
+ * * false - The current @ctx doesn't match the @p
+ */
+static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
+ struct ipe_prop *p)
+{
+ bool eval = false;
+
+ switch (p->type) {
+ case ipe_prop_boot_verified_false:
+ eval = !ctx->from_init_sb;
+ break;
+ case ipe_prop_boot_verified_true:
+ eval = ctx->from_init_sb;
+ break;
+ default:
+ eval = false;
+ }
+
+ return eval;
+}
+
+/**
+ * ipe_evaluate_event - Analyze @ctx against the current active policy.
+ * @ctx: Supplies a pointer to the context to be evaluated.
+ *
+ * This is the loop where all policy evaluation happens against IPE policy.
+ *
+ * Return:
+ * * 0 - OK
+ * * -EACCES - @ctx did not pass evaluation.
+ * * !0 - Error
+ */
+int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
+{
+ int rc = 0;
+ bool match = false;
+ enum ipe_action_type action;
+ struct ipe_policy *pol = NULL;
+ const struct ipe_rule *rule = NULL;
+ const struct ipe_op_table *rules = NULL;
+ struct ipe_prop *prop = NULL;
+
+ if (ctx->op == ipe_op_exec)
+ pin_sb(ctx->file);
+
+ pol = ipe_get_policy_rcu(ipe_active_policy);
+ if (!pol)
+ goto out;
+
+ if (ctx->op == ipe_op_max) {
+ action = pol->parsed->global_default_action;
+ goto eval;
+ }
+
+ rules = &pol->parsed->rules[ctx->op];
+
+ list_for_each_entry(rule, &rules->rules, next) {
+ match = true;
+
+ list_for_each_entry(prop, &rule->props, next)
+ match = match && evaluate_property(ctx, prop);
+
+ if (match)
+ break;
+ }
+
+ if (match)
+ action = rule->action;
+ else if (rules->default_action != ipe_action_max)
+ action = rules->default_action;
+ else
+ action = pol->parsed->global_default_action;
+
+eval:
+ if (action == ipe_action_deny)
+ rc = -EACCES;
+
+out:
+ return rc;
+}
+
+/**
+ * ipe_invalidate_pinned_sb - invalidte the ipe pinned super_block.
+ * @mnt_sb: super_block to check against the pinned super_block.
+ *
+ * This function is called a super_block like the initramfs's is freed,
+ * if the super_block is currently pinned by ipe it will be invalided,
+ * so ipe won't consider the block device is boot verified afterward.
+ */
+void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
+{
+ spin_lock(&pin_lock);
+
+ if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
+ pinned_sb = ERR_PTR(-EIO);
+
+ spin_unlock(&pin_lock);
+}
diff --git a/security/ipe/eval.h b/security/ipe/eval.h
new file mode 100644
index 000000000000..887797438b9b
--- /dev/null
+++ b/security/ipe/eval.h
@@ -0,0 +1,28 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#ifndef IPE_EVAL_H
+#define IPE_EVAL_H
+
+#include <linux/file.h>
+#include <linux/types.h>
+
+#include "hooks.h"
+#include "policy.h"
+
+extern struct ipe_policy __rcu *ipe_active_policy;
+
+struct ipe_eval_ctx {
+ enum ipe_op_type op;
+
+ const struct file *file;
+ bool from_init_sb;
+};
+
+void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
+int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
+void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
+
+#endif /* IPE_EVAL_H */
diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
new file mode 100644
index 000000000000..335b773c7ae1
--- /dev/null
+++ b/security/ipe/hooks.c
@@ -0,0 +1,25 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+
+#include "ipe.h"
+#include "hooks.h"
+#include "eval.h"
+
+#include <linux/fs.h>
+#include <linux/types.h>
+#include <linux/binfmts.h>
+#include <linux/mman.h>
+
+/**
+ * ipe_sb_free_security - ipe security hook function for super_block.
+ * @mnt_sb: Supplies a pointer to a super_block is about to be freed.
+ *
+ * IPE does not have any structures with mnt_sb, but uses this hook to
+ * invalidate a pinned super_block.
+ */
+void ipe_sb_free_security(struct super_block *mnt_sb)
+{
+ ipe_invalidate_pinned_sb(mnt_sb);
+}
diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
new file mode 100644
index 000000000000..30fe455389bf
--- /dev/null
+++ b/security/ipe/hooks.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+/*
+ * Copyright (C) Microsoft Corporation. All rights reserved.
+ */
+#ifndef IPE_HOOKS_H
+#define IPE_HOOKS_H
+
+#include <linux/fs.h>
+#include <linux/binfmts.h>
+#include <linux/security.h>
+
+void ipe_sb_free_security(struct super_block *mnt_sb);
+
+#endif /* IPE_HOOKS_H */
diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
index 9ed3bf4dcc04..551c6d90ac11 100644
--- a/security/ipe/ipe.c
+++ b/security/ipe/ipe.c
@@ -9,6 +9,7 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
};

static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
+ LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
};

/**
diff --git a/security/ipe/policy.c b/security/ipe/policy.c
index e446f4b84152..772d876b1087 100644
--- a/security/ipe/policy.c
+++ b/security/ipe/policy.c
@@ -97,3 +97,23 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
err:
return ERR_PTR(rc);
}
+
+/**
+ * ipe_get_policy_rcu - Dereference a rcu-protected policy pointer.
+ *
+ * @p: rcu-protected pointer to a policy.
+ *
+ * Not safe to call on IS_ERR.
+ *
+ * Return: the value of @p
+ */
+struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
+{
+ struct ipe_policy *rv = NULL;
+
+ rcu_read_lock();
+ rv = rcu_dereference(p);
+ rcu_read_unlock();
+
+ return rv;
+}
diff --git a/security/ipe/policy.h b/security/ipe/policy.h
index 6af2d9a811ec..967d816cd5cd 100644
--- a/security/ipe/policy.h
+++ b/security/ipe/policy.h
@@ -26,6 +26,8 @@ enum ipe_action_type {
};

enum ipe_prop_type {
+ ipe_prop_boot_verified_false,
+ ipe_prop_boot_verified_true,
ipe_prop_max
};

@@ -73,5 +75,6 @@ struct ipe_policy {
struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
const char *pkcs7, size_t pkcs7len);
void ipe_free_policy(struct ipe_policy *pol);
+struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);

#endif /* IPE_POLICY_H */
diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
index c7ba0e865366..7efafc482e46 100644
--- a/security/ipe/policy_parser.c
+++ b/security/ipe/policy_parser.c
@@ -265,7 +265,9 @@ static enum ipe_action_type parse_action(char *t)
}

static const match_table_t property_tokens = {
- {ipe_prop_max, NULL}
+ {ipe_prop_boot_verified_false, "boot_verified=FALSE"},
+ {ipe_prop_boot_verified_true, "boot_verified=TRUE"},
+ {ipe_prop_max, NULL}
};

/**
@@ -295,6 +297,10 @@ int parse_property(char *t, struct ipe_rule *r)
token = match_token(t, property_tokens, args);

switch (token) {
+ case ipe_prop_boot_verified_false:
+ case ipe_prop_boot_verified_true:
+ p->type = token;
+ break;
case ipe_prop_max:
default:
rc = -EBADMSG;
--
2.39.0


2023-01-31 04:00:21

by Bagas Sanjaya

[permalink] [raw]
Subject: Re: [RFC PATCH v9 16/16] documentation: add ipe documentation

On Mon, Jan 30, 2023 at 02:57:31PM -0800, Fan Wu wrote:
> diff --git a/Documentation/admin-guide/LSM/ipe.rst b/Documentation/admin-guide/LSM/ipe.rst
> new file mode 100644
> index 000000000000..b676cea62b2e
> --- /dev/null
> +++ b/Documentation/admin-guide/LSM/ipe.rst
> @@ -0,0 +1,729 @@
> +.. SPDX-License-Identifier: GPL-2.0
> +
> +Integrity Policy Enforcement (IPE)
> +==================================
> +
> +.. NOTE::
> +
> + This is the documentation for admins, system builders, or individuals
> + attempting to use IPE. If you're looking for more developer-focused
> + documentation about IPE please see `Documentation/security/ipe.rst`
> +
> +Overview
> +--------
> +
> +IPE is a Linux Security Module which takes a complimentary approach to
> +access control. Whereas existing mandatory access control mechanisms
> +base their decisions on labels and paths, IPE instead determines
> +whether or not an operation should be allowed based on immutable
> +security properties of the system component the operation is being
> +performed on.
> +
> +IPE itself does not mandate how the security property should be
> +evaluated, but relies on an extensible set of external property providers
> +to evaluate the component. IPE makes its decision based on reference
> +values for the selected properties, specified in the IPE policy.
> +
> +The reference values represent the value that the policy writer and the
> +local system administrator (based on the policy signature) trust for the
> +system to accomplish the desired tasks.
> +
> +One such provider is for example dm-verity, which is able to represent
> +the integrity property of a partition (its immutable state) with a digest.
> +
> +IPE is compiled under ``CONFIG_SECURITY_IPE`` (Security -> Integrity Policy Enforcement (IPE)).
> +
> +Use Cases
> +---------
> +
> +IPE works best in fixed-function devices: devices in which their purpose
> +is clearly defined and not supposed to be changed (e.g. network firewall
> +device in a data center, an IoT device, etcetera), where all software and
> +configuration is built and provisioned by the system owner.
> +
> +IPE is a long-way off for use in general-purpose computing: the Linux
> +community as a whole tends to follow a decentralized trust model,
> +known as the web of trust, which IPE has no support for as of yet.
> +
> +IPE, instead of supporting web of trust, supports PKI, which generally
> +designates a set of entities that provide a measure of absolute trust.
> +
> +Additionally, while most packages are signed today, the files inside
> +the packages (for instance, the executables), tend to be unsigned. This
> +makes it difficult to utilize IPE in systems where a package manager is
> +expected to be functional, without major changes to the package manager
> +and ecosystem behind it.
> +
> +DIGLIM [#diglim]_ is a system that when combined with IPE, could be used to
> +enable general purpose computing scenarios.
> +
> +Known Gaps
> +----------
> +
> +IPE cannot verify the integrity of anonymous executable memory, such as
> +the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> +Unfortunately, as this is dynamically generated code, there is no way
> +for IPE to ensure the integrity of this code to form a trust basis. In all
> +cases, the return result for these operations will be whatever the admin
> +configures as the ``DEFAULT`` action for ``EXECUTE``.
> +
> +IPE cannot verify the integrity of interpreted languages' programs when
> +these scripts are invoked via ``<interpreter> <file>``. This is because
> +the way interpreters execute these files, the scripts themselves are not
> +evaluated as executable code through one of IPE's hooks, as they are merely
> +files that are read (as opposed to executable code) [#interpreters]_.
> +
> +Threat Model
> +------------
> +
> +The threat type addressed by IPE is tampering of executable userspace
> +code beyond the initially booted kernel, and the initial verification of
> +kernel modules that are loaded in userspace through ``modprobe`` or
> +``insmod``.
> +
> +A bare-minimum example of a threat that should be mitigated by IPE, is
> +a hostile binary is downloaded with all required binaries (including
> +a loader, libc, etc). With IPE, this hostile binary should not able to
> +be executed, nor any of the downloaded binaries.
> +
> +Tampering violates integrity, and being unable to verify the integrity,
> +results in a lack of trust. IPE's role in mitigating this threat is to
> +verify the integrity (and authenticity) of all executable code and to
> +deny their use if they cannot be trusted (as integrity verification fails,
> +or the authorization check fails against the reference value in the policy).
> +IPE generates audit logs which may be utilized to detect failures resulting
> +from failure to pass policy.
> +
> +Tampering threat scenarios include modification or replacement of
> +executable code by a range of actors including:
> +
> +- Actors with physical access to the hardware
> +- Actors with local network access to the system
> +- Actors with access to the deployment system
> +- Compromised internal systems under external control
> +- Malicious end users of the system
> +- Compromised end users of the system
> +- Remote (external) compromise of the system
> +
> +IPE does not mitigate threats arising from malicious authorized
> +developers (with access to a signing certificate), or compromised
> +developer tools used by authorized developers (i.e. Return Oriented
> +Programming attacks). Additionally, IPE draws hard security boundary
> +between userspace and kernelspace. As a result, IPE does not provide
> +any protections against a kernel level exploit, and a kernel-level
> +exploit can disable or tamper with IPE's protections.
> +
> +Policy
> +------
> +
> +IPE policy is a plain-text [#devdoc]_ policy composed of multiple statements
> +over several lines. There is one required line, at the top of the
> +policy, indicating the policy name, and the policy version, for
> +instance::
> +
> + policy_name=Ex_Policy policy_version=0.0.0
> +
> +The policy name is a unique key identifying this policy in a human
> +readable name. This is used to create nodes under securityfs as well as
> +uniquely identify policies to deploy new policies vs update existing
> +policies.
> +
> +The policy version indicates the current version of the policy (NOT the
> +policy syntax version). This is used to prevent rollback of policy to
> +potentially insecure previous versions of the policy.
> +
> +The next portion of IPE policy are rules. Rules are formed by key=value
> +pairs, known as properties. IPE rules require two properties: "action",
> +which determines what IPE does when it encounters a match against the
> +rule, and "op", which determines when that rule should be evaluated.
> +The ordering is significant, a rule must start with "op", and end with
> +"action". Thus, a minimal rule is::
> +
> + op=EXECUTE action=ALLOW
> +
> +This example will allow any execution. Additional properties are used to
> +restrict attributes about the files being evaluated. These properties
> +are intended to be descriptions of systems within the kernel that can
> +provide a measure of integrity verification, such that IPE can determine
> +the trust of the resource based on the "value" half of the property.
> +
> +Rules are evaluated top-to-bottom. As a result, any revocation rules,
> +or denies should be placed early in the file to ensure that these rules
> +are evaluated before a rule with "action=ALLOW" is hit.
> +
> +IPE policy supports comments. The character '#' will function as a
> +comment, ignoring all characters to the right of '#' until the newline.
> +
> +The default behavior of IPE evaluations can also be expressed in policy,
> +through the ``DEFAULT`` statement. This can be done at a global level,
> +or a per-operation level::
> +
> + # Global
> + DEFAULT action=ALLOW
> +
> + # Operation Specific
> + DEFAULT op=EXECUTE action=ALLOW
> +
> +A default must be set for all known operations in IPE. If you want to
> +preserve older policies being compatible with newer kernels that can introduce
> +new operations, please set a global default of 'ALLOW', and override the
> +defaults on a per-operation basis.
> +
> +With configurable policy-based LSMs, there's several issues with
> +enforcing the configurable policies at startup, around reading and
> +parsing the policy:
> +
> +1. The kernel *should* not read files from userspace, so directly reading
> + the policy file is prohibited.
> +2. The kernel command line has a character limit, and one kernel module
> + should not reserve the entire character limit for its own
> + configuration.
> +3. There are various boot loaders in the kernel ecosystem, so handing
> + off a memory block would be costly to maintain.
> +
> +As a result, IPE has addressed this problem through a concept of a "boot
> +policy". A boot policy is a minimal policy, compiled into the kernel.
> +This policy is intended to get the system to a state where userspace is
> +set up and ready to receive commands, at which point a more complex
> +policy can be deployed via securityfs. The boot policy can be specified
> +via the Kconfig, ``SECURITY_IPE_BOOT_POLICY``, which accepts a path to
> +a plain-text version of the IPE policy to apply. This policy will be
> +compiled into the kernel. If not specified, IPE will be disabled until
> +a policy is deployed and activated through securityfs.
> +
> +Deploying Policies
> +~~~~~~~~~~~~~~~~~~
> +
> +Policies can be deployed from userspace through securityfs. These policies
> +are signed through the PKCS#7 message format to enforce some level of
> +authorization of the policies (prohibiting an attacker from gaining
> +unconstrained root, and deploying an "allow all" policy). These
> +policies must be signed by a certificate that chains to the
> +``SYSTEM_TRUSTED_KEYRING``. Through openssl, the signing can be done via::
> +
> + openssl smime -sign \
> + -in "$MY_POLICY" \
> + -signer "$MY_CERTIFICATE" \
> + -inkey "$MY_PRIVATE_KEY" \
> + -noattr \
> + -nodetach \
> + -nosmimecap \
> + -outform der \
> + -out "$MY_POLICY.p7b"
> +
> +Deploying the policies is done through securityfs, through the
> +``new_policy`` node. To deploy a policy, simply cat the file into the
> +securityfs node::
> +
> + cat "$MY_POLICY.p7b" > /sys/kernel/security/ipe/new_policy
> +
> +Upon success, this will create one subdirectory under
> +``/sys/kernel/security/ipe/policies/``. The subdirectory will be the
> +``policy_name`` field of the policy deployed, so for the example above,
> +the directory will be ``/sys/kernel/security/ipe/policies/Ex_Policy``.
> +Within this directory, there will be five files: ``pkcs7``, ``policy``,
> +``active``, ``update``, and ``delete``.
> +
> +The ``pkcs7`` file is read only. Reading will provide the raw PKCS#7 data
> +that was provided to the kernel, representing the policy. Writing, will
> +deploy an in-place policy update.If the policy being read is the boot
> +policy, when read, this will return ENOENT, as this policy is not signed.
> +
> +The ``policy`` file is read only. Reading will provide the PKCS#7 inner
> +content of the policy, which will be the plain text policy.
> +
> +The ``active`` file is used to set a policy as the currently active policy.
> +This file is rw, and accepts a value of ``"1"`` to set the policy as active.
> +Since only a single policy can be active at one time, all other policies
> +will be marked inactive. The policy being marked active must have a policy
> +version greater or equal to the currently-running version.
> +
> +The ``update`` file is used to update a policy that is already present in
> +the kernel. This file is write-only and accepts a PKCS#7 signed policy.
> +One check will always be performed on this policy: the policy_names must
> +match with the updated version and the existing version. One additional check
> +may be made: If the policy being updated is the active policy, the updated
> +policy must have a policy version greater than or equal to the currently-running
> +version; This is to prevent rollback attacks.
> +
> +The ``delete`` file is used to remove a policy that is no longer needed.
> +This file is write-only and accepts a value of ``1`` to delete the policy.
> +On deletion, the securityfs node representing the policy will be removed.
> +The policy that is currently active cannot be deleted.
> +
> +Similarly, the writes to both ``update`` and ``new_policy`` above will
> +result in an error upon syntactically invalid or untrusted policies.
> +In the case of ``new_policy``, it will also error if a policy already
> +exists with the same ``policy_name``.
> +
> +Deploying these policies will *not* cause IPE to start enforcing this
> +policy. Once deployment is successful, a policy can be marked as active,
> +via ``/sys/kernel/security/ipe/$policy_name/active``. IPE will enforce
> +whatever policy is marked as active. For our example, we can activate
> +the ``Ex_Policy`` via::
> +
> + echo 1 > "/sys/kernel/security/ipe/Ex_Policy/active"
> +
> +At which point, ``Ex_Policy`` will now be the enforced policy on the
> +system.
> +
> +IPE also provides a way to delete policies. This can be done via the
> +``delete`` securityfs node, ``/sys/kernel/security/ipe/$policy_name/delete``.
> +Writing ``1`` to that file will delete that node::
> +
> + echo 1 > "/sys/kernel/security/ipe/$policy_name/delete"
> +
> +There is only one requirement to delete a policy:
> +
> +1. The policy being deleted must not be the active policy.
> +
> +.. NOTE::
> +
> + If a traditional MAC system is enabled (SELinux, apparmor, smack), all
> + writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
> +
> +Modes
> +~~~~~
> +
> +IPE supports two modes of operation: permissive (similar to SELinux's
> +permissive mode) and enforce. Permissive mode performs the same checks
> +as enforce mode, and logs policy violations, but will not enforce the
> +policy. This allows users to test policies before enforcing them.
> +
> +The default mode is enforce, and can be changed via the kernel command
> +line parameter ``ipe.enforce=(0|1)``, or the securityfs node
> +``/sys/kernel/security/ipe/enforce``.
> +
> +.. NOTE::
> +
> + If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
> + all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
> +
> +Audit Events
> +~~~~~~~~~~~~
> +
> +1420 AUDIT_IPE_ACCESS
> +^^^^^^^^^^^^^^^^^^^^^
> +Event Examples::
> +
> + type=1420 audit(1653364370.067:61): path="/root/fs/rw/plain/execve" dev="vdc1" ino=16 rule="DEFAULT op=EXECUTE action=DENY"
> + type=1300 audit(1653364370.067:61): arch=c000003e syscall=10 success=no exit=-13 a0=7f0bf0644000 a1=4f80 a2=5 a3=7f0bf043d300 items=0 ppid=455 pid=737 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=3 comm="mprotect" exe="/root/host/mprotect" subj=kernel key=(null)
> + type=1327 audit(1653364370.067:61): proctitle=686F73742F6D70726F7465637400534800527C5700527C5800706C61696E2F657865637665
> +
> + type=1420 audit(1653364735.161:64): rule="DEFAULT op=EXECUTE action=DENY"
> + type=1300 audit(1653364735.161:64): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=1000 a2=4 a3=20 items=0 ppid=455 pid=774 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=3 comm="mmap" exe="/root/host/mmap" subj=kernel key=(null)
> + type=1327 audit(1653364735.161:64): proctitle=686F73742F6D6D617000410058⏎
> +
> +This event indicates that IPE made an access control decision; the IPE specific
> +record (1420) will always be emitted in conjunction with a ``AUDITSYSCALL`` record.
> +
> +Determining whether IPE is in permissive can be derived from the success and exit
> +field of the AUDITSYSCALL record
> +
> +
> +
> +Field descriptions:
> +
> ++---------------+------------+-----------+-------------------------------------------------------------------------+
> +| Field | Value Type | Optional? | Description of Value |
> ++===============+============+===========+=========================================================================+
> +| path | string | Yes | The absolute path to the file that was the subject of the evaluation |
> ++---------------+------------+-----------+-------------------------------------------------------------------------+
> +| ino | integer | Yes | The inode number of the file that was the subject of the evaluation |
> ++---------------+------------+-----------+-------------------------------------------------------------------------+
> +| dev | string | Yes | The device name that the file under evaluation belongs to, e.g. vda |
> ++---------------+------------+-----------+-------------------------------------------------------------------------+
> +| rule | string | No | The exact rule in IPE's policy that the evaluation matched |
> ++---------------+------------+-----------+-------------------------------------------------------------------------+
> +
> +1403 AUDIT_MAC_POLICY_LOAD
> +^^^^^^^^^^^^^^^^^^^^^^^^^^
> +
> +Event Example::
> +
> + type=1403 audit(1653425529.927:53): policy_name="dmverity_roothash" policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2 auid=4294967295 ses=4294967295 lsm=ipe res=1
> + type=1300 audit(1653425529.927:53): arch=c000003e syscall=1 success=yes exit=2567 a0=3 a1=5596fcae1fb0 a2=a07 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10" key=(null)
> + type=1327 audit(1653425529.927:53): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
> +
> +This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
> +
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| Field | Value Type | Optional? | Description of Value |
> ++================+============+===========+==============================================================+
> +| policy_name | string | No | The policy_name field of the policy. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| policy_version | string | No | The policy_version field of the policy |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| sha256 | string | Yes* | A flat hash of the policy. Can be used to identify a policy. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| auid | integer | No | The audit user ID. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| ses | integer | No | The session ID. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| lsm | string | No | The lsm name associated with the event. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +| res | integer | No | The operation result. |
> ++----------------+------------+-----------+--------------------------------------------------------------+
> +
> +1405 AUDIT_MAC_CONFIG_CHANGE
> +^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> +
> +Event Example::
> +
> + type=1405 audit(1653425583.136:54): old_active_pol_name="Allow_All" old_active_pol_version=0.0.0 old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709 new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0 new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2 auid=4294967295 ses=4294967295 lsm=ipe res=1
> + type=1300 audit(1653425583.136:54): SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=3 a1=5596fcae1fb0 a2=2 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10" key=(null)
> + type=1327 audit(1653425583.136:54): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2
> +
> +This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
> +
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| Field | Value Type | Optional? | Description of Value |
> ++========================+============+===========+====================================================+
> +| old_active_pol_name | string | No | The policy_name field of the old active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| old_active_pol_version | string | No | The policy_version field of the old active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| old_sha256 | string | Yes* | A flat hash of the old active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| new_active_pol_name | string | No | The policy_name field of the new active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| new_active_pol_version | string | No | The policy_version field of the new active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| new_sha256 | string | Yes* | A flat hash of the new active policy. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| auid | integer | No | The audit user ID. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| ses | integer | No | The session ID. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| lsm | string | No | The lsm name associated with the event. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +| res | integer | No | The operation result. |
> ++------------------------+------------+-----------+----------------------------------------------------+
> +
> +1404 AUDIT_MAC_STATUS
> +^^^^^^^^^^^^^^^^^^^^^
> +
> +Event Examples::
> +
> + type=1404 audit(1653425689.008:55): permissive=1 auid=0 ses=4294967295 lsm=ipe res=1
> + type=1300 audit(1653425689.008:55): arch=c000003e syscall=1 success=yes exit=2 a0=1 a1=55c1065e5c60 a2=2 a3=0 items=0 ppid=405 pid=441 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=)
> + type=1327 audit(1653425689.008:55): proctitle="-bash"
> +
> + type=1404 audit(1653425689.008:55): permissive=0 auid=0 ses=4294967295 lsm=ipe res=1
> + type=1300 audit(1653425689.008:55): arch=c000003e syscall=1 success=yes exit=2 a0=1 a1=55c1065e5c60 a2=2 a3=0 items=0 ppid=405 pid=441 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=)
> + type=1327 audit(1653425689.008:55): proctitle="-bash"
> +
> +This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.
> +
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +| Field | Value Type | Optional? | Description of Value |
> ++============+============+===========+===================================================================+
> +| permissive | integer | No | The state IPE is being switched to. 1 is permissive, 0 is enforce |
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +| auid | integer | No | The audit user ID. |
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +| ses | integer | No | The session ID. |
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +| lsm | string | No | The lsm name associated with the event. |
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +| res | integer | No | The operation result. |
> ++------------+------------+-----------+-------------------------------------------------------------------+
> +
> +Success Auditing
> +^^^^^^^^^^^^^^^^
> +
> +IPE supports success auditing. When enabled, all events that pass IPE
> +policy and are not blocked will emit an audit event. This is disabled by
> +default, and can be enabled via the kernel command line
> +``ipe.success_audit=(0|1)`` or the securityfs node,
> +``/sys/kernel/security/ipe/success_audit``.
> +
> +This is *very* noisy, as IPE will check every userspace binary on the
> +system, but is useful for debugging policies.
> +
> +.. NOTE::
> +
> + If a traditional MAC system is enabled (SELinux, apparmor, smack, etcetera),
> + all writes to ipe's securityfs nodes require ``CAP_MAC_ADMIN``.
> +
> +Properties
> +----------
> +
> +As explained above, IPE properties are ``key=value`` pairs expressed in
> +IPE policy. Two properties are built-into the policy parser: 'op' and
> +'action'. The other properties are determinstic attributes to express
> +across files. Currently those properties are: '``boot_verified``',
> +'``dmverity_signature``', '``dmverity_roothash``', '``fsverity_signature``',
> +'``fsverity_digest``'. A description of all properties supported by IPE
> +are listed below:
> +
> +op
> +~~
> +
> +Indicates the operation for a rule to apply to. Must be in every rule,
> +as the first token. IPE supports the following operations:
> +
> + ``EXECUTE``
> +
> + Pertains to any file attempting to be executed, or loaded as an
> + executable.
> +
> + ``FIRMWARE``:
> +
> + Pertains to firmware being loaded via the firmware_class interface.
> + This covers both the preallocated buffer and the firmware file
> + itself.
> +
> + ``KMODULE``:
> +
> + Pertains to loading kernel modules via ``modprobe`` or ``insmod``.
> +
> + ``KEXEC_IMAGE``:
> +
> + Pertains to kernel images loading via ``kexec``.
> +
> + ``KEXEC_INITRAMFS``
> +
> + Pertains to initrd images loading via ``kexec --initrd``.
> +
> + ``POLICY``:
> +
> + Controls loading polcies via reading a kernel-space initiated read.
> +
> + An example of such is loading IMA policies by writing the path
> + to the policy file to ``$securityfs/ima/policy``
> +
> + ``X509_CERT``:
> +
> + Controls loading IMA certificates through the Kconfigs,
> + ``CONFIG_IMA_X509_PATH`` and ``CONFIG_EVM_X509_PATH``.
> +
> +action
> +~~~~~~
> +
> + Determines what IPE should do when a rule matches. Must be in every
> + rule, as the final clause. Can be one of:
> +
> + ``ALLOW``:
> +
> + If the rule matches, explicitly allow access to the resource to proceed
> + without executing any more rules.
> +
> + ``DENY``:
> +
> + If the rule matches, explicitly prohibit access to the resource to
> + proceed without executing any more rules.
> +
> +boot_verified
> +~~~~~~~~~~~~~
> +
> + This property can be utilized for authorization of the first super-block
> + that executes a file. This is almost always init. Typically this is used
> + for systems with an initramfs or other initial disk, where this is unmounted
> + before the system becomes available, and is not covered by any other property.
> + The format of this property is::
> +
> + boot_verified=(TRUE|FALSE)
> +
> +
> + .. WARNING::
> +
> + This property will trust any disk where the first execution evaluation
> + occurs. If you do *NOT* have a startup disk that is unpacked and unmounted
> + (like initramfs), then it will automatically trust the root filesystem and
> + potentially overauthorize the entire disk.
> +
> +dmverity_roothash
> +~~~~~~~~~~~~~~~~~
> +
> + This property can be utilized for authorization or revocation of
> + specific dm-verity volumes, identified via root hash. It has a
> + dependency on the DM_VERITY module. This property is controlled by the
> + Kconfig ``CONFIG_IPE_PROP_DM_VERITY``. The format of this property
> + is::
> +
> + dmverity_roothash=DigestName:HexadecimalString
> +
> + The supported DigestNames for dmverity_roothash are [#dmveritydigests]_ [#securedigest]_ :
> +
> + + blake2b-512
> + + blake2s-256
> + + sha1
> + + sha256
> + + sha384
> + + sha512
> + + sha3-224
> + + sha3-256
> + + sha3-384
> + + sha3-512
> + + md4
> + + md5
> + + sm3
> + + rmd160
> +
> +dmverity_signature
> +~~~~~~~~~~~~~~~~~~
> +
> + This property can be utilized for authorization of all dm-verity volumes
> + that have a signed roothash that chains to a keyring specified by dm-verity's
> + configuration, either the system trusted keyring, or the secondary keyring.
> + It has an additional dependency on the ``DM_VERITY_VERIFY_ROOTHASH_SIG``
> + Kconfig. This property is controlled by the Kconfig
> + ``CONFIG_IPE_PROP_DM_VERITY``. The format of this property is::
> +
> + dmverity_signature=(TRUE|FALSE)
> +
> +fsverity_digest
> +~~~~~~~~~~~~~~~
> +
> + This property can be utilized for authorization or revocation of
> + specific fsverity enabled file, identified via its fsverity digest.
> + It has a dependency on the FS_VERITY module. This property is
> + controlled by the Kconfig ``CONFIG_IPE_PROP_FS_VERITY``.
> + The format of this property is::
> +
> + fsverity_digest=DigestName:HexadecimalString
> +
> + The supported DigestNames for dmverity_roothash are [#fsveritydigest] [#securedigest]_ :
> +
> + + sha256
> + + sha512
> +
> +fsverity_signature
> +~~~~~~~~~~~~~~~~~~
> +
> +Version 1
> +
> + This property can be utilized for authorization of all fsverity enabled
> + files that is verified by fsverity. The keyring that the signature is
> + verified against is subject to fsverity's configuration, typically the fsverity
> + keyring. It has a dependency on the ``CONFIG_FS_VERITY_BUILTIN_SIGNATURES``
> + Kconfig. This property is controlled by the Kconfig
> + ``CONFIG_IPE_PROP_FS_VERITY``. The format of this property is::
> +
> + fsverity_signature=(TRUE|FALSE)
> +
> +Policy Examples
> +---------------
> +
> +Allow all
> +~~~~~~~~~
> +
> +::
> +
> + policy_name=Allow_All policy_version=0.0.0
> + DEFAULT action=ALLOW
> +
> +Allow only initial superblock
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=Allow_All_Initial_SB policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE boot_verified=TRUE action=ALLOW
> +
> +Allow any signed dm-verity volume and the initial superblock
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=AllowSignedAndInitial policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE boot_verified=TRUE action=ALLOW
> + op=EXECUTE dmverity_signature=TRUE action=ALLOW
> +
> +Prohibit execution from a specific dm-verity volume
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=AllowSignedAndInitial policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE dmverity_roothash=sha256:cd2c5bae7c6c579edaae4353049d58eb5f2e8be0244bf05345bc8e5ed257baff action=DENY
> +
> + op=EXECUTE boot_verified=TRUE action=ALLOW
> + op=EXECUTE dmverity_signature=TRUE action=ALLOW
> +
> +Allow only a specific dm-verity volume
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=AllowSignedAndInitial policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW
> +
> +Allow any signed fs-verity file
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=AllowSignedFSVerity policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE fsverity_signature=TRUE action=ALLOW
> +
> +Prohibit execution of a specific fs-verity file
> +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> +
> +::
> +
> + policy_name=ProhibitSpecificFSVF policy_version=0.0.0
> + DEFAULT action=DENY
> +
> + op=EXECUTE fsverity_digest=sha256:fd88f2b8824e197f850bf4c5109bea5cf0ee38104f710843bb72da796ba5af9e action=DENY
> + op=EXECUTE boot_verified=TRUE action=ALLOW
> + op=EXECUTE dmverity_signature=TRUE action=ALLOW
> +
> +Additional Information
> +----------------------
> +
> +- `Github Repository <https://github.com/microsoft/ipe>`_
> +- `Design Documentation </security/ipe>`_
> +
> +FAQ
> +---
> +
> +Q:
> + What's the difference between other LSMs which provide a measure of
> + trust-based access control?
> +
> +A:
> +
> + In general, there's two other LSMs that can provide similar functionality:
> + IMA, and Loadpin.
> +
> + IMA and IPE are functionally very similar. The significant difference between
> + the two is the policy. [#devdoc]_
> +
> + Loadpin and IPE differ fairly dramatically, as Loadpin controls only the IPE
> + equivalent of ``KERNEL_READ``, whereas IPE is capable of controlling execution,
> + on top of ``KERNEL_READ``. The trust model is also different; Loadpin roots its
> + trust in the initial super-block, instead, IPE roots its trust in the kernel
> + itself (via ``SYSTEM_TRUSTED_KEYS``).
> +
> +-----------
> +
> +.. [#diglim] 1: https://lore.kernel.org/bpf/[email protected]/T/
> +
> +.. [#interpreters] There is `some interest in solving this issue <https://lore.kernel.org/lkml/[email protected]/>`_.
> +
> +.. [#devdoc] Please see `Documentation/security/ipe.rst` for more on this topic.
> +
> +.. [#fsveritydigest] These hash algorithms are based on values accepted by fsverity-utils;
> + IPE does not impose any restrictions on the digest algorithm itself;
> + thus, this list may be out of date.
> +
> +.. [#dmveritydigests] These hash algorithms are based on values accepted by dm-verity,
> + specifically ``crypto_alloc_ahash`` in ``verity_ctr``; ``veritysetup``
> + does support more algorithms than the list above. IPE does not impose
> + any restrictions on the digest algorithm itself; thus, this list
> + may be out of date.
> +
> +.. [#securedigest] Please ensure you are using cryptographically secure hash functions;
> + just because something is *supported* does not mean it is *secure*.

What about wordings below instead?

---- >8 ----
diff --git a/Documentation/admin-guide/LSM/ipe.rst b/Documentation/admin-guide/LSM/ipe.rst
index b676cea62b2e74..8b1d4eb0ebf19f 100644
--- a/Documentation/admin-guide/LSM/ipe.rst
+++ b/Documentation/admin-guide/LSM/ipe.rst
@@ -31,7 +31,9 @@ system to accomplish the desired tasks.
One such provider is for example dm-verity, which is able to represent
the integrity property of a partition (its immutable state) with a digest.

-IPE is compiled under ``CONFIG_SECURITY_IPE`` (Security -> Integrity Policy Enforcement (IPE)).
+To enable IPE, ensure that ``CONFIG_SECURITY_IPE`` (under
+:menuselection:`Security -> Integrity Policy Enforcement (IPE)`) config
+option is enabled.

Use Cases
---------
@@ -42,11 +44,10 @@ device in a data center, an IoT device, etcetera), where all software and
configuration is built and provisioned by the system owner.

IPE is a long-way off for use in general-purpose computing: the Linux
-community as a whole tends to follow a decentralized trust model,
-known as the web of trust, which IPE has no support for as of yet.
-
-IPE, instead of supporting web of trust, supports PKI, which generally
-designates a set of entities that provide a measure of absolute trust.
+community as a whole tends to follow a decentralized trust model (known as
+the web of trust), which IPE has no support for it yet. Instead, IPE
+supports PKI (public key infrastructure), which generally designates a
+set of trusted entities that provide a measure of absolute trust.

Additionally, while most packages are signed today, the files inside
the packages (for instance, the executables), tend to be unsigned. This
@@ -55,10 +56,10 @@ expected to be functional, without major changes to the package manager
and ecosystem behind it.

DIGLIM [#diglim]_ is a system that when combined with IPE, could be used to
-enable general purpose computing scenarios.
+enable and support general-purpose computing use cases.

-Known Gaps
-----------
+Known Limitations
+-----------------

IPE cannot verify the integrity of anonymous executable memory, such as
the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
@@ -67,11 +68,12 @@ for IPE to ensure the integrity of this code to form a trust basis. In all
cases, the return result for these operations will be whatever the admin
configures as the ``DEFAULT`` action for ``EXECUTE``.

-IPE cannot verify the integrity of interpreted languages' programs when
-these scripts are invoked via ``<interpreter> <file>``. This is because
-the way interpreters execute these files, the scripts themselves are not
-evaluated as executable code through one of IPE's hooks, as they are merely
-files that are read (as opposed to executable code) [#interpreters]_.
+IPE cannot verify the integrity of programs written in interpreted
+languages when these scripts are invoked by passing these program files
+to the interpreter. This is because the way interpreters execute these
+files; the scripts themselves are not evaluated as executable code
+through one of IPE's hooks, but they are merely text files that are read
+(as opposed to compiled executables) [#interpreters]_.

Threat Model
------------
@@ -82,17 +84,19 @@ kernel modules that are loaded in userspace through ``modprobe`` or
``insmod``.

A bare-minimum example of a threat that should be mitigated by IPE, is
-a hostile binary is downloaded with all required binaries (including
-a loader, libc, etc). With IPE, this hostile binary should not able to
-be executed, nor any of the downloaded binaries.
+an untrusted (potentially malicious) binary that is downloaded and
+bundled with all required dependencies (including a loader, libc, etc).
+With IPE, this binary should not be allowed to be executed, not even any
+of its dependencies.

-Tampering violates integrity, and being unable to verify the integrity,
-results in a lack of trust. IPE's role in mitigating this threat is to
-verify the integrity (and authenticity) of all executable code and to
-deny their use if they cannot be trusted (as integrity verification fails,
-or the authorization check fails against the reference value in the policy).
-IPE generates audit logs which may be utilized to detect failures resulting
-from failure to pass policy.
+Tampering violates integrity, yet lack of trust is caused by being
+unable to detect tampering (and by extent verifying the integrity).
+IPE's role in mitigating this threat is to verify the integrity (and
+authenticity) of all executable code and to deny their use if they
+cannot be trusted (as integrity verification fails, or the authorization
+check fails against the reference value in the policy). IPE generates
+audit logs which may be utilized to detect and analyze failures
+resulting from policy violation.

Tampering threat scenarios include modification or replacement of
executable code by a range of actors including:
@@ -105,13 +109,13 @@ executable code by a range of actors including:
- Compromised end users of the system
- Remote (external) compromise of the system

-IPE does not mitigate threats arising from malicious authorized
+IPE does not mitigate threats arising from malicious but authorized
developers (with access to a signing certificate), or compromised
-developer tools used by authorized developers (i.e. Return Oriented
-Programming attacks). Additionally, IPE draws hard security boundary
-between userspace and kernelspace. As a result, IPE does not provide
-any protections against a kernel level exploit, and a kernel-level
-exploit can disable or tamper with IPE's protections.
+developer tools used by them (i.e. return-oriented programming attacks).
+Additionally, IPE draws hard security boundary between userspace and
+kernelspace. As a result, IPE does not provide any protections against a
+kernel level exploit, and a kernel-level exploit can disable or tamper
+with IPE's protections.

Policy
------
@@ -133,11 +137,11 @@ policy syntax version). This is used to prevent rollback of policy to
potentially insecure previous versions of the policy.

The next portion of IPE policy are rules. Rules are formed by key=value
-pairs, known as properties. IPE rules require two properties: "action",
+pairs, known as properties. IPE rules require two properties: ``action``,
which determines what IPE does when it encounters a match against the
-rule, and "op", which determines when that rule should be evaluated.
-The ordering is significant, a rule must start with "op", and end with
-"action". Thus, a minimal rule is::
+rule, and ``op``, which determines when the rule should be evaluated.
+The ordering is significant, a rule must start with ``op``, and end with
+``action``. Thus, a minimal rule is::

op=EXECUTE action=ALLOW

@@ -145,14 +149,14 @@ This example will allow any execution. Additional properties are used to
restrict attributes about the files being evaluated. These properties
are intended to be descriptions of systems within the kernel that can
provide a measure of integrity verification, such that IPE can determine
-the trust of the resource based on the "value" half of the property.
+the trust of the resource based on the value of the property.

Rules are evaluated top-to-bottom. As a result, any revocation rules,
or denies should be placed early in the file to ensure that these rules
-are evaluated before a rule with "action=ALLOW" is hit.
+are evaluated before a rule with ``action=ALLOW``.

-IPE policy supports comments. The character '#' will function as a
-comment, ignoring all characters to the right of '#' until the newline.
+IPE policy supports comments. Any line which is prefixed with ``#`` will
+be ignored.

The default behavior of IPE evaluations can also be expressed in policy,
through the ``DEFAULT`` statement. This can be done at a global level,
@@ -166,8 +170,8 @@ or a per-operation level::

A default must be set for all known operations in IPE. If you want to
preserve older policies being compatible with newer kernels that can introduce
-new operations, please set a global default of 'ALLOW', and override the
-defaults on a per-operation basis.
+new operations, set a global default of ``ALLOW``, then override the
+defaults on a per-operation basis (as above).

With configurable policy-based LSMs, there's several issues with
enforcing the configurable policies at startup, around reading and
@@ -182,14 +186,14 @@ parsing the policy:
off a memory block would be costly to maintain.

As a result, IPE has addressed this problem through a concept of a "boot
-policy". A boot policy is a minimal policy, compiled into the kernel.
-This policy is intended to get the system to a state where userspace is
-set up and ready to receive commands, at which point a more complex
-policy can be deployed via securityfs. The boot policy can be specified
-via the Kconfig, ``SECURITY_IPE_BOOT_POLICY``, which accepts a path to
-a plain-text version of the IPE policy to apply. This policy will be
-compiled into the kernel. If not specified, IPE will be disabled until
-a policy is deployed and activated through securityfs.
+policy". A boot policy is a minimal policy which is compiled into the
+kernel. This policy is intended to get the system to a state where
+userspace is set up and ready to receive commands, at which point a more
+complex policy can be deployed via securityfs. The boot policy can be
+specified via ``SECURITY_IPE_BOOT_POLICY`` config option, which accepts
+a path to a plain-text version of the IPE policy to apply. This policy
+will be compiled into the kernel. If not specified, IPE will be disabled
+until a policy is deployed and activated through securityfs.

Deploying Policies
~~~~~~~~~~~~~~~~~~
@@ -199,7 +203,7 @@ are signed through the PKCS#7 message format to enforce some level of
authorization of the policies (prohibiting an attacker from gaining
unconstrained root, and deploying an "allow all" policy). These
policies must be signed by a certificate that chains to the
-``SYSTEM_TRUSTED_KEYRING``. Through openssl, the signing can be done via::
+``SYSTEM_TRUSTED_KEYRING``. With openssl, the policy can be signed by::

openssl smime -sign \
-in "$MY_POLICY" \
@@ -224,12 +228,12 @@ the directory will be ``/sys/kernel/security/ipe/policies/Ex_Policy``.
Within this directory, there will be five files: ``pkcs7``, ``policy``,
``active``, ``update``, and ``delete``.

-The ``pkcs7`` file is read only. Reading will provide the raw PKCS#7 data
+The ``pkcs7`` file is read-only. Reading it returns the raw PKCS#7 data
that was provided to the kernel, representing the policy. Writing, will
-deploy an in-place policy update.If the policy being read is the boot
-policy, when read, this will return ENOENT, as this policy is not signed.
+deploy an in-place policy update. If the policy being read is the boot
+policy, this will return ``ENOENT``, as it is is not signed.

-The ``policy`` file is read only. Reading will provide the PKCS#7 inner
+The ``policy`` file is read-only. Reading it returns the PKCS#7 inner
content of the policy, which will be the plain text policy.

The ``active`` file is used to set a policy as the currently active policy.
@@ -238,44 +242,42 @@ Since only a single policy can be active at one time, all other policies
will be marked inactive. The policy being marked active must have a policy
version greater or equal to the currently-running version.

-The ``update`` file is used to update a policy that is already present in
-the kernel. This file is write-only and accepts a PKCS#7 signed policy.
-One check will always be performed on this policy: the policy_names must
-match with the updated version and the existing version. One additional check
-may be made: If the policy being updated is the active policy, the updated
-policy must have a policy version greater than or equal to the currently-running
-version; This is to prevent rollback attacks.
+The ``update`` file is used to update a policy that is already present
+in the kernel. This file is write-only and accepts a PKCS#7 signed
+policy. One check will always be performed on this policy: the
+``policy_names`` must match with the updated version and the existing
+version. There is also an additional check: if the policy being updated
+is the active policy, the updated policy must have a policy version
+greater than or equal to the currently-running version. This is to
+prevent rollback attacks.

The ``delete`` file is used to remove a policy that is no longer needed.
This file is write-only and accepts a value of ``1`` to delete the policy.
On deletion, the securityfs node representing the policy will be removed.
The policy that is currently active cannot be deleted.

-Similarly, the writes to both ``update`` and ``new_policy`` above will
-result in an error upon syntactically invalid or untrusted policies.
-In the case of ``new_policy``, it will also error if a policy already
-exists with the same ``policy_name``.
+Similarly, writing to both ``update`` and ``new_policy`` results in
+syntax or untrusted policy error. In the case of the latter, it will
+also error out if a policy already exists with the same ``policy_name``.

Deploying these policies will *not* cause IPE to start enforcing this
-policy. Once deployment is successful, a policy can be marked as active,
-via ``/sys/kernel/security/ipe/$policy_name/active``. IPE will enforce
-whatever policy is marked as active. For our example, we can activate
-the ``Ex_Policy`` via::
+policy. Once deployment is successful, a policy can be activated, by
+``/sys/kernel/security/ipe/$policy_name/active``. IPE will enforce
+active policies. For example, the ``Ex_Policy`` can be activated by::

echo 1 > "/sys/kernel/security/ipe/Ex_Policy/active"

-At which point, ``Ex_Policy`` will now be the enforced policy on the
+From above point on, ``Ex_Policy`` is now the enforced policy on the
system.

IPE also provides a way to delete policies. This can be done via the
``delete`` securityfs node, ``/sys/kernel/security/ipe/$policy_name/delete``.
-Writing ``1`` to that file will delete that node::
+Writing ``1`` to that file deletes the policy::

echo 1 > "/sys/kernel/security/ipe/$policy_name/delete"

-There is only one requirement to delete a policy:
-
-1. The policy being deleted must not be the active policy.
+There is only one requirement to delete a policy: the policy being deleted
+must be inactive.

.. NOTE::

@@ -286,9 +288,9 @@ Modes
~~~~~

IPE supports two modes of operation: permissive (similar to SELinux's
-permissive mode) and enforce. Permissive mode performs the same checks
-as enforce mode, and logs policy violations, but will not enforce the
-policy. This allows users to test policies before enforcing them.
+permissive mode) and enforced. In permissive mode, all events are
+checked and policy violations are logged, but the policy is not really
+enforced. This allows users to test policies before enforcing them.

The default mode is enforce, and can be changed via the kernel command
line parameter ``ipe.enforce=(0|1)``, or the securityfs node
@@ -314,11 +316,12 @@ Event Examples::
type=1300 audit(1653364735.161:64): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=1000 a2=4 a3=20 items=0 ppid=455 pid=774 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=ttyS0 ses=3 comm="mmap" exe="/root/host/mmap" subj=kernel key=(null)
type=1327 audit(1653364735.161:64): proctitle=686F73742F6D6D617000410058⏎

-This event indicates that IPE made an access control decision; the IPE specific
-record (1420) will always be emitted in conjunction with a ``AUDITSYSCALL`` record.
+This event indicates that IPE made an access control decision; the IPE
+specific record (1420) is always emitted in conjunction with a
+``AUDITSYSCALL`` record.

-Determining whether IPE is in permissive can be derived from the success and exit
-field of the AUDITSYSCALL record
+Determining whether IPE is in permissive or enforced mode can be derived
+from ``success`` property and exit code of the ``AUDITSYSCALL`` record.



@@ -327,13 +330,13 @@ Field descriptions:
+---------------+------------+-----------+-------------------------------------------------------------------------+
| Field | Value Type | Optional? | Description of Value |
+===============+============+===========+=========================================================================+
-| path | string | Yes | The absolute path to the file that was the subject of the evaluation |
+| path | string | Yes | The absolute path to the evaluated file |
+---------------+------------+-----------+-------------------------------------------------------------------------+
-| ino | integer | Yes | The inode number of the file that was the subject of the evaluation |
+| ino | integer | Yes | The inode number of the evaluated file |
+---------------+------------+-----------+-------------------------------------------------------------------------+
-| dev | string | Yes | The device name that the file under evaluation belongs to, e.g. vda |
+| dev | string | Yes | The device name of the evaluated file, e.g. vda |
+---------------+------------+-----------+-------------------------------------------------------------------------+
-| rule | string | No | The exact rule in IPE's policy that the evaluation matched |
+| rule | string | No | The matched policy rule |
+---------------+------------+-----------+-------------------------------------------------------------------------+

1403 AUDIT_MAC_POLICY_LOAD
@@ -350,11 +353,11 @@ This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record
+----------------+------------+-----------+--------------------------------------------------------------+
| Field | Value Type | Optional? | Description of Value |
+================+============+===========+==============================================================+
-| policy_name | string | No | The policy_name field of the policy. |
+| policy_name | string | No | The policy name |
+----------------+------------+-----------+--------------------------------------------------------------+
-| policy_version | string | No | The policy_version field of the policy |
+| policy_version | string | No | The policy version |
+----------------+------------+-----------+--------------------------------------------------------------+
-| sha256 | string | Yes* | A flat hash of the policy. Can be used to identify a policy. |
+| sha256 | string | Yes* | The policy hash |
+----------------+------------+-----------+--------------------------------------------------------------+
| auid | integer | No | The audit user ID. |
+----------------+------------+-----------+--------------------------------------------------------------+
@@ -379,17 +382,17 @@ This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record
+------------------------+------------+-----------+----------------------------------------------------+
| Field | Value Type | Optional? | Description of Value |
+========================+============+===========+====================================================+
-| old_active_pol_name | string | No | The policy_name field of the old active policy. |
+| old_active_pol_name | string | No | The name of previous active policy |
+------------------------+------------+-----------+----------------------------------------------------+
-| old_active_pol_version | string | No | The policy_version field of the old active policy. |
+| old_active_pol_version | string | No | The version of previous active policy |
+------------------------+------------+-----------+----------------------------------------------------+
-| old_sha256 | string | Yes* | A flat hash of the old active policy. |
+| old_sha256 | string | Yes* | The hash of previous active policy |
+------------------------+------------+-----------+----------------------------------------------------+
-| new_active_pol_name | string | No | The policy_name field of the new active policy. |
+| new_active_pol_name | string | No | The name of current active policy |
+------------------------+------------+-----------+----------------------------------------------------+
-| new_active_pol_version | string | No | The policy_version field of the new active policy. |
+| new_active_pol_version | string | No | The version of current active policy |
+------------------------+------------+-----------+----------------------------------------------------+
-| new_sha256 | string | Yes* | A flat hash of the new active policy. |
+| new_sha256 | string | Yes* | The hash of current active policy |
+------------------------+------------+-----------+----------------------------------------------------+
| auid | integer | No | The audit user ID. |
+------------------------+------------+-----------+----------------------------------------------------+
@@ -415,19 +418,19 @@ Event Examples::

This record will always be emitted in conjunction with a ``AUDITSYSCALL`` record for the ``write`` syscall.

-+------------+------------+-----------+-------------------------------------------------------------------+
-| Field | Value Type | Optional? | Description of Value |
-+============+============+===========+===================================================================+
-| permissive | integer | No | The state IPE is being switched to. 1 is permissive, 0 is enforce |
-+------------+------------+-----------+-------------------------------------------------------------------+
-| auid | integer | No | The audit user ID. |
-+------------+------------+-----------+-------------------------------------------------------------------+
-| ses | integer | No | The session ID. |
-+------------+------------+-----------+-------------------------------------------------------------------+
-| lsm | string | No | The lsm name associated with the event. |
-+------------+------------+-----------+-------------------------------------------------------------------+
-| res | integer | No | The operation result. |
-+------------+------------+-----------+-------------------------------------------------------------------+
++------------+------------+-----------+-------------------------------------------------------------------------------------+
+| Field | Value Type | Optional? | Description of Value |
++============+============+===========+=====================================================================================+
+| permissive | integer | No | The state IPE is being switched to. 1 is in permissive mode; 0 is in enforced mode. |
++------------+------------+-----------+-------------------------------------------------------------------------------------+
+| auid | integer | No | The audit user ID. |
++------------+------------+-----------+-------------------------------------------------------------------------------------+
+| ses | integer | No | The session ID. |
++------------+------------+-----------+-------------------------------------------------------------------------------------+
+| lsm | string | No | The lsm name associated with the event. |
++------------+------------+-----------+-------------------------------------------------------------------------------------+
+| res | integer | No | The operation result. |
++------------+------------+-----------+-------------------------------------------------------------------------------------+

Success Auditing
^^^^^^^^^^^^^^^^
@@ -435,8 +438,8 @@ Success Auditing
IPE supports success auditing. When enabled, all events that pass IPE
policy and are not blocked will emit an audit event. This is disabled by
default, and can be enabled via the kernel command line
-``ipe.success_audit=(0|1)`` or the securityfs node,
-``/sys/kernel/security/ipe/success_audit``.
+``ipe.success_audit=(0|1)`` or
+``/sys/kernel/security/ipe/success_audit`` securityfs file.

This is *very* noisy, as IPE will check every userspace binary on the
system, but is useful for debugging policies.
@@ -538,9 +541,9 @@ dmverity_roothash

This property can be utilized for authorization or revocation of
specific dm-verity volumes, identified via root hash. It has a
- dependency on the DM_VERITY module. This property is controlled by the
- Kconfig ``CONFIG_IPE_PROP_DM_VERITY``. The format of this property
- is::
+ dependency on the DM_VERITY module. This property is controlled by
+ the ``CONFIG_IPE_PROP_DM_VERITY`` config option. The format of this
+ property is::

dmverity_roothash=DigestName:HexadecimalString

@@ -564,11 +567,11 @@ dmverity_roothash
dmverity_signature
~~~~~~~~~~~~~~~~~~

- This property can be utilized for authorization of all dm-verity volumes
- that have a signed roothash that chains to a keyring specified by dm-verity's
- configuration, either the system trusted keyring, or the secondary keyring.
- It has an additional dependency on the ``DM_VERITY_VERIFY_ROOTHASH_SIG``
- Kconfig. This property is controlled by the Kconfig
+ This property can be utilized for authorization of all dm-verity
+ volumes that have a signed roothash that chains to a keyring
+ specified by dm-verity's configuration, either the system trusted
+ keyring, or the secondary keyring. It depends on
+ ``DM_VERITY_VERIFY_ROOTHASH_SIG`` config option and is controlled by
``CONFIG_IPE_PROP_DM_VERITY``. The format of this property is::

dmverity_signature=(TRUE|FALSE)
@@ -578,9 +581,8 @@ fsverity_digest

This property can be utilized for authorization or revocation of
specific fsverity enabled file, identified via its fsverity digest.
- It has a dependency on the FS_VERITY module. This property is
- controlled by the Kconfig ``CONFIG_IPE_PROP_FS_VERITY``.
- The format of this property is::
+ It depends on ``FS_VERITY`` config option and is controlled by
+ ``CONFIG_IPE_PROP_FS_VERITY``. The format of this property is::

fsverity_digest=DigestName:HexadecimalString

@@ -594,12 +596,13 @@ fsverity_signature

Version 1

- This property can be utilized for authorization of all fsverity enabled
- files that is verified by fsverity. The keyring that the signature is
- verified against is subject to fsverity's configuration, typically the fsverity
- keyring. It has a dependency on the ``CONFIG_FS_VERITY_BUILTIN_SIGNATURES``
- Kconfig. This property is controlled by the Kconfig
- ``CONFIG_IPE_PROP_FS_VERITY``. The format of this property is::
+ This property can be utilized for authorization of all fsverity
+ enabled files that is verified by fsverity. The keyring that the
+ signature is verified against is subject to fsverity's configuration,
+ typically the fsverity keyring. It depends on
+ ``CONFIG_FS_VERITY_BUILTIN_SIGNATURES`` is controlled controlled by
+ the Kconfig ``CONFIG_IPE_PROP_FS_VERITY``. The format of this
+ property is::

fsverity_signature=(TRUE|FALSE)

@@ -704,7 +707,7 @@ A:
Loadpin and IPE differ fairly dramatically, as Loadpin controls only the IPE
equivalent of ``KERNEL_READ``, whereas IPE is capable of controlling execution,
on top of ``KERNEL_READ``. The trust model is also different; Loadpin roots its
- trust in the initial super-block, instead, IPE roots its trust in the kernel
+ trust in the initial super-block, whereas trust in IPE is stemmed from kernel
itself (via ``SYSTEM_TRUSTED_KEYS``).

-----------

Thanks.

--
An old man doll... just what I always wanted! - Clara


Attachments:
(No filename) (64.01 kB)
signature.asc (228.00 B)
Download all attachments

2023-01-31 09:00:29

by Christoph Hellwig

[permalink] [raw]
Subject: Re: [RFC PATCH v9 09/16] block|security: add LSM blob to block_device

On Mon, Jan 30, 2023 at 02:57:24PM -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> block_device structures can have valuable security properties,
> based on how they are created, and what subsystem manages them.

That's a lot of cloudy talk but no real explanation.

2023-01-31 10:47:30

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> IPE must have a centralized function to evaluate incoming callers
> against IPE's policy. This iteration of the policy against the rules
> for that specific caller is known as the evaluation loop.
>
> In addition, IPE is designed to provide system level trust guarantees,
> this usually implies that trust starts from bootup with a hardware root
> of trust, which validates the bootloader. After this, the bootloader
> verifies the kernel and the initramfs.
>
> As there's no currently supported integrity method for initramfs, and
> it's typically already verified by the bootloader, introduce a property
> that causes the first superblock to have an execution to be "pinned",
> which is typically initramfs.

Uhm, I think it makes really sense to move the pinned logic in another
patch. This patch is very important, as it contains the policy logic.
It should be standalone.

> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
>
> ---
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move ipe_load_properties to patch 04.
> + Remove useless 0-initializations
> + Prefix extern variables with ipe_
> + Remove kernel module parameters, as these are
> exposed through sysctls.
> + Add more prose to the IPE base config option
> help text.
> + Use GFP_KERNEL for audit_log_start.
> + Remove unnecessary caching system.
> + Remove comments from headers
> + Use rcu_access_pointer for rcu-pointer null check
> + Remove usage of reqprot; use prot only.
> + Move policy load and activation audit event to 03/12
>
> v4:
> + Remove sysctls in favor of securityfs nodes
> + Re-add kernel module parameters, as these are now
> exposed through securityfs.
> + Refactor property audit loop to a separate function.
>
> v5:
> + fix minor grammatical errors
> + do not group rule by curly-brace in audit record,
> reconstruct the exact rule.
>
> v6:
> + No changes
>
> v7:
> + Further split lsm creation into a separate commit from the
> evaluation loop and audit system, for easier review.
>
> + Propogating changes to support the new ipe_context structure in the
> evaluation loop.
>
> v8:
> + Remove ipe_hook enumeration; hooks can be correlated via syscall
> record.
>
> v9:
> + Remove ipe_context related code and simplify the evaluation loop.
> + Merge the evaluation loop commit with the boot_verified commit.
> ---
> security/ipe/Makefile | 1 +
> security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
> security/ipe/eval.h | 28 ++++++
> security/ipe/hooks.c | 25 +++++
> security/ipe/hooks.h | 14 +++
> security/ipe/ipe.c | 1 +
> security/ipe/policy.c | 20 ++++
> security/ipe/policy.h | 3 +
> security/ipe/policy_parser.c | 8 +-
> 9 files changed, 279 insertions(+), 1 deletion(-)
> create mode 100644 security/ipe/eval.c
> create mode 100644 security/ipe/eval.h
> create mode 100644 security/ipe/hooks.c
> create mode 100644 security/ipe/hooks.h
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 16bbe80991f1..d7f2870d7c09 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -6,6 +6,7 @@
> #
>
> obj-$(CONFIG_SECURITY_IPE) += \
> + eval.o \
> hooks.o \
> ipe.o \
> policy.o \
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> new file mode 100644
> index 000000000000..48b5104a3463
> --- /dev/null
> +++ b/security/ipe/eval.c
> @@ -0,0 +1,180 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "eval.h"
> +#include "hooks.h"
> +#include "policy.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/slab.h>
> +#include <linux/file.h>
> +#include <linux/sched.h>
> +#include <linux/rcupdate.h>
> +#include <linux/spinlock.h>
> +
> +struct ipe_policy __rcu *ipe_active_policy;
> +
> +static struct super_block *pinned_sb;
> +static DEFINE_SPINLOCK(pin_lock);
> +#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> +
> +/**
> + * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
> + * @f: Supplies a file structure to source the super_block from.
> + */
> +static void pin_sb(const struct file *f)
> +{
> + if (!f)
> + return;
> + spin_lock(&pin_lock);
> + if (pinned_sb)
> + goto out;
> + pinned_sb = FILE_SUPERBLOCK(f);
> +out:
> + spin_unlock(&pin_lock);
> +}
> +
> +/**
> + * from_pinned - Determine whether @f is source from the pinned super_block.
> + * @f: Supplies a file structure to check against the pinned super_block.
> + *
> + * Return:
> + * * true - @f is sourced from the pinned super_block
> + * * false - @f is not sourced from the pinned super_block
> + */
> +static bool from_pinned(const struct file *f)
> +{
> + bool rv;
> +
> + if (!f)
> + return false;
> + spin_lock(&pin_lock);
> + rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
> + spin_unlock(&pin_lock);
> + return rv;
> +}
> +
> +/**
> + * build_eval_ctx - Build an evaluation context.
> + * @ctx: Supplies a pointer to the context to be populdated.
> + * @file: Supplies a pointer to the file to associated with the evaluation.
> + * @op: Supplies the IPE policy operation associated with the evaluation.
> + */
> +void build_eval_ctx(struct ipe_eval_ctx *ctx,
> + const struct file *file,
> + enum ipe_op_type op)
> +{
> + ctx->file = file;
> + ctx->op = op;
> + ctx->from_init_sb = from_pinned(file);
> +}
> +
> +/**
> + * evaluate_property - Analyze @ctx against a property.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + * @p: Supplies a pointer to the property to be evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + bool eval = false;
> +
> + switch (p->type) {
> + case ipe_prop_boot_verified_false:
> + eval = !ctx->from_init_sb;
> + break;
> + case ipe_prop_boot_verified_true:
> + eval = ctx->from_init_sb;
> + break;
> + default:
> + eval = false;
> + }
> +
> + return eval;
> +}
> +
> +/**
> + * ipe_evaluate_event - Analyze @ctx against the current active policy.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + *
> + * This is the loop where all policy evaluation happens against IPE policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EACCES - @ctx did not pass evaluation.
> + * * !0 - Error
> + */
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> +{
> + int rc = 0;
> + bool match = false;
> + enum ipe_action_type action;
> + struct ipe_policy *pol = NULL;
> + const struct ipe_rule *rule = NULL;
> + const struct ipe_op_table *rules = NULL;
> + struct ipe_prop *prop = NULL;
> +
> + if (ctx->op == ipe_op_exec)
> + pin_sb(ctx->file);
> +
> + pol = ipe_get_policy_rcu(ipe_active_policy);
> + if (!pol)
> + goto out;
> +
> + if (ctx->op == ipe_op_max) {
> + action = pol->parsed->global_default_action;
> + goto eval;
> + }
> +
> + rules = &pol->parsed->rules[ctx->op];
> +
> + list_for_each_entry(rule, &rules->rules, next) {
> + match = true;
> +
> + list_for_each_entry(prop, &rule->props, next)
> + match = match && evaluate_property(ctx, prop);
> +
> + if (match)
> + break;
> + }
> +
> + if (match)
> + action = rule->action;
> + else if (rules->default_action != ipe_action_max)
> + action = rules->default_action;
> + else
> + action = pol->parsed->global_default_action;
> +
> +eval:
> + if (action == ipe_action_deny)
> + rc = -EACCES;
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * ipe_invalidate_pinned_sb - invalidte the ipe pinned super_block.

Typo: invalidte.

Roberto

> + * @mnt_sb: super_block to check against the pinned super_block.
> + *
> + * This function is called a super_block like the initramfs's is freed,
> + * if the super_block is currently pinned by ipe it will be invalided,
> + * so ipe won't consider the block device is boot verified afterward.
> + */
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
> +{
> + spin_lock(&pin_lock);
> +
> + if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
> + pinned_sb = ERR_PTR(-EIO);
> +
> + spin_unlock(&pin_lock);
> +}
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> new file mode 100644
> index 000000000000..887797438b9b
> --- /dev/null
> +++ b/security/ipe/eval.h
> @@ -0,0 +1,28 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_EVAL_H
> +#define IPE_EVAL_H
> +
> +#include <linux/file.h>
> +#include <linux/types.h>
> +
> +#include "hooks.h"
> +#include "policy.h"
> +
> +extern struct ipe_policy __rcu *ipe_active_policy;
> +
> +struct ipe_eval_ctx {
> + enum ipe_op_type op;
> +
> + const struct file *file;
> + bool from_init_sb;
> +};
> +
> +void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> +
> +#endif /* IPE_EVAL_H */
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> new file mode 100644
> index 000000000000..335b773c7ae1
> --- /dev/null
> +++ b/security/ipe/hooks.c
> @@ -0,0 +1,25 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "hooks.h"
> +#include "eval.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/binfmts.h>
> +#include <linux/mman.h>
> +
> +/**
> + * ipe_sb_free_security - ipe security hook function for super_block.
> + * @mnt_sb: Supplies a pointer to a super_block is about to be freed.
> + *
> + * IPE does not have any structures with mnt_sb, but uses this hook to
> + * invalidate a pinned super_block.
> + */
> +void ipe_sb_free_security(struct super_block *mnt_sb)
> +{
> + ipe_invalidate_pinned_sb(mnt_sb);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> new file mode 100644
> index 000000000000..30fe455389bf
> --- /dev/null
> +++ b/security/ipe/hooks.h
> @@ -0,0 +1,14 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_HOOKS_H
> +#define IPE_HOOKS_H
> +
> +#include <linux/fs.h>
> +#include <linux/binfmts.h>
> +#include <linux/security.h>
> +
> +void ipe_sb_free_security(struct super_block *mnt_sb);
> +
> +#endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 9ed3bf4dcc04..551c6d90ac11 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -9,6 +9,7 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> };
>
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> + LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> };
>
> /**
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index e446f4b84152..772d876b1087 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -97,3 +97,23 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> err:
> return ERR_PTR(rc);
> }
> +
> +/**
> + * ipe_get_policy_rcu - Dereference a rcu-protected policy pointer.
> + *
> + * @p: rcu-protected pointer to a policy.
> + *
> + * Not safe to call on IS_ERR.
> + *
> + * Return: the value of @p
> + */
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
> +{
> + struct ipe_policy *rv = NULL;
> +
> + rcu_read_lock();
> + rv = rcu_dereference(p);
> + rcu_read_unlock();
> +
> + return rv;
> +}
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 6af2d9a811ec..967d816cd5cd 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -26,6 +26,8 @@ enum ipe_action_type {
> };
>
> enum ipe_prop_type {
> + ipe_prop_boot_verified_false,
> + ipe_prop_boot_verified_true,
> ipe_prop_max
> };
>
> @@ -73,5 +75,6 @@ struct ipe_policy {
> struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> const char *pkcs7, size_t pkcs7len);
> void ipe_free_policy(struct ipe_policy *pol);
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
>
> #endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> index c7ba0e865366..7efafc482e46 100644
> --- a/security/ipe/policy_parser.c
> +++ b/security/ipe/policy_parser.c
> @@ -265,7 +265,9 @@ static enum ipe_action_type parse_action(char *t)
> }
>
> static const match_table_t property_tokens = {
> - {ipe_prop_max, NULL}
> + {ipe_prop_boot_verified_false, "boot_verified=FALSE"},
> + {ipe_prop_boot_verified_true, "boot_verified=TRUE"},
> + {ipe_prop_max, NULL}
> };
>
> /**
> @@ -295,6 +297,10 @@ int parse_property(char *t, struct ipe_rule *r)
> token = match_token(t, property_tokens, args);
>
> switch (token) {
> + case ipe_prop_boot_verified_false:
> + case ipe_prop_boot_verified_true:
> + p->type = token;
> + break;
> case ipe_prop_max:
> default:
> rc = -EBADMSG;


2023-01-31 10:50:39

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> As is typical with LSMs, IPE uses securityfs as its interface with
> userspace. for a complete list of the interfaces and the respective
> inputs/outputs, please see the documentation under
> admin-guide/LSM/ipe.rst
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
>
> ---
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move policy load and activation audit event to 03/12
> + Fix a potential panic when a policy failed to load.
> + use pr_warn for a failure to parse instead of an
> audit record
> + Remove comments from headers
> + Add lockdep assertions to ipe_update_active_policy and
> ipe_activate_policy
> + Fix up warnings with checkpatch --strict
> + Use file_ns_capable for CAP_MAC_ADMIN for securityfs
> nodes.
> + Use memdup_user instead of kzalloc+simple_write_to_buffer.
> + Remove strict_parse command line parameter, as it is added
> by the sysctl command line.
> + Prefix extern variables with ipe_
>
> v4:
> + Remove securityfs to reverse-dependency
> + Add SHA1 reverse dependency.
> + Add versioning scheme for IPE properties, and associated
> interface to query the versioning scheme.
> + Cause a parser to always return an error on unknown syntax.
> + Remove strict_parse option
> + Change active_policy interface from sysctl, to securityfs,
> and change scheme.
>
> v5:
> + Cause an error if a default action is not defined for each
> operaiton.
> + Minor function renames
>
> v6:
> + No changes
>
> v7:
> + Propogating changes to support the new ipe_context structure in the
> evaluation loop.
>
> + Further split the parser and userspace interface changes into
> separate commits.
>
> + "raw" was renamed to "pkcs7" and made read only
> + "raw"'s write functionality (update a policy) moved to "update"
> + introduced "version", "policy_name" nodes.
> + "content" renamed to "policy"
> + changes to allow the compiled-in policy to be treated
> identical to deployed-after-the-fact policies.
>
> v8:
> + Prevent securityfs initialization if the LSM is disabled
>
> v9:
> + Switch to securityfs_recursive_remove for policy folder deletion
> ---
> security/ipe/Makefile | 2 +
> security/ipe/fs.c | 101 +++++++++
> security/ipe/fs.h | 17 ++
> security/ipe/ipe.c | 3 +
> security/ipe/ipe.h | 2 +
> security/ipe/policy.c | 135 ++++++++++++
> security/ipe/policy.h | 7 +
> security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
> 8 files changed, 726 insertions(+)
> create mode 100644 security/ipe/fs.c
> create mode 100644 security/ipe/fs.h
> create mode 100644 security/ipe/policy_fs.c
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index d7f2870d7c09..8602d71250b4 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -7,7 +7,9 @@
>
> obj-$(CONFIG_SECURITY_IPE) += \
> eval.o \
> + fs.o \
> hooks.o \
> ipe.o \
> policy.o \
> + policy_fs.o \
> policy_parser.o \
> diff --git a/security/ipe/fs.c b/security/ipe/fs.c
> new file mode 100644
> index 000000000000..9f6a4867bec2
> --- /dev/null
> +++ b/security/ipe/fs.c
> @@ -0,0 +1,101 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#include "ipe.h"
> +#include "fs.h"
> +#include "policy.h"
> +
> +#include <linux/dcache.h>
> +#include <linux/security.h>
> +
> +static struct dentry *np __ro_after_init;
> +static struct dentry *root __ro_after_init;
> +struct dentry *policy_root __ro_after_init;
> +
> +/**
> + * new_policy - Write handler for the securityfs node, "ipe/new_policy".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.

Typo: Suppleis.

> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t new_policy(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + char *copy = NULL;
> + struct ipe_policy *p = NULL;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + copy = memdup_user_nul(data, len);
> + if (IS_ERR(copy)) {
> + rc = PTR_ERR(copy);
> + goto err;
> + }
> +
> + p = ipe_new_policy(NULL, 0, copy, len);
> + if (IS_ERR(p)) {
> + rc = PTR_ERR(p);
> + goto err;
> + }
> +
> + rc = ipe_new_policyfs_node(p);
> + if (rc)
> + goto err;

Uhm, don't you need to do cleanup of allocated memory or revert the
actions of ipe_new_policy()?

> +
> +err:
> + return (rc < 0) ? rc : len;
> +}
> +
> +static const struct file_operations np_fops = {
> + .write = new_policy,
> +};
> +
> +/**
> + * ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
> + *
> + * Return:
> + * * !0 - Error
> + * * 0 - OK
> + */
> +static int __init ipe_init_securityfs(void)
> +{
> + int rc = 0;
> +
> + if (!ipe_enabled)
> + return -EOPNOTSUPP;
> +
> + root = securityfs_create_dir("ipe", NULL);
> + if (IS_ERR(root)) {
> + rc = PTR_ERR(root);
> + goto err;
> + }
> +
> + np = securityfs_create_file("new_policy", 0200, root, NULL, &np_fops);
> + if (IS_ERR(np)) {
> + rc = PTR_ERR(np);
> + goto err;
> + }
> +
> + policy_root = securityfs_create_dir("policies", root);
> + if (IS_ERR(policy_root)) {
> + rc = PTR_ERR(policy_root);
> + goto err;
> + }
> +
> + return 0;
> +err:
> + securityfs_remove(np);
> + securityfs_remove(root);
> + securityfs_remove(policy_root);
> + return rc;
> +}
> +
> +fs_initcall(ipe_init_securityfs);
> diff --git a/security/ipe/fs.h b/security/ipe/fs.h
> new file mode 100644
> index 000000000000..fa105d9d6fc5
> --- /dev/null
> +++ b/security/ipe/fs.h
> @@ -0,0 +1,17 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_FS_H
> +#define IPE_FS_H
> +
> +#include "policy.h"
> +
> +extern struct dentry *policy_root __ro_after_init;
> +
> +void ipe_soft_del_policyfs(struct ipe_policy *p);
> +int ipe_new_policyfs_node(struct ipe_policy *p);
> +void ipe_del_policyfs_node(struct ipe_policy *p);
> +
> +#endif /* IPE_FS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 551c6d90ac11..bef923026b50 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -5,6 +5,8 @@
>
> #include "ipe.h"
>
> +bool ipe_enabled;
> +
> static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> };
>
> @@ -30,6 +32,7 @@ static int __init ipe_init(void)
> int rc = 0;
>
> security_add_hooks(ipe_hooks, ARRAY_SIZE(ipe_hooks), "ipe");
> + ipe_enabled = true;
>
> return rc;
> }
> diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
> index ee7ec3f3b55d..43cc132ed048 100644
> --- a/security/ipe/ipe.h
> +++ b/security/ipe/ipe.h
> @@ -10,4 +10,6 @@
>
> #include <linux/lsm_hooks.h>
>
> +extern bool ipe_enabled;
> +
> #endif /* IPE_H */
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index 772d876b1087..a5e9c6e5691b 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -4,12 +4,39 @@
> */
>
> #include "ipe.h"
> +#include "eval.h"
> +#include "fs.h"
> #include "policy.h"
> #include "policy_parser.h"
> #include "digest.h"
>
> #include <linux/verification.h>
>
> +/* lock for synchronizing writers across ipe policy */
> +DEFINE_SPINLOCK(ipe_policy_lock);
> +
> +/**
> + * ver_to_u64 - Convert an internal ipe_policy_version to a u64.
> + * @p: Policy to extract the version from.
> + *
> + * Bits (LSB is index 0):
> + * [48,32] -> Major
> + * [32,16] -> Minor
> + * [16, 0] -> Revision
> + *
> + * Return: u64 version of the embedded version structure.
> + */
> +static inline u64 ver_to_u64(const struct ipe_policy *const p)
> +{
> + u64 r = 0;
> +
> + r = (((u64)p->parsed->version.major) << 32)
> + | (((u64)p->parsed->version.minor) << 16)
> + | ((u64)(p->parsed->version.rev));
> +
> + return r;
> +}
> +
> /**
> * ipe_free_policy - Deallocate a given IPE policy.
> * @p: Supplies the policy to free.
> @@ -21,6 +48,7 @@ void ipe_free_policy(struct ipe_policy *p)
> if (IS_ERR_OR_NULL(p))
> return;
>
> + ipe_del_policyfs_node(p);
> free_parsed_policy(p->parsed);
> if (!p->pkcs7)
> kfree(p->text);
> @@ -39,6 +67,70 @@ static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> return 0;
> }
>
> +/**
> + * ipe_update_policy - parse a new policy and replace @old with it.
> + * @addr: Supplies a pointer to the i_private for saving policy.
> + * @text: Supplies a pointer to the plain text policy.
> + * @textlen: Supplies the length of @text.
> + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> + * @pkcs7len: Supplies the length of @pkcs7len.
> + *
> + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> + * ipe_new_policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOENT - Policy doesn't exist
> + * * -EINVAL - New policy is invalid
> + */
> +struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> + const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len)
> +{
> + int rc = 0;
> + struct ipe_policy *old, *new;
> +
> + old = ipe_get_policy_rcu(*addr);
> + if (!old) {
> + rc = -ENOENT;
> + goto err;
> + }
> +
> + new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> + if (IS_ERR(new)) {
> + rc = PTR_ERR(new);
> + goto err;
> + }
> +
> + if (strcmp(new->parsed->name, old->parsed->name)) {
> + rc = -EINVAL;
> + goto err;
> + }
> +
> + if (ver_to_u64(old) > ver_to_u64(new)) {
> + rc = -EINVAL;
> + goto err;
> + }
> +
> + if (ipe_is_policy_active(old)) {
> + spin_lock(&ipe_policy_lock);
> + rcu_assign_pointer(ipe_active_policy, new);
> + spin_unlock(&ipe_policy_lock);
> + synchronize_rcu();
> + }
> +
> + rcu_assign_pointer(*addr, new);
> +
> + swap(new->policyfs, old->policyfs);
> + ipe_free_policy(old);
> +
> + goto out;
> +err:
> + ipe_free_policy(new);
> +out:
> + return (rc < 0) ? ERR_PTR(rc) : new;
> +}

I would like more to see all the functions managing the policy
together. If the patch is too long, you could further split by adding
the helpers (that don't directly deal with the policy) in a separate
patch.

Here you would simply instantiate dirs/files in securityfs and call the
existing functions previously introduced.

Roberto

> +
> /**
> * ipe_new_policy - Allocate and parse an ipe_policy structure.
> *
> @@ -117,3 +209,46 @@ struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
>
> return rv;
> }
> +
> +/**
> + * ipe_set_active_pol - Make @p the active policy.
> + * @p: Supplies a pointer to the policy to make active.
> + */
> +int ipe_set_active_pol(const struct ipe_policy *p)
> +{
> + int rc = 0;
> + struct ipe_policy *ap = NULL;
> +
> + ap = ipe_get_policy_rcu(ipe_active_policy);
> + if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
> + rc = -EINVAL;
> + goto out;
> + }
> +
> + spin_lock(&ipe_policy_lock);
> + rcu_assign_pointer(ipe_active_policy, p);
> + spin_unlock(&ipe_policy_lock);
> + synchronize_rcu();
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * ipe_is_policy_active - Determine wehther @p is the active policy.
> + * @p: Supplies a pointer to the policy to check.
> + *
> + * Return:
> + * * true - @p is the active policy
> + * * false - @p is not the active policy
> + */
> +bool ipe_is_policy_active(const struct ipe_policy *p)
> +{
> + bool rv;
> +
> + rcu_read_lock();
> + rv = rcu_access_pointer(ipe_active_policy) == p;
> + rcu_read_unlock();
> +
> + return rv;
> +}
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 967d816cd5cd..0cb42b6f246e 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -70,11 +70,18 @@ struct ipe_policy {
> size_t textlen;
>
> struct ipe_parsed_policy *parsed;
> +
> + struct dentry *policyfs;
> };
>
> struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> const char *pkcs7, size_t pkcs7len);
> void ipe_free_policy(struct ipe_policy *pol);
> struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
> +struct ipe_policy *ipe_update_policy(struct ipe_policy **addr, const char *text,
> + size_t textlen, const char *pkcs7,
> + size_t pkcs7len);
> +int ipe_set_active_pol(const struct ipe_policy *p);
> +bool ipe_is_policy_active(const struct ipe_policy *p);
>
> #endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_fs.c b/security/ipe/policy_fs.c
> new file mode 100644
> index 000000000000..72759cc8938d
> --- /dev/null
> +++ b/security/ipe/policy_fs.c
> @@ -0,0 +1,459 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#include "ipe.h"
> +#include "policy.h"
> +#include "fs.h"
> +
> +#include <linux/fs.h>
> +#include <linux/namei.h>
> +#include <linux/types.h>
> +#include <linux/dcache.h>
> +#include <linux/security.h>
> +
> +#define MAX_VERSION_SIZE ARRAY_SIZE("65535.65535.65535")
> +
> +/**
> + * find_policy - return a policy pointer saved in i_private of a dentry.
> + * @f: Securityfs object that contains a link to the dentry containing the
> + * policy structure.
> + *
> + * Return: Always-Valid Address Pointer
> + */
> +static inline struct ipe_policy __rcu **find_policy(struct file *f)
> +{
> + struct dentry *link;
> +
> + link = d_inode(f->f_path.dentry)->i_private;
> +
> + return (struct ipe_policy __rcu **)&(d_inode(link)->i_private);
> +}
> +
> +/**
> + * ipefs_file - defines a file in securityfs.
> + */
> +struct ipefs_file {
> + const char *name;
> + umode_t access;
> + const struct file_operations *fops;
> +};
> +
> +/**
> + * read_pkcs7 - Read handler for "ipe/policies/$name/pkcs7".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * @data will be populated with the pkcs7 blob representing the policy
> + * on success. If the policy is unsigned (like the boot policy), this
> + * will return -ENOENT.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t read_pkcs7(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + struct ipe_policy *p = NULL;
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p)
> + return -ENOENT;
> +
> + if (!p->pkcs7) {
> + rc = -ENOENT;
> + goto out;
> + }
> +
> + rc = simple_read_from_buffer(data, len, offset, p->pkcs7, p->pkcs7len);
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * read_policy - Read handler for "ipe/policies/$name/policy".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * @data will be populated with the plain-text version of the policy
> + * on success.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t read_policy(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + struct ipe_policy *p = NULL;
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p)
> + return -ENOENT;
> +
> + rc = simple_read_from_buffer(data, len, offset, p->text, p->textlen);
> +
> + return rc;
> +}
> +
> +/**
> + * read_name: Read handler for "ipe/policies/$name/name".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * @data will be populated with the policy_name attribute on success.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t read_name(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + struct ipe_policy *p = NULL;
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p)
> + return -ENOENT;
> +
> + rc = simple_read_from_buffer(data, len, offset, p->parsed->name,
> + strlen(p->parsed->name));
> +
> + return rc;
> +}
> +
> +/**
> + * read_version - Read handler for "ipe/policies/$name/version".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * @data will be populated with the version string on success.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t read_version(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + ssize_t rc = 0;
> + size_t bufsize = 0;
> + struct ipe_policy *p = NULL;
> + char buffer[MAX_VERSION_SIZE] = { 0 };
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p)
> + return -ENOENT;
> +
> + bufsize = scnprintf(buffer, ARRAY_SIZE(buffer), "%hu.%hu.%hu",
> + p->parsed->version.major, p->parsed->version.minor,
> + p->parsed->version.rev);
> +
> + rc = simple_read_from_buffer(data, len, offset, buffer, bufsize);
> +
> + return rc;
> +}
> +
> +/**
> + * setactive - Write handler for "ipe/policies/$name/active".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t setactive(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + bool value = false;
> + struct ipe_policy *p = NULL;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + rc = kstrtobool_from_user(data, len, &value);
> + if (rc)
> + goto out;
> +
> + if (!value) {
> + rc = -EINVAL;
> + goto out;
> + }
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p) {
> + rc = -ENOENT;
> + goto out;
> + }
> +
> + rc = ipe_set_active_pol(p);
> +
> +out:
> + return (rc < 0) ? rc : len;
> +}
> +
> +/**
> + * getactive - Read handler for "ipe/policies/$name/active".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Suppleis a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * @data will be populated with the 1 or 0 depending on if the
> + * corresponding policy is active.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t getactive(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + const char *str;
> + struct ipe_policy *p = NULL;
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p) {
> + rc = -ENOENT;
> + goto out;
> + }
> +
> + str = ipe_is_policy_active(p) ? "1" : "0";
> + rc = simple_read_from_buffer(data, len, offset, str, 1);
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * update_policy - Write handler for "ipe/policies/$name/update".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * On success this updates the policy represented by $name,
> + * in-place.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t update_policy(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + char *copy = NULL;
> + struct inode *ino = NULL;
> + struct ipe_policy *new = NULL;
> + struct ipe_policy __rcu **addr = NULL;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + copy = memdup_user(data, len);
> + if (IS_ERR(copy)) {
> + rc = PTR_ERR(copy);
> + goto err;
> + }
> +
> + ino = d_inode(f->f_path.dentry->d_parent);
> + inode_lock(ino);
> + addr = find_policy(f);
> + new = ipe_update_policy(addr, NULL, 0, copy, len);
> + inode_unlock(ino);
> + synchronize_rcu();
> + if (IS_ERR(new)) {
> + rc = PTR_ERR(new);
> + goto err;
> + }
> +
> + kfree(copy);
> + return len;
> +err:
> + kfree(copy);
> + return rc;
> +}
> +
> +/**
> + * delete_policy - write handler for "ipe/policies/$name/delete".
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * On success this deletes the policy represented by $name.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t delete_policy(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + bool value = false;
> + struct ipe_policy *p = NULL;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + rc = kstrtobool_from_user(data, len, &value);
> + if (rc)
> + goto out;
> +
> + if (!value) {
> + rc = -EINVAL;
> + goto out;
> + }
> +
> + p = ipe_get_policy_rcu(*find_policy(f));
> + if (!p) {
> + rc = -ENOENT;
> + goto out;
> + }
> +
> + if (ipe_is_policy_active(p)) {
> + rc = -EPERM;
> + goto out;
> + }
> +
> + ipe_free_policy(p);
> +out:
> + return (rc < 0) ? rc : len;
> +}
> +
> +static const struct file_operations content_fops = {
> + .read = read_policy,
> +};
> +
> +static const struct file_operations pkcs7_fops = {
> + .read = read_pkcs7,
> +};
> +
> +static const struct file_operations name_fops = {
> + .read = read_name,
> +};
> +
> +static const struct file_operations ver_fops = {
> + .read = read_version,
> +};
> +
> +static const struct file_operations active_fops = {
> + .write = setactive,
> + .read = getactive,
> +};
> +
> +static const struct file_operations update_fops = {
> + .write = update_policy,
> +};
> +
> +static const struct file_operations delete_fops = {
> + .write = delete_policy,
> +};
> +
> +/**
> + * policy_subdir - files under a policy subdirectory
> + */
> +static const struct ipefs_file policy_subdir[] = {
> + { "pkcs7", 0444, &pkcs7_fops },
> + { "policy", 0444, &content_fops },
> + { "name", 0444, &name_fops },
> + { "version", 0444, &ver_fops },
> + { "active", 0600, &active_fops },
> + { "update", 0200, &update_fops },
> + { "delete", 0200, &delete_fops },
> +};
> +
> +/**
> + * soft_del_policyfs - soft delete a policyfs node.
> + * @p: Supplies a ipe_policy associated with the node to delete.
> + *
> + * This deletes the i_private field of a policyfs node.
> + */
> +static void soft_del_policyfs(struct ipe_policy *p)
> +{
> + struct inode *ino = NULL;
> + struct ipe_policy __rcu **addr = NULL;
> +
> + ino = d_inode(p->policyfs);
> + addr = (struct ipe_policy __rcu **)&ino->i_private;
> +
> + inode_lock(ino);
> + rcu_assign_pointer(*addr, NULL);
> + inode_unlock(ino);
> + synchronize_rcu();
> +}
> +
> +/**
> + * ipe_del_policyfs_node - Delete a securityfs entry for @p.
> + * @p: Supplies a pointer to the policy to delete a securityfs entry for.
> + */
> +void ipe_del_policyfs_node(struct ipe_policy *p)
> +{
> + if (IS_ERR_OR_NULL(p->policyfs))
> + return;
> +
> + soft_del_policyfs(p);
> + securityfs_recursive_remove(p->policyfs);
> +}
> +
> +/**
> + * ipe_new_policyfs_node - Create a securityfs entry for @p.
> + * @p: Supplies a pointer to the policy to create a securityfs entry for.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_new_policyfs_node(struct ipe_policy *p)
> +{
> + int rc = 0;
> + size_t i = 0;
> + struct dentry *d = NULL;
> + struct ipe_policy **addr = NULL;
> + const struct ipefs_file *f = NULL;
> +
> + p->policyfs = securityfs_create_dir(p->parsed->name, policy_root);
> + if (IS_ERR(p->policyfs)) {
> + rc = PTR_ERR(p->policyfs);
> + goto err;
> + }
> +
> + addr = (struct ipe_policy **)&(d_inode(p->policyfs)->i_private);
> + *addr = p;
> +
> + for (i = 0; i < ARRAY_SIZE(policy_subdir); ++i) {
> + f = &policy_subdir[i];
> +
> + d = securityfs_create_file(f->name, f->access, p->policyfs, p->policyfs,
> + f->fops);
> + if (IS_ERR(d)) {
> + rc = PTR_ERR(d);
> + goto err;
> + }
> + }
> +
> + return 0;
> +err:
> + ipe_del_policyfs_node(p);
> + return rc;
> +}


2023-01-31 10:54:19

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 02/16] ipe: add policy parser

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> IPE's interpretation of the what the user trusts is accomplished through
> its policy. IPE's design is to not provide support for a single trust
> provider, but to support multiple providers to enable the end-user to
> choose the best one to seek their needs.
>
> This requires the policy to be rather flexible and modular so that
> integrity providers, like fs-verity, dm-verity, dm-integrity, or
> some other system, can plug into the policy with minimal code changes.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
>
> ---
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move policy load and activation audit event to 03/12
> + Fix a potential panic when a policy failed to load.
> + use pr_warn for a failure to parse instead of an
> audit record
> + Remove comments from headers
> + Add lockdep assertions to ipe_update_active_policy and
> ipe_activate_policy
> + Fix up warnings with checkpatch --strict
> + Use file_ns_capable for CAP_MAC_ADMIN for securityfs
> nodes.
> + Use memdup_user instead of kzalloc+simple_write_to_buffer.
> + Remove strict_parse command line parameter, as it is added
> by the sysctl command line.
> + Prefix extern variables with ipe_
>
> v4:
> + Remove securityfs to reverse-dependency
> + Add SHA1 reverse dependency.
> + Add versioning scheme for IPE properties, and associated
> interface to query the versioning scheme.
> + Cause a parser to always return an error on unknown syntax.
> + Remove strict_parse option
> + Change active_policy interface from sysctl, to securityfs,
> and change scheme.
>
> v5:
> + Cause an error if a default action is not defined for each
> operaiton.
> + Minor function renames
>
> v6:
> + No changes
>
> v7:
> + Further split parser and userspace interface into two
> separate commits, for easier review.
>
> + Refactor policy parser to make code cleaner via introducing a
> more modular design, for easier extension of policy, and
> easier review.
>
> v8:
> + remove unnecessary pr_info emission on parser loading
>
> + add explicit newline to the pr_err emitted when a parser
> fails to load.
>
> v9:
> + switch to match table to parse policy
>
> + remove quote syntax and KERNEL_READ operation
> ---
> security/ipe/Makefile | 2 +
> security/ipe/policy.c | 99 +++++++
> security/ipe/policy.h | 77 ++++++
> security/ipe/policy_parser.c | 515 +++++++++++++++++++++++++++++++++++
> security/ipe/policy_parser.h | 11 +
> 5 files changed, 704 insertions(+)
> create mode 100644 security/ipe/policy.c
> create mode 100644 security/ipe/policy.h
> create mode 100644 security/ipe/policy_parser.c
> create mode 100644 security/ipe/policy_parser.h
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 571648579991..16bbe80991f1 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -8,3 +8,5 @@
> obj-$(CONFIG_SECURITY_IPE) += \
> hooks.o \
> ipe.o \
> + policy.o \
> + policy_parser.o \
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> new file mode 100644
> index 000000000000..e446f4b84152
> --- /dev/null
> +++ b/security/ipe/policy.c
> @@ -0,0 +1,99 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "policy.h"
> +#include "policy_parser.h"
> +#include "digest.h"
> +
> +#include <linux/verification.h>
> +
> +/**
> + * ipe_free_policy - Deallocate a given IPE policy.
> + * @p: Supplies the policy to free.
> + *
> + * Safe to call on IS_ERR/NULL.
> + */
> +void ipe_free_policy(struct ipe_policy *p)
> +{
> + if (IS_ERR_OR_NULL(p))
> + return;
> +
> + free_parsed_policy(p->parsed);
> + if (!p->pkcs7)
> + kfree(p->text);
> + kfree(p->pkcs7);
> + kfree(p);
> +}
> +
> +static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> + size_t asn1hdrlen)
> +{
> + struct ipe_policy *p = ctx;
> +
> + p->text = (const char *)data;
> + p->textlen = len;
> +
> + return 0;
> +}
> +
> +/**
> + * ipe_new_policy - Allocate and parse an ipe_policy structure.
> + *
> + * @text: Supplies a pointer to the plain-text policy to parse.
> + * @textlen: Supplies the length of @text.
> + * @pkcs7: Supplies a pointer to a pkcs7-signed IPE policy.
> + * @pkcs7len: Supplies the length of @pkcs7.
> + *
> + * @text/@textlen Should be NULL/0 if @pkcs7/@pkcs7len is set.
> + *
> + * The result will still need to be associated with a context via
> + * ipe_add_policy.
> + *
> + * Return:
> + * * !IS_ERR - Success
> + * * -EBADMSG - Policy is invalid
> + * * -ENOMEM - Out of memory
> + */
> +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len)
> +{
> + int rc = 0;
> + struct ipe_policy *new = NULL;
> +
> + new = kzalloc(sizeof(*new), GFP_KERNEL);
> + if (!new)
> + return ERR_PTR(-ENOMEM);
> +
> + if (!text) {
> + new->pkcs7len = pkcs7len;
> + new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL);
> + if (!new->pkcs7) {
> + rc = -ENOMEM;
> + goto err;
> + }

Uhm, memory leak? Also below. I suggest to use kmemleak.

Roberto

> +
> + rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, NULL,
> + VERIFYING_UNSPECIFIED_SIGNATURE,
> + set_pkcs7_data, new);
> + if (rc)
> + goto err;
> + } else {
> + new->textlen = textlen;
> + new->text = kstrdup(text, GFP_KERNEL);
> + if (!new->text) {
> + rc = -ENOMEM;
> + goto err;
> + }
> + }
> +
> + rc = parse_policy(new);
> + if (rc)
> + goto err;
> +
> + return new;
> +err:
> + return ERR_PTR(rc);
> +}
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> new file mode 100644
> index 000000000000..6af2d9a811ec
> --- /dev/null
> +++ b/security/ipe/policy.h
> @@ -0,0 +1,77 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_POLICY_H
> +#define IPE_POLICY_H
> +
> +#include <linux/list.h>
> +#include <linux/types.h>
> +
> +enum ipe_op_type {
> + ipe_op_exec = 0,
> + ipe_op_firmware,
> + ipe_op_kernel_module,
> + ipe_op_kexec_image,
> + ipe_op_kexec_initramfs,
> + ipe_op_ima_policy,
> + ipe_op_ima_x509,
> + ipe_op_max
> +};
> +
> +enum ipe_action_type {
> + ipe_action_allow = 0,
> + ipe_action_deny,
> + ipe_action_max
> +};
> +
> +enum ipe_prop_type {
> + ipe_prop_max
> +};
> +
> +struct ipe_prop {
> + struct list_head next;
> + enum ipe_prop_type type;
> + void *value;
> +};
> +
> +struct ipe_rule {
> + enum ipe_op_type op;
> + enum ipe_action_type action;
> + struct list_head props;
> + struct list_head next;
> +};
> +
> +struct ipe_op_table {
> + struct list_head rules;
> + enum ipe_action_type default_action;
> +};
> +
> +struct ipe_parsed_policy {
> + const char *name;
> + struct {
> + u16 major;
> + u16 minor;
> + u16 rev;
> + } version;
> +
> + enum ipe_action_type global_default_action;
> +
> + struct ipe_op_table rules[ipe_op_max];
> +};
> +
> +struct ipe_policy {
> + const char *pkcs7;
> + size_t pkcs7len;
> +
> + const char *text;
> + size_t textlen;
> +
> + struct ipe_parsed_policy *parsed;
> +};
> +
> +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len);
> +void ipe_free_policy(struct ipe_policy *pol);
> +
> +#endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> new file mode 100644
> index 000000000000..c7ba0e865366
> --- /dev/null
> +++ b/security/ipe/policy_parser.c
> @@ -0,0 +1,515 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "policy.h"
> +#include "policy_parser.h"
> +#include "digest.h"
> +
> +#include <linux/parser.h>
> +
> +#define START_COMMENT '#'
> +
> +/**
> + * new_parsed_policy - Allocate and initialize a parsed policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + */
> +static struct ipe_parsed_policy *new_parsed_policy(void)
> +{
> + size_t i = 0;
> + struct ipe_parsed_policy *p = NULL;
> + struct ipe_op_table *t = NULL;
> +
> + p = kzalloc(sizeof(*p), GFP_KERNEL);
> + if (!p)
> + return ERR_PTR(-ENOMEM);
> +
> + p->global_default_action = ipe_action_max;
> +
> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> + t = &p->rules[i];
> +
> + t->default_action = ipe_action_max;
> + INIT_LIST_HEAD(&t->rules);
> + }
> +
> + return p;
> +}
> +
> +/**
> + * remove_comment - Truncate all chars following START_COMMENT in a string.
> + *
> + * @line: Supplies a poilcy line string for preprocessing.
> + */
> +static void remove_comment(char *line)
> +{
> + size_t i, len = 0;
> +
> + len = strlen(line);
> + for (i = 0; i < len && line[i] != START_COMMENT; ++i)
> + ;
> +
> + line[i] = '\0';
> +}
> +
> +/**
> + * remove_trailing_spaces - Truncate all trailing spaces in a string.
> + *
> + * @line: Supplies a poilcy line string for preprocessing.
> + */
> +static void remove_trailing_spaces(char *line)
> +{
> + size_t i, len = 0;
> +
> + len = strlen(line);
> + for (i = len; i > 0 && (line[i - 1] == ' ' || line[i - 1] == '\t'); --i)
> + ;
> +
> + line[i] = '\0';
> +}
> +
> +/**
> + * parse_version - Parse policy version.
> + * @ver: Supplies a version string to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Standard errno
> + */
> +static int parse_version(char *ver, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + size_t sep_count = 0;
> + char *token;
> + u16 *const cv[] = { &p->version.major, &p->version.minor, &p->version.rev };
> +
> + while ((token = strsep(&ver, ".")) != NULL) {
> + /* prevent overflow */
> + if (sep_count >= ARRAY_SIZE(cv)) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + rc = kstrtou16(token, 10, cv[sep_count]);
> + if (rc)
> + goto err;
> +
> + ++sep_count;
> + }
> +
> + /* prevent underflow */
> + if (sep_count != ARRAY_SIZE(cv))
> + rc = -EBADMSG;
> +
> +err:
> + return rc;
> +}
> +
> +enum header_opt {
> + ipe_header_policy_name = 0,
> + ipe_header_policy_version,
> + ipe_header_max
> +};
> +
> +static const match_table_t header_tokens = {
> + {ipe_header_policy_name, "policy_name=%s"},
> + {ipe_header_policy_version, "policy_version=%s"},
> + {ipe_header_max, NULL}
> +};
> +
> +/**
> + * parse_header - Parse policy header information.
> + * @line: Supplies header line to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Standard errno
> + */
> +static int parse_header(char *line, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + char *t, *ver = NULL;
> + substring_t args[MAX_OPT_ARGS];
> + size_t idx = 0;
> +
> + while ((t = strsep(&line, " \t")) != NULL) {
> + int token;
> +
> + if (*t == '\0')
> + continue;
> + if (idx >= ipe_header_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + token = match_token(t, header_tokens, args);
> + if (token != idx) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + switch (token) {
> + case ipe_header_policy_name:
> + p->name = match_strdup(&args[0]);
> + if (!p->name)
> + rc = -ENOMEM;
> + break;
> + case ipe_header_policy_version:
> + ver = match_strdup(&args[0]);
> + if (!ver) {
> + rc = -ENOMEM;
> + break;
> + }
> + rc = parse_version(ver, p);
> + break;
> + default:
> + rc = -EBADMSG;
> + }
> + if (rc)
> + goto err;
> + ++idx;
> + }
> +
> + if (idx != ipe_header_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> + goto out;
> +
> +err:
> + kfree(p->name);
> + p->name = NULL;
> +out:
> + kfree(ver);
> + return rc;
> +}
> +
> +/**
> + * is_default - Determine if the given token is "DEFAULT".
> + * @token: Supplies the token string to be compared.
> + *
> + * Return:
> + * * 0 - The token is not "DEFAULT"
> + * * !0 - The token is "DEFAULT"
> + */
> +static bool is_default(char *token)
> +{
> + return !strcmp(token, "DEFAULT");
> +}
> +
> +/**
> + * free_rule - Free the supplied ipe_rule struct.
> + * @r: Supplies the ipe_rule struct to be freed.
> + */
> +static void free_rule(struct ipe_rule *r)
> +{
> + struct ipe_prop *p, *t;
> +
> + if (IS_ERR_OR_NULL(r))
> + return;
> +
> + list_for_each_entry_safe(p, t, &r->props, next) {
> + kfree(p);
> + }
> +
> + kfree(r);
> +}
> +
> +static const match_table_t operation_tokens = {
> + {ipe_op_exec, "op=EXECUTE"},
> + {ipe_op_firmware, "op=FIRMWARE"},
> + {ipe_op_kernel_module, "op=KMODULE"},
> + {ipe_op_kexec_image, "op=KEXEC_IMAGE"},
> + {ipe_op_kexec_initramfs, "op=KEXEC_INITRAMFS"},
> + {ipe_op_ima_policy, "op=IMA_POLICY"},
> + {ipe_op_ima_x509, "op=IMA_X509_CERT"},
> + {ipe_op_max, NULL}
> +};
> +
> +/**
> + * parse_operation - Parse the opeartion type given a token string.
> + * @t: Supplies the token string to be parsed.
> + *
> + * Return: The parsed opeartion type.
> + */
> +static enum ipe_op_type parse_operation(char *t)
> +{
> + substring_t args[MAX_OPT_ARGS];
> +
> + return match_token(t, operation_tokens, args);
> +}
> +
> +static const match_table_t action_tokens = {
> + {ipe_action_allow, "action=ALLOW"},
> + {ipe_action_deny, "action=DENY"},
> + {ipe_action_max, NULL}
> +};
> +
> +/**
> + * parse_action - Parse the action type given a token string.
> + * @t: Supplies the token string to be parsed.
> + *
> + * Return: The parsed action type.
> + */
> +static enum ipe_action_type parse_action(char *t)
> +{
> + substring_t args[MAX_OPT_ARGS];
> +
> + return match_token(t, action_tokens, args);
> +}
> +
> +static const match_table_t property_tokens = {
> + {ipe_prop_max, NULL}
> +};
> +
> +/**
> + * parse_property - Parse the property type given a token string.
> + * @t: Supplies the token string to be parsed.
> + * @r: Supplies the ipe_rule the parsed property will be associated with.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + * * -EBADMSG - The supplied token cannot be parsed
> + */
> +int parse_property(char *t, struct ipe_rule *r)
> +{
> + substring_t args[MAX_OPT_ARGS];
> + struct ipe_prop *p = NULL;
> + int rc = 0;
> + int token;
> + char *dup = NULL;
> +
> + p = kzalloc(sizeof(*p), GFP_KERNEL);
> + if (!p) {
> + rc = -ENOMEM;
> + goto err;
> + }
> +
> + token = match_token(t, property_tokens, args);
> +
> + switch (token) {
> + case ipe_prop_max:
> + default:
> + rc = -EBADMSG;
> + break;
> + }
> + list_add_tail(&p->next, &r->props);
> +
> +err:
> + kfree(dup);
> + return rc;
> +}
> +
> +/**
> + * parse_rule - parse a policy rule line.
> + * @line: Supplies rule line to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + * * -EBADMSG - Policy syntax error
> + */
> +static int parse_rule(char *line, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + bool first_token = true, is_default_rule = false;
> + bool op_parsed = false;
> + enum ipe_op_type op = ipe_op_max;
> + enum ipe_action_type action = ipe_action_max;
> + struct ipe_rule *r = NULL;
> + char *t;
> +
> + r = kzalloc(sizeof(*r), GFP_KERNEL);
> + if (!r) {
> + rc = -ENOMEM;
> + goto err;
> + }
> +
> + INIT_LIST_HEAD(&r->next);
> + INIT_LIST_HEAD(&r->props);
> +
> + while (t = strsep(&line, " \t"), line) {
> + if (*t == '\0')
> + continue;
> + if (first_token && is_default(t)) {
> + is_default_rule = true;
> + } else {
> + if (!op_parsed) {
> + op = parse_operation(t);
> + if (op == ipe_op_max)
> + rc = -EBADMSG;
> + else
> + op_parsed = true;
> + } else {
> + rc = parse_property(t, r);
> + }
> + }
> +
> + if (rc)
> + goto err;
> + first_token = false;
> + }
> +
> + action = parse_action(t);
> + if (action == ipe_action_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + if (is_default_rule) {
> + if (op == ipe_op_max) {
> + if (p->global_default_action != ipe_action_max)
> + rc = -EBADMSG;
> + else
> + p->global_default_action = action;
> + } else {
> + if (p->rules[op].default_action != ipe_action_max)
> + rc = -EBADMSG;
> + else
> + p->rules[op].default_action = action;
> + }
> + free_rule(r);
> + } else if (op != ipe_op_max && action != ipe_action_max) {
> + r->op = op;
> + r->action = action;
> + list_add_tail(&r->next, &p->rules[op].rules);
> + } else {
> + rc = -EBADMSG;
> + }
> +
> + if (rc)
> + goto err;
> +
> + goto out;
> +
> +err:
> + free_rule(r);
> +out:
> + return rc;
> +}
> +
> +/**
> + * free_parsed_policy - free a parsed policy structure.
> + * @p: Supplies the parsed policy.
> + */
> +void free_parsed_policy(struct ipe_parsed_policy *p)
> +{
> + size_t i = 0;
> + struct ipe_rule *pp, *t;
> +
> + if (IS_ERR_OR_NULL(p))
> + return;
> +
> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i)
> + list_for_each_entry_safe(pp, t, &p->rules[i].rules, next)
> + free_rule(pp);
> +
> + kfree(p);
> +}
> +
> +/**
> + * validate_policy - validate a parsed policy.
> + * @p: Supplies the fully parsed policy.
> + *
> + * Given a policy structure that was just parsed, validate that all
> + * necessary fields are present, initialized correctly, and all lines
> + * parsed are have been consumed.
> + *
> + * A parsed policy can be an invalid state for use (a default was
> + * undefined, a header was undefined) by just parsing the policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EBADMSG - Policy is invalid
> + */
> +static int validate_policy(const struct ipe_parsed_policy *p)
> +{
> + int i = 0;
> +
> + if (p->global_default_action != ipe_action_max)
> + return 0;
> +
> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> + if (p->rules[i].default_action == ipe_action_max)
> + return -EBADMSG;
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * parse_policy - Given a string, parse the string into an IPE policy.
> + * @p: partially filled ipe_policy structure to populate with the result.
> + * it must have text and textlen set.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EBADMSG - Policy is invalid
> + * * -ENOMEM - Out of Memory
> + */
> +int parse_policy(struct ipe_policy *p)
> +{
> + int rc = 0;
> + size_t len;
> + char *policy = NULL, *dup = NULL;
> + char *line = NULL;
> + bool header_parsed = false;
> + struct ipe_parsed_policy *pp = NULL;
> +
> + if (!p->textlen)
> + return -EBADMSG;
> +
> + policy = kmemdup_nul(p->text, p->textlen, GFP_KERNEL);
> + if (!policy)
> + return -ENOMEM;
> + dup = policy;
> +
> + pp = new_parsed_policy();
> + if (IS_ERR(pp)) {
> + rc = PTR_ERR(pp);
> + goto out;
> + }
> +
> + while ((line = strsep(&policy, "\n\r")) != NULL) {
> + remove_comment(line);
> + remove_trailing_spaces(line);
> + len = strlen(line);
> + if (!len)
> + continue;
> +
> + if (!header_parsed) {
> + rc = parse_header(line, pp);
> + if (rc)
> + goto err;
> + header_parsed = true;
> + continue;
> + }
> +
> + rc = parse_rule(line, pp);
> + if (rc)
> + goto err;
> + }
> +
> + if (!header_parsed || validate_policy(pp)) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + p->parsed = pp;
> +
> + goto out;
> +err:
> + free_parsed_policy(pp);
> +out:
> + kfree(dup);
> +
> + return rc;
> +}
> diff --git a/security/ipe/policy_parser.h b/security/ipe/policy_parser.h
> new file mode 100644
> index 000000000000..699ca58a5a32
> --- /dev/null
> +++ b/security/ipe/policy_parser.h
> @@ -0,0 +1,11 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_POLICY_PARSER_H
> +#define IPE_POLICY_PARSER_H
> +
> +int parse_policy(struct ipe_policy *p);
> +void free_parsed_policy(struct ipe_parsed_policy *p);
> +
> +#endif /* IPE_POLICY_PARSER */


2023-01-31 12:52:41

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 06/16] ipe: add LSM hooks on execution and kernel read

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for
> bprm_check_security, file_mprotect, mmap_file, kernel_load_data,
> and kernel_read_data.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> ---
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move ipe_load_properties to patch 04.
> + Remove useless 0-initializations
> + Prefix extern variables with ipe_
> + Remove kernel module parameters, as these are
> exposed through sysctls.
> + Add more prose to the IPE base config option
> help text.
> + Use GFP_KERNEL for audit_log_start.
> + Remove unnecessary caching system.
> + Remove comments from headers
> + Use rcu_access_pointer for rcu-pointer null check
> + Remove usage of reqprot; use prot only.
> + Move policy load and activation audit event to 03/12
>
> v4:
> + Remove sysctls in favor of securityfs nodes
> + Re-add kernel module parameters, as these are now
> exposed through securityfs.
> + Refactor property audit loop to a separate function.
>
> v5:
> + fix minor grammatical errors
> + do not group rule by curly-brace in audit record,
> reconstruct the exact rule.
>
> v6:
> + No changes
>
> v7:
> + Further split lsm creation, the audit system, the evaluation loop
> and access control hooks into separate commits.
>
> v8:
> + Rename hook functions to follow the lsmname_hook_name convention
> + Remove ipe_hook enumeration, can be derived from correlation with
> syscall audit record.
>
> v9:
> + Minor changes for adapting to the new parser
> ---
> security/ipe/hooks.c | 169 +++++++++++++++++++++++++++++++++++++++++++
> security/ipe/hooks.h | 13 ++++
> security/ipe/ipe.c | 6 ++
> 3 files changed, 188 insertions(+)
>
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index 335b773c7ae1..fd5109e29c76 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -23,3 +23,172 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
> {
> ipe_invalidate_pinned_sb(mnt_sb);
> }
> +
> +/**
> + * ipe_bprm_check_security - ipe security hook function for bprm check.
> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> + * being evaluated.
> + *
> + * This LSM hook is called when a binary is loaded through the exec
> + * family of system calls.
> + * Return:
> + * *0 - OK
> + * *!0 - Error
> + */
> +int ipe_bprm_check_security(struct linux_binprm *bprm)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + build_eval_ctx(&ctx, bprm->file, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> +}
> +
> +/**
> + * ipe_mmap_file - ipe security hook function for mmap check.
> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + * system configuration.
> + * @flags: Unused.
> + *
> + * This hook is called when a file is loaded through the mmap
> + * family of system calls.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> + unsigned long flags)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + if (prot & PROT_EXEC || reqprot & PROT_EXEC) {

Since the kernel only adds flags and doesn't clear them, isn't safe to
just consider prot? Oh, you mentioned it in the changelog, maybe just
for ipe_file_mprotect().

> + build_eval_ctx(&ctx, f, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> + }

Uhm, I think some considerations that IMA does for mmap() are relevant
also for IPE.

For example, look at mmap_violation_check(). It checks if there are
writable mappings, and if yes, it denies the access.

Similarly for mprotect(), is adding PROT_EXEC safe?

> +
> + return 0;
> +}
> +
> +/**
> + * ipe_file_mprotect - ipe security hook function for mprotect check.
> + * @vma: Existing virtual memory area created by mmap or similar.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + * system configuration.
> + *
> + * This LSM hook is called when a mmap'd region of memory is changing
> + * its protections via mprotect.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> + unsigned long prot)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + /* Already Executable */
> + if (vma->vm_flags & VM_EXEC)
> + return 0;
> +
> + if (prot & PROT_EXEC) {
> + build_eval_ctx(&ctx, vma->vm_file, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * ipe_kernel_read_file - ipe security hook function for kernel read.
> + * @file: Supplies a pointer to the file structure being read in from disk.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * This LSM hook is called when a file is being read in from disk from
> + * the kernel.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> + bool contents)
> +{
> + enum ipe_op_type op;
> + struct ipe_eval_ctx ctx;
> +
> + switch (id) {
> + case READING_FIRMWARE:
> + op = ipe_op_firmware;
> + break;
> + case READING_MODULE:
> + op = ipe_op_kernel_module;
> + break;
> + case READING_KEXEC_INITRAMFS:
> + op = ipe_op_kexec_initramfs;
> + break;
> + case READING_KEXEC_IMAGE:
> + op = ipe_op_kexec_image;
> + break;
> + case READING_POLICY:
> + op = ipe_op_ima_policy;
> + break;
> + case READING_X509_CERTIFICATE:
> + op = ipe_op_ima_x509;
> + break;
> + default:
> + op = ipe_op_max;
> + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> + }
> +
> + build_eval_ctx(&ctx, file, op);
> + return ipe_evaluate_event(&ctx);
> +}
> +
> +/**
> + * ipe_kernel_load_data - ipe security hook function for kernel load data.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * This LSM hook is called when a buffer is being read in from disk.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents)
> +{
> + enum ipe_op_type op;
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + switch (id) {
> + case LOADING_FIRMWARE:
> + op = ipe_op_firmware;
> + break;
> + case LOADING_MODULE:
> + op = ipe_op_kernel_module;
> + break;
> + case LOADING_KEXEC_INITRAMFS:
> + op = ipe_op_kexec_initramfs;
> + break;
> + case LOADING_KEXEC_IMAGE:
> + op = ipe_op_kexec_image;
> + break;
> + case LOADING_POLICY:
> + op = ipe_op_ima_policy;
> + break;
> + case LOADING_X509_CERTIFICATE:
> + op = ipe_op_ima_x509;
> + break;
> + default:
> + op = ipe_op_max;
> + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> + }
> +
> + build_eval_ctx(&ctx, NULL, op);
> + return ipe_evaluate_event(&ctx);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index 30fe455389bf..857cae69678c 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -11,4 +11,17 @@
>
> void ipe_sb_free_security(struct super_block *mnt_sb);
>
> +int ipe_bprm_check_security(struct linux_binprm *bprm);
> +
> +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> + unsigned long flags);
> +
> +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> + unsigned long prot);
> +
> +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> + bool contents);
> +
> +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);
> +
> #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index bef923026b50..7af2f942decd 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -4,6 +4,7 @@
> */
>
> #include "ipe.h"
> +#include "hooks.h"
>
> bool ipe_enabled;
>
> @@ -12,6 +13,11 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> + LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
> + LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
> + LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
> + LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
> + LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
> };

Uhm, maybe I would incorporate patch 1 with this.

Roberto


2023-01-31 12:58:53

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> Users of IPE require a way to identify when and why an operation fails,
> allowing them to both respond to violations of policy and be notified
> of potentially malicious actions on their systens with respect to IPE
> itself.
>
> The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
> evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
> and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
> kernel and the currently active policy changed, respectively.
>
> This patch also adds support for success auditing, allowing users to
> identify how a resource passed policy. It is recommended to use this
> option with caution, as it is quite noisy.

Not sure if this comment makes sense. When a new function is
introduced, like ipe_update_policy(), I like to see it in only one
patch, not with subsequent changes, unless it is really necessary.

If it is possible, I would always introduce the dependencies before and
then the new function.

Roberto

> This patch adds the following audit records:
>
> audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> ino=72 rule="DEFAULT op=EXECUTE action=DENY"
>
> The above audit record shows IPE blocked a file
> /tmp/tmpwxmam366/deny/bin/hello in the temp file system.
>
> audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
> ino=157 rule="DEFAULT action=DENY"
>
> The above audit record shows IPE blocked a file
> /tmp/tmpxkvb3d9x/deny/bin/hello in the temp file system via another
> rule.
>
> audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
>
> The above audit record shows IPE loaded a new policy named
> "dmverity_roothash" with the sha256 hash of the policy.
>
> audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
> old_active_pol_version=0.0.0
> old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
> new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
> new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
>
> The above audit record shows IPE's active policy switched from
> "Allow_All" to "dmverity_roothash".
>
> These result in the following events (the audit records are always
> prior to a SYSCALL record):
>
> audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> ino=72 rule="DEFAULT op=EXECUTE action=DENY"
> audit[476]: SYSCALL arch=c000003e syscall=59 success=no exit=-13
> a0=7f7d01b5e890 a1=7f7d01f80e80 a2=7ffde535f230 a3=0 items=0 ppid=229
> pid=476 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10"
> key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
>
> The above events shows IPE blocked the hello file which python was
> trying to execute.
>
> audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
> ino=157 rule="DEFAULT action=DENY"
> audit[1195]: SYSCALL arch=c000003e syscall=9 success=no
> exit=-13 a0=0 a1=18020 a2=6 a3=2 items=0 ppid=997 pid=1195
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> tty=pts0 ses=4294967295 comm="mmap_test"
> exe="/tmp/ipe-test/bin/mmap_test" key=(null)
> audit: PROCTITLE
> proctitle=2F746D702F6970652D746573742F62696E2F6D6D61705F746573
>
> The above events shows IPE blocked the hello file which
> /tmp/ipe-test/bin/mmap_test was trying to mmap.
>
> audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
> audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2567 a0=3
> a1=5596fcae1fb0 a2=a07 a3=2 items=0 ppid=184 pid=229 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sg
> id=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3"
> exe="/usr/bin/python3.10" key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
>
> The above events shows IPE loaded a new policy "dmverity_roothash"
> because python used write system call.
>
> audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
> old_active_pol_version=0.0.0
> old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
> new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
> new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
> audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=3
> a1=5596fcae1fb0 a2=2 a3=2 items=0 ppid=184 pid=229 auid=4294967295 uid=0
> gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10"
> key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2
> The above events shows IPE switched to a new active policy
> "dmverity_roothash" because python used write system call.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> ---
>
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move ipe_load_properties to patch 04.
> + Remove useless 0-initializations
> + Prefix extern variables with ipe_
> + Remove kernel module parameters, as these are
> exposed through sysctls.
> + Add more prose to the IPE base config option
> help text.
> + Use GFP_KERNEL for audit_log_start.
> + Remove unnecessary caching system.
> + Remove comments from headers
> + Use rcu_access_pointer for rcu-pointer null check
> + Remove usage of reqprot; use prot only.
> + Move policy load and activation audit event to 03/12
>
> v4:
> + Remove sysctls in favor of securityfs nodes
> + Re-add kernel module parameters, as these are now
> exposed through securityfs.
> + Refactor property audit loop to a separate function.
>
> v5:
> + fix minor grammatical errors
> + do not group rule by curly-brace in audit record,
> reconstruct the exact rule.
>
> v6:
> + No changes
>
> v7:
> + Further split lsm creation, the audit system, the evaluation loop,
> and access control hooks into separate patches.
> + Further split audit system patch into two separate patches; one
> for include/uapi, and the usage of the new defines.
> + Split out the permissive functionality into another separate patch,
> for easier review.
> + Correct misuse of audit_log_n_untrusted string to audit_log_format
> + Use get_task_comm instead of comm directly.
> + Quote certain audit values
> + Remove unnecessary help text on choice options - these were
> previously
> idented at the wrong level
> + Correct a stale string constant (ctx_ns_enforce to ctx_enforce)
>
> v8:
>
> + Change dependency for CONFIG_AUDIT to CONFIG_AUDITSYSCALL
> + Drop ctx_* prefix
> + Reuse, where appropriate, the audit fields from the field
> dictionary. This transforms:
> ctx_pathname -> path
> ctx_ino -> ino
> ctx_dev -> dev
>
> + Add audit records and event examples to commit description.
> + Remove new_audit_ctx, replace with audit_log_start. All data that
> would provided by new_audit_ctx is already present in the syscall
> audit record, that is always emitted on these actions. The audit
> records should be correlated as such.
> + Change audit types:
> + AUDIT_TRUST_RESULT -> AUDIT_IPE_ACCESS
> + This prevents overloading of the AVC type.
> + AUDIT_TRUST_POLICY_ACTIVATE -> AUDIT_MAC_CONFIG_CHANGE
> + AUDIT_TRUST_POLICY_LOAD -> AUDIT_MAC_POLICY_LOAD
> + There were no significant difference in meaning between
> these types.
>
> + Remove enforcing parameter passed from the context structure
> for AUDIT_IPE_ACCESS.
> + This field can be inferred from the SYSCALL audit event,
> based on the success field.
>
> + Remove all fields already captured in the syscall record. "hook",
> an IPE specific field, can be determined via the syscall field in
> the syscall record itself, so it has been removed.
> + ino, path, and dev in IPE's record refer to the subject of the
> syscall, while the syscall record refers to the calling process.
>
> + remove IPE prefix from policy load/policy activation events
> + fix a bug wherein a policy change audit record was not fired when
> updating a policy
>
> v9:
> + Merge the AUDIT_IPE_ACCESS definition with the audit support commit
> + Change the audit format of policy load and siwtch
> + Remove the ipe audit kernel switch
> ---
> include/uapi/linux/audit.h | 1 +
> security/ipe/Kconfig | 2 +-
> security/ipe/Makefile | 1 +
> security/ipe/audit.c | 196 +++++++++++++++++++++++++++++++++++++
> security/ipe/audit.h | 18 ++++
> security/ipe/eval.c | 26 ++++-
> security/ipe/eval.h | 8 ++
> security/ipe/fs.c | 68 +++++++++++++
> security/ipe/policy.c | 5 +
> 9 files changed, 321 insertions(+), 4 deletions(-)
> create mode 100644 security/ipe/audit.c
> create mode 100644 security/ipe/audit.h
>
> diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
> index d676ed2b246e..ee3b3db95076 100644
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@ -143,6 +143,7 @@
> #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label */
> #define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry */
> #define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI entry */
> +#define AUDIT_IPE_ACCESS 1420 /* IPE Denial or Grant */
>
> #define AUDIT_FIRST_KERN_ANOM_MSG 1700
> #define AUDIT_LAST_KERN_ANOM_MSG 1799
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index e4875fb04883..ac4d558e69d5 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -5,7 +5,7 @@
>
> menuconfig SECURITY_IPE
> bool "Integrity Policy Enforcement (IPE)"
> - depends on SECURITY && SECURITYFS
> + depends on SECURITY && SECURITYFS && AUDIT && AUDITSYSCALL
> select PKCS7_MESSAGE_PARSER
> select SYSTEM_DATA_VERIFICATION
> help
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 8602d71250b4..89a76ad72301 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -13,3 +13,4 @@ obj-$(CONFIG_SECURITY_IPE) += \
> policy.o \
> policy_fs.o \
> policy_parser.o \
> + audit.o \
> diff --git a/security/ipe/audit.c b/security/ipe/audit.c
> new file mode 100644
> index 000000000000..295e9f9f5146
> --- /dev/null
> +++ b/security/ipe/audit.c
> @@ -0,0 +1,196 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "eval.h"
> +#include "hooks.h"
> +#include "policy.h"
> +#include "audit.h"
> +#include "digest.h"
> +
> +#include <linux/slab.h>
> +#include <linux/audit.h>
> +#include <linux/types.h>
> +#include <crypto/hash.h>
> +
> +#define ACTSTR(x) ((x) == ipe_action_allow ? "ALLOW" : "DENY")
> +
> +#define IPE_AUDIT_HASH_ALG "sha256"
> +
> +#define AUDIT_POLICY_LOAD_FMT "policy_name=\"%s\" policy_version=%hu.%hu.%hu "\
> + IPE_AUDIT_HASH_ALG "="
> +#define AUDIT_OLD_ACTIVE_POLICY_FMT "old_active_pol_name=\"%s\" "\
> + "old_active_pol_version=%hu.%hu.%hu "\
> + "old_" IPE_AUDIT_HASH_ALG "="
> +#define AUDIT_NEW_ACTIVE_POLICY_FMT "new_active_pol_name=\"%s\" "\
> + "new_active_pol_version=%hu.%hu.%hu "\
> + "new_" IPE_AUDIT_HASH_ALG "="
> +
> +static const char *const audit_op_names[ipe_op_max] = {
> + "EXECUTE",
> + "FIRMWARE",
> + "KMODULE",
> + "KEXEC_IMAGE",
> + "KEXEC_INITRAMFS",
> + "IMA_POLICY",
> + "IMA_X509_CERT",
> +};
> +
> +static const char *const audit_prop_names[ipe_prop_max] = {
> + "boot_verified=FALSE",
> + "boot_verified=TRUE",
> +};
> +
> +/**
> + * audit_rule - audit an IPE policy rule approximation.
> + * @ab: Supplies a poniter to the audit_buffer to append to.
> + * @r: Supplies a pointer to the ipe_rule to approximate a string form for.
> + */
> +static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
> +{
> + const struct ipe_prop *ptr;
> +
> + audit_log_format(ab, "rule=\"op=%s ", audit_op_names[r->op]);
> +
> + list_for_each_entry(ptr, &r->props, next) {
> + audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
> + audit_log_format(ab, " ");
> + }
> +
> + audit_log_format(ab, "action=%s\"", ACTSTR(r->action));
> +}
> +
> +/**
> + * ipe_audit_match - audit a match for IPE policy.
> + * @ctx: Supplies a poniter to the evaluation context that was used in the
> + * evaluation.
> + * @match_type: Supplies the scope of the match: rule, operation default,
> + * global default.
> + * @act: Supplies the IPE's evaluation decision, deny or allow.
> + * @r: Supplies a pointer to the rule that was matched, if possible.
> + * @enforce: Supplies the enforcement/permissive state at the point
> + * the enforcement decision was made.
> + */
> +void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
> + enum ipe_match match_type,
> + enum ipe_action_type act, const struct ipe_rule *const r)
> +{
> + struct inode *inode;
> + struct audit_buffer *ab;
> + const char *op = audit_op_names[ctx->op];
> +
> + if (act != ipe_action_deny && !READ_ONCE(success_audit))
> + return;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_IPE_ACCESS);
> + if (!ab)
> + return;
> +
> + if (ctx->file) {
> + audit_log_d_path(ab, "path=", &ctx->file->f_path);
> + inode = file_inode(ctx->file);
> + if (inode) {
> + audit_log_format(ab, " dev=");
> + audit_log_untrustedstring(ab, inode->i_sb->s_id);
> + audit_log_format(ab, " ino=%lu ", inode->i_ino);
> + }
> + }
> +
> + if (match_type == ipe_match_rule)
> + audit_rule(ab, r);
> + else if (match_type == ipe_match_table)
> + audit_log_format(ab, "rule=\"DEFAULT op=%s action=%s\"", op,
> + ACTSTR(act));
> + else
> + audit_log_format(ab, "rule=\"DEFAULT action=%s\"",
> + ACTSTR(act));
> +
> + audit_log_end(ab);
> +}
> +
> +/**
> + * audit_policy - Audit a policy's name, version and thumbprint to @ab.
> + * @ab: Supplies a pointer to the audit buffer to append to.
> + * @p: Supplies a pointer to the policy to audit.
> + */
> +static void audit_policy(struct audit_buffer *ab,
> + const char *audit_format,
> + const struct ipe_policy *const p)
> +{
> + u8 *digest = NULL;
> + struct crypto_shash *tfm;
> + SHASH_DESC_ON_STACK(desc, tfm);
> +
> + tfm = crypto_alloc_shash(IPE_AUDIT_HASH_ALG, 0, 0);
> + if (IS_ERR(tfm))
> + return;
> +
> + desc->tfm = tfm;
> +
> + digest = kzalloc(crypto_shash_digestsize(tfm), GFP_KERNEL);
> + if (!digest)
> + goto out;
> +
> + if (crypto_shash_init(desc))
> + goto out;
> +
> + if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len))
> + goto out;
> +
> + if (crypto_shash_final(desc, digest))
> + goto out;
> +
> + audit_log_format(ab, audit_format, p->parsed->name,
> + p->parsed->version.major, p->parsed->version.minor,
> + p->parsed->version.rev);
> + audit_log_n_hex(ab, digest, crypto_shash_digestsize(tfm));
> +
> +out:
> + kfree(digest);
> + crypto_free_shash(tfm);
> +}
> +
> +/**
> + * ipe_audit_policy_activation - Audit a policy being made the active policy.
> + * @p: Supplies a pointer to the policy to audit.
> + */
> +void ipe_audit_policy_activation(const struct ipe_policy *const op,
> + const struct ipe_policy *const np)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_CONFIG_CHANGE);
> + if (!ab)
> + return;
> +
> + audit_policy(ab, AUDIT_OLD_ACTIVE_POLICY_FMT, op);
> + audit_log_format(ab, " ");
> + audit_policy(ab, AUDIT_NEW_ACTIVE_POLICY_FMT, np);
> + audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
> + from_kuid(&init_user_ns, audit_get_loginuid(current)),
> + audit_get_sessionid(current));
> +
> + audit_log_end(ab);
> +}
> +
> +/**
> + * ipe_audit_policy_load - Audit a policy being loaded into the kernel.
> + * @p: Supplies a pointer to the policy to audit.
> + */
> +void ipe_audit_policy_load(const struct ipe_policy *const p)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD);
> + if (!ab)
> + return;
> +
> + audit_policy(ab, AUDIT_POLICY_LOAD_FMT, p);
> + audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
> + from_kuid(&init_user_ns, audit_get_loginuid(current)),
> + audit_get_sessionid(current));
> +
> + audit_log_end(ab);
> +}
> diff --git a/security/ipe/audit.h b/security/ipe/audit.h
> new file mode 100644
> index 000000000000..2e9b99737f97
> --- /dev/null
> +++ b/security/ipe/audit.h
> @@ -0,0 +1,18 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_AUDIT_H
> +#define IPE_AUDIT_H
> +
> +#include "policy.h"
> +
> +void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
> + enum ipe_match match_type,
> + enum ipe_action_type act, const struct ipe_rule *const r);
> +void ipe_audit_policy_load(const struct ipe_policy *const p);
> +void ipe_audit_policy_activation(const struct ipe_policy *const op,
> + const struct ipe_policy *const np);
> +
> +#endif /* IPE_AUDIT_H */
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> index 48b5104a3463..d713808cad9c 100644
> --- a/security/ipe/eval.c
> +++ b/security/ipe/eval.c
> @@ -7,6 +7,7 @@
> #include "eval.h"
> #include "hooks.h"
> #include "policy.h"
> +#include "audit.h"
>
> #include <linux/fs.h>
> #include <linux/types.h>
> @@ -15,8 +16,10 @@
> #include <linux/sched.h>
> #include <linux/rcupdate.h>
> #include <linux/spinlock.h>
> +#include <linux/moduleparam.h>
>
> struct ipe_policy __rcu *ipe_active_policy;
> +bool success_audit;
>
> static struct super_block *pinned_sb;
> static DEFINE_SPINLOCK(pin_lock);
> @@ -117,6 +120,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> int rc = 0;
> bool match = false;
> enum ipe_action_type action;
> + enum ipe_match match_type;
> struct ipe_policy *pol = NULL;
> const struct ipe_rule *rule = NULL;
> const struct ipe_op_table *rules = NULL;
> @@ -131,6 +135,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
>
> if (ctx->op == ipe_op_max) {
> action = pol->parsed->global_default_action;
> + match_type = ipe_match_global;
> goto eval;
> }
>
> @@ -146,14 +151,20 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> break;
> }
>
> - if (match)
> + if (match) {
> action = rule->action;
> - else if (rules->default_action != ipe_action_max)
> + match_type = ipe_match_rule;
> + } else if (rules->default_action != ipe_action_max) {
> action = rules->default_action;
> - else
> + match_type = ipe_match_table;
> + } else {
> action = pol->parsed->global_default_action;
> + match_type = ipe_match_global;
> + }
>
> eval:
> + ipe_audit_match(ctx, match_type, action, rule);
> +
> if (action == ipe_action_deny)
> rc = -EACCES;
>
> @@ -178,3 +189,12 @@ void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
>
> spin_unlock(&pin_lock);
> }
> +
> +/* Set the right module name */
> +#ifdef KBUILD_MODNAME
> +#undef KBUILD_MODNAME
> +#define KBUILD_MODNAME "ipe"
> +#endif
> +
> +module_param(success_audit, bool, 0400);
> +MODULE_PARM_DESC(success_audit, "Start IPE with success auditing enabled");
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> index 887797438b9b..b83730d0b5ae 100644
> --- a/security/ipe/eval.h
> +++ b/security/ipe/eval.h
> @@ -13,6 +13,7 @@
> #include "policy.h"
>
> extern struct ipe_policy __rcu *ipe_active_policy;
> +extern bool success_audit;
>
> struct ipe_eval_ctx {
> enum ipe_op_type op;
> @@ -21,6 +22,13 @@ struct ipe_eval_ctx {
> bool from_init_sb;
> };
>
> +enum ipe_match {
> + ipe_match_rule = 0,
> + ipe_match_table,
> + ipe_match_global,
> + ipe_match_max
> +};
> +
> void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
> int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
> void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> diff --git a/security/ipe/fs.c b/security/ipe/fs.c
> index 9f6a4867bec2..c99616f36f32 100644
> --- a/security/ipe/fs.c
> +++ b/security/ipe/fs.c
> @@ -4,7 +4,9 @@
> */
> #include "ipe.h"
> #include "fs.h"
> +#include "eval.h"
> #include "policy.h"
> +#include "audit.h"
>
> #include <linux/dcache.h>
> #include <linux/security.h>
> @@ -12,6 +14,57 @@
> static struct dentry *np __ro_after_init;
> static struct dentry *root __ro_after_init;
> struct dentry *policy_root __ro_after_init;
> +static struct dentry *audit_node __ro_after_init;
> +
> +/**
> + * setaudit - Write handler for the securityfs node, "ipe/success_audit"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t setaudit(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + bool value;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + rc = kstrtobool_from_user(data, len, &value);
> + if (rc)
> + return rc;
> +
> + WRITE_ONCE(success_audit, value);
> +
> + return len;
> +}
> +
> +/**
> + * getaudit - Read handler for the securityfs node, "ipe/success_audit"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the read syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t getaudit(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + const char *result;
> +
> + result = ((READ_ONCE(success_audit)) ? "1" : "0");
> +
> + return simple_read_from_buffer(data, len, offset, result, 1);
> +}
>
> /**
> * new_policy - Write handler for the securityfs node, "ipe/new_policy".
> @@ -50,6 +103,8 @@ static ssize_t new_policy(struct file *f, const char __user *data,
> if (rc)
> goto err;
>
> + ipe_audit_policy_load(p);
> +
> err:
> return (rc < 0) ? rc : len;
> }
> @@ -58,6 +113,11 @@ static const struct file_operations np_fops = {
> .write = new_policy,
> };
>
> +static const struct file_operations audit_fops = {
> + .write = setaudit,
> + .read = getaudit,
> +};
> +
> /**
> * ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
> *
> @@ -84,6 +144,13 @@ static int __init ipe_init_securityfs(void)
> goto err;
> }
>
> + audit_node = securityfs_create_file("success_audit", 0600, root,
> + NULL, &audit_fops);
> + if (IS_ERR(audit_node)) {
> + rc = PTR_ERR(audit_node);
> + goto err;
> + }
> +
> policy_root = securityfs_create_dir("policies", root);
> if (IS_ERR(policy_root)) {
> rc = PTR_ERR(policy_root);
> @@ -94,6 +161,7 @@ static int __init ipe_init_securityfs(void)
> err:
> securityfs_remove(np);
> securityfs_remove(root);
> + securityfs_remove(audit_node);
> securityfs_remove(policy_root);
> return rc;
> }
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index a5e9c6e5691b..703b3fd9cf4c 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -9,6 +9,7 @@
> #include "policy.h"
> #include "policy_parser.h"
> #include "digest.h"
> +#include "audit.h"
>
> #include <linux/verification.h>
>
> @@ -124,6 +125,9 @@ struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> swap(new->policyfs, old->policyfs);
> ipe_free_policy(old);
>
> + if (!rc)
> + ipe_audit_policy_load(new);
> +
> goto out;
> err:
> ipe_free_policy(new);
> @@ -230,6 +234,7 @@ int ipe_set_active_pol(const struct ipe_policy *p)
> spin_unlock(&ipe_policy_lock);
> synchronize_rcu();
>
> + ipe_audit_policy_activation(ap, p);
> out:
> return rc;
> }


2023-01-31 13:22:54

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 10/16] dm-verity: consume root hash digest and signature data via LSM hook

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> dm-verity provides a strong guarantee of a block device's integrity. As
> a generic way to check the integrity of a block device, it provides
> those integrity guarantees to its higher layers, including the filesystem
> level.

I think you could reuse most of is_trusted_verity_target(), in
particular dm_verity_get_root_digest().

And probably, the previous patch is not necessary.

Roberto

> An LSM that control access to a resource on the system based on the
> available integrity claims can use this transitive property of
> dm-verity, by querying the underlying block_device of a particular
> file.
>
> The digest and signature information need to be stored in the block
> device to fulfill the next requirement of authorization via LSM policy.
> This will enable the LSM to perform revocation of devices that are still
> mounted, prohibiting execution of files that are no longer authorized
> by the LSM in question.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> ---
> v2:
> + No Changes
>
> v3:
> + No changes
>
> v4:
> + No changes
>
> v5:
> + No changes
>
> v6:
> + Fix an improper cleanup that can result in
> a leak
>
> v7:
> + Squash patch 08/12, 10/12 to [11/16]
> + Use part0 for block_device, to retrieve the block_device, when
> calling security_bdev_setsecurity
>
> v8:
> + Undo squash of 08/12, 10/12 - separating drivers/md/ from
> security/ & block/
> + Use common-audit function for dmverity_signature.
> + Change implementation for storing the dm-verity digest to use the
> newly introduced dm_verity_digest structure introduced in patch
> 14/20.
> + Create new structure, dm_verity_digest, containing digest algorithm,
> size, and digest itself to pass to the LSM layer. V7 was missing the
> algorithm.
> + Create an associated public header containing this new structure and
> the key values for the LSM hook, specific to dm-verity.
> + Additional information added to commit, discussing the layering of
> the changes and how the information passed will be used.
>
> v9:
> + No changes
> ---
> drivers/md/dm-verity-target.c | 25 +++++++++++++++++++++++--
> drivers/md/dm-verity-verify-sig.c | 16 +++++++++++++---
> drivers/md/dm-verity-verify-sig.h | 10 ++++++----
> include/linux/dm-verity.h | 19 +++++++++++++++++++
> 4 files changed, 61 insertions(+), 9 deletions(-)
> create mode 100644 include/linux/dm-verity.h
>
> diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c
> index ccf5b852fbf7..afea61eed4ec 100644
> --- a/drivers/md/dm-verity-target.c
> +++ b/drivers/md/dm-verity-target.c
> @@ -13,6 +13,7 @@
> * access behavior.
> */
>
> +#include "dm-core.h"
> #include "dm-verity.h"
> #include "dm-verity-fec.h"
> #include "dm-verity-verify-sig.h"
> @@ -21,6 +22,9 @@
> #include <linux/scatterlist.h>
> #include <linux/string.h>
> #include <linux/jump_label.h>
> +#include <linux/security.h>
> +#include <linux/dm-verity.h>
> +#include <crypto/hash_info.h>
>
> #define DM_MSG_PREFIX "verity"
>
> @@ -1169,6 +1173,8 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
> sector_t hash_position;
> char dummy;
> char *root_hash_digest_to_validate;
> + struct block_device *bdev;
> + struct dm_verity_digest root_digest;
>
> v = kzalloc(sizeof(struct dm_verity), GFP_KERNEL);
> if (!v) {
> @@ -1211,6 +1217,13 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
> }
> v->version = num;
>
> + bdev = dm_table_get_md(ti->table)->disk->part0;
> + if (!bdev) {
> + ti->error = "Mapped device lookup failed";
> + r = -ENOMEM;
> + goto bad;
> + }
> +
> r = dm_get_device(ti, argv[1], FMODE_READ, &v->data_dev);
> if (r) {
> ti->error = "Data device lookup failed";
> @@ -1343,7 +1356,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
> }
>
> /* Root hash signature is a optional parameter*/
> - r = verity_verify_root_hash(root_hash_digest_to_validate,
> + r = verity_verify_root_hash(bdev, root_hash_digest_to_validate,
> strlen(root_hash_digest_to_validate),
> verify_args.sig,
> verify_args.sig_size);
> @@ -1428,12 +1441,20 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv)
> ti->per_io_data_size = roundup(ti->per_io_data_size,
> __alignof__(struct dm_verity_io));
>
> + root_digest.digest = v->root_digest;
> + root_digest.digest_len = v->digest_size;
> + root_digest.algo = v->alg_name;
> +
> + r = security_bdev_setsecurity(bdev, DM_VERITY_ROOTHASH_SEC_NAME, &root_digest,
> + sizeof(root_digest));
> + if (r)
> + goto bad;
> +
> verity_verify_sig_opts_cleanup(&verify_args);
>
> return 0;
>
> bad:
> -
> verity_verify_sig_opts_cleanup(&verify_args);
> verity_dtr(ti);
>
> diff --git a/drivers/md/dm-verity-verify-sig.c b/drivers/md/dm-verity-verify-sig.c
> index db61a1f43ae9..5a73b91157d5 100644
> --- a/drivers/md/dm-verity-verify-sig.c
> +++ b/drivers/md/dm-verity-verify-sig.c
> @@ -9,6 +9,9 @@
> #include <linux/verification.h>
> #include <keys/user-type.h>
> #include <linux/module.h>
> +#include <linux/security.h>
> +#include <linux/dm-verity.h>
> +#include "dm-core.h"
> #include "dm-verity.h"
> #include "dm-verity-verify-sig.h"
>
> @@ -97,14 +100,17 @@ int verity_verify_sig_parse_opt_args(struct dm_arg_set *as,
> * verify_verify_roothash - Verify the root hash of the verity hash device
> * using builtin trusted keys.
> *
> + * @bdev: block_device representing the device-mapper created block device.
> + * Used by the security hook, to set information about the block_device.
> * @root_hash: For verity, the roothash/data to be verified.
> * @root_hash_len: Size of the roothash/data to be verified.
> * @sig_data: The trusted signature that verifies the roothash/data.
> * @sig_len: Size of the signature.
> *
> */
> -int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
> - const void *sig_data, size_t sig_len)
> +int verity_verify_root_hash(struct block_device *bdev, const void *root_hash,
> + size_t root_hash_len, const void *sig_data,
> + size_t sig_len)
> {
> int ret;
>
> @@ -126,8 +132,12 @@ int verity_verify_root_hash(const void *root_hash, size_t root_hash_len,
> NULL,
> #endif
> VERIFYING_UNSPECIFIED_SIGNATURE, NULL, NULL);
> + if (ret)
> + return ret;
>
> - return ret;
> + return security_bdev_setsecurity(bdev,
> + DM_VERITY_SIGNATURE_SEC_NAME,
> + sig_data, sig_len);
> }
>
> void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts)
> diff --git a/drivers/md/dm-verity-verify-sig.h b/drivers/md/dm-verity-verify-sig.h
> index 3987c7141f79..31692fff92e4 100644
> --- a/drivers/md/dm-verity-verify-sig.h
> +++ b/drivers/md/dm-verity-verify-sig.h
> @@ -20,8 +20,9 @@ struct dm_verity_sig_opts {
>
> #define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 2
>
> -int verity_verify_root_hash(const void *data, size_t data_len,
> - const void *sig_data, size_t sig_len);
> +int verity_verify_root_hash(struct block_device *bdev, const void *data,
> + size_t data_len, const void *sig_data,
> + size_t sig_len);
> bool verity_verify_is_sig_opt_arg(const char *arg_name);
>
> int verity_verify_sig_parse_opt_args(struct dm_arg_set *as, struct dm_verity *v,
> @@ -34,8 +35,9 @@ void verity_verify_sig_opts_cleanup(struct dm_verity_sig_opts *sig_opts);
>
> #define DM_VERITY_ROOT_HASH_VERIFICATION_OPTS 0
>
> -static inline int verity_verify_root_hash(const void *data, size_t data_len,
> - const void *sig_data, size_t sig_len)
> +int verity_verify_root_hash(struct block_device *bdev, const void *data,
> + size_t data_len, const void *sig_data,
> + size_t sig_len)
> {
> return 0;
> }
> diff --git a/include/linux/dm-verity.h b/include/linux/dm-verity.h
> new file mode 100644
> index 000000000000..bb0413d55d72
> --- /dev/null
> +++ b/include/linux/dm-verity.h
> @@ -0,0 +1,19 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +
> +#ifndef _LINUX_DM_VERITY_H
> +#define _LINUX_DM_VERITY_H
> +
> +#include <linux/types.h>
> +#include <crypto/hash_info.h>
> +#include <linux/device-mapper.h>
> +
> +struct dm_verity_digest {
> + const char *algo;
> + const u8 *digest;
> + size_t digest_len;
> +};
> +
> +#define DM_VERITY_SIGNATURE_SEC_NAME DM_NAME ".verity-signature"
> +#define DM_VERITY_ROOTHASH_SEC_NAME DM_NAME ".verity-roothash"
> +
> +#endif /* _LINUX_DM_VERITY_H */


2023-01-31 14:01:35

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 13/16] ipe: enable support for fs-verity as a trust provider

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> Enable IPE policy authors to indicate trust for a singular fsverity
> file, identified by the digest information, through "fsverity_digest"
> and all files using fsverity's builtin signatures via
> "fsverity_signature".
>
> This enables file-level integrity claims to be expressed in IPE,
> allowing individual files to be authorized, giving some flexibility
> for policy authors. Such file-level claims are important to be expressed
> for enforcing the integrity of packages, as well as address some of the
> scalability issues in a sole dm-verity based solution (# of loop back
> devices, etc).
>
> This solution cannot be done in userspace as the minimum threat that
> IPE should mitigate is an attacker downloads malicious payload with
> all required dependencies. These dependencies can lack the userspace
> check, bypassing the protection entirely. A similar attack succeeds if
> the userspace component is replaced with a version that does not
> perform the check. As a result, this can only be done in the common
> entry point - the kernel.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> ---
> v1-v6:
> + Not present
>
> v7:
> Introduced
>
> v8:
> * Undo squash of 08/12, 10/12 - separating drivers/md/ from security/
> * Use common-audit function for fsverity_signature.
> + Change fsverity implementation to use fsverity_get_digest
> + prevent unnecessary copy of fs-verity signature data, instead
> just check for presence of signature data.
> + Remove free_inode_security hook, as the digest is now acquired
> at runtime instead of via LSM blob.
>
> v9:
> + Adapt to the new parser
> ---
> security/ipe/Kconfig | 11 ++++
> security/ipe/audit.c | 23 +++++++
> security/ipe/eval.c | 112 +++++++++++++++++++++++++++++++++++
> security/ipe/eval.h | 10 ++++
> security/ipe/hooks.c | 30 ++++++++++
> security/ipe/hooks.h | 7 +++
> security/ipe/ipe.c | 13 ++++
> security/ipe/ipe.h | 3 +
> security/ipe/policy.h | 3 +
> security/ipe/policy_parser.c | 8 +++
> 10 files changed, 220 insertions(+)
>
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index 16e835ce61b0..dd9a066dd35a 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -32,6 +32,17 @@ config IPE_PROP_DM_VERITY
>
> If unsure, answer Y.
>
> +config IPE_PROP_FS_VERITY
> + bool "Enable property for fs-verity files"
> + depends on FS_VERITY && FS_VERITY_BUILTIN_SIGNATURES
> + help
> + This option enables the usage of properties "fsverity_signature"
> + and "fsverity_digest". These properties evaluates to TRUE when
> + a file is fsverity enabled and with a signed digest or its
> + diegst matches the supplied value in the policy.
> +
> + if unsure, answer Y.
> +
> endmenu
>
> endif
> diff --git a/security/ipe/audit.c b/security/ipe/audit.c
> index 769ba95d9b0d..16d81645e53c 100644
> --- a/security/ipe/audit.c
> +++ b/security/ipe/audit.c
> @@ -46,6 +46,11 @@ static const char *const audit_prop_names[ipe_prop_max] = {
> "dmverity_signature=FALSE",
> "dmverity_signature=TRUE",
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> + "fsverity_digest=",
> + "fsverity_signature=FALSE",
> + "fsverity_signature=TRUE"
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> };
>
> #ifdef CONFIG_IPE_PROP_DM_VERITY
> @@ -64,6 +69,22 @@ static void audit_dmv_roothash(struct audit_buffer *ab, const void *rh)
> }
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +/**
> + * audit_fsv_digest - audit a digest of a fsverity file.
> + * @ab: Supplies a poniter to the audit_buffer to append to.
> + * @d: Supplies a pointer to the digest structure.
> + */
> +static void audit_fsv_digest(struct audit_buffer *ab, const void *d)
> +{
> + ipe_digest_audit(ab, d);
> +}
> +#else
> +static void audit_fsv_digest(struct audit_buffer *ab, const void *d)
> +{
> +}
> +#endif /* CONFIG_IPE_PROP_DM_VERITY */
> +
> /**
> * audit_rule - audit an IPE policy rule approximation.
> * @ab: Supplies a poniter to the audit_buffer to append to.
> @@ -79,6 +100,8 @@ static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
> audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
> if (ptr->type == ipe_prop_dmv_roothash)
> audit_dmv_roothash(ab, ptr->value);
> + if (ptr->type == ipe_prop_fsv_digest)
> + audit_fsv_digest(ab, ptr->value);
>
> audit_log_format(ab, " ");
> }
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> index 538af4195ba7..210d3926c0a8 100644
> --- a/security/ipe/eval.c
> +++ b/security/ipe/eval.c
> @@ -81,6 +81,23 @@ static void build_ipe_bdev_ctx(struct ipe_eval_ctx *ctx, const struct inode *con
> }
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +/**
> + * build_ipe_inode_ctx - Build inode fields of an evaluation context.
> + * @ctx: Supplies a pointer to the context to be populdated.
> + * @ino: Supplies the inode struct of the file triggered IPE event.
> + */
> +static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
> +{
> + ctx->ino = ino;
> + ctx->ipe_inode = ipe_inode(ctx->ino);
> +}
> +#else
> +static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
> +{
> +}
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> +
> /**
> * build_eval_ctx - Build an evaluation context.
> * @ctx: Supplies a pointer to the context to be populdated.
> @@ -99,6 +116,7 @@ void build_eval_ctx(struct ipe_eval_ctx *ctx,
> if (file) {
> ino = d_real_inode(file->f_path.dentry);
> build_ipe_bdev_ctx(ctx, ino);
> + build_ipe_inode_ctx(ctx, ino);
> }
> }
>
> @@ -171,6 +189,91 @@ static bool evaluate_dmv_sig_true(const struct ipe_eval_ctx *const ctx,
> }
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +/**
> + * evaluate_fsv_digest - Analyze @ctx against a fsv digest property.
> + * @ctx: Supplies a pointer to the context being evaluated.
> + * @p: Supplies a pointer to the property being evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + enum hash_algo alg;
> + u8 digest[FS_VERITY_MAX_DIGEST_SIZE];
> +
> + if (!ctx->ino)
> + return false;
> + if (fsverity_get_digest((struct inode *)ctx->ino,
> + digest,
> + &alg)) {
> + return false;
> + }
> +
> + return ipe_digest_eval(p->value,
> + digest,
> + hash_digest_size[alg],
> + hash_algo_name[alg]);
> +}
> +
> +/**
> + * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false property.
> + * @ctx: Supplies a pointer to the context being evaluated.
> + * @p: Supplies a pointer to the property being evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + return !ctx->ino ||
> + !IS_VERITY(ctx->ino) ||
> + !ctx->ipe_inode ||
> + !ctx->ipe_inode->fs_verity_signed;
> +}
> +
> +/**
> + * evaluate_fsv_sig_true - Analyze @ctx against a fsv sig true property.
> + * @ctx: Supplies a pointer to the context being evaluated.
> + * @p: Supplies a pointer to the property being evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + return ctx->ino &&
> + IS_VERITY(ctx->ino) &&
> + ctx->ipe_inode &&
> + ctx->ipe_inode->fs_verity_signed;
> +}

Isn't better to just define one function and prepend a ! in
evaluate_property()?

Not sure about the usefulness of the fsverity_signature= property as it
is. I would at minimum allow to specify which keyring signatures are
verified against, and ensure that the keyring has a restriction.

And maybe I would call fsverity_verify_signature() directly, after
extending it to pass the desired keyring.

I would also split this patch in two, one for fsverity_digest= and one
for fsverity_signature=.

Roberto

> +#else
> +static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + return false;
> +}
> +
> +static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + return false;
> +}
> +
> +static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + return false;
> +}
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> +
> /**
> * evaluate_property - Analyze @ctx against a property.
> * @ctx: Supplies a pointer to the context to be evaluated.
> @@ -201,6 +304,15 @@ static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
> case ipe_prop_dmv_sig_true:
> eval = evaluate_dmv_sig_true(ctx, p);
> break;
> + case ipe_prop_fsv_digest:
> + eval = evaluate_fsv_digest(ctx, p);
> + break;
> + case ipe_prop_fsv_sig_false:
> + eval = evaluate_fsv_sig_false(ctx, p);
> + break;
> + case ipe_prop_fsv_sig_true:
> + eval = evaluate_fsv_sig_true(ctx, p);
> + break;
> default:
> eval = false;
> }
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> index 4fd832c6893e..d3dce4f04cb4 100644
> --- a/security/ipe/eval.h
> +++ b/security/ipe/eval.h
> @@ -26,6 +26,12 @@ struct ipe_bdev {
> };
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +struct ipe_inode {
> + bool fs_verity_signed;
> +};
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> +
> struct ipe_eval_ctx {
> enum ipe_op_type op;
>
> @@ -34,6 +40,10 @@ struct ipe_eval_ctx {
> #ifdef CONFIG_IPE_PROP_DM_VERITY
> const struct ipe_bdev *ipe_bdev;
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> + const struct inode *ino;
> + const struct ipe_inode *ipe_inode;
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> };
>
> enum ipe_match {
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index 735375d2f858..836f08240372 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -243,3 +243,33 @@ int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
> return -EOPNOTSUPP;
> }
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +/**
> + * ipe_inode_setsecurity - Sets fields of a inode security blob from @key.
> + * @inode: The inode to source the security blob from.
> + * @name: The name representing the information to be stored.
> + * @value: The value to be stored.
> + * @size: The size of @value.
> + * @flags: unused
> + *
> + * Saves fsverity signature & digest into inode security blob
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_inode_setsecurity(struct inode *inode, const char *name,
> + const void *value, size_t size,
> + int flags)
> +{
> + struct ipe_inode *inode_sec = ipe_inode(inode);
> +
> + if (!strcmp(name, FS_VERITY_INODE_SEC_NAME)) {
> + inode_sec->fs_verity_signed = size > 0 && value;
> + return 0;
> + }
> +
> + return -EOPNOTSUPP;
> +}
> +#endif /* CONFIG_CONFIG_IPE_PROP_FS_VERITY */
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index 16611a149158..654aba584a44 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -8,6 +8,7 @@
> #include <linux/fs.h>
> #include <linux/binfmts.h>
> #include <linux/security.h>
> +#include <linux/fsverity.h>
> #include <linux/device-mapper.h>
>
> void ipe_sb_free_security(struct super_block *mnt_sb);
> @@ -32,4 +33,10 @@ int ipe_bdev_setsecurity(struct block_device *bdev, const char *key,
> const void *value, size_t len);
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +int ipe_inode_setsecurity(struct inode *inode, const char *name,
> + const void *value, size_t size,
> + int flags);
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> +
> #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 5612cb3cf1e5..705ce9a003de 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -13,6 +13,9 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> #ifdef CONFIG_IPE_PROP_DM_VERITY
> .lbs_bdev = sizeof(struct ipe_bdev),
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> + .lbs_inode = sizeof(struct ipe_inode),
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> };
>
> #ifdef CONFIG_IPE_PROP_DM_VERITY
> @@ -22,6 +25,13 @@ struct ipe_bdev *ipe_bdev(struct block_device *b)
> }
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
>
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +struct ipe_inode *ipe_inode(const struct inode *inode)
> +{
> + return inode->i_security + ipe_blobs.lbs_inode;
> +}
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> +
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
> @@ -33,6 +43,9 @@ static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
> LSM_HOOK_INIT(bdev_setsecurity, ipe_bdev_setsecurity),
> #endif
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> + LSM_HOOK_INIT(inode_setsecurity, ipe_inode_setsecurity),
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> };
>
> /**
> diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
> index c2594a45b8f2..138fda645ecf 100644
> --- a/security/ipe/ipe.h
> +++ b/security/ipe/ipe.h
> @@ -15,5 +15,8 @@ extern bool ipe_enabled;
> #ifdef CONFIG_IPE_PROP_DM_VERITY
> struct ipe_bdev *ipe_bdev(struct block_device *b);
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> +struct ipe_inode *ipe_inode(const struct inode *inode);
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
>
> #endif /* IPE_H */
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 324eb76c6067..50b8f4c49bc7 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -31,6 +31,9 @@ enum ipe_prop_type {
> ipe_prop_dmv_roothash,
> ipe_prop_dmv_sig_false,
> ipe_prop_dmv_sig_true,
> + ipe_prop_fsv_digest,
> + ipe_prop_fsv_sig_false,
> + ipe_prop_fsv_sig_true,
> ipe_prop_max
> };
>
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> index 50a6a763e842..799ee7fda974 100644
> --- a/security/ipe/policy_parser.c
> +++ b/security/ipe/policy_parser.c
> @@ -273,6 +273,11 @@ static const match_table_t property_tokens = {
> {ipe_prop_dmv_sig_false, "dmverity_signature=FALSE"},
> {ipe_prop_dmv_sig_true, "dmverity_signature=TRUE"},
> #endif /* CONFIG_IPE_PROP_DM_VERITY */
> +#ifdef CONFIG_IPE_PROP_FS_VERITY
> + {ipe_prop_fsv_digest, "fsverity_digest=%s"},
> + {ipe_prop_fsv_sig_false, "fsverity_signature=FALSE"},
> + {ipe_prop_fsv_sig_true, "fsverity_signature=TRUE"},
> +#endif /* CONFIG_IPE_PROP_FS_VERITY */
> {ipe_prop_max, NULL}
> };
>
> @@ -304,6 +309,7 @@ int parse_property(char *t, struct ipe_rule *r)
>
> switch (token) {
> case ipe_prop_dmv_roothash:
> + case ipe_prop_fsv_digest:
> dup = match_strdup(&args[0]);
> if (!dup) {
> rc = -ENOMEM;
> @@ -315,6 +321,8 @@ int parse_property(char *t, struct ipe_rule *r)
> case ipe_prop_boot_verified_true:
> case ipe_prop_dmv_sig_false:
> case ipe_prop_dmv_sig_true:
> + case ipe_prop_fsv_sig_false:
> + case ipe_prop_fsv_sig_true:
> p->type = token;
> break;
> case ipe_prop_max:


2023-01-31 14:23:56

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 00/16] Integrity Policy Enforcement LSM (IPE)

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> Overview:
> ---------
>
> IPE is a Linux Security Module which takes a complimentary approach to
> access control. Whereas existing mandatory access control mechanisms
> base their decisions on labels and paths, IPE instead determines
> whether or not an operation should be allowed based on immutable
> security properties of the system component the operation is being
> performed on.
>
> IPE itself does not mandate how the security property should be
> evaluated, but relies on an extensible set of external property providers
> to evaluate the component. IPE makes its decision based on reference
> values for the selected properties, specified in the IPE policy.
>
> The reference values represent the value that the policy writer and the
> local system administrator (based on the policy signature) trust for the
> system to accomplish the desired tasks.
>
> One such provider is for example dm-verity, which is able to represent
> the integrity property of a partition (its immutable state) with a digest.
>
> IPE is compiled under CONFIG_SECURITY_IPE.
>
> Use Cases
> ---------
>
> IPE works best in fixed-function devices: Devices in which their purpose
> is clearly defined and not supposed to be changed (e.g. network firewall
> device in a data center, an IoT device, etcetera), where all software and
> configuration is built and provisioned by the system owner.
>
> IPE is a long-way off for use in general-purpose computing: the Linux
> community as a whole tends to follow a decentralized trust model,
> known as the web of trust, which IPE has no support for as of yet.
> There are exceptions, such as the case where a Linux distribution
> vendor trusts only their own keys, where IPE can successfully be used
> to enforce the trust requirement.
>
> Additionally, while most packages are signed today, the files inside
> the packages (for instance, the executables), tend to be unsigned. This
> makes it difficult to utilize IPE in systems where a package manager is
> expected to be functional, without major changes to the package manager
> and ecosystem behind it.
>
> DIGLIM[1] is a system that when combined with IPE, could be used to
> enable general purpose computing scenarios.
>
> Policy:
> -------
>
> IPE policy is a plain-text policy composed of multiple statements
> over several lines. There is one required line, at the top of the
> policy, indicating the policy name, and the policy version, for
> instance:
>
> policy_name=Ex_Policy policy_version=0.0.0
>
> The policy version indicates the current version of the policy. This is
> used to prevent roll-back of policy to potentially insecure previous
> versions of the policy.
>
> The next portion of IPE policy, are rules. Rules are formed by key=value
> pairs, known as properties. IPE rules require two keys: "action", which
> determines what IPE does when it encounters a match against the policy
> and "op", which determines when that rule should be evaluated.
>
> Thus, a minimal rule is:
>
> op=EXECUTE action=ALLOW
>
> This example rule will allow any execution. A rule is required to have the
> "op" property as the first token of a rule, and the "action" as the last
> token of the rule.
>
> Additional properties are used to restrict attributes about the files being
> evaluated. These properties are intended to be deterministic attributes
> that are resident in the kernel.
>
> For example:
>
> op=EXECUTE dmverity_signature=FALSE action=DENY
>
> This rule with property dmverity_signature will deny any file not from
> a signed dmverity volume to be executed.
>
> All available properties for IPE described in the documentation patch of
> this series.
>
> Rules are evaluated top-to-bottom. As a result, any revocation rules,
> or denies should be placed early in the file to ensure that these rules
> are evaluated before a rule with "action=ALLOW" is hit.
>
> Any unknown syntax in IPE policy will result in a fatal error to parse
> the policy.
>
> Additionally, a DEFAULT operation must be set for all understood
> operations within IPE. For policies to remain completely forwards
> compatible, it is recommended that users add a "DEFAULT action=ALLOW"
> and override the defaults on a per-operation basis.
>
> For more information about the policy syntax, see the kernel
> documentation page.
>
> Early Usermode Protection:
> --------------------------
>
> IPE can be provided with a policy at startup to load and enforce.
> This is intended to be a minimal policy to get the system to a state
> where userspace is setup and ready to receive commands, at which
> point a policy can be deployed via securityfs. This "boot policy" can be
> specified via the config, SECURITY_IPE_BOOT_POLICY, which accepts a path
> to a plain-text version of the IPE policy to apply. This policy will be
> compiled into the kernel. If not specified, IPE will be disabled until a
> policy is deployed and activated through the method above.
>
> Policy Examples:
> ----------------
>
> Allow all:
>
> policy_name=Allow_All policy_version=0.0.0
> DEFAULT action=ALLOW
>
> Allow only initial superblock:
>
> policy_name=Allow_All_Initial_SB policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE boot_verified=TRUE action=ALLOW
>
> Allow any signed dm-verity volume and the initial superblock:
>
> policy_name=AllowSignedAndInitial policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE boot_verified=TRUE action=ALLOW
> op=EXECUTE dmverity_signature=TRUE action=ALLOW
>
> Prohibit execution from a specific dm-verity volume, while allowing
> all signed volumes and the initial superblock:
>
> policy_name=ProhibitSingleVolume policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=DENY
> op=EXECUTE boot_verified=TRUE action=ALLOW
> op=EXECUTE dmverity_signature=TRUE action=ALLOW
>
> Allow only a specific dm-verity volume:
>
> policy_name=AllowSpecific policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE dmverity_roothash=sha256:401fcec5944823ae12f62726e8184407a5fa9599783f030dec146938 action=ALLOW
>
> Allow any signed fs-verity file
>
> policy_name="AllowSignedFSVerity" policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE fsverity_signature=TRUE action=ALLOW
>
> Deny a specific fs-verity file:
>
> policy_name="ProhibitSpecificFSVF" policy_version=0.0.0
> DEFAULT action=DENY
>
> op=EXECUTE fsverity_digest=sha256:fd88f2b8824e197f850bf4c5109bea5cf0ee38104f710843bb72da796ba5af9e action=DENY
> op=EXECUTE boot_verified=TRUE action=ALLOW
> op=EXECUTE dmverity_signature=TRUE action=ALLOW
>
> Deploying Policies:
> -------------------
>
> First sign a plain text policy, with a certificate that is present in
> the SYSTEM_TRUSTED_KEYRING of your test machine. Through openssl, the
> signing can be done via:
>
> openssl smime -sign -in "$MY_POLICY" -signer "$MY_CERTIFICATE" \
> -inkey "$MY_PRIVATE_KEY" -outform der -noattr -nodetach \
> -out "$MY_POLICY.p7s"
>
> Then, simply cat the file into the IPE's "new_policy" securityfs node:
>
> cat "$MY_POLICY.p7s" > /sys/kernel/security/ipe/new_policy
>
> The policy should now be present under the policies/ subdirectory, under
> its "policy_name" attribute.
>
> The policy is now present in the kernel and can be marked as active,
> via the securityfs node:
>
> echo 1 > "/sys/kernel/security/ipe/$MY_POLICY_NAME/active"
>
> This will now mark the policy as active and the system will be enforcing
> $MY_POLICY_NAME.
>
> There is one requirement when marking a policy as active, the policy_version
> attribute must either increase, or remain the same as the currently running
> policy.
>
> Policies can be updated via:
>
> cat "$MY_UPDATED_POLICY.p7s" > \
> "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/update"
>
> Additionally, policies can be deleted via the "delete" securityfs
> node. Simply write "1" to the corresponding node in the policy folder:
>
> echo 1 > "/sys/kernel/security/ipe/policies/$MY_POLICY_NAME/delete"
>
> There is only one requirement to delete policies, the policy being
> deleted must not be the active policy.
>
> NOTE: Any securityfs write to IPE's nodes will require CAP_MAC_ADMIN.
>
> Integrations:
> -------------
>
> This patch series adds support for fsverity via digest and signature
> (fsverity_signature and fsverity_digest), dm-verity by digest and
> signature (dmverity_signature and dmverity_roothash), and trust for
> the initramfs (boot_verified).
>
> Please see the documentation patch for more information about the
> integrations available.
>
> Testing:
> --------
>
> KUnit Tests are available. Recommended kunitconfig:
>
> CONFIG_KUNIT=y
> CONFIG_SECURITY=y
> CONFIG_SECURITYFS=y
> CONFIG_PKCS7_MESSAGE_PARSER=y
> CONFIG_SYSTEM_DATA_VERIFICATION=y
> CONFIG_FS_VERITY=y
> CONFIG_FS_VERITY_BUILTIN_SIGNATURES=y
> CONFIG_BLOCK=y
> CONFIG_MD=y
> CONFIG_BLK_DEV_DM=y
> CONFIG_DM_VERITY=y
> CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y
> CONFIG_NET=y
> CONFIG_AUDIT=y
> CONFIG_AUDITSYSCALL=y
>
> CONFIG_SECURITY_IPE=y
> CONFIG_IPE_PROP_DM_VERITY=y
> CONFIG_IPE_PROP_FS_VERITY=y
> CONFIG_SECURITY_IPE_KUNIT_TEST=y
>
> Simply run:
>
> make ARCH=um mrproper
> ./tools/testing/kunit/kunit.py run --kunitconfig <path/to/config>
>
> And the tests will execute and report the result. For more indepth testing,
> it will require you to create and mount a dm-verity volume or fs-verity
> enabled file.
>
> Documentation:
> --------------
>
> There is both documentation available on github at
> https://microsoft.github.io/ipe, and Documentation in this patch series,
> to be added in-tree.
>
> Known Gaps:
> -----------
>
> IPE has two known gaps:
>
> 1. IPE cannot verify the integrity of anonymous executable memory, such as
> the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> Unfortunately, as this is dynamically generated code, there is no way
> for IPE to ensure the integrity of this code to form a trust basis. In all
> cases, the return result for these operations will be whatever the admin
> configures the DEFAULT action for "EXECUTE".

I think it would be useful to handle special cases, for example you
could allow a process that created a file with memfd to use it, at the
condition that nobody else writes it.

This would be required during the boot, otherwise services could fail
to start (depending on the policy).

> 2. IPE cannot verify the integrity of interpreted languages' programs when
> these scripts invoked via ``<interpreter> <file>``. This is because the
> way interpreters execute these files, the scripts themselves are not
> evaluated as executable code through one of IPE's hooks. Interpreters
> can be enlightened to the usage of IPE by trying to mmap a file into
> executable memory (+X), after opening the file and responding to the
> error code appropriately. This also applies to included files, or high
> value files, such as configuration files of critical system components.

Ok, it is a well known issue. Hopefully, it will be fixed soon.

Roberto

> Appendix:
> ---------
>
> A. IPE Github Repository: https://github.com/microsoft/ipe
> B. IPE Users' Guide: Documentation/admin-guide/LSM/ipe.rst
>
> References:
> -----------
>
> 1: https://lore.kernel.org/bpf/[email protected]/T/
>
> FAQ:
> ----
>
> Q: What is the difference between IMA and IPE?
>
> A: See the documentation patch for more on this topic.
>
> Previous Postings
> -----------------
>
> v1: https://lore.kernel.org/all/[email protected]/
> v2: https://lore.kernel.org/all/[email protected]/
> v3: https://lore.kernel.org/all/[email protected]/
> v4: https://lore.kernel.org/all/[email protected]/
> v5: https://lore.kernel.org/all/[email protected]/
> v6: https://lore.kernel.org/all/[email protected]/
> v7: https://lore.kernel.org/all/1634151995-16266-1-git-send-email-deven.desai@linux.microsoft.com/
> v8: https://lore.kernel.org/all/1654714889-26728-1-git-send-email-deven.desai@linux.microsoft.com/
>
> Changelog:
> ----------
>
> v2:
> Split the second patch of the previous series into two.
> Minor corrections in the cover-letter and documentation
> comments regarding CAP_MAC_ADMIN checks in IPE.
>
> v3:
> Address various comments by Jann Horn. Highlights:
> Switch various audit allocators to GFP_KERNEL.
> Utilize rcu_access_pointer() in various locations.
> Strip out the caching system for properties
> Strip comments from headers
> Move functions around in patches
> Remove kernel command line parameters
> Reconcile the race condition on the delete node for policy by
> expanding the policy critical section.
>
> Address a few comments by Jonathan Corbet around the documentation
> pages for IPE.
>
> Fix an issue with the initialization of IPE policy with a "-0"
> version, caused by not initializing the hlist entries before
> freeing.
>
> v4:
> Address a concern around IPE's behavior with unknown syntax.
> Specifically, make any unknown syntax a fatal error instead of a
> warning, as suggested by Mickaël Salaün.
> Introduce a new securityfs node, $securityfs/ipe/property_config,
> which provides a listing of what properties are enabled by the
> kernel and their versions. This allows usermode to predict what
> policies should be allowed.
> Strip some comments from c files that I missed.
> Clarify some documentation comments around 'boot_verified'.
> While this currently does not functionally change the property
> itself, the distinction is important when IPE can enforce verified
> reads. Additionally, 'KERNEL_READ' was omitted from the documentation.
> This has been corrected.
> Change SecurityFS and SHA1 to a reverse dependency.
> Update the cover-letter with the updated behavior of unknown syntax.
> Remove all sysctls, making an equivalent function in securityfs.
> Rework the active/delete mechanism to be a node under the policy in
> $securityfs/ipe/policies.
> The kernel command line parameters ipe.enforce and ipe.success_audit
> have returned as this functionality is no longer exposed through
> sysfs.
>
> v5:
> Correct some grammatical errors reported by Randy Dunlap.
> Fix some warnings reported by kernel test bot.
> Change convention around security_bdev_setsecurity. -ENOSYS
> is now expected if an LSM does not implement a particular @name,
> as suggested by Casey Schaufler.
> Minor string corrections related to the move from sysfs to securityfs
> Correct a spelling of an #ifdef for the permissive argument.
> Add the kernel parameters re-added to the documentation.
> Fix a minor bug where the mode being audited on permissive switch
> was the original mode, not the mode being swapped to.
> Cleanup doc comments, fix some whitespace alignment issues.
>
> v6:
> Change if statement condition in security_bdev_setsecurity to be
> more concise, as suggested by Casey Schaufler and Al Viro
> Drop the 6th patch in the series, "dm-verity move signature check..."
> due to numerous issues, and it ultimately providing no real value.
> Fix the patch tree - the previous iteration appears to have been in a
> torn state (patches 8+9 were merged). This has since been corrected.
>
> v7:
> * Reword cover letter to more accurate convey IPE's purpose
> and latest updates.
> * Refactor series to:
> 1. Support a context structure, enabling:
> 1. Easier Testing via KUNIT
> 2. A better architecture for future designs
> 2. Make parser code cleaner
> * Move patch 01/12 to [14/16] of the series
> * Split up patch 02/12 into four parts:
> 1. context creation [01/16]
> 2. audit [07/16]
> 3. evaluation loop [03/16]
> 4. access control hooks [05/16]
> 5. permissive mode [08/16]
> * Split up patch 03/12 into two parts:
> 1. parser [02/16]
> 2. userspace interface [04/16]
> * Reword and refactor patch 04/12 to [09/16]
> * Squash patch 05/12, 07/12, 09/12 to [10/16]
> * Squash patch 08/12, 10/12 to [11/16]
> * Change audit records to MAC region (14XX) from Integrity region (18XX)
> * Add FSVerity Support
> * Interface changes:
> 1. "raw" was renamed to "pkcs7" and made read only
> 2. "raw"'s write functionality (update a policy) moved to "update"
> 3. introduced "version", "policy_name" nodes.
> 4. "content" renamed to "policy"
> 5. The boot policy can now be updated like any other policy.
> * Add additional developer-level documentation
> * Update admin-guide docs to reflect changes.
> * Kunit tests
> * Dropped CONFIG_SECURITY_IPE_PERMISSIVE_SWITCH - functionality can
> easily come later with a small patch.
> * Use partition0 for block_device for dm-verity patch
>
> v8:
> * Add changelog information to individual commits
> * A large number of changes to the audit patch.
> * split fs/ & security/ changes to two separate patches.
> * split block/, security/ & drivers/md/ changes to separate patches.
> * Add some historical context to what lead to the creation of IPE
> in the documentation patch.
> * Cover-letter changes suggested by Roberto Sassu.
>
> v9:
> * Rewrite IPE parser to use kernel match_table parser.
> * Adapt existing IPE properties to the new parser.
> * Remove ipe_context, quote policy syntax, kernel_read for simplicity.
> * Add new function in the security file system to delete IPE policy.
> * Make IPE audit builtin and change several audit formats.
> * Make boot_verified property builtin
>
> Deven Bowers (13):
> security: add ipe lsm
> ipe: add policy parser
> ipe: add evaluation loop and introduce 'boot_verified' as a trust
> provider
> ipe: add userspace interface
> ipe: add LSM hooks on execution and kernel read
> uapi|audit|ipe: add ipe auditing support
> ipe: add permissive toggle
> block|security: add LSM blob to block_device
> dm-verity: consume root hash digest and signature data via LSM hook
> ipe: add support for dm-verity as a trust provider
> scripts: add boot policy generation program
> ipe: kunit test for parser
> documentation: add ipe documentation
>
> Fan Wu (3):
> security: add new securityfs delete function
> fsverity: consume builtin signature via LSM hook
> ipe: enable support for fs-verity as a trust provider
>
> Documentation/admin-guide/LSM/index.rst | 1 +
> Documentation/admin-guide/LSM/ipe.rst | 729 ++++++++++++++++++
> .../admin-guide/kernel-parameters.txt | 12 +
> Documentation/security/index.rst | 1 +
> Documentation/security/ipe.rst | 436 +++++++++++
> MAINTAINERS | 8 +
> block/bdev.c | 7 +
> drivers/md/dm-verity-target.c | 25 +-
> drivers/md/dm-verity-verify-sig.c | 16 +-
> drivers/md/dm-verity-verify-sig.h | 10 +-
> fs/verity/fsverity_private.h | 2 +-
> fs/verity/open.c | 13 +-
> fs/verity/signature.c | 1 +
> include/linux/blk_types.h | 3 +
> include/linux/dm-verity.h | 19 +
> include/linux/fsverity.h | 2 +
> include/linux/lsm_hook_defs.h | 5 +
> include/linux/lsm_hooks.h | 12 +
> include/linux/security.h | 23 +
> include/uapi/linux/audit.h | 1 +
> scripts/Makefile | 1 +
> scripts/ipe/Makefile | 2 +
> scripts/ipe/polgen/.gitignore | 1 +
> scripts/ipe/polgen/Makefile | 6 +
> scripts/ipe/polgen/polgen.c | 145 ++++
> security/Kconfig | 11 +-
> security/Makefile | 1 +
> security/inode.c | 25 +
> security/ipe/.gitignore | 1 +
> security/ipe/Kconfig | 75 ++
> security/ipe/Makefile | 32 +
> security/ipe/audit.c | 279 +++++++
> security/ipe/audit.h | 19 +
> security/ipe/digest.c | 144 ++++
> security/ipe/digest.h | 26 +
> security/ipe/eval.c | 424 ++++++++++
> security/ipe/eval.h | 60 ++
> security/ipe/fs.c | 242 ++++++
> security/ipe/fs.h | 17 +
> security/ipe/hooks.c | 275 +++++++
> security/ipe/hooks.h | 42 +
> security/ipe/ipe.c | 97 +++
> security/ipe/ipe.h | 22 +
> security/ipe/policy.c | 259 +++++++
> security/ipe/policy.h | 93 +++
> security/ipe/policy_fs.c | 459 +++++++++++
> security/ipe/policy_parser.c | 545 +++++++++++++
> security/ipe/policy_parser.h | 11 +
> security/ipe/policy_tests.c | 294 +++++++
> security/security.c | 70 ++
> 50 files changed, 4988 insertions(+), 16 deletions(-)
> create mode 100644 Documentation/admin-guide/LSM/ipe.rst
> create mode 100644 Documentation/security/ipe.rst
> create mode 100644 include/linux/dm-verity.h
> create mode 100644 scripts/ipe/Makefile
> create mode 100644 scripts/ipe/polgen/.gitignore
> create mode 100644 scripts/ipe/polgen/Makefile
> create mode 100644 scripts/ipe/polgen/polgen.c
> create mode 100644 security/ipe/.gitignore
> create mode 100644 security/ipe/Kconfig
> create mode 100644 security/ipe/Makefile
> create mode 100644 security/ipe/audit.c
> create mode 100644 security/ipe/audit.h
> create mode 100644 security/ipe/digest.c
> create mode 100644 security/ipe/digest.h
> create mode 100644 security/ipe/eval.c
> create mode 100644 security/ipe/eval.h
> create mode 100644 security/ipe/fs.c
> create mode 100644 security/ipe/fs.h
> create mode 100644 security/ipe/hooks.c
> create mode 100644 security/ipe/hooks.h
> create mode 100644 security/ipe/ipe.c
> create mode 100644 security/ipe/ipe.h
> create mode 100644 security/ipe/policy.c
> create mode 100644 security/ipe/policy.h
> create mode 100644 security/ipe/policy_fs.c
> create mode 100644 security/ipe/policy_parser.c
> create mode 100644 security/ipe/policy_parser.h
> create mode 100644 security/ipe/policy_tests.c
>


2023-01-31 15:50:39

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> IPE must have a centralized function to evaluate incoming callers
> against IPE's policy. This iteration of the policy against the rules
> for that specific caller is known as the evaluation loop.

Not sure if you check the properties at every access.

From my previous comments (also for previous versions of the patches)
you could evaluate the property once, by calling the respective
functions in the other subsystems.

Then, you reserve space in the security blob for inodes and superblocks
to cache the decision. The format could be a policy sequence number, to
ensure that the cache is valid only for the current policy, and a bit
for every hook you enforce.

Also, currently you rely on the fact that the properties you defined
are immutable and the immutability is guaranteed by the other
subsystems, so no write can occur.

But if you remove this limitation, the immutability is not guaranteed
anymore by the other subsystems (for example if a file is in an ext4
filesystem), the LSM needs to take extra care to ensure that the
properties are still verified. This would be required for example if
IPE is used in conjuction with DIGLIM.

In my opinion, IPE value would increase if the generic enforcement
mechanism is property-agnostic.

Roberto

> In addition, IPE is designed to provide system level trust guarantees,
> this usually implies that trust starts from bootup with a hardware root
> of trust, which validates the bootloader. After this, the bootloader
> verifies the kernel and the initramfs.
>
> As there's no currently supported integrity method for initramfs, and
> it's typically already verified by the bootloader, introduce a property
> that causes the first superblock to have an execution to be "pinned",
> which is typically initramfs.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
>
> ---
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move ipe_load_properties to patch 04.
> + Remove useless 0-initializations
> + Prefix extern variables with ipe_
> + Remove kernel module parameters, as these are
> exposed through sysctls.
> + Add more prose to the IPE base config option
> help text.
> + Use GFP_KERNEL for audit_log_start.
> + Remove unnecessary caching system.
> + Remove comments from headers
> + Use rcu_access_pointer for rcu-pointer null check
> + Remove usage of reqprot; use prot only.
> + Move policy load and activation audit event to 03/12
>
> v4:
> + Remove sysctls in favor of securityfs nodes
> + Re-add kernel module parameters, as these are now
> exposed through securityfs.
> + Refactor property audit loop to a separate function.
>
> v5:
> + fix minor grammatical errors
> + do not group rule by curly-brace in audit record,
> reconstruct the exact rule.
>
> v6:
> + No changes
>
> v7:
> + Further split lsm creation into a separate commit from the
> evaluation loop and audit system, for easier review.
>
> + Propogating changes to support the new ipe_context structure in the
> evaluation loop.
>
> v8:
> + Remove ipe_hook enumeration; hooks can be correlated via syscall
> record.
>
> v9:
> + Remove ipe_context related code and simplify the evaluation loop.
> + Merge the evaluation loop commit with the boot_verified commit.
> ---
> security/ipe/Makefile | 1 +
> security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
> security/ipe/eval.h | 28 ++++++
> security/ipe/hooks.c | 25 +++++
> security/ipe/hooks.h | 14 +++
> security/ipe/ipe.c | 1 +
> security/ipe/policy.c | 20 ++++
> security/ipe/policy.h | 3 +
> security/ipe/policy_parser.c | 8 +-
> 9 files changed, 279 insertions(+), 1 deletion(-)
> create mode 100644 security/ipe/eval.c
> create mode 100644 security/ipe/eval.h
> create mode 100644 security/ipe/hooks.c
> create mode 100644 security/ipe/hooks.h
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 16bbe80991f1..d7f2870d7c09 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -6,6 +6,7 @@
> #
>
> obj-$(CONFIG_SECURITY_IPE) += \
> + eval.o \
> hooks.o \
> ipe.o \
> policy.o \
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> new file mode 100644
> index 000000000000..48b5104a3463
> --- /dev/null
> +++ b/security/ipe/eval.c
> @@ -0,0 +1,180 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "eval.h"
> +#include "hooks.h"
> +#include "policy.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/slab.h>
> +#include <linux/file.h>
> +#include <linux/sched.h>
> +#include <linux/rcupdate.h>
> +#include <linux/spinlock.h>
> +
> +struct ipe_policy __rcu *ipe_active_policy;
> +
> +static struct super_block *pinned_sb;
> +static DEFINE_SPINLOCK(pin_lock);
> +#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> +
> +/**
> + * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
> + * @f: Supplies a file structure to source the super_block from.
> + */
> +static void pin_sb(const struct file *f)
> +{
> + if (!f)
> + return;
> + spin_lock(&pin_lock);
> + if (pinned_sb)
> + goto out;
> + pinned_sb = FILE_SUPERBLOCK(f);
> +out:
> + spin_unlock(&pin_lock);
> +}
> +
> +/**
> + * from_pinned - Determine whether @f is source from the pinned super_block.
> + * @f: Supplies a file structure to check against the pinned super_block.
> + *
> + * Return:
> + * * true - @f is sourced from the pinned super_block
> + * * false - @f is not sourced from the pinned super_block
> + */
> +static bool from_pinned(const struct file *f)
> +{
> + bool rv;
> +
> + if (!f)
> + return false;
> + spin_lock(&pin_lock);
> + rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
> + spin_unlock(&pin_lock);
> + return rv;
> +}
> +
> +/**
> + * build_eval_ctx - Build an evaluation context.
> + * @ctx: Supplies a pointer to the context to be populdated.
> + * @file: Supplies a pointer to the file to associated with the evaluation.
> + * @op: Supplies the IPE policy operation associated with the evaluation.
> + */
> +void build_eval_ctx(struct ipe_eval_ctx *ctx,
> + const struct file *file,
> + enum ipe_op_type op)
> +{
> + ctx->file = file;
> + ctx->op = op;
> + ctx->from_init_sb = from_pinned(file);
> +}
> +
> +/**
> + * evaluate_property - Analyze @ctx against a property.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + * @p: Supplies a pointer to the property to be evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + bool eval = false;
> +
> + switch (p->type) {
> + case ipe_prop_boot_verified_false:
> + eval = !ctx->from_init_sb;
> + break;
> + case ipe_prop_boot_verified_true:
> + eval = ctx->from_init_sb;
> + break;
> + default:
> + eval = false;
> + }
> +
> + return eval;
> +}
> +
> +/**
> + * ipe_evaluate_event - Analyze @ctx against the current active policy.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + *
> + * This is the loop where all policy evaluation happens against IPE policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EACCES - @ctx did not pass evaluation.
> + * * !0 - Error
> + */
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> +{
> + int rc = 0;
> + bool match = false;
> + enum ipe_action_type action;
> + struct ipe_policy *pol = NULL;
> + const struct ipe_rule *rule = NULL;
> + const struct ipe_op_table *rules = NULL;
> + struct ipe_prop *prop = NULL;
> +
> + if (ctx->op == ipe_op_exec)
> + pin_sb(ctx->file);
> +
> + pol = ipe_get_policy_rcu(ipe_active_policy);
> + if (!pol)
> + goto out;
> +
> + if (ctx->op == ipe_op_max) {
> + action = pol->parsed->global_default_action;
> + goto eval;
> + }
> +
> + rules = &pol->parsed->rules[ctx->op];
> +
> + list_for_each_entry(rule, &rules->rules, next) {
> + match = true;
> +
> + list_for_each_entry(prop, &rule->props, next)
> + match = match && evaluate_property(ctx, prop);
> +
> + if (match)
> + break;
> + }
> +
> + if (match)
> + action = rule->action;
> + else if (rules->default_action != ipe_action_max)
> + action = rules->default_action;
> + else
> + action = pol->parsed->global_default_action;
> +
> +eval:
> + if (action == ipe_action_deny)
> + rc = -EACCES;
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * ipe_invalidate_pinned_sb - invalidte the ipe pinned super_block.
> + * @mnt_sb: super_block to check against the pinned super_block.
> + *
> + * This function is called a super_block like the initramfs's is freed,
> + * if the super_block is currently pinned by ipe it will be invalided,
> + * so ipe won't consider the block device is boot verified afterward.
> + */
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
> +{
> + spin_lock(&pin_lock);
> +
> + if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
> + pinned_sb = ERR_PTR(-EIO);
> +
> + spin_unlock(&pin_lock);
> +}
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> new file mode 100644
> index 000000000000..887797438b9b
> --- /dev/null
> +++ b/security/ipe/eval.h
> @@ -0,0 +1,28 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_EVAL_H
> +#define IPE_EVAL_H
> +
> +#include <linux/file.h>
> +#include <linux/types.h>
> +
> +#include "hooks.h"
> +#include "policy.h"
> +
> +extern struct ipe_policy __rcu *ipe_active_policy;
> +
> +struct ipe_eval_ctx {
> + enum ipe_op_type op;
> +
> + const struct file *file;
> + bool from_init_sb;
> +};
> +
> +void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> +
> +#endif /* IPE_EVAL_H */
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> new file mode 100644
> index 000000000000..335b773c7ae1
> --- /dev/null
> +++ b/security/ipe/hooks.c
> @@ -0,0 +1,25 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "hooks.h"
> +#include "eval.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/binfmts.h>
> +#include <linux/mman.h>
> +
> +/**
> + * ipe_sb_free_security - ipe security hook function for super_block.
> + * @mnt_sb: Supplies a pointer to a super_block is about to be freed.
> + *
> + * IPE does not have any structures with mnt_sb, but uses this hook to
> + * invalidate a pinned super_block.
> + */
> +void ipe_sb_free_security(struct super_block *mnt_sb)
> +{
> + ipe_invalidate_pinned_sb(mnt_sb);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> new file mode 100644
> index 000000000000..30fe455389bf
> --- /dev/null
> +++ b/security/ipe/hooks.h
> @@ -0,0 +1,14 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_HOOKS_H
> +#define IPE_HOOKS_H
> +
> +#include <linux/fs.h>
> +#include <linux/binfmts.h>
> +#include <linux/security.h>
> +
> +void ipe_sb_free_security(struct super_block *mnt_sb);
> +
> +#endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 9ed3bf4dcc04..551c6d90ac11 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -9,6 +9,7 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> };
>
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> + LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> };
>
> /**
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index e446f4b84152..772d876b1087 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -97,3 +97,23 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> err:
> return ERR_PTR(rc);
> }
> +
> +/**
> + * ipe_get_policy_rcu - Dereference a rcu-protected policy pointer.
> + *
> + * @p: rcu-protected pointer to a policy.
> + *
> + * Not safe to call on IS_ERR.
> + *
> + * Return: the value of @p
> + */
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
> +{
> + struct ipe_policy *rv = NULL;
> +
> + rcu_read_lock();
> + rv = rcu_dereference(p);
> + rcu_read_unlock();
> +
> + return rv;
> +}
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 6af2d9a811ec..967d816cd5cd 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -26,6 +26,8 @@ enum ipe_action_type {
> };
>
> enum ipe_prop_type {
> + ipe_prop_boot_verified_false,
> + ipe_prop_boot_verified_true,
> ipe_prop_max
> };
>
> @@ -73,5 +75,6 @@ struct ipe_policy {
> struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> const char *pkcs7, size_t pkcs7len);
> void ipe_free_policy(struct ipe_policy *pol);
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
>
> #endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> index c7ba0e865366..7efafc482e46 100644
> --- a/security/ipe/policy_parser.c
> +++ b/security/ipe/policy_parser.c
> @@ -265,7 +265,9 @@ static enum ipe_action_type parse_action(char *t)
> }
>
> static const match_table_t property_tokens = {
> - {ipe_prop_max, NULL}
> + {ipe_prop_boot_verified_false, "boot_verified=FALSE"},
> + {ipe_prop_boot_verified_true, "boot_verified=TRUE"},
> + {ipe_prop_max, NULL}
> };
>
> /**
> @@ -295,6 +297,10 @@ int parse_property(char *t, struct ipe_rule *r)
> token = match_token(t, property_tokens, args);
>
> switch (token) {
> + case ipe_prop_boot_verified_false:
> + case ipe_prop_boot_verified_true:
> + p->type = token;
> + break;
> case ipe_prop_max:
> default:
> rc = -EBADMSG;


2023-01-31 17:12:03

by Steve Grubb

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

Hello,

On Monday, January 30, 2023 5:57:22 PM EST Fan Wu wrote:
> From: Deven Bowers <[email protected]>
>
> Users of IPE require a way to identify when and why an operation fails,
> allowing them to both respond to violations of policy and be notified
> of potentially malicious actions on their systens with respect to IPE
> itself.
>
> The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
> evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
> and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
> kernel and the currently active policy changed, respectively.

Typically when you reuse an existing record type, it is expected to maintain
the same fields in the same order. Also, it is expect that fields that are
common across diferent records have the same meaning. To aid in this, we have
a field dictionary here:

https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
field-dictionary.csv

For example, dev is expected to be 2 hex numbers separated by a colon which
are the device major and minor numbers. But down a couple lines from here, we
find dev="tmpfs". But isn't that a filesystem type?

> This patch also adds support for success auditing, allowing users to
> identify how a resource passed policy. It is recommended to use this
> option with caution, as it is quite noisy.
>
> This patch adds the following audit records:
>
> audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> ino=72 rule="DEFAULT op=EXECUTE action=DENY"

Do we really need to log the whole rule?

> The above audit record shows IPE blocked a file
> /tmp/tmpwxmam366/deny/bin/hello in the temp file system.
>
> audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
> ino=157 rule="DEFAULT action=DENY"
>
> The above audit record shows IPE blocked a file
> /tmp/tmpxkvb3d9x/deny/bin/hello in the temp file system via another
> rule.
>
> audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1

The MAC_POLICY_LOAD record type simply states the lsm that had it's policy
loaded. There isn't name, version, and hash information. I'd prefer to see
all users of this record type decide if it should be extended because they
also have that information available to record.

> The above audit record shows IPE loaded a new policy named
> "dmverity_roothash" with the sha256 hash of the policy.
>
> audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
> old_active_pol_version=0.0.0
> old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
> new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
> new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
>
> The above audit record shows IPE's active policy switched from
> "Allow_All" to "dmverity_roothash".

Shouldn't this just be another MAC_POLICY_LOAD? That would match other LSM's.
The MAC_CONFIG_CHANGE is to denote that a changeable option was modified from
one value to another. But it is still operating under the same policy.

-Steve

> These result in the following events (the audit records are always
> prior to a SYSCALL record):
>
> audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> ino=72 rule="DEFAULT op=EXECUTE action=DENY"
> audit[476]: SYSCALL arch=c000003e syscall=59 success=no exit=-13
> a0=7f7d01b5e890 a1=7f7d01f80e80 a2=7ffde535f230 a3=0 items=0 ppid=229
> pid=476 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=pts0 ses=4294967295 comm="python3" exe="/usr/bin/python3.10"
> key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
>
> The above events shows IPE blocked the hello file which python was
> trying to execute.
>
> audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
> ino=157 rule="DEFAULT action=DENY"
> audit[1195]: SYSCALL arch=c000003e syscall=9 success=no
> exit=-13 a0=0 a1=18020 a2=6 a3=2 items=0 ppid=997 pid=1195
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> tty=pts0 ses=4294967295 comm="mmap_test"
> exe="/tmp/ipe-test/bin/mmap_test" key=(null)
> audit: PROCTITLE
> proctitle=2F746D702F6970652D746573742F62696E2F6D6D61705F746573
>
> The above events shows IPE blocked the hello file which
> /tmp/ipe-test/bin/mmap_test was trying to mmap.
>
> audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
> audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2567 a0=3
> a1=5596fcae1fb0 a2=a07 a3=2 items=0 ppid=184 pid=229 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sg
> id=0 fsgid=0 tty=pts0 ses=4294967295 comm="python3"
> exe="/usr/bin/python3.10" key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2E
>
> The above events shows IPE loaded a new policy "dmverity_roothash"
> because python used write system call.
>
> audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
> old_active_pol_version=0.0.0
> old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
> new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
> new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> auid=4294967295 ses=4294967295 lsm=ipe res=1
> audit[229]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=3
> a1=5596fcae1fb0 a2=2 a3=2 items=0 ppid=184 pid=229 auid=4294967295
> uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=pts0 ses=4294967295 comm="python3"
> exe="/usr/bin/python3.10" key=(null)
> audit: PROCTITLE
> proctitle=707974686F6E3300746573742F6D61696E2E7079002D66002E2
> The above events shows IPE switched to a new active policy
> "dmverity_roothash" because python used write system call.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> ---
>
> v2:
> + Split evaluation loop, access control hooks,
> and evaluation loop from policy parser and userspace
> interface to pass mailing list character limit
>
> v3:
> + Move ipe_load_properties to patch 04.
> + Remove useless 0-initializations
> + Prefix extern variables with ipe_
> + Remove kernel module parameters, as these are
> exposed through sysctls.
> + Add more prose to the IPE base config option
> help text.
> + Use GFP_KERNEL for audit_log_start.
> + Remove unnecessary caching system.
> + Remove comments from headers
> + Use rcu_access_pointer for rcu-pointer null check
> + Remove usage of reqprot; use prot only.
> + Move policy load and activation audit event to 03/12
>
> v4:
> + Remove sysctls in favor of securityfs nodes
> + Re-add kernel module parameters, as these are now
> exposed through securityfs.
> + Refactor property audit loop to a separate function.
>
> v5:
> + fix minor grammatical errors
> + do not group rule by curly-brace in audit record,
> reconstruct the exact rule.
>
> v6:
> + No changes
>
> v7:
> + Further split lsm creation, the audit system, the evaluation loop,
> and access control hooks into separate patches.
> + Further split audit system patch into two separate patches; one
> for include/uapi, and the usage of the new defines.
> + Split out the permissive functionality into another separate patch,
> for easier review.
> + Correct misuse of audit_log_n_untrusted string to audit_log_format
> + Use get_task_comm instead of comm directly.
> + Quote certain audit values
> + Remove unnecessary help text on choice options - these were
> previously
> idented at the wrong level
> + Correct a stale string constant (ctx_ns_enforce to ctx_enforce)
>
> v8:
>
> + Change dependency for CONFIG_AUDIT to CONFIG_AUDITSYSCALL
> + Drop ctx_* prefix
> + Reuse, where appropriate, the audit fields from the field
> dictionary. This transforms:
> ctx_pathname -> path
> ctx_ino -> ino
> ctx_dev -> dev
>
> + Add audit records and event examples to commit description.
> + Remove new_audit_ctx, replace with audit_log_start. All data that
> would provided by new_audit_ctx is already present in the syscall
> audit record, that is always emitted on these actions. The audit
> records should be correlated as such.
> + Change audit types:
> + AUDIT_TRUST_RESULT -> AUDIT_IPE_ACCESS
> + This prevents overloading of the AVC type.
> + AUDIT_TRUST_POLICY_ACTIVATE -> AUDIT_MAC_CONFIG_CHANGE
> + AUDIT_TRUST_POLICY_LOAD -> AUDIT_MAC_POLICY_LOAD
> + There were no significant difference in meaning between
> these types.
>
> + Remove enforcing parameter passed from the context structure
> for AUDIT_IPE_ACCESS.
> + This field can be inferred from the SYSCALL audit event,
> based on the success field.
>
> + Remove all fields already captured in the syscall record. "hook",
> an IPE specific field, can be determined via the syscall field in
> the syscall record itself, so it has been removed.
> + ino, path, and dev in IPE's record refer to the subject of the
> syscall, while the syscall record refers to the calling process.
>
> + remove IPE prefix from policy load/policy activation events
> + fix a bug wherein a policy change audit record was not fired when
> updating a policy
>
> v9:
> + Merge the AUDIT_IPE_ACCESS definition with the audit support commit
> + Change the audit format of policy load and siwtch
> + Remove the ipe audit kernel switch
> ---
> include/uapi/linux/audit.h | 1 +
> security/ipe/Kconfig | 2 +-
> security/ipe/Makefile | 1 +
> security/ipe/audit.c | 196 +++++++++++++++++++++++++++++++++++++
> security/ipe/audit.h | 18 ++++
> security/ipe/eval.c | 26 ++++-
> security/ipe/eval.h | 8 ++
> security/ipe/fs.c | 68 +++++++++++++
> security/ipe/policy.c | 5 +
> 9 files changed, 321 insertions(+), 4 deletions(-)
> create mode 100644 security/ipe/audit.c
> create mode 100644 security/ipe/audit.h
>
> diff --git a/include/uapi/linux/audit.h b/include/uapi/linux/audit.h
> index d676ed2b246e..ee3b3db95076 100644
> --- a/include/uapi/linux/audit.h
> +++ b/include/uapi/linux/audit.h
> @@ -143,6 +143,7 @@
> #define AUDIT_MAC_UNLBL_STCDEL 1417 /* NetLabel: del a static label
*/
> #define AUDIT_MAC_CALIPSO_ADD 1418 /* NetLabel: add CALIPSO DOI entry
*/
> #define AUDIT_MAC_CALIPSO_DEL 1419 /* NetLabel: del CALIPSO DOI
entry */
> +#define AUDIT_IPE_ACCESS 1420 /* IPE Denial or Grant */
>
> #define AUDIT_FIRST_KERN_ANOM_MSG 1700
> #define AUDIT_LAST_KERN_ANOM_MSG 1799
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index e4875fb04883..ac4d558e69d5 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -5,7 +5,7 @@
>
> menuconfig SECURITY_IPE
> bool "Integrity Policy Enforcement (IPE)"
> - depends on SECURITY && SECURITYFS
> + depends on SECURITY && SECURITYFS && AUDIT && AUDITSYSCALL
> select PKCS7_MESSAGE_PARSER
> select SYSTEM_DATA_VERIFICATION
> help
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 8602d71250b4..89a76ad72301 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -13,3 +13,4 @@ obj-$(CONFIG_SECURITY_IPE) += \
> policy.o \
> policy_fs.o \
> policy_parser.o \
> + audit.o \
> diff --git a/security/ipe/audit.c b/security/ipe/audit.c
> new file mode 100644
> index 000000000000..295e9f9f5146
> --- /dev/null
> +++ b/security/ipe/audit.c
> @@ -0,0 +1,196 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "eval.h"
> +#include "hooks.h"
> +#include "policy.h"
> +#include "audit.h"
> +#include "digest.h"
> +
> +#include <linux/slab.h>
> +#include <linux/audit.h>
> +#include <linux/types.h>
> +#include <crypto/hash.h>
> +
> +#define ACTSTR(x) ((x) == ipe_action_allow ? "ALLOW" : "DENY")
> +
> +#define IPE_AUDIT_HASH_ALG "sha256"
> +
> +#define AUDIT_POLICY_LOAD_FMT "policy_name=\"%s\"
> policy_version=%hu.%hu.%hu "\ + IPE_AUDIT_HASH_ALG
"="
> +#define AUDIT_OLD_ACTIVE_POLICY_FMT "old_active_pol_name=\"%s\" "\
> + "old_active_pol_version=%hu.%hu.%hu "\
> + "old_" IPE_AUDIT_HASH_ALG "="
> +#define AUDIT_NEW_ACTIVE_POLICY_FMT "new_active_pol_name=\"%s\" "\
> + "new_active_pol_version=%hu.%hu.%hu "\
> + "new_" IPE_AUDIT_HASH_ALG "="
> +
> +static const char *const audit_op_names[ipe_op_max] = {
> + "EXECUTE",
> + "FIRMWARE",
> + "KMODULE",
> + "KEXEC_IMAGE",
> + "KEXEC_INITRAMFS",
> + "IMA_POLICY",
> + "IMA_X509_CERT",
> +};
> +
> +static const char *const audit_prop_names[ipe_prop_max] = {
> + "boot_verified=FALSE",
> + "boot_verified=TRUE",
> +};
> +
> +/**
> + * audit_rule - audit an IPE policy rule approximation.
> + * @ab: Supplies a poniter to the audit_buffer to append to.
> + * @r: Supplies a pointer to the ipe_rule to approximate a string form
> for. + */
> +static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
> +{
> + const struct ipe_prop *ptr;
> +
> + audit_log_format(ab, "rule=\"op=%s ", audit_op_names[r->op]);
> +
> + list_for_each_entry(ptr, &r->props, next) {
> + audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
> + audit_log_format(ab, " ");
> + }
> +
> + audit_log_format(ab, "action=%s\"", ACTSTR(r->action));
> +}
> +
> +/**
> + * ipe_audit_match - audit a match for IPE policy.
> + * @ctx: Supplies a poniter to the evaluation context that was used in the
> + * evaluation.
> + * @match_type: Supplies the scope of the match: rule, operation default,
> + * global default.
> + * @act: Supplies the IPE's evaluation decision, deny or allow.
> + * @r: Supplies a pointer to the rule that was matched, if possible.
> + * @enforce: Supplies the enforcement/permissive state at the point
> + * the enforcement decision was made.
> + */
> +void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
> + enum ipe_match match_type,
> + enum ipe_action_type act, const struct ipe_rule *const r)
> +{
> + struct inode *inode;
> + struct audit_buffer *ab;
> + const char *op = audit_op_names[ctx->op];
> +
> + if (act != ipe_action_deny && !READ_ONCE(success_audit))
> + return;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_IPE_ACCESS);
> + if (!ab)
> + return;
> +
> + if (ctx->file) {
> + audit_log_d_path(ab, "path=", &ctx->file->f_path);
> + inode = file_inode(ctx->file);
> + if (inode) {
> + audit_log_format(ab, " dev=");
> + audit_log_untrustedstring(ab, inode->i_sb->s_id);
> + audit_log_format(ab, " ino=%lu ", inode->i_ino);
> + }
> + }
> +
> + if (match_type == ipe_match_rule)
> + audit_rule(ab, r);
> + else if (match_type == ipe_match_table)
> + audit_log_format(ab, "rule=\"DEFAULT op=%s action=%s\"", op,
> + ACTSTR(act));
> + else
> + audit_log_format(ab, "rule=\"DEFAULT action=%s\"",
> + ACTSTR(act));
> +
> + audit_log_end(ab);
> +}
> +
> +/**
> + * audit_policy - Audit a policy's name, version and thumbprint to @ab.
> + * @ab: Supplies a pointer to the audit buffer to append to.
> + * @p: Supplies a pointer to the policy to audit.
> + */
> +static void audit_policy(struct audit_buffer *ab,
> + const char *audit_format,
> + const struct ipe_policy *const p)
> +{
> + u8 *digest = NULL;
> + struct crypto_shash *tfm;
> + SHASH_DESC_ON_STACK(desc, tfm);
> +
> + tfm = crypto_alloc_shash(IPE_AUDIT_HASH_ALG, 0, 0);
> + if (IS_ERR(tfm))
> + return;
> +
> + desc->tfm = tfm;
> +
> + digest = kzalloc(crypto_shash_digestsize(tfm), GFP_KERNEL);
> + if (!digest)
> + goto out;
> +
> + if (crypto_shash_init(desc))
> + goto out;
> +
> + if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len))
> + goto out;
> +
> + if (crypto_shash_final(desc, digest))
> + goto out;
> +
> + audit_log_format(ab, audit_format, p->parsed->name,
> + p->parsed->version.major, p->parsed->version.minor,
> + p->parsed->version.rev);
> + audit_log_n_hex(ab, digest, crypto_shash_digestsize(tfm));
> +
> +out:
> + kfree(digest);
> + crypto_free_shash(tfm);
> +}
> +
> +/**
> + * ipe_audit_policy_activation - Audit a policy being made the active
> policy. + * @p: Supplies a pointer to the policy to audit.
> + */
> +void ipe_audit_policy_activation(const struct ipe_policy *const op,
> + const struct ipe_policy *const np)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL,
> AUDIT_MAC_CONFIG_CHANGE); + if (!ab)
> + return;
> +
> + audit_policy(ab, AUDIT_OLD_ACTIVE_POLICY_FMT, op);
> + audit_log_format(ab, " ");
> + audit_policy(ab, AUDIT_NEW_ACTIVE_POLICY_FMT, np);
> + audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
> + from_kuid(&init_user_ns, audit_get_loginuid(current)),
> + audit_get_sessionid(current));
> +
> + audit_log_end(ab);
> +}
> +
> +/**
> + * ipe_audit_policy_load - Audit a policy being loaded into the kernel.
> + * @p: Supplies a pointer to the policy to audit.
> + */
> +void ipe_audit_policy_load(const struct ipe_policy *const p)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL,
AUDIT_MAC_POLICY_LOAD);
> + if (!ab)
> + return;
> +
> + audit_policy(ab, AUDIT_POLICY_LOAD_FMT, p);
> + audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
> + from_kuid(&init_user_ns, audit_get_loginuid(current)),
> + audit_get_sessionid(current));
> +
> + audit_log_end(ab);
> +}
> diff --git a/security/ipe/audit.h b/security/ipe/audit.h
> new file mode 100644
> index 000000000000..2e9b99737f97
> --- /dev/null
> +++ b/security/ipe/audit.h
> @@ -0,0 +1,18 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_AUDIT_H
> +#define IPE_AUDIT_H
> +
> +#include "policy.h"
> +
> +void ipe_audit_match(const struct ipe_eval_ctx *const ctx,
> + enum ipe_match match_type,
> + enum ipe_action_type act, const struct ipe_rule *const
r);
> +void ipe_audit_policy_load(const struct ipe_policy *const p);
> +void ipe_audit_policy_activation(const struct ipe_policy *const op,
> + const struct ipe_policy *const np);
> +
> +#endif /* IPE_AUDIT_H */
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> index 48b5104a3463..d713808cad9c 100644
> --- a/security/ipe/eval.c
> +++ b/security/ipe/eval.c
> @@ -7,6 +7,7 @@
> #include "eval.h"
> #include "hooks.h"
> #include "policy.h"
> +#include "audit.h"
>
> #include <linux/fs.h>
> #include <linux/types.h>
> @@ -15,8 +16,10 @@
> #include <linux/sched.h>
> #include <linux/rcupdate.h>
> #include <linux/spinlock.h>
> +#include <linux/moduleparam.h>
>
> struct ipe_policy __rcu *ipe_active_policy;
> +bool success_audit;
>
> static struct super_block *pinned_sb;
> static DEFINE_SPINLOCK(pin_lock);
> @@ -117,6 +120,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const
> ctx) int rc = 0;
> bool match = false;
> enum ipe_action_type action;
> + enum ipe_match match_type;
> struct ipe_policy *pol = NULL;
> const struct ipe_rule *rule = NULL;
> const struct ipe_op_table *rules = NULL;
> @@ -131,6 +135,7 @@ int ipe_evaluate_event(const struct ipe_eval_ctx *const
> ctx)
>
> if (ctx->op == ipe_op_max) {
> action = pol->parsed->global_default_action;
> + match_type = ipe_match_global;
> goto eval;
> }
>
> @@ -146,14 +151,20 @@ int ipe_evaluate_event(const struct ipe_eval_ctx
> *const ctx) break;
> }
>
> - if (match)
> + if (match) {
> action = rule->action;
> - else if (rules->default_action != ipe_action_max)
> + match_type = ipe_match_rule;
> + } else if (rules->default_action != ipe_action_max) {
> action = rules->default_action;
> - else
> + match_type = ipe_match_table;
> + } else {
> action = pol->parsed->global_default_action;
> + match_type = ipe_match_global;
> + }
>
> eval:
> + ipe_audit_match(ctx, match_type, action, rule);
> +
> if (action == ipe_action_deny)
> rc = -EACCES;
>
> @@ -178,3 +189,12 @@ void ipe_invalidate_pinned_sb(const struct super_block
> *mnt_sb)
>
> spin_unlock(&pin_lock);
> }
> +
> +/* Set the right module name */
> +#ifdef KBUILD_MODNAME
> +#undef KBUILD_MODNAME
> +#define KBUILD_MODNAME "ipe"
> +#endif
> +
> +module_param(success_audit, bool, 0400);
> +MODULE_PARM_DESC(success_audit, "Start IPE with success auditing
> enabled"); diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> index 887797438b9b..b83730d0b5ae 100644
> --- a/security/ipe/eval.h
> +++ b/security/ipe/eval.h
> @@ -13,6 +13,7 @@
> #include "policy.h"
>
> extern struct ipe_policy __rcu *ipe_active_policy;
> +extern bool success_audit;
>
> struct ipe_eval_ctx {
> enum ipe_op_type op;
> @@ -21,6 +22,13 @@ struct ipe_eval_ctx {
> bool from_init_sb;
> };
>
> +enum ipe_match {
> + ipe_match_rule = 0,
> + ipe_match_table,
> + ipe_match_global,
> + ipe_match_max
> +};
> +
> void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file,
> enum ipe_op_type op); int ipe_evaluate_event(const struct ipe_eval_ctx
> *const ctx);
> void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> diff --git a/security/ipe/fs.c b/security/ipe/fs.c
> index 9f6a4867bec2..c99616f36f32 100644
> --- a/security/ipe/fs.c
> +++ b/security/ipe/fs.c
> @@ -4,7 +4,9 @@
> */
> #include "ipe.h"
> #include "fs.h"
> +#include "eval.h"
> #include "policy.h"
> +#include "audit.h"
>
> #include <linux/dcache.h>
> #include <linux/security.h>
> @@ -12,6 +14,57 @@
> static struct dentry *np __ro_after_init;
> static struct dentry *root __ro_after_init;
> struct dentry *policy_root __ro_after_init;
> +static struct dentry *audit_node __ro_after_init;
> +
> +/**
> + * setaudit - Write handler for the securityfs node, "ipe/success_audit"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the write syscall.
> + * @len: Supplies the length of @data.
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t setaudit(struct file *f, const char __user *data,
> + size_t len, loff_t *offset)
> +{
> + int rc = 0;
> + bool value;
> +
> + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> + return -EPERM;
> +
> + rc = kstrtobool_from_user(data, len, &value);
> + if (rc)
> + return rc;
> +
> + WRITE_ONCE(success_audit, value);
> +
> + return len;
> +}
> +
> +/**
> + * getaudit - Read handler for the securityfs node, "ipe/success_audit"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the read syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * * >0 - Success, Length of buffer written
> + * * <0 - Error
> + */
> +static ssize_t getaudit(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + const char *result;
> +
> + result = ((READ_ONCE(success_audit)) ? "1" : "0");
> +
> + return simple_read_from_buffer(data, len, offset, result, 1);
> +}
>
> /**
> * new_policy - Write handler for the securityfs node, "ipe/new_policy".
> @@ -50,6 +103,8 @@ static ssize_t new_policy(struct file *f, const char
> __user *data, if (rc)
> goto err;
>
> + ipe_audit_policy_load(p);
> +
> err:
> return (rc < 0) ? rc : len;
> }
> @@ -58,6 +113,11 @@ static const struct file_operations np_fops = {
> .write = new_policy,
> };
>
> +static const struct file_operations audit_fops = {
> + .write = setaudit,
> + .read = getaudit,
> +};
> +
> /**
> * ipe_init_securityfs - Initialize IPE's securityfs tree at fsinit.
> *
> @@ -84,6 +144,13 @@ static int __init ipe_init_securityfs(void)
> goto err;
> }
>
> + audit_node = securityfs_create_file("success_audit", 0600, root,
> + NULL, &audit_fops);
> + if (IS_ERR(audit_node)) {
> + rc = PTR_ERR(audit_node);
> + goto err;
> + }
> +
> policy_root = securityfs_create_dir("policies", root);
> if (IS_ERR(policy_root)) {
> rc = PTR_ERR(policy_root);
> @@ -94,6 +161,7 @@ static int __init ipe_init_securityfs(void)
> err:
> securityfs_remove(np);
> securityfs_remove(root);
> + securityfs_remove(audit_node);
> securityfs_remove(policy_root);
> return rc;
> }
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index a5e9c6e5691b..703b3fd9cf4c 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -9,6 +9,7 @@
> #include "policy.h"
> #include "policy_parser.h"
> #include "digest.h"
> +#include "audit.h"
>
> #include <linux/verification.h>
>
> @@ -124,6 +125,9 @@ struct ipe_policy *ipe_update_policy(struct ipe_policy
> __rcu **addr, swap(new->policyfs, old->policyfs);
> ipe_free_policy(old);
>
> + if (!rc)
> + ipe_audit_policy_load(new);
> +
> goto out;
> err:
> ipe_free_policy(new);
> @@ -230,6 +234,7 @@ int ipe_set_active_pol(const struct ipe_policy *p)
> spin_unlock(&ipe_policy_lock);
> synchronize_rcu();
>
> + ipe_audit_policy_activation(ap, p);
> out:
> return rc;
> }





2023-01-31 23:01:05

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 09/16] block|security: add LSM blob to block_device

On Tue, Jan 31, 2023 at 12:53:59AM -0800, Christoph Hellwig wrote:
> On Mon, Jan 30, 2023 at 02:57:24PM -0800, Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
> >
> > block_device structures can have valuable security properties,
> > based on how they are created, and what subsystem manages them.
>
> That's a lot of cloudy talk but no real explanation.

Sorry for being too general here. Currently the only use target of this hook is dm-verity. We use the newly added security hook to save the dm-verity roothash and signature to the new bdev security blob during the bdev creation time, so LSMs can leverage this information to protect the system.

I will add this example in the next version.

-Fan

2023-02-01 00:49:00

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 00/16] Integrity Policy Enforcement LSM (IPE)

On Tue, Jan 31, 2023 at 03:22:05PM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > IPE has two known gaps:
> >
> > 1. IPE cannot verify the integrity of anonymous executable memory, such as
> > the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> > Unfortunately, as this is dynamically generated code, there is no way
> > for IPE to ensure the integrity of this code to form a trust basis. In all
> > cases, the return result for these operations will be whatever the admin
> > configures the DEFAULT action for "EXECUTE".
>
> I think it would be useful to handle special cases, for example you
> could allow a process that created a file with memfd to use it, at the
> condition that nobody else writes it.
>
> This would be required during the boot, otherwise services could fail
> to start (depending on the policy).
>
Thanks for the suggestion. I agree with your opinion and I think supporting
memfd is possible but restricting read/write needs more hooks. We would like
to avoid adding more complexity to this initial posting as necessary.
We will consider this as a future work and will post follow-on patches
in the future.

-Fan

> > 2. IPE cannot verify the integrity of interpreted languages' programs when
> > these scripts invoked via ``<interpreter> <file>``. This is because the
> > way interpreters execute these files, the scripts themselves are not
> > evaluated as executable code through one of IPE's hooks. Interpreters
> > can be enlightened to the usage of IPE by trying to mmap a file into
> > executable memory (+X), after opening the file and responding to the
> > error code appropriately. This also applies to included files, or high
> > value files, such as configuration files of critical system components.
>
> Ok, it is a well known issue. Hopefully, it will be fixed soon.
>
> Roberto
>

2023-02-01 19:47:11

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Tue, Jan 31, 2023 at 11:49:44AM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
> > +
> > +/**
> > + * new_policy - Write handler for the securityfs node, "ipe/new_policy".
> > + * @f: Supplies a file structure representing the securityfs node.
> > + * @data: Suppleis a buffer passed to the write syscall.
>
> Typo: Suppleis.
>
Thanks for spotting the typos!

> > + * @len: Supplies the length of @data.
> > + * @offset: unused.
> > + *
> > + * Return:
> > + * * >0 - Success, Length of buffer written
> > + * * <0 - Error
> > + */
> > +static ssize_t new_policy(struct file *f, const char __user *data,
> > + size_t len, loff_t *offset)
> > +{
> > + int rc = 0;
> > + char *copy = NULL;
> > + struct ipe_policy *p = NULL;
> > +
> > + if (!file_ns_capable(f, &init_user_ns, CAP_MAC_ADMIN))
> > + return -EPERM;
> > +
> > + copy = memdup_user_nul(data, len);
> > + if (IS_ERR(copy)) {
> > + rc = PTR_ERR(copy);
> > + goto err;
> > + }
> > +
> > + p = ipe_new_policy(NULL, 0, copy, len);
> > + if (IS_ERR(p)) {
> > + rc = PTR_ERR(p);
> > + goto err;
> > + }
> > +
> > + rc = ipe_new_policyfs_node(p);
> > + if (rc)
> > + goto err;
>
> Uhm, don't you need to do cleanup of allocated memory or revert the
> actions of ipe_new_policy()?
>
Yes that should be cleaned up but should be done in ipe_new_policy instead,
will add a ipe_free_policy call at the end. Thanks for pointing that out.

>
> I would like more to see all the functions managing the policy
> together. If the patch is too long, you could further split by adding
> the helpers (that don't directly deal with the policy) in a separate
> patch.
>
> Here you would simply instantiate dirs/files in securityfs and call the
> existing functions previously introduced.
>
> Roberto
>

I will try to split them in the next version. Thanks for the suggestion.
-Fan

2023-02-01 22:38:58

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 02/16] ipe: add policy parser

On Tue, Jan 31, 2023 at 11:53:27AM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
>
> Uhm, memory leak? Also below. I suggest to use kmemleak.
>
> Roberto
>
Nice catch and thanks for the suggestion, I used kmemleak
and detected several incomplete cleanup. Will be fixed in
the next version.
-Fan

2023-02-01 23:26:44

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 10/16] dm-verity: consume root hash digest and signature data via LSM hook

On Tue, Jan 31, 2023 at 02:22:01PM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
> >
> > dm-verity provides a strong guarantee of a block device's integrity. As
> > a generic way to check the integrity of a block device, it provides
> > those integrity guarantees to its higher layers, including the filesystem
> > level.
>
> I think you could reuse most of is_trusted_verity_target(), in
> particular dm_verity_get_root_digest().
>
> And probably, the previous patch is not necessary.
>
> Roberto
>
Thanks for the info. This function seems could be used to get the roothash
but for saving the signature we still need the hook function in the previous
patch.

-Fan

2023-02-01 23:50:37

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 13/16] ipe: enable support for fs-verity as a trust provider

On Tue, Jan 31, 2023 at 03:00:08PM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > +/**
> > + * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false property.
> > + * @ctx: Supplies a pointer to the context being evaluated.
> > + * @p: Supplies a pointer to the property being evaluated.
> > + *
> > + * Return:
> > + * * true - The current @ctx match the @p
> > + * * false - The current @ctx doesn't match the @p
> > + */
> > +static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
> > + struct ipe_prop *p)
> > +{
> > + return !ctx->ino ||
> > + !IS_VERITY(ctx->ino) ||
> > + !ctx->ipe_inode ||
> > + !ctx->ipe_inode->fs_verity_signed;
> > +}
> > +
> > +/**
> > + * evaluate_fsv_sig_true - Analyze @ctx against a fsv sig true property.
> > + * @ctx: Supplies a pointer to the context being evaluated.
> > + * @p: Supplies a pointer to the property being evaluated.
> > + *
> > + * Return:
> > + * * true - The current @ctx match the @p
> > + * * false - The current @ctx doesn't match the @p
> > + */
> > +static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
> > + struct ipe_prop *p)
> > +{
> > + return ctx->ino &&
> > + IS_VERITY(ctx->ino) &&
> > + ctx->ipe_inode &&
> > + ctx->ipe_inode->fs_verity_signed;
> > +}
>
> Isn't better to just define one function and prepend a ! in
> evaluate_property()?
Yes that's a better way to do it, I will take this idea.

>
> Not sure about the usefulness of the fsverity_signature= property as it
> is. I would at minimum allow to specify which keyring signatures are
> verified against, and ensure that the keyring has a restriction.
>
> And maybe I would call fsverity_verify_signature() directly, after
> extending it to pass the desired keyring.
>
Thanks for the suggestion.
For the initial version we only have the fsverity_signature property
to enable the policy can make decision based on the existence of the
signature. In the future we plan to add more properties to leverage
the remaining signature information so we can have the restrictions
you mentioned.

-Fan

> I would also split this patch in two, one for fsverity_digest= and one
> for fsverity_signature=.
>
> Roberto

2023-02-02 00:19:30

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 16/16] documentation: add ipe documentation

On Tue, Jan 31, 2023 at 10:59:59AM +0700, Bagas Sanjaya wrote:
> On Mon, Jan 30, 2023 at 02:57:31PM -0800, Fan Wu wrote:
>
> What about wordings below instead?

Thanks for the review!
>
> -IPE policy supports comments. The character '#' will function as a
> -comment, ignoring all characters to the right of '#' until the newline.
> +IPE policy supports comments. Any line which is prefixed with ``#`` will
> +be ignored.
This one is actually incorrect. The '#' can also appear at the end of a rule.
So it is not only prefixed to a line.

Other than this part, everything looks great, I will take them in the next
version.

-Fan

>
> -----------
>
> Thanks.
>
> --
> An old man doll... just what I always wanted! - Clara



2023-02-02 08:22:20

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 10/16] dm-verity: consume root hash digest and signature data via LSM hook

On Wed, 2023-02-01 at 15:26 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 02:22:01PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > From: Deven Bowers <[email protected]>
> > >
> > > dm-verity provides a strong guarantee of a block device's integrity. As
> > > a generic way to check the integrity of a block device, it provides
> > > those integrity guarantees to its higher layers, including the filesystem
> > > level.
> >
> > I think you could reuse most of is_trusted_verity_target(), in
> > particular dm_verity_get_root_digest().
> >
> > And probably, the previous patch is not necessary.
> >
> > Roberto
> >
> Thanks for the info. This function seems could be used to get the roothash
> but for saving the signature we still need the hook function in the previous
> patch.

Uhm, look at the LoadPin case. It does not need to temporarily store
the root digest in a security blob. It evaluates it directly.

Well, ok, dm_verity_loadpin_is_bdev_trusted() looks for trusted digests
in the dm_verity_loadpin_trusted_root_digests list. So, something
equivalent needs to be made for IPE (or you just get the digest).
However, I find not introducing new hooks and evaluating the
information directly more efficient.

Roberto


2023-02-02 09:52:51

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 13/16] ipe: enable support for fs-verity as a trust provider

On Wed, 2023-02-01 at 15:50 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 03:00:08PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > +/**
> > > + * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false property.
> > > + * @ctx: Supplies a pointer to the context being evaluated.
> > > + * @p: Supplies a pointer to the property being evaluated.
> > > + *
> > > + * Return:
> > > + * * true - The current @ctx match the @p
> > > + * * false - The current @ctx doesn't match the @p
> > > + */
> > > +static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
> > > + struct ipe_prop *p)
> > > +{
> > > + return !ctx->ino ||
> > > + !IS_VERITY(ctx->ino) ||
> > > + !ctx->ipe_inode ||
> > > + !ctx->ipe_inode->fs_verity_signed;
> > > +}
> > > +
> > > +/**
> > > + * evaluate_fsv_sig_true - Analyze @ctx against a fsv sig true property.
> > > + * @ctx: Supplies a pointer to the context being evaluated.
> > > + * @p: Supplies a pointer to the property being evaluated.
> > > + *
> > > + * Return:
> > > + * * true - The current @ctx match the @p
> > > + * * false - The current @ctx doesn't match the @p
> > > + */
> > > +static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
> > > + struct ipe_prop *p)
> > > +{
> > > + return ctx->ino &&
> > > + IS_VERITY(ctx->ino) &&
> > > + ctx->ipe_inode &&
> > > + ctx->ipe_inode->fs_verity_signed;
> > > +}
> >
> > Isn't better to just define one function and prepend a ! in
> > evaluate_property()?
> Yes that's a better way to do it, I will take this idea.
>
> > Not sure about the usefulness of the fsverity_signature= property as it
> > is. I would at minimum allow to specify which keyring signatures are
> > verified against, and ensure that the keyring has a restriction.
> >
> > And maybe I would call fsverity_verify_signature() directly, after
> > extending it to pass the desired keyring.
> >
> Thanks for the suggestion.
> For the initial version we only have the fsverity_signature property
> to enable the policy can make decision based on the existence of the
> signature. In the future we plan to add more properties to leverage
> the remaining signature information so we can have the restrictions
> you mentioned.

Uhm, these boolean properties feel like something is missing. In my
opinion, one cannot accept just any signature, but should be able to
specify the approved signers.

Roberto

> -Fan
>
> > I would also split this patch in two, one for fsverity_digest= and one
> > for fsverity_signature=.
> >
> > Roberto


2023-02-02 11:12:36

by Roberto Sassu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 00/16] Integrity Policy Enforcement LSM (IPE)

On Tue, 2023-01-31 at 16:48 -0800, Fan Wu wrote:
> On Tue, Jan 31, 2023 at 03:22:05PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > IPE has two known gaps:
> > >
> > > 1. IPE cannot verify the integrity of anonymous executable memory, such as
> > > the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> > > Unfortunately, as this is dynamically generated code, there is no way
> > > for IPE to ensure the integrity of this code to form a trust basis. In all
> > > cases, the return result for these operations will be whatever the admin
> > > configures the DEFAULT action for "EXECUTE".
> >
> > I think it would be useful to handle special cases, for example you
> > could allow a process that created a file with memfd to use it, at the
> > condition that nobody else writes it.
> >
> > This would be required during the boot, otherwise services could fail
> > to start (depending on the policy).
> >
> Thanks for the suggestion. I agree with your opinion and I think supporting
> memfd is possible but restricting read/write needs more hooks. We would like
> to avoid adding more complexity to this initial posting as necessary.
> We will consider this as a future work and will post follow-on patches
> in the future.

Ok, maybe it is necessary to specify better the scope of IPE, why the
current implementation can be considered as complete.

If we say, IPE can only allow/deny operations on system components with
immutable security properties, clearly memfd as a component cannot
fullfill this goal due to the non-immutability. This would apply to any
component allowing modifications.

How to address this? What is the immutable property then?

In the case of memfd, intuitively, a useful property for integrity
could be for example that the content can be accessed/modified by only
one process. No other (possibly malicious) processes can tamper with
that file.

So, it is true, to make this property immutable more hooks are needed.
But should it be something that IPE does? Or it should be done by an
external component (another LSM) that does the enforcement and reports
to IPE that the property is true? Theoretically (with a proper policy),
existing LSMs could be used for that purpose too.

I would say more the second, it should not be IPE job, so that IPE can
exclusively focus on evaluating properties, not making sure that the
properties are immutable.

Roberto

> -Fan
>
> > > 2. IPE cannot verify the integrity of interpreted languages' programs when
> > > these scripts invoked via ``<interpreter> <file>``. This is because the
> > > way interpreters execute these files, the scripts themselves are not
> > > evaluated as executable code through one of IPE's hooks. Interpreters
> > > can be enlightened to the usage of IPE by trying to mmap a file into
> > > executable memory (+X), after opening the file and responding to the
> > > error code appropriately. This also applies to included files, or high
> > > value files, such as configuration files of critical system components.
> >
> > Ok, it is a well known issue. Hopefully, it will be fixed soon.
> >
> > Roberto
> >


2023-02-07 23:53:00

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 10/16] dm-verity: consume root hash digest and signature data via LSM hook

On Thu, Feb 02, 2023 at 09:21:24AM +0100, Roberto Sassu wrote:
> On Wed, 2023-02-01 at 15:26 -0800, Fan Wu wrote:
> > On Tue, Jan 31, 2023 at 02:22:01PM +0100, Roberto Sassu wrote:
> > > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > > From: Deven Bowers <[email protected]>
> > > >
> > > > dm-verity provides a strong guarantee of a block device's integrity. As
> > > > a generic way to check the integrity of a block device, it provides
> > > > those integrity guarantees to its higher layers, including the filesystem
> > > > level.
> > >
> > > I think you could reuse most of is_trusted_verity_target(), in
> > > particular dm_verity_get_root_digest().
> > >
> > > And probably, the previous patch is not necessary.
> > >
> > > Roberto
> > >
> > Thanks for the info. This function seems could be used to get the roothash
> > but for saving the signature we still need the hook function in the previous
> > patch.
>
> Uhm, look at the LoadPin case. It does not need to temporarily store
> the root digest in a security blob. It evaluates it directly.
>
> Well, ok, dm_verity_loadpin_is_bdev_trusted() looks for trusted digests
> in the dm_verity_loadpin_trusted_root_digests list. So, something
> equivalent needs to be made for IPE (or you just get the digest).
> However, I find not introducing new hooks and evaluating the
> information directly more efficient.
>
> Roberto

Thanks for the input. I did a deeper dive into the source code and did some
experiements, my conclusion is the hook is still the preferred way for us.

For the root digest part, dm_verity_loadpin_is_bdev_trusted is able to query
the root digest is because the root digest is saved in struct dm_verity.
Specifically it will call dm_verity_get_root_digest to kmemdup the digest.
If every binary execution will trigger a kmemdup to copy a digest,
the overhead will be noticeable.
Using a hook can let us copy the root digest exactly once when
the block device is created and free the copied digest when
the block device is unmounted.

For the signature, it is currently an optional parameter and it is not
saved in struct dm_verity. But even if we let struct dm_verity saves
the signature it will still have the kmemdup problem above.
So using the hook will be the cleanest way.

-Fan

2023-02-08 00:16:50

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 13/16] ipe: enable support for fs-verity as a trust provider

On Thu, Feb 02, 2023 at 10:51:56AM +0100, Roberto Sassu wrote:
> On Wed, 2023-02-01 at 15:50 -0800, Fan Wu wrote:
> > On Tue, Jan 31, 2023 at 03:00:08PM +0100, Roberto Sassu wrote:
> > > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > > +/**
> > > > + * evaluate_fsv_sig_false - Analyze @ctx against a fsv sig false property.
> > > > + * @ctx: Supplies a pointer to the context being evaluated.
> > > > + * @p: Supplies a pointer to the property being evaluated.
> > > > + *
> > > > + * Return:
> > > > + * * true - The current @ctx match the @p
> > > > + * * false - The current @ctx doesn't match the @p
> > > > + */
> > > > +static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx,
> > > > + struct ipe_prop *p)
> > > > +{
> > > > + return !ctx->ino ||
> > > > + !IS_VERITY(ctx->ino) ||
> > > > + !ctx->ipe_inode ||
> > > > + !ctx->ipe_inode->fs_verity_signed;
> > > > +}
> > > > +
> > > > +/**
> > > > + * evaluate_fsv_sig_true - Analyze @ctx against a fsv sig true property.
> > > > + * @ctx: Supplies a pointer to the context being evaluated.
> > > > + * @p: Supplies a pointer to the property being evaluated.
> > > > + *
> > > > + * Return:
> > > > + * * true - The current @ctx match the @p
> > > > + * * false - The current @ctx doesn't match the @p
> > > > + */
> > > > +static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx,
> > > > + struct ipe_prop *p)
> > > > +{
> > > > + return ctx->ino &&
> > > > + IS_VERITY(ctx->ino) &&
> > > > + ctx->ipe_inode &&
> > > > + ctx->ipe_inode->fs_verity_signed;
> > > > +}
> > >
> > > Isn't better to just define one function and prepend a ! in
> > > evaluate_property()?
> > Yes that's a better way to do it, I will take this idea.
> >
> > > Not sure about the usefulness of the fsverity_signature= property as it
> > > is. I would at minimum allow to specify which keyring signatures are
> > > verified against, and ensure that the keyring has a restriction.
> > >
> > > And maybe I would call fsverity_verify_signature() directly, after
> > > extending it to pass the desired keyring.
> > >
> > Thanks for the suggestion.
> > For the initial version we only have the fsverity_signature property
> > to enable the policy can make decision based on the existence of the
> > signature. In the future we plan to add more properties to leverage
> > the remaining signature information so we can have the restrictions
> > you mentioned.
>
> Uhm, these boolean properties feel like something is missing. In my
> opinion, one cannot accept just any signature, but should be able to
> specify the approved signers.
>
> Roberto
>
It does not accept any signature. For fsverity, the signature must be signed
by a key in the fsverity_keyring and similarly for dmverity the signature
must be signed by a key in the kernel builtin trusted keys or secondary keyring.
Therefore, the root of trust here is the system configured keyrings.

The Boolean properties dmverity_signature and fsverity_signature are used
to differentiate the existence of signature because the signature is optional.
In a =TRUE case of these two properties, we know the digests are signed
by a key we can trust. And in a =FALSE case we know the file is from a unsigned
dmverity or fsverity, we could use a stricter policy to deny them.

I agree that having the ability to restrict signers is better, but the feedback
from the last version was asking us to keep the initial version as simple
as possible. We definitely want to add more properties, but we will invest
more time in them once the initial version is accepted.

-Fan


2023-02-08 00:31:08

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 00/16] Integrity Policy Enforcement LSM (IPE)

On Thu, Feb 02, 2023 at 11:48:18AM +0100, Roberto Sassu wrote:
> On Tue, 2023-01-31 at 16:48 -0800, Fan Wu wrote:
> > On Tue, Jan 31, 2023 at 03:22:05PM +0100, Roberto Sassu wrote:
> > > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > > IPE has two known gaps:
> > > >
> > > > 1. IPE cannot verify the integrity of anonymous executable memory, such as
> > > > the trampolines created by gcc closures and libffi (<3.4.2), or JIT'd code.
> > > > Unfortunately, as this is dynamically generated code, there is no way
> > > > for IPE to ensure the integrity of this code to form a trust basis. In all
> > > > cases, the return result for these operations will be whatever the admin
> > > > configures the DEFAULT action for "EXECUTE".
> > >
> > > I think it would be useful to handle special cases, for example you
> > > could allow a process that created a file with memfd to use it, at the
> > > condition that nobody else writes it.
> > >
> > > This would be required during the boot, otherwise services could fail
> > > to start (depending on the policy).
> > >
> > Thanks for the suggestion. I agree with your opinion and I think supporting
> > memfd is possible but restricting read/write needs more hooks. We would like
> > to avoid adding more complexity to this initial posting as necessary.
> > We will consider this as a future work and will post follow-on patches
> > in the future.
>
> Ok, maybe it is necessary to specify better the scope of IPE, why the
> current implementation can be considered as complete.
>
> If we say, IPE can only allow/deny operations on system components with
> immutable security properties, clearly memfd as a component cannot
> fullfill this goal due to the non-immutability. This would apply to any
> component allowing modifications.
>
> How to address this? What is the immutable property then?
>
> In the case of memfd, intuitively, a useful property for integrity
> could be for example that the content can be accessed/modified by only
> one process. No other (possibly malicious) processes can tamper with
> that file.
>
> So, it is true, to make this property immutable more hooks are needed.
> But should it be something that IPE does? Or it should be done by an
> external component (another LSM) that does the enforcement and reports
> to IPE that the property is true? Theoretically (with a proper policy),
> existing LSMs could be used for that purpose too.
>
> I would say more the second, it should not be IPE job, so that IPE can
> exclusively focus on evaluating properties, not making sure that the
> properties are immutable.
>
> Roberto
>
I think the issue here is not about the scope of IPE but the use cases
of IPE.

We use IPE on fixed-function devices, which are completely locked down.
In our system, IPE denies all anonymous memory execution so memfd will
not work on our system.

Therefore, to make memfd useable with IPE we must add more properties.

-Fan

2023-02-09 03:31:33

by Eric Biggers

[permalink] [raw]
Subject: Re: [RFC PATCH v9 12/16] fsverity: consume builtin signature via LSM hook

So disregarding the fact that using the fsverity builtin signatures still seems
like a bad idea to me, here's a few comments on the diff itself:

On Mon, Jan 30, 2023 at 02:57:27PM -0800, Fan Wu wrote:
> diff --git a/fs/verity/open.c b/fs/verity/open.c
> index 81ff94442f7b..7e6fa52c0e9c 100644
> --- a/fs/verity/open.c
> +++ b/fs/verity/open.c
> @@ -7,7 +7,9 @@
>
> #include "fsverity_private.h"
>
> +#include <linux/security.h>
> #include <linux/slab.h>
> +#include <crypto/public_key.h>

There's no need to include <crypto/public_key.h>.

>
> static struct kmem_cache *fsverity_info_cachep;
>
> @@ -146,7 +148,7 @@ static int compute_file_digest(struct fsverity_hash_alg *hash_alg,
> * appended signature), and check the signature if present. The
> * fsverity_descriptor must have already undergone basic validation.
> */
> -struct fsverity_info *fsverity_create_info(const struct inode *inode,
> +struct fsverity_info *fsverity_create_info(struct inode *inode,
> struct fsverity_descriptor *desc)
> {
> struct fsverity_info *vi;
> @@ -182,6 +184,15 @@ struct fsverity_info *fsverity_create_info(const struct inode *inode,
>
> err = fsverity_verify_signature(vi, desc->signature,
> le32_to_cpu(desc->sig_size));
> + if (err) {
> + fsverity_err(inode, "Error %d verifying signature", err);
> + goto out;
> + }

The above error message is unnecessary because fsverity_verify_signature()
already prints an error message on failure.

> +
> + err = security_inode_setsecurity(inode, FS_VERITY_INODE_SEC_NAME, desc->signature,
> + le32_to_cpu(desc->sig_size), 0);

This runs even if CONFIG_FS_VERITY_BUILTIN_SIGNATURES is disabled. Is that
really the right behavior?

Also a nit: please stick to the preferred line length of 80 characters.
See Documentation/process/coding-style.rst

> diff --git a/fs/verity/signature.c b/fs/verity/signature.c
> index 143a530a8008..5d7b9496f9c4 100644
> --- a/fs/verity/signature.c
> +++ b/fs/verity/signature.c
> @@ -9,6 +9,7 @@
>
> #include <linux/cred.h>
> #include <linux/key.h>
> +#include <linux/security.h>
> #include <linux/slab.h>
> #include <linux/verification.h>

This change is unnecessary.

> diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> index 40f14e5fed9d..29e9888287ba 100644
> --- a/include/linux/fsverity.h
> +++ b/include/linux/fsverity.h
> @@ -254,4 +254,6 @@ static inline bool fsverity_active(const struct inode *inode)
> return fsverity_get_info(inode) != NULL;
> }
>
> +#define FS_VERITY_INODE_SEC_NAME "fsverity.inode-info"

"inode-info" is very vague. Shouldn't it be named "builtin-sig" or something?

- Eric

2023-02-09 22:22:03

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 12/16] fsverity: consume builtin signature via LSM hook

On Wed, Feb 08, 2023 at 07:30:33PM -0800, Eric Biggers wrote:
> So disregarding the fact that using the fsverity builtin signatures still seems
> like a bad idea to me, here's a few comments on the diff itself:
>
Thanks for the review. I have verified the headers are indeed unnecessary,
I will remove them in the next version.

> On Mon, Jan 30, 2023 at 02:57:27PM -0800, Fan Wu wrote:
> > diff --git a/fs/verity/open.c b/fs/verity/open.c
> > index 81ff94442f7b..7e6fa52c0e9c 100644
> > --- a/fs/verity/open.c
> > +++ b/fs/verity/open.c
> > @@ -7,7 +7,9 @@
> >
> > #include "fsverity_private.h"
> >
> > +#include <linux/security.h>
> > #include <linux/slab.h>
> > +#include <crypto/public_key.h>
>
> There's no need to include <crypto/public_key.h>.
>
> >
> > + if (err) {
> > + fsverity_err(inode, "Error %d verifying signature", err);
> > + goto out;
> > + }
>
> The above error message is unnecessary because fsverity_verify_signature()
> already prints an error message on failure.
>
> > +
> > + err = security_inode_setsecurity(inode, FS_VERITY_INODE_SEC_NAME, desc->signature,
> > + le32_to_cpu(desc->sig_size), 0);
>
> This runs even if CONFIG_FS_VERITY_BUILTIN_SIGNATURES is disabled. Is that
> really the right behavior?
>
Yes the hook call should better depend on a KCONFIG. After second thought I think it
should depend on CONFIG_IPE_PROP_FS_VERITY, which also indirectly introduces the
dependency on CONFIG_FS_VERITY_BUILTIN_SIGNATURES.

Currently security_inode_setsecurity only allows one LSM to save data with a given name.
In our case IPE will be the only LSM that saves the signature.

I will update this part in the next version.

> Also a nit: please stick to the preferred line length of 80 characters.
> See Documentation/process/coding-style.rst
>
> > diff --git a/fs/verity/signature.c b/fs/verity/signature.c
> > index 143a530a8008..5d7b9496f9c4 100644
> > --- a/fs/verity/signature.c
> > +++ b/fs/verity/signature.c
> > @@ -9,6 +9,7 @@
> >
> > #include <linux/cred.h>
> > #include <linux/key.h>
> > +#include <linux/security.h>
> > #include <linux/slab.h>
> > #include <linux/verification.h>
>
> This change is unnecessary.
>
> > diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
> > index 40f14e5fed9d..29e9888287ba 100644
> > --- a/include/linux/fsverity.h
> > +++ b/include/linux/fsverity.h
> > @@ -254,4 +254,6 @@ static inline bool fsverity_active(const struct inode *inode)
> > return fsverity_get_info(inode) != NULL;
> > }
> >
> > +#define FS_VERITY_INODE_SEC_NAME "fsverity.inode-info"
>
> "inode-info" is very vague. Shouldn't it be named "builtin-sig" or something?
>
> - Eric

I agree this name works better, I will change it to "fsverity.builtin-sig".
-Fan

2023-02-09 22:43:26

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 06/16] ipe: add LSM hooks on execution and kernel read

On Tue, Jan 31, 2023 at 01:51:39PM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > +
> > +/**
> > + * ipe_mmap_file - ipe security hook function for mmap check.
> > + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> > + * @reqprot: The requested protection on the mmap, passed from usermode.
> > + * @prot: The effective protection on the mmap, resolved from reqprot and
> > + * system configuration.
> > + * @flags: Unused.
> > + *
> > + * This hook is called when a file is loaded through the mmap
> > + * family of system calls.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Error
> > + */
> > +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> > + unsigned long flags)
> > +{
> > + struct ipe_eval_ctx ctx = { 0 };
> > +
> > + if (prot & PROT_EXEC || reqprot & PROT_EXEC) {
>
> Since the kernel only adds flags and doesn't clear them, isn't safe to
> just consider prot? Oh, you mentioned it in the changelog, maybe just
> for ipe_file_mprotect().
>

Thanks for pointing that out, yes reqprot it indeed unnecessary, I will remove
this part in the next version.

> > + build_eval_ctx(&ctx, f, ipe_op_exec);
> > + return ipe_evaluate_event(&ctx);
> > + }
>
> Uhm, I think some considerations that IMA does for mmap() are relevant
> also for IPE.
>
> For example, look at mmap_violation_check(). It checks if there are
> writable mappings, and if yes, it denies the access.
>
> Similarly for mprotect(), is adding PROT_EXEC safe?
>

Yes, writable mapping might need to treat differently. But for the current version
I think it is safe because currently we only support dmverity and fsverity,
they are inherently read-only.

But if in the future if there is a feature can support writable mapping, IPE might
better provide user the flexibility to allow or deny execute writable mappings,
for example, adding a new property like file_writable=TRUE. Then user can deploy
a rule like op=EXECUTE file_writable=TRUE action=DENY to deny execute a writable
mapping.

> >
> > @@ -12,6 +13,11 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> >
> > static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> > LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> > + LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
> > + LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
> > + LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
> > + LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
> > + LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
> > };
>
> Uhm, maybe I would incorporate patch 1 with this.
>
> Roberto

This might not be possible because this patch has some dependencies on the previous patches.
-Fan

2023-02-10 23:22:01

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Tue, Jan 31, 2023 at 04:49:44PM +0100, Roberto Sassu wrote:
> On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
> >
> > IPE must have a centralized function to evaluate incoming callers
> > against IPE's policy. This iteration of the policy against the rules
> > for that specific caller is known as the evaluation loop.
>
> Not sure if you check the properties at every access.
>
> >From my previous comments (also for previous versions of the patches)
> you could evaluate the property once, by calling the respective
> functions in the other subsystems.
>
> Then, you reserve space in the security blob for inodes and superblocks
> to cache the decision. The format could be a policy sequence number, to
> ensure that the cache is valid only for the current policy, and a bit
> for every hook you enforce.

Thanks for raising this idea. I agree that if the property evaluation
leads to a performance issue, it will be better to cache the evaluation
result. But for this version, all the property evaluations are simple,
so it is just as fast as accessing a cache. Also, for the initial
version we prefer to keep the patch as minimal as possible.

If the policy evolved to be super complex and the evaluation becomes
a bottleneck, cache support will absolutely be the right way we will go.
-Fan

>
> Also, currently you rely on the fact that the properties you defined
> are immutable and the immutability is guaranteed by the other
> subsystems, so no write can occur.
>
> But if you remove this limitation, the immutability is not guaranteed
> anymore by the other subsystems (for example if a file is in an ext4
> filesystem), the LSM needs to take extra care to ensure that the
> properties are still verified. This would be required for example if
> IPE is used in conjuction with DIGLIM.
>
> In my opinion, IPE value would increase if the generic enforcement
> mechanism is property-agnostic.
>
> Roberto
>

2023-03-02 02:33:38

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Fri, Feb 10, 2023 at 6:21 PM Fan Wu <[email protected]> wrote:
> On Tue, Jan 31, 2023 at 04:49:44PM +0100, Roberto Sassu wrote:
> > On Mon, 2023-01-30 at 14:57 -0800, Fan Wu wrote:
> > > From: Deven Bowers <[email protected]>
> > >
> > > IPE must have a centralized function to evaluate incoming callers
> > > against IPE's policy. This iteration of the policy against the rules
> > > for that specific caller is known as the evaluation loop.
> >
> > Not sure if you check the properties at every access.
> >
> > >From my previous comments (also for previous versions of the patches)
> > you could evaluate the property once, by calling the respective
> > functions in the other subsystems.
> >
> > Then, you reserve space in the security blob for inodes and superblocks
> > to cache the decision. The format could be a policy sequence number, to
> > ensure that the cache is valid only for the current policy, and a bit
> > for every hook you enforce.
>
> Thanks for raising this idea. I agree that if the property evaluation
> leads to a performance issue, it will be better to cache the evaluation
> result. But for this version, all the property evaluations are simple,
> so it is just as fast as accessing a cache. Also, for the initial
> version we prefer to keep the patch as minimal as possible.

FWIW, I think that is the right decision. Keeping the initial
submission relatively small and focused has a lot of advantages when
it comes both to review and prematurely optimizing things that might
not need optimization.

--
paul-moore.com

2023-03-02 19:02:54

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 02/16] ipe: add policy parser

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> IPE's interpretation of the what the user trusts is accomplished through
> its policy. IPE's design is to not provide support for a single trust
> provider, but to support multiple providers to enable the end-user to
> choose the best one to seek their needs.
>
> This requires the policy to be rather flexible and modular so that
> integrity providers, like fs-verity, dm-verity, dm-integrity, or
> some other system, can plug into the policy with minimal code changes.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/Makefile | 2 +
> security/ipe/policy.c | 99 +++++++
> security/ipe/policy.h | 77 ++++++
> security/ipe/policy_parser.c | 515 +++++++++++++++++++++++++++++++++++
> security/ipe/policy_parser.h | 11 +
> 5 files changed, 704 insertions(+)
> create mode 100644 security/ipe/policy.c
> create mode 100644 security/ipe/policy.h
> create mode 100644 security/ipe/policy_parser.c
> create mode 100644 security/ipe/policy_parser.h
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 571648579991..16bbe80991f1 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -8,3 +8,5 @@
> obj-$(CONFIG_SECURITY_IPE) += \
> hooks.o \
> ipe.o \
> + policy.o \
> + policy_parser.o \
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> new file mode 100644
> index 000000000000..e446f4b84152
> --- /dev/null
> +++ b/security/ipe/policy.c
> @@ -0,0 +1,99 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "policy.h"
> +#include "policy_parser.h"
> +#include "digest.h"
> +
> +#include <linux/verification.h>

Generally speaking the system/kernel-wide header files, e.g. headers
using '<...>', tend to come before the local header files, e.g.
headers using '"..."'. I wouldn't consider this a hard rule, but
unless you have a reason to put the local header files first I would
stick with convention here.

> +/**
> + * ipe_free_policy - Deallocate a given IPE policy.
> + * @p: Supplies the policy to free.
> + *
> + * Safe to call on IS_ERR/NULL.
> + */
> +void ipe_free_policy(struct ipe_policy *p)
> +{
> + if (IS_ERR_OR_NULL(p))
> + return;
> +
> + free_parsed_policy(p->parsed);
> + if (!p->pkcs7)
> + kfree(p->text);
> + kfree(p->pkcs7);
> + kfree(p);
> +}
> +
> +static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> + size_t asn1hdrlen)
> +{
> + struct ipe_policy *p = ctx;
> +
> + p->text = (const char *)data;
> + p->textlen = len;
> +
> + return 0;
> +}
> +
> +/**
> + * ipe_new_policy - Allocate and parse an ipe_policy structure.
> + *
> + * @text: Supplies a pointer to the plain-text policy to parse.
> + * @textlen: Supplies the length of @text.
> + * @pkcs7: Supplies a pointer to a pkcs7-signed IPE policy.
> + * @pkcs7len: Supplies the length of @pkcs7.
> + *
> + * @text/@textlen Should be NULL/0 if @pkcs7/@pkcs7len is set.
> + *
> + * The result will still need to be associated with a context via
> + * ipe_add_policy.
> + *
> + * Return:
> + * * !IS_ERR - Success
> + * * -EBADMSG - Policy is invalid
> + * * -ENOMEM - Out of memory
> + */
> +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len)
> +{
> + int rc = 0;
> + struct ipe_policy *new = NULL;
> +
> + new = kzalloc(sizeof(*new), GFP_KERNEL);
> + if (!new)
> + return ERR_PTR(-ENOMEM);
> +
> + if (!text) {
> + new->pkcs7len = pkcs7len;
> + new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL);
> + if (!new->pkcs7) {
> + rc = -ENOMEM;
> + goto err;

As Roberto already pointed out, and you acknowledged, this leaks @new.
However, as a FYI for future work, if you have a label with only one
return instruction after the jump, e.g. the 'err' label here, you
should replace the 'goto' with the single return instruction. Jumping
just to immediately return is a bit silly, but if you also need to
cleanup, e.g. free some memory, that's okay to use the goto/jump.

> + }
> +
> + rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, NULL,
> + VERIFYING_UNSPECIFIED_SIGNATURE,
> + set_pkcs7_data, new);
> + if (rc)
> + goto err;
> + } else {
> + new->textlen = textlen;
> + new->text = kstrdup(text, GFP_KERNEL);
> + if (!new->text) {
> + rc = -ENOMEM;
> + goto err;
> + }
> + }
> +
> + rc = parse_policy(new);
> + if (rc)
> + goto err;
> +
> + return new;
> +err:
> + return ERR_PTR(rc);
> +}

...

> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> new file mode 100644
> index 000000000000..6af2d9a811ec
> --- /dev/null
> +++ b/security/ipe/policy.h
> @@ -0,0 +1,77 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_POLICY_H
> +#define IPE_POLICY_H
> +
> +#include <linux/list.h>
> +#include <linux/types.h>
> +
> +enum ipe_op_type {
> + ipe_op_exec = 0,
> + ipe_op_firmware,
> + ipe_op_kernel_module,
> + ipe_op_kexec_image,
> + ipe_op_kexec_initramfs,
> + ipe_op_ima_policy,
> + ipe_op_ima_x509,
> + ipe_op_max
> +};

I'm used to seeing enum values defined in ALL_CAPS to help visually
distinguish them from variables and other assorted symbols, for
example:

enum ipe_op_type {
IPE_OP_EXEC = 0,
...
IPE_OP_MAX,
};

You might also want to consider prefixing IPE_OP_MAX with a couple
underscores, e.g. __IPE_OP_MAX, to help distinguish it as a sentinel
value and provide some protection in case you think you might ever
want an op named "max". However, this really is a judgement call that
is up to you.

(Similar comments apply to the other IPE enums)

> +enum ipe_action_type {
> + ipe_action_allow = 0,
> + ipe_action_deny,
> + ipe_action_max
> +};
> +
> +enum ipe_prop_type {
> + ipe_prop_max
> +};
> +
> +struct ipe_prop {
> + struct list_head next;
> + enum ipe_prop_type type;
> + void *value;
> +};
> +
> +struct ipe_rule {
> + enum ipe_op_type op;
> + enum ipe_action_type action;
> + struct list_head props;
> + struct list_head next;
> +};
> +
> +struct ipe_op_table {
> + struct list_head rules;
> + enum ipe_action_type default_action;
> +};
> +
> +struct ipe_parsed_policy {
> + const char *name;
> + struct {
> + u16 major;
> + u16 minor;
> + u16 rev;
> + } version;
> +
> + enum ipe_action_type global_default_action;
> +
> + struct ipe_op_table rules[ipe_op_max];
> +};
> +
> +struct ipe_policy {
> + const char *pkcs7;
> + size_t pkcs7len;
> +
> + const char *text;
> + size_t textlen;
> +
> + struct ipe_parsed_policy *parsed;
> +};

None of the other structs in this header file have horizontally
aligned variable names, you should pick one style and stick with it
... and that style should be the un-aligned style, e.g. what was used
in 'struct ipe_rule'

> +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len);
> +void ipe_free_policy(struct ipe_policy *pol);
> +
> +#endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> new file mode 100644
> index 000000000000..c7ba0e865366
> --- /dev/null
> +++ b/security/ipe/policy_parser.c
> @@ -0,0 +1,515 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "policy.h"
> +#include "policy_parser.h"
> +#include "digest.h"
> +
> +#include <linux/parser.h>
> +
> +#define START_COMMENT '#'
> +
> +/**
> + * new_parsed_policy - Allocate and initialize a parsed policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + */
> +static struct ipe_parsed_policy *new_parsed_policy(void)
> +{
> + size_t i = 0;
> + struct ipe_parsed_policy *p = NULL;
> + struct ipe_op_table *t = NULL;
> +
> + p = kzalloc(sizeof(*p), GFP_KERNEL);
> + if (!p)
> + return ERR_PTR(-ENOMEM);
> +
> + p->global_default_action = ipe_action_max;

I'm assuming you're using the "ipe_action_max" as an intentional bogus
placeholder value here, yes? If that is the case, have you considered
creating an "invalid" enum with an explicit zero value to save you
this additional assignment (you are already using kzalloc())? For
example:

enum ipe_op_type {
IPE_OP_INVALID = 0,
IPE_OP_EXEC,
...
IPE_OP_MAX,
};

enum ipe_action_type {
IPE_ACTION_INVALID = 0,
IPE_ACTION_ALLOW,
...
IPE_ACTION_MAX,
};

> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> + t = &p->rules[i];
> +
> + t->default_action = ipe_action_max;
> + INIT_LIST_HEAD(&t->rules);
> + }
> +
> + return p;
> +}
> +
> +/**
> + * remove_comment - Truncate all chars following START_COMMENT in a string.
> + *
> + * @line: Supplies a poilcy line string for preprocessing.

"policy" :)

I'm definitely guilty of adding a lot of silly spelling errors to
codebases over the years, so no worries here, but in case you haven't
seen the codespell tool already, it might be something worth taking a
look at sometime.

* https://github.com/codespell-project/codespell

> + */
> +static void remove_comment(char *line)
> +{
> + size_t i, len = 0;
> +
> + len = strlen(line);
> + for (i = 0; i < len && line[i] != START_COMMENT; ++i)
> + ;

The kernel has a strchr() implementation which could simplify this,
and possibly speed things up if there is an arch specific optimized
implementation.

> + line[i] = '\0';
> +}
> +
> +/**
> + * remove_trailing_spaces - Truncate all trailing spaces in a string.
> + *
> + * @line: Supplies a poilcy line string for preprocessing.
> + */
> +static void remove_trailing_spaces(char *line)
> +{
> + size_t i, len = 0;
> +
> + len = strlen(line);
> + for (i = len; i > 0 && (line[i - 1] == ' ' || line[i - 1] == '\t'); --i)
> + ;

You can probably drop the @len variable and just assign 'i =
strlen(line)' in the for-loop initializer.

> + line[i] = '\0';
> +}
> +
> +/**
> + * parse_version - Parse policy version.
> + * @ver: Supplies a version string to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Standard errno
> + */
> +static int parse_version(char *ver, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + size_t sep_count = 0;
> + char *token;
> + u16 *const cv[] = { &p->version.major, &p->version.minor, &p->version.rev };
> +
> + while ((token = strsep(&ver, ".")) != NULL) {
> + /* prevent overflow */
> + if (sep_count >= ARRAY_SIZE(cv)) {
> + rc = -EBADMSG;
> + goto err;

Remember what I said above about not needing a 'goto' here? ;)

> + }
> +
> + rc = kstrtou16(token, 10, cv[sep_count]);
> + if (rc)
> + goto err;
> +
> + ++sep_count;
> + }
> +
> + /* prevent underflow */
> + if (sep_count != ARRAY_SIZE(cv))
> + rc = -EBADMSG;
> +
> +err:
> + return rc;
> +}
> +
> +enum header_opt {
> + ipe_header_policy_name = 0,
> + ipe_header_policy_version,
> + ipe_header_max
> +};
> +
> +static const match_table_t header_tokens = {
> + {ipe_header_policy_name, "policy_name=%s"},
> + {ipe_header_policy_version, "policy_version=%s"},
> + {ipe_header_max, NULL}
> +};
> +
> +/**
> + * parse_header - Parse policy header information.
> + * @line: Supplies header line to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Standard errno
> + */
> +static int parse_header(char *line, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + char *t, *ver = NULL;
> + substring_t args[MAX_OPT_ARGS];
> + size_t idx = 0;
> +
> + while ((t = strsep(&line, " \t")) != NULL) {
> + int token;
> +
> + if (*t == '\0')
> + continue;
> + if (idx >= ipe_header_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + token = match_token(t, header_tokens, args);
> + if (token != idx) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + switch (token) {
> + case ipe_header_policy_name:
> + p->name = match_strdup(&args[0]);
> + if (!p->name)
> + rc = -ENOMEM;
> + break;
> + case ipe_header_policy_version:
> + ver = match_strdup(&args[0]);
> + if (!ver) {
> + rc = -ENOMEM;
> + break;
> + }
> + rc = parse_version(ver, p);
> + break;
> + default:
> + rc = -EBADMSG;
> + }
> + if (rc)
> + goto err;
> + ++idx;
> + }
> +
> + if (idx != ipe_header_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> + goto out;

Generally the normal, non-error case is structured so that the
function can continue to fall through to the correct code without
needed a 'goto'. I would suggest moving the 'err' label/code *after*
the 'out' label/code so the normal case can just fall through without
the goto; you will have to add a 'goto out' at the end of 'err', but
that's the error case so we aren't going to worry too much about that.

Put another (shorter) way, structure your code to optimize for the
common, non-error case.

Needless to say, this applies to other functions in this patch(set).

> +err:
> + kfree(p->name);
> + p->name = NULL;
> +out:
> + kfree(ver);
> + return rc;
> +}
> +
> +/**
> + * is_default - Determine if the given token is "DEFAULT".
> + * @token: Supplies the token string to be compared.
> + *
> + * Return:
> + * * 0 - The token is not "DEFAULT"
> + * * !0 - The token is "DEFAULT"
> + */
> +static bool is_default(char *token)
> +{
> + return !strcmp(token, "DEFAULT");
> +}

Let's be honest, "is_default()" isn't a great name, and it's a pretty
trivial function too; I'm wondering if hiding the simple strcmp()
behind an oddly named function is really all that helpful. I'm okay
if you want to keep the function, but can we name it something else?
Maybe "token_default(...)" or something similar?

> +/**
> + * free_rule - Free the supplied ipe_rule struct.
> + * @r: Supplies the ipe_rule struct to be freed.
> + */

It might be worth mentioning that @r should be removed from any lists,
e.g. list_empty() is true.

> +static void free_rule(struct ipe_rule *r)
> +{
> + struct ipe_prop *p, *t;
> +
> + if (IS_ERR_OR_NULL(r))
> + return;
> +
> + list_for_each_entry_safe(p, t, &r->props, next) {
> + kfree(p);
> + }

That's interesting, I'm used to seeing a 'list_del()' call (or
similar) before the list entry is freed. Although looking at
list_for_each_entry_safe() I guess it is safe with the current
implementation ... did you see this pattern elsewhere in the kernel?
If so, where?

Unless this is performance critical (I don't think it is?), it might
be safer to do an explicit `list_del()` before free'ing the entries
... unless this is now a common pattern in the kernel and I just
missed the memo.

> + kfree(r);
> +}
> +
> +static const match_table_t operation_tokens = {
> + {ipe_op_exec, "op=EXECUTE"},
> + {ipe_op_firmware, "op=FIRMWARE"},
> + {ipe_op_kernel_module, "op=KMODULE"},
> + {ipe_op_kexec_image, "op=KEXEC_IMAGE"},
> + {ipe_op_kexec_initramfs, "op=KEXEC_INITRAMFS"},
> + {ipe_op_ima_policy, "op=IMA_POLICY"},
> + {ipe_op_ima_x509, "op=IMA_X509_CERT"},
> + {ipe_op_max, NULL}
> +};
> +
> +/**
> + * parse_operation - Parse the opeartion type given a token string.
> + * @t: Supplies the token string to be parsed.
> + *
> + * Return: The parsed opeartion type.
> + */
> +static enum ipe_op_type parse_operation(char *t)
> +{
> + substring_t args[MAX_OPT_ARGS];
> +
> + return match_token(t, operation_tokens, args);
> +}
> +
> +static const match_table_t action_tokens = {
> + {ipe_action_allow, "action=ALLOW"},
> + {ipe_action_deny, "action=DENY"},
> + {ipe_action_max, NULL}
> +};
> +
> +/**
> + * parse_action - Parse the action type given a token string.
> + * @t: Supplies the token string to be parsed.
> + *
> + * Return: The parsed action type.
> + */
> +static enum ipe_action_type parse_action(char *t)
> +{
> + substring_t args[MAX_OPT_ARGS];
> +
> + return match_token(t, action_tokens, args);
> +}
> +
> +static const match_table_t property_tokens = {
> + {ipe_prop_max, NULL}
> +};
> +
> +/**
> + * parse_property - Parse the property type given a token string.
> + * @t: Supplies the token string to be parsed.
> + * @r: Supplies the ipe_rule the parsed property will be associated with.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + * * -EBADMSG - The supplied token cannot be parsed
> + */
> +int parse_property(char *t, struct ipe_rule *r)
> +{
> + substring_t args[MAX_OPT_ARGS];
> + struct ipe_prop *p = NULL;
> + int rc = 0;
> + int token;
> + char *dup = NULL;
> +
> + p = kzalloc(sizeof(*p), GFP_KERNEL);
> + if (!p) {
> + rc = -ENOMEM;
> + goto err;
> + }
> +
> + token = match_token(t, property_tokens, args);
> +
> + switch (token) {
> + case ipe_prop_max:
> + default:
> + rc = -EBADMSG;
> + break;
> + }
> + list_add_tail(&p->next, &r->props);
> +
> +err:
> + kfree(dup);
> + return rc;
> +}

There is a lot of stuff in 'parse_property()' that doesn't make sense
at this point in the patchset, including lots of unused variables.
Considering that no valid properties are defined yet, why not just
make this function return -EBADMSG in this patch? You can always
populate it later when it becomes useful.

int parse_property(...)
{
return -EBADMSG;
}

> +/**
> + * parse_rule - parse a policy rule line.
> + * @line: Supplies rule line to be parsed.
> + * @p: Supplies the partial parsed policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOMEM - Out of memory
> + * * -EBADMSG - Policy syntax error
> + */
> +static int parse_rule(char *line, struct ipe_parsed_policy *p)
> +{
> + int rc = 0;
> + bool first_token = true, is_default_rule = false;
> + bool op_parsed = false;
> + enum ipe_op_type op = ipe_op_max;
> + enum ipe_action_type action = ipe_action_max;
> + struct ipe_rule *r = NULL;
> + char *t;
> +
> + r = kzalloc(sizeof(*r), GFP_KERNEL);
> + if (!r) {
> + rc = -ENOMEM;
> + goto err;
> + }
> +
> + INIT_LIST_HEAD(&r->next);
> + INIT_LIST_HEAD(&r->props);
> +
> + while (t = strsep(&line, " \t"), line) {
> + if (*t == '\0')
> + continue;
> + if (first_token && is_default(t)) {
> + is_default_rule = true;
> + } else {
> + if (!op_parsed) {
> + op = parse_operation(t);
> + if (op == ipe_op_max)
> + rc = -EBADMSG;
> + else
> + op_parsed = true;
> + } else {
> + rc = parse_property(t, r);
> + }
> + }
> +
> + if (rc)
> + goto err;
> + first_token = false;
> + }
> +
> + action = parse_action(t);
> + if (action == ipe_action_max) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + if (is_default_rule) {
> + if (op == ipe_op_max) {
> + if (p->global_default_action != ipe_action_max)
> + rc = -EBADMSG;
> + else
> + p->global_default_action = action;
> + } else {
> + if (p->rules[op].default_action != ipe_action_max)
> + rc = -EBADMSG;
> + else
> + p->rules[op].default_action = action;
> + }
> + free_rule(r);
> + } else if (op != ipe_op_max && action != ipe_action_max) {
> + r->op = op;
> + r->action = action;
> + list_add_tail(&r->next, &p->rules[op].rules);

There is no way @rc could be non-zero here, right? If there is some
chance of it being non-zero we could have a problem with the @rc check
below jumping us to the 'err' label and free'ing a rule that has been
added to the list.

It might be better to move the list addition after the last error check.

> + } else {
> + rc = -EBADMSG;
> + }
> +
> + if (rc)
> + goto err;
> +
> + goto out;
> +
> +err:
> + free_rule(r);
> +out:
> + return rc;
> +}
> +
> +/**
> + * free_parsed_policy - free a parsed policy structure.
> + * @p: Supplies the parsed policy.
> + */
> +void free_parsed_policy(struct ipe_parsed_policy *p)
> +{
> + size_t i = 0;
> + struct ipe_rule *pp, *t;
> +
> + if (IS_ERR_OR_NULL(p))
> + return;
> +
> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i)
> + list_for_each_entry_safe(pp, t, &p->rules[i].rules, next)
> + free_rule(pp);
> +
> + kfree(p);
> +}
> +
> +/**
> + * validate_policy - validate a parsed policy.
> + * @p: Supplies the fully parsed policy.
> + *
> + * Given a policy structure that was just parsed, validate that all
> + * necessary fields are present, initialized correctly, and all lines
> + * parsed are have been consumed.
> + *
> + * A parsed policy can be an invalid state for use (a default was
> + * undefined, a header was undefined) by just parsing the policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EBADMSG - Policy is invalid
> + */
> +static int validate_policy(const struct ipe_parsed_policy *p)
> +{
> + int i = 0;
> +
> + if (p->global_default_action != ipe_action_max)
> + return 0;
> +
> + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> + if (p->rules[i].default_action == ipe_action_max)
> + return -EBADMSG;
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * parse_policy - Given a string, parse the string into an IPE policy.
> + * @p: partially filled ipe_policy structure to populate with the result.
> + * it must have text and textlen set.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EBADMSG - Policy is invalid
> + * * -ENOMEM - Out of Memory
> + */
> +int parse_policy(struct ipe_policy *p)
> +{
> + int rc = 0;
> + size_t len;
> + char *policy = NULL, *dup = NULL;
> + char *line = NULL;
> + bool header_parsed = false;
> + struct ipe_parsed_policy *pp = NULL;
> +
> + if (!p->textlen)
> + return -EBADMSG;
> +
> + policy = kmemdup_nul(p->text, p->textlen, GFP_KERNEL);
> + if (!policy)
> + return -ENOMEM;
> + dup = policy;
> +
> + pp = new_parsed_policy();
> + if (IS_ERR(pp)) {
> + rc = PTR_ERR(pp);
> + goto out;
> + }
> +
> + while ((line = strsep(&policy, "\n\r")) != NULL) {
> + remove_comment(line);
> + remove_trailing_spaces(line);

I think it might be very easy for 'remove_trailing_spaces()' to return
the length of the string as it already knows where the string ends;
perhaps the function could return the string length and we could get
rid of the 'strlen()' call below?

> + len = strlen(line);
> + if (!len)
> + continue;
> +
> + if (!header_parsed) {
> + rc = parse_header(line, pp);
> + if (rc)
> + goto err;
> + header_parsed = true;
> + continue;

Instead of the 'continue' above, why not just put the 'parse_rule()'
call into the 'else' block of this if-then-else?

> + }
> +
> + rc = parse_rule(line, pp);
> + if (rc)
> + goto err;
> + }
> +
> + if (!header_parsed || validate_policy(pp)) {
> + rc = -EBADMSG;
> + goto err;
> + }
> +
> + p->parsed = pp;
> +
> + goto out;
> +err:
> + free_parsed_policy(pp);
> +out:
> + kfree(dup);
> +
> + return rc;
> +}
> diff --git a/security/ipe/policy_parser.h b/security/ipe/policy_parser.h
> new file mode 100644
> index 000000000000..699ca58a5a32
> --- /dev/null
> +++ b/security/ipe/policy_parser.h
> @@ -0,0 +1,11 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_POLICY_PARSER_H
> +#define IPE_POLICY_PARSER_H
> +
> +int parse_policy(struct ipe_policy *p);
> +void free_parsed_policy(struct ipe_parsed_policy *p);
> +
> +#endif /* IPE_POLICY_PARSER */
> --
> 2.39.0

--
paul-moore.com

2023-03-02 19:04:13

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> IPE must have a centralized function to evaluate incoming callers
> against IPE's policy. This iteration of the policy against the rules
> for that specific caller is known as the evaluation loop.
>
> In addition, IPE is designed to provide system level trust guarantees,
> this usually implies that trust starts from bootup with a hardware root
> of trust, which validates the bootloader. After this, the bootloader
> verifies the kernel and the initramfs.
>
> As there's no currently supported integrity method for initramfs, and
> it's typically already verified by the bootloader, introduce a property
> that causes the first superblock to have an execution to be "pinned",
> which is typically initramfs.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/Makefile | 1 +
> security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
> security/ipe/eval.h | 28 ++++++
> security/ipe/hooks.c | 25 +++++
> security/ipe/hooks.h | 14 +++
> security/ipe/ipe.c | 1 +
> security/ipe/policy.c | 20 ++++
> security/ipe/policy.h | 3 +
> security/ipe/policy_parser.c | 8 +-
> 9 files changed, 279 insertions(+), 1 deletion(-)
> create mode 100644 security/ipe/eval.c
> create mode 100644 security/ipe/eval.h
> create mode 100644 security/ipe/hooks.c
> create mode 100644 security/ipe/hooks.h
>
> diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> index 16bbe80991f1..d7f2870d7c09 100644
> --- a/security/ipe/Makefile
> +++ b/security/ipe/Makefile
> @@ -6,6 +6,7 @@
> #
>
> obj-$(CONFIG_SECURITY_IPE) += \
> + eval.o \
> hooks.o \
> ipe.o \
> policy.o \
> diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> new file mode 100644
> index 000000000000..48b5104a3463
> --- /dev/null
> +++ b/security/ipe/eval.c
> @@ -0,0 +1,180 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "eval.h"
> +#include "hooks.h"
> +#include "policy.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/slab.h>
> +#include <linux/file.h>
> +#include <linux/sched.h>
> +#include <linux/rcupdate.h>
> +#include <linux/spinlock.h>
> +
> +struct ipe_policy __rcu *ipe_active_policy;
> +
> +static struct super_block *pinned_sb;
> +static DEFINE_SPINLOCK(pin_lock);
> +#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> +
> +/**
> + * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
> + * @f: Supplies a file structure to source the super_block from.
> + */
> +static void pin_sb(const struct file *f)
> +{
> + if (!f)
> + return;
> + spin_lock(&pin_lock);
> + if (pinned_sb)
> + goto out;
> + pinned_sb = FILE_SUPERBLOCK(f);
> +out:
> + spin_unlock(&pin_lock);
> +}

Since you don't actually use @f, just the super_block, you might
consider passing the super_block as the parameter and not the
associated file.

I'd probably also flip the if-then to avoid the 'goto', for example:

static void pin_sb(const struct super_block *sb)
{
if (!sb)
return;
spin_lock(&pin_lock);
if (!pinned_sb)
pinned_sb = sb;
spin_unlock(&pin_lock);
}

Also, do we need to worry about the initramfs' being unmounted and the
super_block going away?

> +/**
> + * from_pinned - Determine whether @f is source from the pinned super_block.
> + * @f: Supplies a file structure to check against the pinned super_block.
> + *
> + * Return:
> + * * true - @f is sourced from the pinned super_block
> + * * false - @f is not sourced from the pinned super_block
> + */
> +static bool from_pinned(const struct file *f)
> +{
> + bool rv;
> +
> + if (!f)
> + return false;
> + spin_lock(&pin_lock);
> + rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
> + spin_unlock(&pin_lock);
> + return rv;
> +}
> +
> +/**
> + * build_eval_ctx - Build an evaluation context.
> + * @ctx: Supplies a pointer to the context to be populdated.
> + * @file: Supplies a pointer to the file to associated with the evaluation.
> + * @op: Supplies the IPE policy operation associated with the evaluation.
> + */
> +void build_eval_ctx(struct ipe_eval_ctx *ctx,
> + const struct file *file,
> + enum ipe_op_type op)
> +{
> + ctx->file = file;
> + ctx->op = op;
> + ctx->from_init_sb = from_pinned(file);
> +}

I was a little concerned about the spinlock around the pinned
superblock being a potential issue so I was checking the callers of
`build_eval_ctx()` and realized there are no callers in this patch ...
? Maybe it makes sense for `build_eval_ctx()` to be in this patch but
it seems a little odd.

> +/**
> + * evaluate_property - Analyze @ctx against a property.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + * @p: Supplies a pointer to the property to be evaluated.
> + *
> + * Return:
> + * * true - The current @ctx match the @p
> + * * false - The current @ctx doesn't match the @p
> + */
> +static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
> + struct ipe_prop *p)
> +{
> + bool eval = false;
> +
> + switch (p->type) {
> + case ipe_prop_boot_verified_false:
> + eval = !ctx->from_init_sb;
> + break;
> + case ipe_prop_boot_verified_true:
> + eval = ctx->from_init_sb;
> + break;
> + default:
> + eval = false;

You don't need to set @eval to false both when it is declared or in
the 'default' case.

Honestly, you don't need @eval at all, you can simply replace all of
the @eval assignment statements with return statements.

> + }
> +
> + return eval;
> +}
> +
> +/**
> + * ipe_evaluate_event - Analyze @ctx against the current active policy.
> + * @ctx: Supplies a pointer to the context to be evaluated.
> + *
> + * This is the loop where all policy evaluation happens against IPE policy.
> + *
> + * Return:
> + * * 0 - OK
> + * * -EACCES - @ctx did not pass evaluation.
> + * * !0 - Error
> + */
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> +{
> + int rc = 0;
> + bool match = false;
> + enum ipe_action_type action;
> + struct ipe_policy *pol = NULL;
> + const struct ipe_rule *rule = NULL;
> + const struct ipe_op_table *rules = NULL;
> + struct ipe_prop *prop = NULL;
> +
> + if (ctx->op == ipe_op_exec)
> + pin_sb(ctx->file);

If I understand things correctly, the initramfs is determined by the
first process to be executed? I think that's reasonable, but I'm
beginning to wonder if that pinned super_block spinlock is going to be
a problem, especially for something that is written once (twice if you
consider the ERR_PTR(-EIO) on umount), yet read for each IPE policy
evaluation.

I'm okay if you want to keep this as a spinlock for now, but this
seems like a good candidate for RCU, and the change would be trivial
since it is a single pointer.

> + pol = ipe_get_policy_rcu(ipe_active_policy);

I don't think you can safely drop the RCU lock and leave the RCU
critical section while you are still using @ipe_active_policy. I
think the right thing to do is to get rid of `ipe_get_policy_rcu()`
and simply place from here on down in `ipe_evaluate_event()` in a RCU
critical section. Doing so would ensure that @ipe_active_policy could
not be free'd/replaced from underneath you while evaluating an event.

> + if (!pol)
> + goto out;
> +
> + if (ctx->op == ipe_op_max) {
> + action = pol->parsed->global_default_action;
> + goto eval;
> + }
> +
> + rules = &pol->parsed->rules[ctx->op];
> +
> + list_for_each_entry(rule, &rules->rules, next) {
> + match = true;
> +
> + list_for_each_entry(prop, &rule->props, next)
> + match = match && evaluate_property(ctx, prop);
> +
> + if (match)
> + break;
> + }
> +
> + if (match)
> + action = rule->action;
> + else if (rules->default_action != ipe_action_max)
> + action = rules->default_action;
> + else
> + action = pol->parsed->global_default_action;
> +
> +eval:
> + if (action == ipe_action_deny)
> + rc = -EACCES;
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * ipe_invalidate_pinned_sb - invalidte the ipe pinned super_block.
> + * @mnt_sb: super_block to check against the pinned super_block.
> + *
> + * This function is called a super_block like the initramfs's is freed,
> + * if the super_block is currently pinned by ipe it will be invalided,
> + * so ipe won't consider the block device is boot verified afterward.
> + */
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
> +{
> + spin_lock(&pin_lock);
> +
> + if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
> + pinned_sb = ERR_PTR(-EIO);

I think you only need to check if @pinned_sb is equal to @mnt_sb,
that's all that really matters here.

> + spin_unlock(&pin_lock);
> +}
> diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> new file mode 100644
> index 000000000000..887797438b9b
> --- /dev/null
> +++ b/security/ipe/eval.h
> @@ -0,0 +1,28 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#ifndef IPE_EVAL_H
> +#define IPE_EVAL_H
> +
> +#include <linux/file.h>
> +#include <linux/types.h>
> +
> +#include "hooks.h"
> +#include "policy.h"
> +
> +extern struct ipe_policy __rcu *ipe_active_policy;
> +
> +struct ipe_eval_ctx {
> + enum ipe_op_type op;
> +
> + const struct file *file;
> + bool from_init_sb;
> +};
> +
> +void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
> +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
> +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> +
> +#endif /* IPE_EVAL_H */
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> new file mode 100644
> index 000000000000..335b773c7ae1
> --- /dev/null
> +++ b/security/ipe/hooks.c
> @@ -0,0 +1,25 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +
> +#include "ipe.h"
> +#include "hooks.h"
> +#include "eval.h"
> +
> +#include <linux/fs.h>
> +#include <linux/types.h>
> +#include <linux/binfmts.h>
> +#include <linux/mman.h>
> +
> +/**
> + * ipe_sb_free_security - ipe security hook function for super_block.
> + * @mnt_sb: Supplies a pointer to a super_block is about to be freed.
> + *
> + * IPE does not have any structures with mnt_sb, but uses this hook to
> + * invalidate a pinned super_block.
> + */
> +void ipe_sb_free_security(struct super_block *mnt_sb)
> +{
> + ipe_invalidate_pinned_sb(mnt_sb);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> new file mode 100644
> index 000000000000..30fe455389bf
> --- /dev/null
> +++ b/security/ipe/hooks.h
> @@ -0,0 +1,14 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (C) Microsoft Corporation. All rights reserved.
> + */
> +#ifndef IPE_HOOKS_H
> +#define IPE_HOOKS_H
> +
> +#include <linux/fs.h>
> +#include <linux/binfmts.h>
> +#include <linux/security.h>
> +
> +void ipe_sb_free_security(struct super_block *mnt_sb);
> +
> +#endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 9ed3bf4dcc04..551c6d90ac11 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -9,6 +9,7 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> };
>
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> + LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> };
>
> /**
> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index e446f4b84152..772d876b1087 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -97,3 +97,23 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> err:
> return ERR_PTR(rc);
> }
> +
> +/**
> + * ipe_get_policy_rcu - Dereference a rcu-protected policy pointer.
> + *
> + * @p: rcu-protected pointer to a policy.
> + *
> + * Not safe to call on IS_ERR.
> + *
> + * Return: the value of @p
> + */
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
> +{
> + struct ipe_policy *rv = NULL;
> +
> + rcu_read_lock();
> + rv = rcu_dereference(p);
> + rcu_read_unlock();
> +
> + return rv;
> +}
> diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> index 6af2d9a811ec..967d816cd5cd 100644
> --- a/security/ipe/policy.h
> +++ b/security/ipe/policy.h
> @@ -26,6 +26,8 @@ enum ipe_action_type {
> };
>
> enum ipe_prop_type {
> + ipe_prop_boot_verified_false,
> + ipe_prop_boot_verified_true,
> ipe_prop_max
> };
>
> @@ -73,5 +75,6 @@ struct ipe_policy {
> struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> const char *pkcs7, size_t pkcs7len);
> void ipe_free_policy(struct ipe_policy *pol);
> +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
>
> #endif /* IPE_POLICY_H */
> diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> index c7ba0e865366..7efafc482e46 100644
> --- a/security/ipe/policy_parser.c
> +++ b/security/ipe/policy_parser.c
> @@ -265,7 +265,9 @@ static enum ipe_action_type parse_action(char *t)
> }
>
> static const match_table_t property_tokens = {
> - {ipe_prop_max, NULL}
> + {ipe_prop_boot_verified_false, "boot_verified=FALSE"},
> + {ipe_prop_boot_verified_true, "boot_verified=TRUE"},
> + {ipe_prop_max, NULL}
> };
>
> /**
> @@ -295,6 +297,10 @@ int parse_property(char *t, struct ipe_rule *r)
> token = match_token(t, property_tokens, args);
>
> switch (token) {
> + case ipe_prop_boot_verified_false:
> + case ipe_prop_boot_verified_true:
> + p->type = token;
> + break;
> case ipe_prop_max:
> default:
> rc = -EBADMSG;
> --
> 2.39.0

--
paul-moore.com

2023-03-02 19:05:19

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> As is typical with LSMs, IPE uses securityfs as its interface with
> userspace. for a complete list of the interfaces and the respective
> inputs/outputs, please see the documentation under
> admin-guide/LSM/ipe.rst
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/Makefile | 2 +
> security/ipe/fs.c | 101 +++++++++
> security/ipe/fs.h | 17 ++
> security/ipe/ipe.c | 3 +
> security/ipe/ipe.h | 2 +
> security/ipe/policy.c | 135 ++++++++++++
> security/ipe/policy.h | 7 +
> security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
> 8 files changed, 726 insertions(+)
> create mode 100644 security/ipe/fs.c
> create mode 100644 security/ipe/fs.h
> create mode 100644 security/ipe/policy_fs.c

...

> diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> index 772d876b1087..a5e9c6e5691b 100644
> --- a/security/ipe/policy.c
> +++ b/security/ipe/policy.c
> @@ -4,12 +4,39 @@
> */
>
> #include "ipe.h"
> +#include "eval.h"
> +#include "fs.h"
> #include "policy.h"
> #include "policy_parser.h"
> #include "digest.h"
>
> #include <linux/verification.h>
>
> +/* lock for synchronizing writers across ipe policy */
> +DEFINE_SPINLOCK(ipe_policy_lock);
> +
> +/**
> + * ver_to_u64 - Convert an internal ipe_policy_version to a u64.
> + * @p: Policy to extract the version from.
> + *
> + * Bits (LSB is index 0):
> + * [48,32] -> Major
> + * [32,16] -> Minor
> + * [16, 0] -> Revision
> + *
> + * Return: u64 version of the embedded version structure.
> + */
> +static inline u64 ver_to_u64(const struct ipe_policy *const p)
> +{
> + u64 r = 0;

No need to set @r to 0 since you set it to the version immediately below.

> + r = (((u64)p->parsed->version.major) << 32)
> + | (((u64)p->parsed->version.minor) << 16)
> + | ((u64)(p->parsed->version.rev));
> +
> + return r;
> +}
> +
> /**
> * ipe_free_policy - Deallocate a given IPE policy.
> * @p: Supplies the policy to free.
> @@ -21,6 +48,7 @@ void ipe_free_policy(struct ipe_policy *p)
> if (IS_ERR_OR_NULL(p))
> return;
>
> + ipe_del_policyfs_node(p);
> free_parsed_policy(p->parsed);
> if (!p->pkcs7)
> kfree(p->text);
> @@ -39,6 +67,70 @@ static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> return 0;
> }
>
> +/**
> + * ipe_update_policy - parse a new policy and replace @old with it.
> + * @addr: Supplies a pointer to the i_private for saving policy.
> + * @text: Supplies a pointer to the plain text policy.
> + * @textlen: Supplies the length of @text.
> + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> + * @pkcs7len: Supplies the length of @pkcs7len.
> + *
> + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> + * ipe_new_policy.
> + *
> + * Return:
> + * * !IS_ERR - OK
> + * * -ENOENT - Policy doesn't exist
> + * * -EINVAL - New policy is invalid
> + */
> +struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> + const char *text, size_t textlen,
> + const char *pkcs7, size_t pkcs7len)
> +{
> + int rc = 0;
> + struct ipe_policy *old, *new;
> +
> + old = ipe_get_policy_rcu(*addr);
> + if (!old) {
> + rc = -ENOENT;
> + goto err;
> + }
> +
> + new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> + if (IS_ERR(new)) {
> + rc = PTR_ERR(new);
> + goto err;
> + }
> +
> + if (strcmp(new->parsed->name, old->parsed->name)) {
> + rc = -EINVAL;
> + goto err;
> + }
> +
> + if (ver_to_u64(old) > ver_to_u64(new)) {
> + rc = -EINVAL;
> + goto err;
> + }
> +
> + if (ipe_is_policy_active(old)) {

I don't understand the is-active check, you want to make @new the new
active policy regardless, right? Could this is-active check ever be
false?

> + spin_lock(&ipe_policy_lock);
> + rcu_assign_pointer(ipe_active_policy, new);
> + spin_unlock(&ipe_policy_lock);
> + synchronize_rcu();
> + }
> +
> + rcu_assign_pointer(*addr, new);
> +
> + swap(new->policyfs, old->policyfs);
> + ipe_free_policy(old);
> +
> + goto out;
> +err:
> + ipe_free_policy(new);
> +out:
> + return (rc < 0) ? ERR_PTR(rc) : new;
> +}
> +
> /**
> * ipe_new_policy - Allocate and parse an ipe_policy structure.
> *
> @@ -117,3 +209,46 @@ struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
>
> return rv;
> }
> +
> +/**
> + * ipe_set_active_pol - Make @p the active policy.
> + * @p: Supplies a pointer to the policy to make active.
> + */
> +int ipe_set_active_pol(const struct ipe_policy *p)
> +{
> + int rc = 0;
> + struct ipe_policy *ap = NULL;
> +
> + ap = ipe_get_policy_rcu(ipe_active_policy);
> + if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
> + rc = -EINVAL;
> + goto out;
> + }
> +
> + spin_lock(&ipe_policy_lock);
> + rcu_assign_pointer(ipe_active_policy, p);
> + spin_unlock(&ipe_policy_lock);
> + synchronize_rcu();
> +
> +out:
> + return rc;
> +}
> +
> +/**
> + * ipe_is_policy_active - Determine wehther @p is the active policy.
> + * @p: Supplies a pointer to the policy to check.
> + *
> + * Return:
> + * * true - @p is the active policy
> + * * false - @p is not the active policy
> + */
> +bool ipe_is_policy_active(const struct ipe_policy *p)
> +{
> + bool rv;
> +
> + rcu_read_lock();
> + rv = rcu_access_pointer(ipe_active_policy) == p;
> + rcu_read_unlock();
> +
> + return rv;
> +}

--
paul-moore.com

2023-03-02 19:06:00

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 06/16] ipe: add LSM hooks on execution and kernel read

On Mon, Jan 30, 2023 at 5:59 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> IPE's initial goal is to control both execution and the loading of
> kernel modules based on the system's definition of trust. It
> accomplishes this by plugging into the security hooks for
> bprm_check_security, file_mprotect, mmap_file, kernel_load_data,
> and kernel_read_data.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/hooks.c | 169 +++++++++++++++++++++++++++++++++++++++++++
> security/ipe/hooks.h | 13 ++++
> security/ipe/ipe.c | 6 ++
> 3 files changed, 188 insertions(+)
>
> diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> index 335b773c7ae1..fd5109e29c76 100644
> --- a/security/ipe/hooks.c
> +++ b/security/ipe/hooks.c
> @@ -23,3 +23,172 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
> {
> ipe_invalidate_pinned_sb(mnt_sb);
> }
> +
> +/**
> + * ipe_bprm_check_security - ipe security hook function for bprm check.
> + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> + * being evaluated.
> + *
> + * This LSM hook is called when a binary is loaded through the exec
> + * family of system calls.
> + * Return:
> + * *0 - OK
> + * *!0 - Error
> + */
> +int ipe_bprm_check_security(struct linux_binprm *bprm)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + build_eval_ctx(&ctx, bprm->file, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> +}
> +
> +/**
> + * ipe_mmap_file - ipe security hook function for mmap check.
> + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + * system configuration.
> + * @flags: Unused.
> + *
> + * This hook is called when a file is loaded through the mmap
> + * family of system calls.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> + unsigned long flags)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + if (prot & PROT_EXEC || reqprot & PROT_EXEC) {

Is there a reason why you care about @reqprot? It seems like IPE
would only be interested in the protection flags that the kernel is
actually using.

I notice that in the `ipe_file_mprotect()` hook you ignore @reqprot,
which I believe is the right thing to do.

> + build_eval_ctx(&ctx, f, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * ipe_file_mprotect - ipe security hook function for mprotect check.
> + * @vma: Existing virtual memory area created by mmap or similar.
> + * @reqprot: The requested protection on the mmap, passed from usermode.
> + * @prot: The effective protection on the mmap, resolved from reqprot and
> + * system configuration.
> + *
> + * This LSM hook is called when a mmap'd region of memory is changing
> + * its protections via mprotect.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> + unsigned long prot)
> +{
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + /* Already Executable */
> + if (vma->vm_flags & VM_EXEC)
> + return 0;
> +
> + if (prot & PROT_EXEC) {
> + build_eval_ctx(&ctx, vma->vm_file, ipe_op_exec);
> + return ipe_evaluate_event(&ctx);
> + }
> +
> + return 0;
> +}
> +
> +/**
> + * ipe_kernel_read_file - ipe security hook function for kernel read.
> + * @file: Supplies a pointer to the file structure being read in from disk.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * This LSM hook is called when a file is being read in from disk from
> + * the kernel.
> + *
> + * Return:
> + * 0 - OK
> + * !0 - Error
> + */
> +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> + bool contents)
> +{
> + enum ipe_op_type op;
> + struct ipe_eval_ctx ctx;
> +
> + switch (id) {
> + case READING_FIRMWARE:
> + op = ipe_op_firmware;
> + break;
> + case READING_MODULE:
> + op = ipe_op_kernel_module;
> + break;
> + case READING_KEXEC_INITRAMFS:
> + op = ipe_op_kexec_initramfs;
> + break;
> + case READING_KEXEC_IMAGE:
> + op = ipe_op_kexec_image;
> + break;
> + case READING_POLICY:
> + op = ipe_op_ima_policy;
> + break;
> + case READING_X509_CERTIFICATE:
> + op = ipe_op_ima_x509;
> + break;
> + default:
> + op = ipe_op_max;
> + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> + }
> +
> + build_eval_ctx(&ctx, file, op);
> + return ipe_evaluate_event(&ctx);
> +}
> +
> +/**
> + * ipe_kernel_load_data - ipe security hook function for kernel load data.
> + * @id: Supplies the enumeration identifying the purpose of the read.
> + * @contents: Unused.
> + *
> + * This LSM hook is called when a buffer is being read in from disk.
> + *
> + * Return:
> + * * 0 - OK
> + * * !0 - Error
> + */
> +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents)
> +{
> + enum ipe_op_type op;
> + struct ipe_eval_ctx ctx = { 0 };
> +
> + switch (id) {
> + case LOADING_FIRMWARE:
> + op = ipe_op_firmware;
> + break;
> + case LOADING_MODULE:
> + op = ipe_op_kernel_module;
> + break;
> + case LOADING_KEXEC_INITRAMFS:
> + op = ipe_op_kexec_initramfs;
> + break;
> + case LOADING_KEXEC_IMAGE:
> + op = ipe_op_kexec_image;
> + break;
> + case LOADING_POLICY:
> + op = ipe_op_ima_policy;
> + break;
> + case LOADING_X509_CERTIFICATE:
> + op = ipe_op_ima_x509;
> + break;
> + default:
> + op = ipe_op_max;
> + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> + }
> +
> + build_eval_ctx(&ctx, NULL, op);
> + return ipe_evaluate_event(&ctx);
> +}
> diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> index 30fe455389bf..857cae69678c 100644
> --- a/security/ipe/hooks.h
> +++ b/security/ipe/hooks.h
> @@ -11,4 +11,17 @@
>
> void ipe_sb_free_security(struct super_block *mnt_sb);
>
> +int ipe_bprm_check_security(struct linux_binprm *bprm);
> +
> +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> + unsigned long flags);
> +
> +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> + unsigned long prot);
> +
> +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> + bool contents);
> +
> +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);
> +
> #endif /* IPE_HOOKS_H */
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index bef923026b50..7af2f942decd 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -4,6 +4,7 @@
> */
>
> #include "ipe.h"
> +#include "hooks.h"
>
> bool ipe_enabled;
>
> @@ -12,6 +13,11 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
>
> static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> + LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
> + LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
> + LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
> + LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
> + LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
> };
>
> /**
> --
> 2.39.0

--
paul-moore.com

2023-03-02 19:06:12

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

On Tue, Jan 31, 2023 at 12:11 PM Steve Grubb <[email protected]> wrote:
>
> Hello,
>
> On Monday, January 30, 2023 5:57:22 PM EST Fan Wu wrote:
> > From: Deven Bowers <[email protected]>
> >
> > Users of IPE require a way to identify when and why an operation fails,
> > allowing them to both respond to violations of policy and be notified
> > of potentially malicious actions on their systens with respect to IPE
> > itself.
> >
> > The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
> > evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
> > and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
> > kernel and the currently active policy changed, respectively.
>
> Typically when you reuse an existing record type, it is expected to maintain
> the same fields in the same order. Also, it is expect that fields that are
> common across diferent records have the same meaning. To aid in this, we have
> a field dictionary here:
>
> https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
> field-dictionary.csv
>
> For example, dev is expected to be 2 hex numbers separated by a colon which
> are the device major and minor numbers. But down a couple lines from here, we
> find dev="tmpfs". But isn't that a filesystem type?

What Steve said.

I'll also add an administrative note, we just moved upstream Linux
audit development to a new mailing list, [email protected], please
use that in future patch submissions. As a positive, it's a fully
open list so you won't run into moderation delays/notifications/etc.

> > This patch also adds support for success auditing, allowing users to
> > identify how a resource passed policy. It is recommended to use this
> > option with caution, as it is quite noisy.
> >
> > This patch adds the following audit records:
> >
> > audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> > ino=72 rule="DEFAULT op=EXECUTE action=DENY"
>
> Do we really need to log the whole rule?

Fan, would it be reasonable to list the properties which caused the
access denial? That seems like it might be more helpful than the
specific rule, or am I missing something?

> > The above audit record shows IPE blocked a file
> > /tmp/tmpwxmam366/deny/bin/hello in the temp file system.
> >
> > audit: AUDIT1420 path="/tmp/tmpxkvb3d9x/deny/bin/hello" dev="tmpfs"
> > ino=157 rule="DEFAULT action=DENY"
> >
> > The above audit record shows IPE blocked a file
> > /tmp/tmpxkvb3d9x/deny/bin/hello in the temp file system via another
> > rule.
> >
> > audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> > policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> > auid=4294967295 ses=4294967295 lsm=ipe res=1
>
> The MAC_POLICY_LOAD record type simply states the lsm that had it's policy
> loaded. There isn't name, version, and hash information. I'd prefer to see
> all users of this record type decide if it should be extended because they
> also have that information available to record.

Not all LSMs which load policy have that information; as an example,
SELinux doesn't have the concept of a policy name or version. The
SELinux policy version you might see in the kernel sources refers to
the policy format version and has no bearing on the actual policy
content beyond that dictated by the format.

If additional information is required by IPE, perhaps an auxiliary IPE
policy load record could be created with those additional fields.

> > The above audit record shows IPE loaded a new policy named
> > "dmverity_roothash" with the sha256 hash of the policy.
> >
> > audit: MAC_CONFIG_CHANGE old_active_pol_name="Allow_All"
> > old_active_pol_version=0.0.0
> > old_sha256=DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
> > new_active_pol_name="dmverity_roothash" new_active_pol_version=0.0.0
> > new_sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> > auid=4294967295 ses=4294967295 lsm=ipe res=1
> >
> > The above audit record shows IPE's active policy switched from
> > "Allow_All" to "dmverity_roothash".
>
> Shouldn't this just be another MAC_POLICY_LOAD? That would match other LSM's.
> The MAC_CONFIG_CHANGE is to denote that a changeable option was modified from
> one value to another. But it is still operating under the same policy.

If it is just switching from one previously loaded policy to another,
it seems like MAC_CONFIG_CHANGE might be the best choice.

--
paul-moore.com

2023-03-02 19:06:49

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 08/16] ipe: add permissive toggle

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> IPE, like SELinux, supports a permissive mode. This mode allows policy
> authors to test and evaluate IPE policy without it effecting their
> programs. When the mode is changed, a 1404 AUDIT_MAC_STATUS
> be reported.
>
> This patch adds the following audit records:
>
> audit: MAC_STATUS permissive=1 auid=4294967295 ses=4294967295 lsm=ipe
> res=1
> audit: MAC_STATUS permissive=0 auid=4294967295 ses=4294967295 lsm=ipe
> res=1
>
> These records are emitted within the following events:
>
> audit: MAC_STATUS permissive=1 auid=4294967295 ses=4294967295 lsm=ipe
> res=1
> audit[185]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=1
> a1=56308bb3ecc0 a2=2 a3=7f290fdc53e0 items=0 ppid=183 pid=185
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> tty=pts0 ses=4294967295 comm="bash" exe="/usr/bin/bash" key=(null)
> audit: PROCTITLE proctitle="-bash"
> audit: MAC_STATUS permissive=0 auid=4294967295 ses=4294967295 lsm=ipe
> res=1
> audit[185]: SYSCALL arch=c000003e syscall=1 success=yes exit=2 a0=1
> a1=56308bb3ecc0 a2=2 a3=7f290fdc53e0 items=0 ppid=183 pid=185
> auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
> tty=pts0 ses=4294967295 comm="bash" exe="/usr/bin/bash" key=(null)
> audit: PROCTITLE proctitle="-bash"
>
> Implying user used bash to toggle the switch.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/audit.c | 36 +++++++++++++++++++++++
> security/ipe/audit.h | 1 +
> security/ipe/eval.c | 9 ++++++
> security/ipe/eval.h | 1 +
> security/ipe/fs.c | 69 ++++++++++++++++++++++++++++++++++++++++++--
> 5 files changed, 114 insertions(+), 2 deletions(-)
>
> diff --git a/security/ipe/audit.c b/security/ipe/audit.c
> index 295e9f9f5146..ff74026a595f 100644
> --- a/security/ipe/audit.c
> +++ b/security/ipe/audit.c
> @@ -194,3 +194,39 @@ void ipe_audit_policy_load(const struct ipe_policy *const p)
>
> audit_log_end(ab);
> }
> +
> +/**
> + * ipe_audit_enforce - Audit a change in IPE's enforcement state.
> + */
> +void ipe_audit_enforce(void)
> +{
> + struct audit_buffer *ab;
> +
> + ab = audit_log_start(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS);
> + if (!ab)
> + return;
> +
> + audit_log_format(ab, "permissive=%d", !READ_ONCE(enforce));
> + audit_log_format(ab, " auid=%u ses=%u lsm=ipe res=1",
> + from_kuid(&init_user_ns, audit_get_loginuid(current)),
> + audit_get_sessionid(current));
> +
> + audit_log_end(ab);
> +}

See the earlier comments in the patchset about consistent formatting
of a given record type. To the best of my knowledge only SELinux
currently uses the AUDIT_MAC_STATUS record and an example can be found
in `sel_write_enforce()`. The good news is that it looks like that
format could be made to work here without too much fuss.

> +/**
> + * emit_enforcement - Emit the enforcement state of IPE started with.
> + *
> + * Return:
> + * 0 - Always
> + */
> +static int emit_enforcement(void)
> +{
> + if (!ipe_enabled)
> + return -EOPNOTSUPP;
> +
> + ipe_audit_enforce();
> + return 0;
> +}
> +
> +late_initcall(emit_enforcement);

--
paul-moore.com

2023-03-02 19:08:10

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 09/16] block|security: add LSM blob to block_device

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> block_device structures can have valuable security properties,
> based on how they are created, and what subsystem manages them.
>
> By adding LSM storage to this structure, this data can be accessed
> at the LSM layer.
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>
> Reviewed-by: Casey Schaufler <[email protected]>

...

> ---
> block/bdev.c | 7 ++++
> include/linux/blk_types.h | 3 ++
> include/linux/lsm_hook_defs.h | 5 +++
> include/linux/lsm_hooks.h | 12 ++++++
> include/linux/security.h | 22 +++++++++++
> security/security.c | 70 +++++++++++++++++++++++++++++++++++
> 6 files changed, 119 insertions(+)
>
> diff --git a/block/bdev.c b/block/bdev.c
> index edc110d90df4..f8db53b47c00 100644
> --- a/block/bdev.c
> +++ b/block/bdev.c
> @@ -24,6 +24,7 @@
> #include <linux/pseudo_fs.h>
> #include <linux/uio.h>
> #include <linux/namei.h>
> +#include <linux/security.h>
> #include <linux/part_stat.h>
> #include <linux/uaccess.h>
> #include <linux/stat.h>
> @@ -396,6 +397,11 @@ static struct inode *bdev_alloc_inode(struct super_block *sb)
> if (!ei)
> return NULL;
> memset(&ei->bdev, 0, sizeof(ei->bdev));
> +
> + if (security_bdev_alloc(&ei->bdev)) {
> + kmem_cache_free(bdev_cachep, ei);
> + return NULL;
> + }
> return &ei->vfs_inode;
> }
>
> @@ -405,6 +411,7 @@ static void bdev_free_inode(struct inode *inode)
>
> free_percpu(bdev->bd_stats);
> kfree(bdev->bd_meta_info);
> + security_bdev_free(bdev);
>
> if (!bdev_is_partition(bdev)) {
> if (bdev->bd_disk && bdev->bd_disk->bdi)
> diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
> index 99be590f952f..137a04f45c17 100644
> --- a/include/linux/blk_types.h
> +++ b/include/linux/blk_types.h
> @@ -68,6 +68,9 @@ struct block_device {
> #ifdef CONFIG_FAIL_MAKE_REQUEST
> bool bd_make_it_fail;
> #endif
> +#ifdef CONFIG_SECURITY
> + void *security;
> +#endif
> } __randomize_layout;
>
> #define bdev_whole(_bdev) \
> diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
> index ed6cb2ac55fa..1f79029c9e28 100644
> --- a/include/linux/lsm_hook_defs.h
> +++ b/include/linux/lsm_hook_defs.h
> @@ -417,3 +417,8 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new)
> LSM_HOOK(int, 0, uring_sqpoll, void)
> LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd)
> #endif /* CONFIG_IO_URING */
> +
> +LSM_HOOK(int, 0, bdev_alloc_security, struct block_device *bdev)
> +LSM_HOOK(void, LSM_RET_VOID, bdev_free_security, struct block_device *bdev)
> +LSM_HOOK(int, 0, bdev_setsecurity, struct block_device *bdev, const char *name,
> + const void *value, size_t size)
> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
> index 0a5ba81f7367..b622ceb57d83 100644
> --- a/include/linux/lsm_hooks.h
> +++ b/include/linux/lsm_hooks.h
> @@ -1618,6 +1618,17 @@
> * @what: kernel feature being accessed.
> * Return 0 if permission is granted.
> *
> + * @bdev_alloc_security:
> + * Initialize the security field inside a block_device structure.
> + *
> + * @bdev_free_security:
> + * Cleanup the security information stored inside a block_device structure.
> + *
> + * @bdev_setsecurity:
> + * Set a security property associated with @name for @bdev with
> + * value @value. @size indicates the size of @value in bytes.
> + * If a @name is not implemented, return -EOPNOTSUPP.
> + *

Just a heads-up that the LSM hook comment blocks are moving to
security/security.c very soon now (if they are not already there by
the time you read this).

https://lore.kernel.org/linux-security-module/[email protected]

> diff --git a/security/security.c b/security/security.c
> index d1571900a8c7..5c81dd3b1350 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2705,6 +2730,51 @@ int security_locked_down(enum lockdown_reason what)
> }
> EXPORT_SYMBOL(security_locked_down);
>
> +int security_bdev_alloc(struct block_device *bdev)
> +{
> + int rc = 0;
> +
> + rc = lsm_bdev_alloc(bdev);
> + if (unlikely(rc))
> + return rc;
> +
> + rc = call_int_hook(bdev_alloc_security, 0, bdev);
> + if (unlikely(rc))
> + security_bdev_free(bdev);
> +
> + return LSM_RET_DEFAULT(bdev_alloc_security);
> +}
> +EXPORT_SYMBOL(security_bdev_alloc);
> +
> +void security_bdev_free(struct block_device *bdev)
> +{
> + if (!bdev->security)
> + return;
> +
> + call_void_hook(bdev_free_security, bdev);
> +
> + kfree(bdev->security);
> + bdev->security = NULL;
> +}
> +EXPORT_SYMBOL(security_bdev_free);
> +
> +int security_bdev_setsecurity(struct block_device *bdev,
> + const char *name, const void *value,
> + size_t size)
> +{
> + int rc = 0;
> + struct security_hook_list *p;
> +
> + hlist_for_each_entry(p, &security_hook_heads.bdev_setsecurity, list) {
> + rc = p->hook.bdev_setsecurity(bdev, name, value, size);
> + if (rc && rc != -EOPNOTSUPP)
> + return rc;
> + }
> +
> + return LSM_RET_DEFAULT(bdev_setsecurity);
> +}
> +EXPORT_SYMBOL(security_bdev_setsecurity);

I think we need to see the `security_bdev_setsecurity()` hook actually
used by a caller in this patch.

> #ifdef CONFIG_PERF_EVENTS
> int security_perf_event_open(struct perf_event_attr *attr, int type)
> {
> --
> 2.39.0

--
paul-moore.com

2023-03-02 19:08:30

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 11/16] ipe: add support for dm-verity as a trust provider

On Mon, Jan 30, 2023 at 5:58 PM Fan Wu <[email protected]> wrote:
>
> From: Deven Bowers <[email protected]>
>
> Allows author of IPE policy to indicate trust for a singular dm-verity
> volume, identified by roothash, through "dmverity_roothash" and all
> signed dm-verity volumes, through "dmverity_signature".
>
> Signed-off-by: Deven Bowers <[email protected]>
> Signed-off-by: Fan Wu <[email protected]>

...

> ---
> security/ipe/Kconfig | 20 +++++
> security/ipe/Makefile | 2 +
> security/ipe/audit.c | 24 ++++++
> security/ipe/digest.c | 144 +++++++++++++++++++++++++++++++++++
> security/ipe/digest.h | 26 +++++++
> security/ipe/eval.c | 103 +++++++++++++++++++++++++
> security/ipe/eval.h | 13 ++++
> security/ipe/hooks.c | 51 +++++++++++++
> security/ipe/hooks.h | 8 ++
> security/ipe/ipe.c | 15 ++++
> security/ipe/ipe.h | 4 +
> security/ipe/policy.h | 3 +
> security/ipe/policy_parser.c | 16 ++++
> 13 files changed, 429 insertions(+)
> create mode 100644 security/ipe/digest.c
> create mode 100644 security/ipe/digest.h
>
> diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
> index ac4d558e69d5..16e835ce61b0 100644
> --- a/security/ipe/Kconfig
> +++ b/security/ipe/Kconfig
> @@ -15,3 +15,23 @@ menuconfig SECURITY_IPE
> admins to reconfigure trust requirements on the fly.
>
> If unsure, answer N.
> +
> +if SECURITY_IPE
> +menu "IPE Trust Providers"
> +
> +config IPE_PROP_DM_VERITY
> + bool "Enable support for dm-verity volumes"
> + depends on DM_VERITY && DM_VERITY_VERIFY_ROOTHASH_SIG
> + default Y
> + help
> + This option enables the properties 'dmverity_signature' and
> + 'dmverity_roothash' in IPE policy. These properties evaluates
> + to TRUE when a file is evaluated against a dm-verity volume
> + that was mounted with a signed root-hash or the volume's
> + root hash matches the supplied value in the policy.
> +
> + If unsure, answer Y.

If you had both IPE and dm-verity enabled in your kernel build, is
there ever a case where you wouldn't want IPE_PROP_DM_VERITY? I
suspect you can just have IPE and dm-verity select IPE_PROP_DM_VERITY
and not bother the user/admin with the additional Kconfig knob.

> +endmenu
> +
> +endif

--
paul-moore.com

2023-03-16 22:11:32

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 11/16] ipe: add support for dm-verity as a trust provider

On Thu, Mar 02, 2023 at 02:08:04PM -0500, Paul Moore wrote:
>
> If you had both IPE and dm-verity enabled in your kernel build, is
> there ever a case where you wouldn't want IPE_PROP_DM_VERITY? I
> suspect you can just have IPE and dm-verity select IPE_PROP_DM_VERITY
> and not bother the user/admin with the additional Kconfig knob.
>
Sorry for the late reply, I was relocating to a new country and it
took me some time to settle down.

I have read your comments and I will try to answer some questions
that I can answer right now. For the remaining questions, I need more
time to get more context and information. I will get back to you
as soon as possible.

For this one I agree just have IPE and dm-verity select IPE_PROP_DM_VERITY
is better, I will update this in the next version.

>
> --
> paul-moore.com

2023-03-16 22:53:45

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

On Thu, Mar 02, 2023 at 02:05:33PM -0500, Paul Moore wrote:
> On Tue, Jan 31, 2023 at 12:11???PM Steve Grubb <[email protected]> wrote:
> >
> > Hello,
> >
> > On Monday, January 30, 2023 5:57:22 PM EST Fan Wu wrote:
> > > From: Deven Bowers <[email protected]>
> > >
> > > Users of IPE require a way to identify when and why an operation fails,
> > > allowing them to both respond to violations of policy and be notified
> > > of potentially malicious actions on their systens with respect to IPE
> > > itself.
> > >
> > > The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
> > > evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
> > > and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
> > > kernel and the currently active policy changed, respectively.
> >
> > Typically when you reuse an existing record type, it is expected to maintain
> > the same fields in the same order. Also, it is expect that fields that are
> > common across diferent records have the same meaning. To aid in this, we have
> > a field dictionary here:
> >
> > https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
> > field-dictionary.csv
> >
> > For example, dev is expected to be 2 hex numbers separated by a colon which
> > are the device major and minor numbers. But down a couple lines from here, we
> > find dev="tmpfs". But isn't that a filesystem type?
>
> What Steve said.
>
> I'll also add an administrative note, we just moved upstream Linux
> audit development to a new mailing list, [email protected], please
> use that in future patch submissions. As a positive, it's a fully
> open list so you won't run into moderation delays/notifications/etc.
>
Thanks for the info, I will update the address.

> > > This patch also adds support for success auditing, allowing users to
> > > identify how a resource passed policy. It is recommended to use this
> > > option with caution, as it is quite noisy.
> > >
> > > This patch adds the following audit records:
> > >
> > > audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> > > ino=72 rule="DEFAULT op=EXECUTE action=DENY"
> >
> > Do we really need to log the whole rule?
>
> Fan, would it be reasonable to list the properties which caused the
> access denial? That seems like it might be more helpful than the
> specific rule, or am I missing something?
>
Audit the whole rule can let the user find the reason of a policy decision.
We need the whole rule because an allow/block is not caused by a specific
property, but the combination of all property conditions in a rule.

We could also add a verbose switch such that we only audit
the whole rule when a user turned the verbose switch on.

-Fan

> paul-moore.com

2023-04-06 20:09:46

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 02/16] ipe: add policy parser

On Thu, Mar 02, 2023 at 02:02:32PM -0500, Paul Moore wrote:
> On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> >
> > From: Deven Bowers <[email protected]>
> >
> > IPE's interpretation of the what the user trusts is accomplished through
> > its policy. IPE's design is to not provide support for a single trust
> > provider, but to support multiple providers to enable the end-user to
> > choose the best one to seek their needs.
> >
> > This requires the policy to be rather flexible and modular so that
> > integrity providers, like fs-verity, dm-verity, dm-integrity, or
> > some other system, can plug into the policy with minimal code changes.
> >
> > Signed-off-by: Deven Bowers <[email protected]>
> > Signed-off-by: Fan Wu <[email protected]>
>
> ...
>
> > ---
> > security/ipe/Makefile | 2 +
> > security/ipe/policy.c | 99 +++++++
> > security/ipe/policy.h | 77 ++++++
> > security/ipe/policy_parser.c | 515 +++++++++++++++++++++++++++++++++++
> > security/ipe/policy_parser.h | 11 +
> > 5 files changed, 704 insertions(+)
> > create mode 100644 security/ipe/policy.c
> > create mode 100644 security/ipe/policy.h
> > create mode 100644 security/ipe/policy_parser.c
> > create mode 100644 security/ipe/policy_parser.h
> >
> > diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> > index 571648579991..16bbe80991f1 100644
> > --- a/security/ipe/Makefile
> > +++ b/security/ipe/Makefile
> > @@ -8,3 +8,5 @@
> > obj-$(CONFIG_SECURITY_IPE) += \
> > hooks.o \
> > ipe.o \
> > + policy.o \
> > + policy_parser.o \
> > diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> > new file mode 100644
> > index 000000000000..e446f4b84152
> > --- /dev/null
> > +++ b/security/ipe/policy.c
> > @@ -0,0 +1,99 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#include "ipe.h"
> > +#include "policy.h"
> > +#include "policy_parser.h"
> > +#include "digest.h"
> > +
> > +#include <linux/verification.h>
>
> Generally speaking the system/kernel-wide header files, e.g. headers
> using '<...>', tend to come before the local header files, e.g.
> headers using '"..."'. I wouldn't consider this a hard rule, but
> unless you have a reason to put the local header files first I would
> stick with convention here.
>

I agree we didn't follow the correct common pattern here, I will update
all header lines in the next version.

> > +/**
> > + * ipe_free_policy - Deallocate a given IPE policy.
> > + * @p: Supplies the policy to free.
> > + *
> > + * Safe to call on IS_ERR/NULL.
> > + */
> > +void ipe_free_policy(struct ipe_policy *p)
> > +{
> > + if (IS_ERR_OR_NULL(p))
> > + return;
> > +
> > + free_parsed_policy(p->parsed);
> > + if (!p->pkcs7)
> > + kfree(p->text);
> > + kfree(p->pkcs7);
> > + kfree(p);
> > +}
> > +
> > +static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> > + size_t asn1hdrlen)
> > +{
> > + struct ipe_policy *p = ctx;
> > +
> > + p->text = (const char *)data;
> > + p->textlen = len;
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * ipe_new_policy - Allocate and parse an ipe_policy structure.
> > + *
> > + * @text: Supplies a pointer to the plain-text policy to parse.
> > + * @textlen: Supplies the length of @text.
> > + * @pkcs7: Supplies a pointer to a pkcs7-signed IPE policy.
> > + * @pkcs7len: Supplies the length of @pkcs7.
> > + *
> > + * @text/@textlen Should be NULL/0 if @pkcs7/@pkcs7len is set.
> > + *
> > + * The result will still need to be associated with a context via
> > + * ipe_add_policy.
> > + *
> > + * Return:
> > + * * !IS_ERR - Success
> > + * * -EBADMSG - Policy is invalid
> > + * * -ENOMEM - Out of memory
> > + */
> > +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> > + const char *pkcs7, size_t pkcs7len)
> > +{
> > + int rc = 0;
> > + struct ipe_policy *new = NULL;
> > +
> > + new = kzalloc(sizeof(*new), GFP_KERNEL);
> > + if (!new)
> > + return ERR_PTR(-ENOMEM);
> > +
> > + if (!text) {
> > + new->pkcs7len = pkcs7len;
> > + new->pkcs7 = kmemdup(pkcs7, pkcs7len, GFP_KERNEL);
> > + if (!new->pkcs7) {
> > + rc = -ENOMEM;
> > + goto err;
>
> As Roberto already pointed out, and you acknowledged, this leaks @new.
> However, as a FYI for future work, if you have a label with only one
> return instruction after the jump, e.g. the 'err' label here, you
> should replace the 'goto' with the single return instruction. Jumping
> just to immediately return is a bit silly, but if you also need to
> cleanup, e.g. free some memory, that's okay to use the goto/jump.
>
> > + }
> > +
> > + rc = verify_pkcs7_signature(NULL, 0, new->pkcs7, pkcs7len, NULL,
> > + VERIFYING_UNSPECIFIED_SIGNATURE,
> > + set_pkcs7_data, new);
> > + if (rc)
> > + goto err;
> > + } else {
> > + new->textlen = textlen;
> > + new->text = kstrdup(text, GFP_KERNEL);
> > + if (!new->text) {
> > + rc = -ENOMEM;
> > + goto err;
> > + }
> > + }
> > +
> > + rc = parse_policy(new);
> > + if (rc)
> > + goto err;
> > +
> > + return new;
> > +err:
> > + return ERR_PTR(rc);
> > +}
>
> ...
>
> > diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> > new file mode 100644
> > index 000000000000..6af2d9a811ec
> > --- /dev/null
> > +++ b/security/ipe/policy.h
> > @@ -0,0 +1,77 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +#ifndef IPE_POLICY_H
> > +#define IPE_POLICY_H
> > +
> > +#include <linux/list.h>
> > +#include <linux/types.h>
> > +
> > +enum ipe_op_type {
> > + ipe_op_exec = 0,
> > + ipe_op_firmware,
> > + ipe_op_kernel_module,
> > + ipe_op_kexec_image,
> > + ipe_op_kexec_initramfs,
> > + ipe_op_ima_policy,
> > + ipe_op_ima_x509,
> > + ipe_op_max
> > +};
>
> I'm used to seeing enum values defined in ALL_CAPS to help visually
> distinguish them from variables and other assorted symbols, for
> example:
>
> enum ipe_op_type {
> IPE_OP_EXEC = 0,
> ...
> IPE_OP_MAX,
> };
>
> You might also want to consider prefixing IPE_OP_MAX with a couple
> underscores, e.g. __IPE_OP_MAX, to help distinguish it as a sentinel
> value and provide some protection in case you think you might ever
> want an op named "max". However, this really is a judgement call that
> is up to you.
>
> (Similar comments apply to the other IPE enums)
>

Yes this looks much better, I will also update all enums. Thanks for the advice.

> > +enum ipe_action_type {
> > + ipe_action_allow = 0,
> > + ipe_action_deny,
> > + ipe_action_max
> > +};
> > +
> > +enum ipe_prop_type {
> > + ipe_prop_max
> > +};
> > +
> > +struct ipe_prop {
> > + struct list_head next;
> > + enum ipe_prop_type type;
> > + void *value;
> > +};
> > +
> > +struct ipe_rule {
> > + enum ipe_op_type op;
> > + enum ipe_action_type action;
> > + struct list_head props;
> > + struct list_head next;
> > +};
> > +
> > +struct ipe_op_table {
> > + struct list_head rules;
> > + enum ipe_action_type default_action;
> > +};
> > +
> > +struct ipe_parsed_policy {
> > + const char *name;
> > + struct {
> > + u16 major;
> > + u16 minor;
> > + u16 rev;
> > + } version;
> > +
> > + enum ipe_action_type global_default_action;
> > +
> > + struct ipe_op_table rules[ipe_op_max];
> > +};
> > +
> > +struct ipe_policy {
> > + const char *pkcs7;
> > + size_t pkcs7len;
> > +
> > + const char *text;
> > + size_t textlen;
> > +
> > + struct ipe_parsed_policy *parsed;
> > +};
>
> None of the other structs in this header file have horizontally
> aligned variable names, you should pick one style and stick with it
> ... and that style should be the un-aligned style, e.g. what was used
> in 'struct ipe_rule'
>

Thanks for pointing that out, will also update this part.

> > +struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> > + const char *pkcs7, size_t pkcs7len);
> > +void ipe_free_policy(struct ipe_policy *pol);
> > +
> > +#endif /* IPE_POLICY_H */
> > diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> > new file mode 100644
> > index 000000000000..c7ba0e865366
> > --- /dev/null
> > +++ b/security/ipe/policy_parser.c
> > @@ -0,0 +1,515 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#include "policy.h"
> > +#include "policy_parser.h"
> > +#include "digest.h"
> > +
> > +#include <linux/parser.h>
> > +
> > +#define START_COMMENT '#'
> > +
> > +/**
> > + * new_parsed_policy - Allocate and initialize a parsed policy.
> > + *
> > + * Return:
> > + * * !IS_ERR - OK
> > + * * -ENOMEM - Out of memory
> > + */
> > +static struct ipe_parsed_policy *new_parsed_policy(void)
> > +{
> > + size_t i = 0;
> > + struct ipe_parsed_policy *p = NULL;
> > + struct ipe_op_table *t = NULL;
> > +
> > + p = kzalloc(sizeof(*p), GFP_KERNEL);
> > + if (!p)
> > + return ERR_PTR(-ENOMEM);
> > +
> > + p->global_default_action = ipe_action_max;
>
> I'm assuming you're using the "ipe_action_max" as an intentional bogus
> placeholder value here, yes? If that is the case, have you considered
> creating an "invalid" enum with an explicit zero value to save you
> this additional assignment (you are already using kzalloc())? For
> example:
>
> enum ipe_op_type {
> IPE_OP_INVALID = 0,
> IPE_OP_EXEC,
> ...
> IPE_OP_MAX,
> };
>
> enum ipe_action_type {
> IPE_ACTION_INVALID = 0,
> IPE_ACTION_ALLOW,
> ...
> IPE_ACTION_MAX,
> };
>

Yes, IPE_ACTION_MAX is kind of the INVALID value we are using here.

But I think we might be adding unnecessary complexity by using the
IPE_OP_INVLIAD enum here. Currently, we are using IPE_OP_MAX to
represent the number of operations we have, and we have allocated
an IPE_OP_MAX-sized array to store linked lists that link all rules
for each operation. If we were to add IPE_OP_INVLIAD to the enum
definition, then IPE_OP_MAX-1 would become the number of operations,
and we would need to change the index used to access the linked list
array. For example, to get the linked-list head of rules for the
EXEC operation, we would have to use index IPE_OP_EXEC-1. Is this
acceptable?


> > + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> > + t = &p->rules[i];
> > +
> > + t->default_action = ipe_action_max;
> > + INIT_LIST_HEAD(&t->rules);
> > + }
> > +
> > + return p;
> > +}
> > +
> > +/**
> > + * remove_comment - Truncate all chars following START_COMMENT in a string.
> > + *
> > + * @line: Supplies a poilcy line string for preprocessing.
>
> "policy" :)
>
> I'm definitely guilty of adding a lot of silly spelling errors to
> codebases over the years, so no worries here, but in case you haven't
> seen the codespell tool already, it might be something worth taking a
> look at sometime.
>
> * https://github.com/codespell-project/codespell
>

Thanks for the suggestion. I have found several other typos by using this.

> > + */
> > +static void remove_comment(char *line)
> > +{
> > + size_t i, len = 0;
> > +
> > + len = strlen(line);
> > + for (i = 0; i < len && line[i] != START_COMMENT; ++i)
> > + ;
>
> The kernel has a strchr() implementation which could simplify this,
> and possibly speed things up if there is an arch specific optimized
> implementation.
>

Yep this one is better, will switch to use it.

> > + line[i] = '\0';
> > +}
> > +
> > +/**
> > + * remove_trailing_spaces - Truncate all trailing spaces in a string.
> > + *
> > + * @line: Supplies a poilcy line string for preprocessing.
> > + */
> > +static void remove_trailing_spaces(char *line)
> > +{
> > + size_t i, len = 0;
> > +
> > + len = strlen(line);
> > + for (i = len; i > 0 && (line[i - 1] == ' ' || line[i - 1] == '\t'); --i)
> > + ;
>
> You can probably drop the @len variable and just assign 'i =
> strlen(line)' in the for-loop initializer.
>

Yep, len is redundant here, will remove it.

> > + line[i] = '\0';
> > +}
> > +
> > +/**
> > + * parse_version - Parse policy version.
> > + * @ver: Supplies a version string to be parsed.
> > + * @p: Supplies the partial parsed policy.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Standard errno
> > + */
> > +static int parse_version(char *ver, struct ipe_parsed_policy *p)
> > +{
> > + int rc = 0;
> > + size_t sep_count = 0;
> > + char *token;
> > + u16 *const cv[] = { &p->version.major, &p->version.minor, &p->version.rev };
> > +
> > + while ((token = strsep(&ver, ".")) != NULL) {
> > + /* prevent overflow */
> > + if (sep_count >= ARRAY_SIZE(cv)) {
> > + rc = -EBADMSG;
> > + goto err;
>
> Remember what I said above about not needing a 'goto' here? ;)
>

Yes just return is enough, will update it.

> > + }
> > +
> > + rc = kstrtou16(token, 10, cv[sep_count]);
> > + if (rc)
> > + goto err;
> > +
> > + ++sep_count;
> > + }
> > +
> > + /* prevent underflow */
> > + if (sep_count != ARRAY_SIZE(cv))
> > + rc = -EBADMSG;
> > +
> > +err:
> > + return rc;
> > +}
> > +
> > +enum header_opt {
> > + ipe_header_policy_name = 0,
> > + ipe_header_policy_version,
> > + ipe_header_max
> > +};
> > +
> > +static const match_table_t header_tokens = {
> > + {ipe_header_policy_name, "policy_name=%s"},
> > + {ipe_header_policy_version, "policy_version=%s"},
> > + {ipe_header_max, NULL}
> > +};
> > +
> > +/**
> > + * parse_header - Parse policy header information.
> > + * @line: Supplies header line to be parsed.
> > + * @p: Supplies the partial parsed policy.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Standard errno
> > + */
> > +static int parse_header(char *line, struct ipe_parsed_policy *p)
> > +{
> > + int rc = 0;
> > + char *t, *ver = NULL;
> > + substring_t args[MAX_OPT_ARGS];
> > + size_t idx = 0;
> > +
> > + while ((t = strsep(&line, " \t")) != NULL) {
> > + int token;
> > +
> > + if (*t == '\0')
> > + continue;
> > + if (idx >= ipe_header_max) {
> > + rc = -EBADMSG;
> > + goto err;
> > + }
> > +
> > + token = match_token(t, header_tokens, args);
> > + if (token != idx) {
> > + rc = -EBADMSG;
> > + goto err;
> > + }
> > +
> > + switch (token) {
> > + case ipe_header_policy_name:
> > + p->name = match_strdup(&args[0]);
> > + if (!p->name)
> > + rc = -ENOMEM;
> > + break;
> > + case ipe_header_policy_version:
> > + ver = match_strdup(&args[0]);
> > + if (!ver) {
> > + rc = -ENOMEM;
> > + break;
> > + }
> > + rc = parse_version(ver, p);
> > + break;
> > + default:
> > + rc = -EBADMSG;
> > + }
> > + if (rc)
> > + goto err;
> > + ++idx;
> > + }
> > +
> > + if (idx != ipe_header_max) {
> > + rc = -EBADMSG;
> > + goto err;
> > + }
> > + goto out;
>
> Generally the normal, non-error case is structured so that the
> function can continue to fall through to the correct code without
> needed a 'goto'. I would suggest moving the 'err' label/code *after*
> the 'out' label/code so the normal case can just fall through without
> the goto; you will have to add a 'goto out' at the end of 'err', but
> that's the error case so we aren't going to worry too much about that.
>
> Put another (shorter) way, structure your code to optimize for the
> common, non-error case.
>
> Needless to say, this applies to other functions in this patch(set).
>

Thanks for pointing that out, I will update all the cases like this one.

> > +err:
> > + kfree(p->name);
> > + p->name = NULL;
> > +out:
> > + kfree(ver);
> > + return rc;
> > +}
> > +
> > +/**
> > + * is_default - Determine if the given token is "DEFAULT".
> > + * @token: Supplies the token string to be compared.
> > + *
> > + * Return:
> > + * * 0 - The token is not "DEFAULT"
> > + * * !0 - The token is "DEFAULT"
> > + */
> > +static bool is_default(char *token)
> > +{
> > + return !strcmp(token, "DEFAULT");
> > +}
>
> Let's be honest, "is_default()" isn't a great name, and it's a pretty
> trivial function too; I'm wondering if hiding the simple strcmp()
> behind an oddly named function is really all that helpful. I'm okay
> if you want to keep the function, but can we name it something else?
> Maybe "token_default(...)" or something similar?
>

I agree, I will take the name token_default.

> > +/**
> > + * free_rule - Free the supplied ipe_rule struct.
> > + * @r: Supplies the ipe_rule struct to be freed.
> > + */
>
> It might be worth mentioning that @r should be removed from any lists,
> e.g. list_empty() is true.
>
> > +static void free_rule(struct ipe_rule *r)
> > +{
> > + struct ipe_prop *p, *t;
> > +
> > + if (IS_ERR_OR_NULL(r))
> > + return;
> > +
> > + list_for_each_entry_safe(p, t, &r->props, next) {
> > + kfree(p);
> > + }
>
> That's interesting, I'm used to seeing a 'list_del()' call (or
> similar) before the list entry is freed. Although looking at
> list_for_each_entry_safe() I guess it is safe with the current
> implementation ... did you see this pattern elsewhere in the kernel?
> If so, where?
>
> Unless this is performance critical (I don't think it is?), it might
> be safer to do an explicit `list_del()` before free'ing the entries
> ... unless this is now a common pattern in the kernel and I just
> missed the memo.
>

I have double checked other use cases and found we were indeed wrong
here, I will add list_del calls in the next version.

> > + kfree(r);
> > +}
> > +
> > +static const match_table_t operation_tokens = {
> > + {ipe_op_exec, "op=EXECUTE"},
> > + {ipe_op_firmware, "op=FIRMWARE"},
> > + {ipe_op_kernel_module, "op=KMODULE"},
> > + {ipe_op_kexec_image, "op=KEXEC_IMAGE"},
> > + {ipe_op_kexec_initramfs, "op=KEXEC_INITRAMFS"},
> > + {ipe_op_ima_policy, "op=IMA_POLICY"},
> > + {ipe_op_ima_x509, "op=IMA_X509_CERT"},
> > + {ipe_op_max, NULL}
> > +};
> > +
> > +/**
> > + * parse_operation - Parse the opeartion type given a token string.
> > + * @t: Supplies the token string to be parsed.
> > + *
> > + * Return: The parsed opeartion type.
> > + */
> > +static enum ipe_op_type parse_operation(char *t)
> > +{
> > + substring_t args[MAX_OPT_ARGS];
> > +
> > + return match_token(t, operation_tokens, args);
> > +}
> > +
> > +static const match_table_t action_tokens = {
> > + {ipe_action_allow, "action=ALLOW"},
> > + {ipe_action_deny, "action=DENY"},
> > + {ipe_action_max, NULL}
> > +};
> > +
> > +/**
> > + * parse_action - Parse the action type given a token string.
> > + * @t: Supplies the token string to be parsed.
> > + *
> > + * Return: The parsed action type.
> > + */
> > +static enum ipe_action_type parse_action(char *t)
> > +{
> > + substring_t args[MAX_OPT_ARGS];
> > +
> > + return match_token(t, action_tokens, args);
> > +}
> > +
> > +static const match_table_t property_tokens = {
> > + {ipe_prop_max, NULL}
> > +};
> > +
> > +/**
> > + * parse_property - Parse the property type given a token string.
> > + * @t: Supplies the token string to be parsed.
> > + * @r: Supplies the ipe_rule the parsed property will be associated with.
> > + *
> > + * Return:
> > + * * !IS_ERR - OK
> > + * * -ENOMEM - Out of memory
> > + * * -EBADMSG - The supplied token cannot be parsed
> > + */
> > +int parse_property(char *t, struct ipe_rule *r)
> > +{
> > + substring_t args[MAX_OPT_ARGS];
> > + struct ipe_prop *p = NULL;
> > + int rc = 0;
> > + int token;
> > + char *dup = NULL;
> > +
> > + p = kzalloc(sizeof(*p), GFP_KERNEL);
> > + if (!p) {
> > + rc = -ENOMEM;
> > + goto err;
> > + }
> > +
> > + token = match_token(t, property_tokens, args);
> > +
> > + switch (token) {
> > + case ipe_prop_max:
> > + default:
> > + rc = -EBADMSG;
> > + break;
> > + }
> > + list_add_tail(&p->next, &r->props);
> > +
> > +err:
> > + kfree(dup);
> > + return rc;
> > +}
>
> There is a lot of stuff in 'parse_property()' that doesn't make sense
> at this point in the patchset, including lots of unused variables.
> Considering that no valid properties are defined yet, why not just
> make this function return -EBADMSG in this patch? You can always
> populate it later when it becomes useful.
>
> int parse_property(...)
> {
> return -EBADMSG;
> }
>

Sure, I can restructure the patch to add them in the later patches.

> > +/**
> > + * parse_rule - parse a policy rule line.
> > + * @line: Supplies rule line to be parsed.
> > + * @p: Supplies the partial parsed policy.
> > + *
> > + * Return:
> > + * * !IS_ERR - OK
> > + * * -ENOMEM - Out of memory
> > + * * -EBADMSG - Policy syntax error
> > + */
> > +static int parse_rule(char *line, struct ipe_parsed_policy *p)
> > +{
> > + int rc = 0;
> > + bool first_token = true, is_default_rule = false;
> > + bool op_parsed = false;
> > + enum ipe_op_type op = ipe_op_max;
> > + enum ipe_action_type action = ipe_action_max;
> > + struct ipe_rule *r = NULL;
> > + char *t;
> > +
> > + r = kzalloc(sizeof(*r), GFP_KERNEL);
> > + if (!r) {
> > + rc = -ENOMEM;
> > + goto err;
> > + }
> > +
> > + INIT_LIST_HEAD(&r->next);
> > + INIT_LIST_HEAD(&r->props);
> > +
> > + while (t = strsep(&line, " \t"), line) {
> > + if (*t == '\0')
> > + continue;
> > + if (first_token && is_default(t)) {
> > + is_default_rule = true;
> > + } else {
> > + if (!op_parsed) {
> > + op = parse_operation(t);
> > + if (op == ipe_op_max)
> > + rc = -EBADMSG;
> > + else
> > + op_parsed = true;
> > + } else {
> > + rc = parse_property(t, r);
> > + }
> > + }
> > +
> > + if (rc)
> > + goto err;
> > + first_token = false;
> > + }
> > +
> > + action = parse_action(t);
> > + if (action == ipe_action_max) {
> > + rc = -EBADMSG;
> > + goto err;
> > + }
> > +
> > + if (is_default_rule) {
> > + if (op == ipe_op_max) {
> > + if (p->global_default_action != ipe_action_max)
> > + rc = -EBADMSG;
> > + else
> > + p->global_default_action = action;
> > + } else {
> > + if (p->rules[op].default_action != ipe_action_max)
> > + rc = -EBADMSG;
> > + else
> > + p->rules[op].default_action = action;
> > + }
> > + free_rule(r);
> > + } else if (op != ipe_op_max && action != ipe_action_max) {
> > + r->op = op;
> > + r->action = action;
> > + list_add_tail(&r->next, &p->rules[op].rules);
>
> There is no way @rc could be non-zero here, right? If there is some
> chance of it being non-zero we could have a problem with the @rc check
> below jumping us to the 'err' label and free'ing a rule that has been
> added to the list.
>
> It might be better to move the list addition after the last error check.
>

Yes, rc cannot be non-zero here because all the rc assignments will just
go to the 'err' label. But I also agree that moving the list addition after
the last error check can avoid potential bugs in the future. I will update this part.

> > + } else {
> > + rc = -EBADMSG;
> > + }
> > +
> > + if (rc)
> > + goto err;
> > +
> > + goto out;
> > +
> > +err:
> > + free_rule(r);
> > +out:
> > + return rc;
> > +}
> > +
> > +/**
> > + * free_parsed_policy - free a parsed policy structure.
> > + * @p: Supplies the parsed policy.
> > + */
> > +void free_parsed_policy(struct ipe_parsed_policy *p)
> > +{
> > + size_t i = 0;
> > + struct ipe_rule *pp, *t;
> > +
> > + if (IS_ERR_OR_NULL(p))
> > + return;
> > +
> > + for (i = 0; i < ARRAY_SIZE(p->rules); ++i)
> > + list_for_each_entry_safe(pp, t, &p->rules[i].rules, next)
> > + free_rule(pp);
> > +
> > + kfree(p);
> > +}
> > +
> > +/**
> > + * validate_policy - validate a parsed policy.
> > + * @p: Supplies the fully parsed policy.
> > + *
> > + * Given a policy structure that was just parsed, validate that all
> > + * necessary fields are present, initialized correctly, and all lines
> > + * parsed are have been consumed.
> > + *
> > + * A parsed policy can be an invalid state for use (a default was
> > + * undefined, a header was undefined) by just parsing the policy.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * -EBADMSG - Policy is invalid
> > + */
> > +static int validate_policy(const struct ipe_parsed_policy *p)
> > +{
> > + int i = 0;
> > +
> > + if (p->global_default_action != ipe_action_max)
> > + return 0;
> > +
> > + for (i = 0; i < ARRAY_SIZE(p->rules); ++i) {
> > + if (p->rules[i].default_action == ipe_action_max)
> > + return -EBADMSG;
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * parse_policy - Given a string, parse the string into an IPE policy.
> > + * @p: partially filled ipe_policy structure to populate with the result.
> > + * it must have text and textlen set.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * -EBADMSG - Policy is invalid
> > + * * -ENOMEM - Out of Memory
> > + */
> > +int parse_policy(struct ipe_policy *p)
> > +{
> > + int rc = 0;
> > + size_t len;
> > + char *policy = NULL, *dup = NULL;
> > + char *line = NULL;
> > + bool header_parsed = false;
> > + struct ipe_parsed_policy *pp = NULL;
> > +
> > + if (!p->textlen)
> > + return -EBADMSG;
> > +
> > + policy = kmemdup_nul(p->text, p->textlen, GFP_KERNEL);
> > + if (!policy)
> > + return -ENOMEM;
> > + dup = policy;
> > +
> > + pp = new_parsed_policy();
> > + if (IS_ERR(pp)) {
> > + rc = PTR_ERR(pp);
> > + goto out;
> > + }
> > +
> > + while ((line = strsep(&policy, "\n\r")) != NULL) {
> > + remove_comment(line);
> > + remove_trailing_spaces(line);
>
> I think it might be very easy for 'remove_trailing_spaces()' to return
> the length of the string as it already knows where the string ends;
> perhaps the function could return the string length and we could get
> rid of the 'strlen()' call below?
>

Yes that's very easy, I will add a return value to remove_trailing_spaces().

> > + len = strlen(line);
> > + if (!len)
> > + continue;
> > +
> > + if (!header_parsed) {
> > + rc = parse_header(line, pp);
> > + if (rc)
> > + goto err;
> > + header_parsed = true;
> > + continue;
>
> Instead of the 'continue' above, why not just put the 'parse_rule()'
> call into the 'else' block of this if-then-else?
>

I agree that's a better structure, I will switch to use 'else'.

-Fan

> > + }
> > +
> > + rc = parse_rule(line, pp);
> > + if (rc)
> > + goto err;
> > + }
> > +
> > + if (!header_parsed || validate_policy(pp)) {
> > + rc = -EBADMSG;
> > + goto err;
> > + }
> > +
> > + p->parsed = pp;
> > +
> > + goto out;
> > +err:
> > + free_parsed_policy(pp);
> > +out:
> > + kfree(dup);
> > +
> > + return rc;
> > +}
> > diff --git a/security/ipe/policy_parser.h b/security/ipe/policy_parser.h
> > new file mode 100644
> > index 000000000000..699ca58a5a32
> > --- /dev/null
> > +++ b/security/ipe/policy_parser.h
> > @@ -0,0 +1,11 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +#ifndef IPE_POLICY_PARSER_H
> > +#define IPE_POLICY_PARSER_H
> > +
> > +int parse_policy(struct ipe_policy *p);
> > +void free_parsed_policy(struct ipe_parsed_policy *p);
> > +
> > +#endif /* IPE_POLICY_PARSER */
> > --
> > 2.39.0
>
> --
> paul-moore.com

2023-04-10 19:01:59

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Thu, Mar 02, 2023 at 02:03:11PM -0500, Paul Moore wrote:
> On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> >
> > From: Deven Bowers <[email protected]>
> >
> > IPE must have a centralized function to evaluate incoming callers
> > against IPE's policy. This iteration of the policy against the rules
> > for that specific caller is known as the evaluation loop.
> >
> > In addition, IPE is designed to provide system level trust guarantees,
> > this usually implies that trust starts from bootup with a hardware root
> > of trust, which validates the bootloader. After this, the bootloader
> > verifies the kernel and the initramfs.
> >
> > As there's no currently supported integrity method for initramfs, and
> > it's typically already verified by the bootloader, introduce a property
> > that causes the first superblock to have an execution to be "pinned",
> > which is typically initramfs.
> >
> > Signed-off-by: Deven Bowers <[email protected]>
> > Signed-off-by: Fan Wu <[email protected]>
>
> ...
>
> > ---
> > security/ipe/Makefile | 1 +
> > security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
> > security/ipe/eval.h | 28 ++++++
> > security/ipe/hooks.c | 25 +++++
> > security/ipe/hooks.h | 14 +++
> > security/ipe/ipe.c | 1 +
> > security/ipe/policy.c | 20 ++++
> > security/ipe/policy.h | 3 +
> > security/ipe/policy_parser.c | 8 +-
> > 9 files changed, 279 insertions(+), 1 deletion(-)
> > create mode 100644 security/ipe/eval.c
> > create mode 100644 security/ipe/eval.h
> > create mode 100644 security/ipe/hooks.c
> > create mode 100644 security/ipe/hooks.h
> >
> > diff --git a/security/ipe/Makefile b/security/ipe/Makefile
> > index 16bbe80991f1..d7f2870d7c09 100644
> > --- a/security/ipe/Makefile
> > +++ b/security/ipe/Makefile
> > @@ -6,6 +6,7 @@
> > #
> >
> > obj-$(CONFIG_SECURITY_IPE) += \
> > + eval.o \
> > hooks.o \
> > ipe.o \
> > policy.o \
> > diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> > new file mode 100644
> > index 000000000000..48b5104a3463
> > --- /dev/null
> > +++ b/security/ipe/eval.c
> > @@ -0,0 +1,180 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#include "ipe.h"
> > +#include "eval.h"
> > +#include "hooks.h"
> > +#include "policy.h"
> > +
> > +#include <linux/fs.h>
> > +#include <linux/types.h>
> > +#include <linux/slab.h>
> > +#include <linux/file.h>
> > +#include <linux/sched.h>
> > +#include <linux/rcupdate.h>
> > +#include <linux/spinlock.h>
> > +
> > +struct ipe_policy __rcu *ipe_active_policy;
> > +
> > +static struct super_block *pinned_sb;
> > +static DEFINE_SPINLOCK(pin_lock);
> > +#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> > +
> > +/**
> > + * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
> > + * @f: Supplies a file structure to source the super_block from.
> > + */
> > +static void pin_sb(const struct file *f)
> > +{
> > + if (!f)
> > + return;
> > + spin_lock(&pin_lock);
> > + if (pinned_sb)
> > + goto out;
> > + pinned_sb = FILE_SUPERBLOCK(f);
> > +out:
> > + spin_unlock(&pin_lock);
> > +}
>
> Since you don't actually use @f, just the super_block, you might
> consider passing the super_block as the parameter and not the
> associated file.
>
> I'd probably also flip the if-then to avoid the 'goto', for example:
>
> static void pin_sb(const struct super_block *sb)
> {
> if (!sb)
> return;
> spin_lock(&pin_lock);
> if (!pinned_sb)
> pinned_sb = sb;
> spin_unlock(&pin_lock);
> }
>

Sure, I can change the code accordingly.

> Also, do we need to worry about the initramfs' being unmounted and the
> super_block going away?
>

If initramfs is being unmounted, the boot_verified property will never be TRUE,
which is an expected behavior. In an actual use case, we can leverage this
property to only enable files in initramfs during the booting stage, and later switch
to another policy without the boot_verified property after unmounting the initramfs.
This approach helps keep the allowed set of files minimum at each stage.

> > +/**
> > + * from_pinned - Determine whether @f is source from the pinned super_block.
> > + * @f: Supplies a file structure to check against the pinned super_block.
> > + *
> > + * Return:
> > + * * true - @f is sourced from the pinned super_block
> > + * * false - @f is not sourced from the pinned super_block
> > + */
> > +static bool from_pinned(const struct file *f)
> > +{
> > + bool rv;
> > +
> > + if (!f)
> > + return false;
> > + spin_lock(&pin_lock);
> > + rv = !IS_ERR_OR_NULL(pinned_sb) && pinned_sb == FILE_SUPERBLOCK(f);
> > + spin_unlock(&pin_lock);
> > + return rv;
> > +}
> > +
> > +/**
> > + * build_eval_ctx - Build an evaluation context.
> > + * @ctx: Supplies a pointer to the context to be populdated.
> > + * @file: Supplies a pointer to the file to associated with the evaluation.
> > + * @op: Supplies the IPE policy operation associated with the evaluation.
> > + */
> > +void build_eval_ctx(struct ipe_eval_ctx *ctx,
> > + const struct file *file,
> > + enum ipe_op_type op)
> > +{
> > + ctx->file = file;
> > + ctx->op = op;
> > + ctx->from_init_sb = from_pinned(file);
> > +}
>
> I was a little concerned about the spinlock around the pinned
> superblock being a potential issue so I was checking the callers of
> `build_eval_ctx()` and realized there are no callers in this patch ...
> ? Maybe it makes sense for `build_eval_ctx()` to be in this patch but
> it seems a little odd.
>

I can try to move this function to a later patch.

> > +/**
> > + * evaluate_property - Analyze @ctx against a property.
> > + * @ctx: Supplies a pointer to the context to be evaluated.
> > + * @p: Supplies a pointer to the property to be evaluated.
> > + *
> > + * Return:
> > + * * true - The current @ctx match the @p
> > + * * false - The current @ctx doesn't match the @p
> > + */
> > +static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
> > + struct ipe_prop *p)
> > +{
> > + bool eval = false;
> > +
> > + switch (p->type) {
> > + case ipe_prop_boot_verified_false:
> > + eval = !ctx->from_init_sb;
> > + break;
> > + case ipe_prop_boot_verified_true:
> > + eval = ctx->from_init_sb;
> > + break;
> > + default:
> > + eval = false;
>
> You don't need to set @eval to false both when it is declared or in
> the 'default' case.
>
> Honestly, you don't need @eval at all, you can simply replace all of
> the @eval assignment statements with return statements.
>

Yep, this makes sense to me, I will replace them with returns.

> > + }
> > +
> > + return eval;
> > +}
> > +
> > +/**
> > + * ipe_evaluate_event - Analyze @ctx against the current active policy.
> > + * @ctx: Supplies a pointer to the context to be evaluated.
> > + *
> > + * This is the loop where all policy evaluation happens against IPE policy.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * -EACCES - @ctx did not pass evaluation.
> > + * * !0 - Error
> > + */
> > +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx)
> > +{
> > + int rc = 0;
> > + bool match = false;
> > + enum ipe_action_type action;
> > + struct ipe_policy *pol = NULL;
> > + const struct ipe_rule *rule = NULL;
> > + const struct ipe_op_table *rules = NULL;
> > + struct ipe_prop *prop = NULL;
> > +
> > + if (ctx->op == ipe_op_exec)
> > + pin_sb(ctx->file);
>
> If I understand things correctly, the initramfs is determined by the
> first process to be executed? I think that's reasonable, but I'm
> beginning to wonder if that pinned super_block spinlock is going to be
> a problem, especially for something that is written once (twice if you
> consider the ERR_PTR(-EIO) on umount), yet read for each IPE policy
> evaluation.
>
> I'm okay if you want to keep this as a spinlock for now, but this
> seems like a good candidate for RCU, and the change would be trivial
> since it is a single pointer.
>

I agree switching to RCU will be better, I will change this part.

> > + pol = ipe_get_policy_rcu(ipe_active_policy);
>
> I don't think you can safely drop the RCU lock and leave the RCU
> critical section while you are still using @ipe_active_policy. I
> think the right thing to do is to get rid of `ipe_get_policy_rcu()`
> and simply place from here on down in `ipe_evaluate_event()` in a RCU
> critical section. Doing so would ensure that @ipe_active_policy could
> not be free'd/replaced from underneath you while evaluating an event.
>

Yes After reading the RCU documentation, I realized that we were mistaken.
I will place the entire eval function into the critical section instead.

> > + if (!pol)
> > + goto out;
> > +
> > + if (ctx->op == ipe_op_max) {
> > + action = pol->parsed->global_default_action;
> > + goto eval;
> > + }
> > +
> > + rules = &pol->parsed->rules[ctx->op];
> > +
> > + list_for_each_entry(rule, &rules->rules, next) {
> > + match = true;
> > +
> > + list_for_each_entry(prop, &rule->props, next)
> > + match = match && evaluate_property(ctx, prop);
> > +
> > + if (match)
> > + break;
> > + }
> > +
> > + if (match)
> > + action = rule->action;
> > + else if (rules->default_action != ipe_action_max)
> > + action = rules->default_action;
> > + else
> > + action = pol->parsed->global_default_action;
> > +
> > +eval:
> > + if (action == ipe_action_deny)
> > + rc = -EACCES;
> > +
> > +out:
> > + return rc;
> > +}
> > +
> > +/**
> > + * ipe_invalidate_pinned_sb - invalidte the ipe pinned super_block.
> > + * @mnt_sb: super_block to check against the pinned super_block.
> > + *
> > + * This function is called a super_block like the initramfs's is freed,
> > + * if the super_block is currently pinned by ipe it will be invalided,
> > + * so ipe won't consider the block device is boot verified afterward.
> > + */
> > +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb)
> > +{
> > + spin_lock(&pin_lock);
> > +
> > + if (!IS_ERR_OR_NULL(pinned_sb) && mnt_sb == pinned_sb)
> > + pinned_sb = ERR_PTR(-EIO);
>
> I think you only need to check if @pinned_sb is equal to @mnt_sb,
> that's all that really matters here.
>

Agree, will remove the unnecessary part.

> > + spin_unlock(&pin_lock);
> > +}
> > diff --git a/security/ipe/eval.h b/security/ipe/eval.h
> > new file mode 100644
> > index 000000000000..887797438b9b
> > --- /dev/null
> > +++ b/security/ipe/eval.h
> > @@ -0,0 +1,28 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#ifndef IPE_EVAL_H
> > +#define IPE_EVAL_H
> > +
> > +#include <linux/file.h>
> > +#include <linux/types.h>
> > +
> > +#include "hooks.h"
> > +#include "policy.h"
> > +
> > +extern struct ipe_policy __rcu *ipe_active_policy;
> > +
> > +struct ipe_eval_ctx {
> > + enum ipe_op_type op;
> > +
> > + const struct file *file;
> > + bool from_init_sb;
> > +};
> > +
> > +void build_eval_ctx(struct ipe_eval_ctx *ctx, const struct file *file, enum ipe_op_type op);
> > +int ipe_evaluate_event(const struct ipe_eval_ctx *const ctx);
> > +void ipe_invalidate_pinned_sb(const struct super_block *mnt_sb);
> > +
> > +#endif /* IPE_EVAL_H */
> > diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> > new file mode 100644
> > index 000000000000..335b773c7ae1
> > --- /dev/null
> > +++ b/security/ipe/hooks.c
> > @@ -0,0 +1,25 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +
> > +#include "ipe.h"
> > +#include "hooks.h"
> > +#include "eval.h"
> > +
> > +#include <linux/fs.h>
> > +#include <linux/types.h>
> > +#include <linux/binfmts.h>
> > +#include <linux/mman.h>
> > +
> > +/**
> > + * ipe_sb_free_security - ipe security hook function for super_block.
> > + * @mnt_sb: Supplies a pointer to a super_block is about to be freed.
> > + *
> > + * IPE does not have any structures with mnt_sb, but uses this hook to
> > + * invalidate a pinned super_block.
> > + */
> > +void ipe_sb_free_security(struct super_block *mnt_sb)
> > +{
> > + ipe_invalidate_pinned_sb(mnt_sb);
> > +}
> > diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> > new file mode 100644
> > index 000000000000..30fe455389bf
> > --- /dev/null
> > +++ b/security/ipe/hooks.h
> > @@ -0,0 +1,14 @@
> > +/* SPDX-License-Identifier: GPL-2.0 */
> > +/*
> > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > + */
> > +#ifndef IPE_HOOKS_H
> > +#define IPE_HOOKS_H
> > +
> > +#include <linux/fs.h>
> > +#include <linux/binfmts.h>
> > +#include <linux/security.h>
> > +
> > +void ipe_sb_free_security(struct super_block *mnt_sb);
> > +
> > +#endif /* IPE_HOOKS_H */
> > diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> > index 9ed3bf4dcc04..551c6d90ac11 100644
> > --- a/security/ipe/ipe.c
> > +++ b/security/ipe/ipe.c
> > @@ -9,6 +9,7 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> > };
> >
> > static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> > + LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> > };
> >
> > /**
> > diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> > index e446f4b84152..772d876b1087 100644
> > --- a/security/ipe/policy.c
> > +++ b/security/ipe/policy.c
> > @@ -97,3 +97,23 @@ struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> > err:
> > return ERR_PTR(rc);
> > }
> > +
> > +/**
> > + * ipe_get_policy_rcu - Dereference a rcu-protected policy pointer.
> > + *
> > + * @p: rcu-protected pointer to a policy.
> > + *
> > + * Not safe to call on IS_ERR.
> > + *
> > + * Return: the value of @p
> > + */
> > +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
> > +{
> > + struct ipe_policy *rv = NULL;
> > +
> > + rcu_read_lock();
> > + rv = rcu_dereference(p);
> > + rcu_read_unlock();
> > +
> > + return rv;
> > +}
> > diff --git a/security/ipe/policy.h b/security/ipe/policy.h
> > index 6af2d9a811ec..967d816cd5cd 100644
> > --- a/security/ipe/policy.h
> > +++ b/security/ipe/policy.h
> > @@ -26,6 +26,8 @@ enum ipe_action_type {
> > };
> >
> > enum ipe_prop_type {
> > + ipe_prop_boot_verified_false,
> > + ipe_prop_boot_verified_true,
> > ipe_prop_max
> > };
> >
> > @@ -73,5 +75,6 @@ struct ipe_policy {
> > struct ipe_policy *ipe_new_policy(const char *text, size_t textlen,
> > const char *pkcs7, size_t pkcs7len);
> > void ipe_free_policy(struct ipe_policy *pol);
> > +struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p);
> >
> > #endif /* IPE_POLICY_H */
> > diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> > index c7ba0e865366..7efafc482e46 100644
> > --- a/security/ipe/policy_parser.c
> > +++ b/security/ipe/policy_parser.c
> > @@ -265,7 +265,9 @@ static enum ipe_action_type parse_action(char *t)
> > }
> >
> > static const match_table_t property_tokens = {
> > - {ipe_prop_max, NULL}
> > + {ipe_prop_boot_verified_false, "boot_verified=FALSE"},
> > + {ipe_prop_boot_verified_true, "boot_verified=TRUE"},
> > + {ipe_prop_max, NULL}
> > };
> >
> > /**
> > @@ -295,6 +297,10 @@ int parse_property(char *t, struct ipe_rule *r)
> > token = match_token(t, property_tokens, args);
> >
> > switch (token) {
> > + case ipe_prop_boot_verified_false:
> > + case ipe_prop_boot_verified_true:
> > + p->type = token;
> > + break;
> > case ipe_prop_max:
> > default:
> > rc = -EBADMSG;
> > --
> > 2.39.0
>
> --
> paul-moore.com

2023-04-10 19:11:24

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> >
> > From: Deven Bowers <[email protected]>
> >
> > As is typical with LSMs, IPE uses securityfs as its interface with
> > userspace. for a complete list of the interfaces and the respective
> > inputs/outputs, please see the documentation under
> > admin-guide/LSM/ipe.rst
> >
> > Signed-off-by: Deven Bowers <[email protected]>
> > Signed-off-by: Fan Wu <[email protected]>
>
> ...
>
> > ---
> > security/ipe/Makefile | 2 +
> > security/ipe/fs.c | 101 +++++++++
> > security/ipe/fs.h | 17 ++
> > security/ipe/ipe.c | 3 +
> > security/ipe/ipe.h | 2 +
> > security/ipe/policy.c | 135 ++++++++++++
> > security/ipe/policy.h | 7 +
> > security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
> > 8 files changed, 726 insertions(+)
> > create mode 100644 security/ipe/fs.c
> > create mode 100644 security/ipe/fs.h
> > create mode 100644 security/ipe/policy_fs.c
>
> ...
>
> > diff --git a/security/ipe/policy.c b/security/ipe/policy.c
> > index 772d876b1087..a5e9c6e5691b 100644
> > --- a/security/ipe/policy.c
> > +++ b/security/ipe/policy.c
> > @@ -4,12 +4,39 @@
> > */
> >
> > #include "ipe.h"
> > +#include "eval.h"
> > +#include "fs.h"
> > #include "policy.h"
> > #include "policy_parser.h"
> > #include "digest.h"
> >
> > #include <linux/verification.h>
> >
> > +/* lock for synchronizing writers across ipe policy */
> > +DEFINE_SPINLOCK(ipe_policy_lock);
> > +
> > +/**
> > + * ver_to_u64 - Convert an internal ipe_policy_version to a u64.
> > + * @p: Policy to extract the version from.
> > + *
> > + * Bits (LSB is index 0):
> > + * [48,32] -> Major
> > + * [32,16] -> Minor
> > + * [16, 0] -> Revision
> > + *
> > + * Return: u64 version of the embedded version structure.
> > + */
> > +static inline u64 ver_to_u64(const struct ipe_policy *const p)
> > +{
> > + u64 r = 0;
>
> No need to set @r to 0 since you set it to the version immediately below.
>

Yes this is redundant, I will remove it.

> > + r = (((u64)p->parsed->version.major) << 32)
> > + | (((u64)p->parsed->version.minor) << 16)
> > + | ((u64)(p->parsed->version.rev));
> > +
> > + return r;
> > +}
> > +
> > /**
> > * ipe_free_policy - Deallocate a given IPE policy.
> > * @p: Supplies the policy to free.
> > @@ -21,6 +48,7 @@ void ipe_free_policy(struct ipe_policy *p)
> > if (IS_ERR_OR_NULL(p))
> > return;
> >
> > + ipe_del_policyfs_node(p);
> > free_parsed_policy(p->parsed);
> > if (!p->pkcs7)
> > kfree(p->text);
> > @@ -39,6 +67,70 @@ static int set_pkcs7_data(void *ctx, const void *data, size_t len,
> > return 0;
> > }
> >
> > +/**
> > + * ipe_update_policy - parse a new policy and replace @old with it.
> > + * @addr: Supplies a pointer to the i_private for saving policy.
> > + * @text: Supplies a pointer to the plain text policy.
> > + * @textlen: Supplies the length of @text.
> > + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> > + * @pkcs7len: Supplies the length of @pkcs7len.
> > + *
> > + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> > + * ipe_new_policy.
> > + *
> > + * Return:
> > + * * !IS_ERR - OK
> > + * * -ENOENT - Policy doesn't exist
> > + * * -EINVAL - New policy is invalid
> > + */
> > +struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> > + const char *text, size_t textlen,
> > + const char *pkcs7, size_t pkcs7len)
> > +{
> > + int rc = 0;
> > + struct ipe_policy *old, *new;
> > +
> > + old = ipe_get_policy_rcu(*addr);
> > + if (!old) {
> > + rc = -ENOENT;
> > + goto err;
> > + }
> > +
> > + new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> > + if (IS_ERR(new)) {
> > + rc = PTR_ERR(new);
> > + goto err;
> > + }
> > +
> > + if (strcmp(new->parsed->name, old->parsed->name)) {
> > + rc = -EINVAL;
> > + goto err;
> > + }
> > +
> > + if (ver_to_u64(old) > ver_to_u64(new)) {
> > + rc = -EINVAL;
> > + goto err;
> > + }
> > +
> > + if (ipe_is_policy_active(old)) {
>
> I don't understand the is-active check, you want to make @new the new
> active policy regardless, right? Could this is-active check ever be
> false?
>

Actually this is needed. Policy updates can be applied to any deployed
policy, which may be saved in two places: the securityfs file node
and the ipe_active_policy pointer. To update a policy, this function first
checks if the policy saved in the securityfs file node is currently active.
If so, it updates the ipe_active_policy pointer to point to the new policy,
and finally updates the policy pointer in the securityfs to the new policy.

-Fan

> > + spin_lock(&ipe_policy_lock);
> > + rcu_assign_pointer(ipe_active_policy, new);
> > + spin_unlock(&ipe_policy_lock);
> > + synchronize_rcu();
> > + }
> > +
> > + rcu_assign_pointer(*addr, new);
> > +
> > + swap(new->policyfs, old->policyfs);
> > + ipe_free_policy(old);
> > +
> > + goto out;
> > +err:
> > + ipe_free_policy(new);
> > +out:
> > + return (rc < 0) ? ERR_PTR(rc) : new;
> > +}
> > +
> > /**
> > * ipe_new_policy - Allocate and parse an ipe_policy structure.
> > *
> > @@ -117,3 +209,46 @@ struct ipe_policy *ipe_get_policy_rcu(struct ipe_policy __rcu *p)
> >
> > return rv;
> > }
> > +
> > +/**
> > + * ipe_set_active_pol - Make @p the active policy.
> > + * @p: Supplies a pointer to the policy to make active.
> > + */
> > +int ipe_set_active_pol(const struct ipe_policy *p)
> > +{
> > + int rc = 0;
> > + struct ipe_policy *ap = NULL;
> > +
> > + ap = ipe_get_policy_rcu(ipe_active_policy);
> > + if (ap && ver_to_u64(ap) > ver_to_u64(p)) {
> > + rc = -EINVAL;
> > + goto out;
> > + }
> > +
> > + spin_lock(&ipe_policy_lock);
> > + rcu_assign_pointer(ipe_active_policy, p);
> > + spin_unlock(&ipe_policy_lock);
> > + synchronize_rcu();
> > +
> > +out:
> > + return rc;
> > +}
> > +
> > +/**
> > + * ipe_is_policy_active - Determine wehther @p is the active policy.
> > + * @p: Supplies a pointer to the policy to check.
> > + *
> > + * Return:
> > + * * true - @p is the active policy
> > + * * false - @p is not the active policy
> > + */
> > +bool ipe_is_policy_active(const struct ipe_policy *p)
> > +{
> > + bool rv;
> > +
> > + rcu_read_lock();
> > + rv = rcu_access_pointer(ipe_active_policy) == p;
> > + rcu_read_unlock();
> > +
> > + return rv;
> > +}
>
> --
> paul-moore.com

2023-04-10 21:23:18

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 06/16] ipe: add LSM hooks on execution and kernel read

On Thu, Mar 02, 2023 at 02:05:20PM -0500, Paul Moore wrote:
> On Mon, Jan 30, 2023 at 5:59???PM Fan Wu <[email protected]> wrote:
> >
> > From: Deven Bowers <[email protected]>
> >
> > IPE's initial goal is to control both execution and the loading of
> > kernel modules based on the system's definition of trust. It
> > accomplishes this by plugging into the security hooks for
> > bprm_check_security, file_mprotect, mmap_file, kernel_load_data,
> > and kernel_read_data.
> >
> > Signed-off-by: Deven Bowers <[email protected]>
> > Signed-off-by: Fan Wu <[email protected]>
>
> ...
>
> > ---
> > security/ipe/hooks.c | 169 +++++++++++++++++++++++++++++++++++++++++++
> > security/ipe/hooks.h | 13 ++++
> > security/ipe/ipe.c | 6 ++
> > 3 files changed, 188 insertions(+)
> >
> > diff --git a/security/ipe/hooks.c b/security/ipe/hooks.c
> > index 335b773c7ae1..fd5109e29c76 100644
> > --- a/security/ipe/hooks.c
> > +++ b/security/ipe/hooks.c
> > @@ -23,3 +23,172 @@ void ipe_sb_free_security(struct super_block *mnt_sb)
> > {
> > ipe_invalidate_pinned_sb(mnt_sb);
> > }
> > +
> > +/**
> > + * ipe_bprm_check_security - ipe security hook function for bprm check.
> > + * @bprm: Supplies a pointer to a linux_binprm structure to source the file
> > + * being evaluated.
> > + *
> > + * This LSM hook is called when a binary is loaded through the exec
> > + * family of system calls.
> > + * Return:
> > + * *0 - OK
> > + * *!0 - Error
> > + */
> > +int ipe_bprm_check_security(struct linux_binprm *bprm)
> > +{
> > + struct ipe_eval_ctx ctx = { 0 };
> > +
> > + build_eval_ctx(&ctx, bprm->file, ipe_op_exec);
> > + return ipe_evaluate_event(&ctx);
> > +}
> > +
> > +/**
> > + * ipe_mmap_file - ipe security hook function for mmap check.
> > + * @f: File being mmap'd. Can be NULL in the case of anonymous memory.
> > + * @reqprot: The requested protection on the mmap, passed from usermode.
> > + * @prot: The effective protection on the mmap, resolved from reqprot and
> > + * system configuration.
> > + * @flags: Unused.
> > + *
> > + * This hook is called when a file is loaded through the mmap
> > + * family of system calls.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Error
> > + */
> > +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> > + unsigned long flags)
> > +{
> > + struct ipe_eval_ctx ctx = { 0 };
> > +
> > + if (prot & PROT_EXEC || reqprot & PROT_EXEC) {
>
> Is there a reason why you care about @reqprot? It seems like IPE
> would only be interested in the protection flags that the kernel is
> actually using.
>
> I notice that in the `ipe_file_mprotect()` hook you ignore @reqprot,
> which I believe is the right thing to do.
>

Yes I double checked and found that's not necessary, I will remove that.

-Fan

> > + build_eval_ctx(&ctx, f, ipe_op_exec);
> > + return ipe_evaluate_event(&ctx);
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * ipe_file_mprotect - ipe security hook function for mprotect check.
> > + * @vma: Existing virtual memory area created by mmap or similar.
> > + * @reqprot: The requested protection on the mmap, passed from usermode.
> > + * @prot: The effective protection on the mmap, resolved from reqprot and
> > + * system configuration.
> > + *
> > + * This LSM hook is called when a mmap'd region of memory is changing
> > + * its protections via mprotect.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Error
> > + */
> > +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> > + unsigned long prot)
> > +{
> > + struct ipe_eval_ctx ctx = { 0 };
> > +
> > + /* Already Executable */
> > + if (vma->vm_flags & VM_EXEC)
> > + return 0;
> > +
> > + if (prot & PROT_EXEC) {
> > + build_eval_ctx(&ctx, vma->vm_file, ipe_op_exec);
> > + return ipe_evaluate_event(&ctx);
> > + }
> > +
> > + return 0;
> > +}
> > +
> > +/**
> > + * ipe_kernel_read_file - ipe security hook function for kernel read.
> > + * @file: Supplies a pointer to the file structure being read in from disk.
> > + * @id: Supplies the enumeration identifying the purpose of the read.
> > + * @contents: Unused.
> > + *
> > + * This LSM hook is called when a file is being read in from disk from
> > + * the kernel.
> > + *
> > + * Return:
> > + * 0 - OK
> > + * !0 - Error
> > + */
> > +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> > + bool contents)
> > +{
> > + enum ipe_op_type op;
> > + struct ipe_eval_ctx ctx;
> > +
> > + switch (id) {
> > + case READING_FIRMWARE:
> > + op = ipe_op_firmware;
> > + break;
> > + case READING_MODULE:
> > + op = ipe_op_kernel_module;
> > + break;
> > + case READING_KEXEC_INITRAMFS:
> > + op = ipe_op_kexec_initramfs;
> > + break;
> > + case READING_KEXEC_IMAGE:
> > + op = ipe_op_kexec_image;
> > + break;
> > + case READING_POLICY:
> > + op = ipe_op_ima_policy;
> > + break;
> > + case READING_X509_CERTIFICATE:
> > + op = ipe_op_ima_x509;
> > + break;
> > + default:
> > + op = ipe_op_max;
> > + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> > + }
> > +
> > + build_eval_ctx(&ctx, file, op);
> > + return ipe_evaluate_event(&ctx);
> > +}
> > +
> > +/**
> > + * ipe_kernel_load_data - ipe security hook function for kernel load data.
> > + * @id: Supplies the enumeration identifying the purpose of the read.
> > + * @contents: Unused.
> > + *
> > + * This LSM hook is called when a buffer is being read in from disk.
> > + *
> > + * Return:
> > + * * 0 - OK
> > + * * !0 - Error
> > + */
> > +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents)
> > +{
> > + enum ipe_op_type op;
> > + struct ipe_eval_ctx ctx = { 0 };
> > +
> > + switch (id) {
> > + case LOADING_FIRMWARE:
> > + op = ipe_op_firmware;
> > + break;
> > + case LOADING_MODULE:
> > + op = ipe_op_kernel_module;
> > + break;
> > + case LOADING_KEXEC_INITRAMFS:
> > + op = ipe_op_kexec_initramfs;
> > + break;
> > + case LOADING_KEXEC_IMAGE:
> > + op = ipe_op_kexec_image;
> > + break;
> > + case LOADING_POLICY:
> > + op = ipe_op_ima_policy;
> > + break;
> > + case LOADING_X509_CERTIFICATE:
> > + op = ipe_op_ima_x509;
> > + break;
> > + default:
> > + op = ipe_op_max;
> > + WARN(op == ipe_op_max, "no rule setup for enum %d", id);
> > + }
> > +
> > + build_eval_ctx(&ctx, NULL, op);
> > + return ipe_evaluate_event(&ctx);
> > +}
> > diff --git a/security/ipe/hooks.h b/security/ipe/hooks.h
> > index 30fe455389bf..857cae69678c 100644
> > --- a/security/ipe/hooks.h
> > +++ b/security/ipe/hooks.h
> > @@ -11,4 +11,17 @@
> >
> > void ipe_sb_free_security(struct super_block *mnt_sb);
> >
> > +int ipe_bprm_check_security(struct linux_binprm *bprm);
> > +
> > +int ipe_mmap_file(struct file *f, unsigned long reqprot, unsigned long prot,
> > + unsigned long flags);
> > +
> > +int ipe_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot,
> > + unsigned long prot);
> > +
> > +int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
> > + bool contents);
> > +
> > +int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);
> > +
> > #endif /* IPE_HOOKS_H */
> > diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> > index bef923026b50..7af2f942decd 100644
> > --- a/security/ipe/ipe.c
> > +++ b/security/ipe/ipe.c
> > @@ -4,6 +4,7 @@
> > */
> >
> > #include "ipe.h"
> > +#include "hooks.h"
> >
> > bool ipe_enabled;
> >
> > @@ -12,6 +13,11 @@ static struct lsm_blob_sizes ipe_blobs __lsm_ro_after_init = {
> >
> > static struct security_hook_list ipe_hooks[] __lsm_ro_after_init = {
> > LSM_HOOK_INIT(sb_free_security, ipe_sb_free_security),
> > + LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
> > + LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
> > + LSM_HOOK_INIT(file_mprotect, ipe_file_mprotect),
> > + LSM_HOOK_INIT(kernel_read_file, ipe_kernel_read_file),
> > + LSM_HOOK_INIT(kernel_load_data, ipe_kernel_load_data),
> > };
> >
> > /**
> > --
> > 2.39.0
>
> --
> paul-moore.com

2023-04-11 19:14:56

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 02/16] ipe: add policy parser

On Thu, Apr 6, 2023 at 4:00 PM Fan Wu <[email protected]> wrote:
> On Thu, Mar 02, 2023 at 02:02:32PM -0500, Paul Moore wrote:
> > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > >
> > > From: Deven Bowers <[email protected]>
> > >
> > > IPE's interpretation of the what the user trusts is accomplished through
> > > its policy. IPE's design is to not provide support for a single trust
> > > provider, but to support multiple providers to enable the end-user to
> > > choose the best one to seek their needs.
> > >
> > > This requires the policy to be rather flexible and modular so that
> > > integrity providers, like fs-verity, dm-verity, dm-integrity, or
> > > some other system, can plug into the policy with minimal code changes.
> > >
> > > Signed-off-by: Deven Bowers <[email protected]>
> > > Signed-off-by: Fan Wu <[email protected]>
> >
> > ...
> >
> > > ---
> > > security/ipe/Makefile | 2 +
> > > security/ipe/policy.c | 99 +++++++
> > > security/ipe/policy.h | 77 ++++++
> > > security/ipe/policy_parser.c | 515 +++++++++++++++++++++++++++++++++++
> > > security/ipe/policy_parser.h | 11 +
> > > 5 files changed, 704 insertions(+)
> > > create mode 100644 security/ipe/policy.c
> > > create mode 100644 security/ipe/policy.h
> > > create mode 100644 security/ipe/policy_parser.c
> > > create mode 100644 security/ipe/policy_parser.h

...

> > > diff --git a/security/ipe/policy_parser.c b/security/ipe/policy_parser.c
> > > new file mode 100644
> > > index 000000000000..c7ba0e865366
> > > --- /dev/null
> > > +++ b/security/ipe/policy_parser.c
> > > @@ -0,0 +1,515 @@
> > > +// SPDX-License-Identifier: GPL-2.0
> > > +/*
> > > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > > + */
> > > +
> > > +#include "policy.h"
> > > +#include "policy_parser.h"
> > > +#include "digest.h"
> > > +
> > > +#include <linux/parser.h>
> > > +
> > > +#define START_COMMENT '#'
> > > +
> > > +/**
> > > + * new_parsed_policy - Allocate and initialize a parsed policy.
> > > + *
> > > + * Return:
> > > + * * !IS_ERR - OK
> > > + * * -ENOMEM - Out of memory
> > > + */
> > > +static struct ipe_parsed_policy *new_parsed_policy(void)
> > > +{
> > > + size_t i = 0;
> > > + struct ipe_parsed_policy *p = NULL;
> > > + struct ipe_op_table *t = NULL;
> > > +
> > > + p = kzalloc(sizeof(*p), GFP_KERNEL);
> > > + if (!p)
> > > + return ERR_PTR(-ENOMEM);
> > > +
> > > + p->global_default_action = ipe_action_max;
> >
> > I'm assuming you're using the "ipe_action_max" as an intentional bogus
> > placeholder value here, yes? If that is the case, have you considered
> > creating an "invalid" enum with an explicit zero value to save you
> > this additional assignment (you are already using kzalloc())? For
> > example:
> >
> > enum ipe_op_type {
> > IPE_OP_INVALID = 0,
> > IPE_OP_EXEC,
> > ...
> > IPE_OP_MAX,
> > };
> >
> > enum ipe_action_type {
> > IPE_ACTION_INVALID = 0,
> > IPE_ACTION_ALLOW,
> > ...
> > IPE_ACTION_MAX,
> > };
> >
>
> Yes, IPE_ACTION_MAX is kind of the INVALID value we are using here.
>
> But I think we might be adding unnecessary complexity by using the
> IPE_OP_INVLIAD enum here. Currently, we are using IPE_OP_MAX to
> represent the number of operations we have, and we have allocated
> an IPE_OP_MAX-sized array to store linked lists that link all rules
> for each operation. If we were to add IPE_OP_INVLIAD to the enum
> definition, then IPE_OP_MAX-1 would become the number of operations,
> and we would need to change the index used to access the linked list
> array.

Gotcha. Thanks for the explanation, that hadn't occurred to me while
I was reviewing the code.

Another option would be to create a macro to help reinforce that the
"max" value is being used as an "invalid" value, for example:

#define IPE_OP_INVALID IPE_OP_MAX

--
paul-moore.com

2023-04-11 20:33:51

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 03/16] ipe: add evaluation loop and introduce 'boot_verified' as a trust provider

On Mon, Apr 10, 2023 at 2:53 PM Fan Wu <[email protected]> wrote:
> On Thu, Mar 02, 2023 at 02:03:11PM -0500, Paul Moore wrote:
> > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > >
> > > From: Deven Bowers <[email protected]>
> > >
> > > IPE must have a centralized function to evaluate incoming callers
> > > against IPE's policy. This iteration of the policy against the rules
> > > for that specific caller is known as the evaluation loop.
> > >
> > > In addition, IPE is designed to provide system level trust guarantees,
> > > this usually implies that trust starts from bootup with a hardware root
> > > of trust, which validates the bootloader. After this, the bootloader
> > > verifies the kernel and the initramfs.
> > >
> > > As there's no currently supported integrity method for initramfs, and
> > > it's typically already verified by the bootloader, introduce a property
> > > that causes the first superblock to have an execution to be "pinned",
> > > which is typically initramfs.
> > >
> > > Signed-off-by: Deven Bowers <[email protected]>
> > > Signed-off-by: Fan Wu <[email protected]>
> >
> > ...
> >
> > > ---
> > > security/ipe/Makefile | 1 +
> > > security/ipe/eval.c | 180 +++++++++++++++++++++++++++++++++++
> > > security/ipe/eval.h | 28 ++++++
> > > security/ipe/hooks.c | 25 +++++
> > > security/ipe/hooks.h | 14 +++
> > > security/ipe/ipe.c | 1 +
> > > security/ipe/policy.c | 20 ++++
> > > security/ipe/policy.h | 3 +
> > > security/ipe/policy_parser.c | 8 +-
> > > 9 files changed, 279 insertions(+), 1 deletion(-)
> > > create mode 100644 security/ipe/eval.c
> > > create mode 100644 security/ipe/eval.h
> > > create mode 100644 security/ipe/hooks.c
> > > create mode 100644 security/ipe/hooks.h

...

> > > diff --git a/security/ipe/eval.c b/security/ipe/eval.c
> > > new file mode 100644
> > > index 000000000000..48b5104a3463
> > > --- /dev/null
> > > +++ b/security/ipe/eval.c
> > > @@ -0,0 +1,180 @@
> > > +// SPDX-License-Identifier: GPL-2.0
> > > +/*
> > > + * Copyright (C) Microsoft Corporation. All rights reserved.
> > > + */
> > > +
> > > +#include "ipe.h"
> > > +#include "eval.h"
> > > +#include "hooks.h"
> > > +#include "policy.h"
> > > +
> > > +#include <linux/fs.h>
> > > +#include <linux/types.h>
> > > +#include <linux/slab.h>
> > > +#include <linux/file.h>
> > > +#include <linux/sched.h>
> > > +#include <linux/rcupdate.h>
> > > +#include <linux/spinlock.h>
> > > +
> > > +struct ipe_policy __rcu *ipe_active_policy;
> > > +
> > > +static struct super_block *pinned_sb;
> > > +static DEFINE_SPINLOCK(pin_lock);
> > > +#define FILE_SUPERBLOCK(f) ((f)->f_path.mnt->mnt_sb)
> > > +
> > > +/**
> > > + * pin_sb - Pin the underlying superblock of @f, marking it as trusted.
> > > + * @f: Supplies a file structure to source the super_block from.
> > > + */
> > > +static void pin_sb(const struct file *f)
> > > +{
> > > + if (!f)
> > > + return;
> > > + spin_lock(&pin_lock);
> > > + if (pinned_sb)
> > > + goto out;
> > > + pinned_sb = FILE_SUPERBLOCK(f);
> > > +out:
> > > + spin_unlock(&pin_lock);
> > > +}
> >
> > Since you don't actually use @f, just the super_block, you might
> > consider passing the super_block as the parameter and not the
> > associated file.
> >
> > I'd probably also flip the if-then to avoid the 'goto', for example:
> >
> > static void pin_sb(const struct super_block *sb)
> > {
> > if (!sb)
> > return;
> > spin_lock(&pin_lock);
> > if (!pinned_sb)
> > pinned_sb = sb;
> > spin_unlock(&pin_lock);
> > }
> >
>
> Sure, I can change the code accordingly.
>
> > Also, do we need to worry about the initramfs' being unmounted and the
> > super_block going away?
>
> If initramfs is being unmounted, the boot_verified property will never be TRUE,
> which is an expected behavior. In an actual use case, we can leverage this
> property to only enable files in initramfs during the booting stage, and later switch
> to another policy without the boot_verified property after unmounting the initramfs.
> This approach helps keep the allowed set of files minimum at each stage.

I think I was worried about not catching when the fs was unmounted and
the superblock disappeared, but you've got a hook defined for that so
it should be okay. I'm not sure what I was thinking here, sorry for
the noise ...

Regardless of the source of my confusion, your policy/boot_verified
description all sounds good to me.

--
paul-moore.com

2023-04-11 22:01:36

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, Apr 10, 2023 at 3:10 PM Fan Wu <[email protected]> wrote:
> On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > >
> > > From: Deven Bowers <[email protected]>
> > >
> > > As is typical with LSMs, IPE uses securityfs as its interface with
> > > userspace. for a complete list of the interfaces and the respective
> > > inputs/outputs, please see the documentation under
> > > admin-guide/LSM/ipe.rst
> > >
> > > Signed-off-by: Deven Bowers <[email protected]>
> > > Signed-off-by: Fan Wu <[email protected]>
> >
> > ...
> >
> > > ---
> > > security/ipe/Makefile | 2 +
> > > security/ipe/fs.c | 101 +++++++++
> > > security/ipe/fs.h | 17 ++
> > > security/ipe/ipe.c | 3 +
> > > security/ipe/ipe.h | 2 +
> > > security/ipe/policy.c | 135 ++++++++++++
> > > security/ipe/policy.h | 7 +
> > > security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
> > > 8 files changed, 726 insertions(+)
> > > create mode 100644 security/ipe/fs.c
> > > create mode 100644 security/ipe/fs.h
> > > create mode 100644 security/ipe/policy_fs.c

...

> > > +/**
> > > + * ipe_update_policy - parse a new policy and replace @old with it.
> > > + * @addr: Supplies a pointer to the i_private for saving policy.
> > > + * @text: Supplies a pointer to the plain text policy.
> > > + * @textlen: Supplies the length of @text.
> > > + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> > > + * @pkcs7len: Supplies the length of @pkcs7len.
> > > + *
> > > + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> > > + * ipe_new_policy.
> > > + *
> > > + * Return:
> > > + * * !IS_ERR - OK
> > > + * * -ENOENT - Policy doesn't exist
> > > + * * -EINVAL - New policy is invalid
> > > + */
> > > +struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> > > + const char *text, size_t textlen,
> > > + const char *pkcs7, size_t pkcs7len)
> > > +{
> > > + int rc = 0;
> > > + struct ipe_policy *old, *new;
> > > +
> > > + old = ipe_get_policy_rcu(*addr);
> > > + if (!old) {
> > > + rc = -ENOENT;
> > > + goto err;
> > > + }
> > > +
> > > + new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> > > + if (IS_ERR(new)) {
> > > + rc = PTR_ERR(new);
> > > + goto err;
> > > + }
> > > +
> > > + if (strcmp(new->parsed->name, old->parsed->name)) {
> > > + rc = -EINVAL;
> > > + goto err;
> > > + }
> > > +
> > > + if (ver_to_u64(old) > ver_to_u64(new)) {
> > > + rc = -EINVAL;
> > > + goto err;
> > > + }
> > > +
> > > + if (ipe_is_policy_active(old)) {
> >
> > I don't understand the is-active check, you want to make @new the new
> > active policy regardless, right? Could this is-active check ever be
> > false?
>
> Actually this is needed. Policy updates can be applied to any deployed
> policy, which may be saved in two places: the securityfs file node
> and the ipe_active_policy pointer. To update a policy, this function first
> checks if the policy saved in the securityfs file node is currently active.
> If so, it updates the ipe_active_policy pointer to point to the new policy,
> and finally updates the policy pointer in the securityfs to the new policy.

Ah, okay. I must have forgotten, or not realized, that multiple
policies could be loaded and not active.

I guess this does make me wonder about keeping a non-active policy
loaded in the kernel, what purpose does that serve?

--
paul-moore.com

2023-04-11 23:11:05

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

On Thu, Mar 16, 2023 at 6:53 PM Fan Wu <[email protected]> wrote:
> On Thu, Mar 02, 2023 at 02:05:33PM -0500, Paul Moore wrote:
> > On Tue, Jan 31, 2023 at 12:11???PM Steve Grubb <[email protected]> wrote:
> > >
> > > Hello,
> > >
> > > On Monday, January 30, 2023 5:57:22 PM EST Fan Wu wrote:
> > > > From: Deven Bowers <[email protected]>
> > > >
> > > > Users of IPE require a way to identify when and why an operation fails,
> > > > allowing them to both respond to violations of policy and be notified
> > > > of potentially malicious actions on their systens with respect to IPE
> > > > itself.
> > > >
> > > > The new 1420 audit, AUDIT_IPE_ACCESS indicates the result of a policy
> > > > evaulation of a resource. The other two events, AUDIT_MAC_POLICY_LOAD,
> > > > and AUDIT_MAC_CONFIG_CHANGE represent a new policy was loaded into the
> > > > kernel and the currently active policy changed, respectively.
> > >
> > > Typically when you reuse an existing record type, it is expected to maintain
> > > the same fields in the same order. Also, it is expect that fields that are
> > > common across diferent records have the same meaning. To aid in this, we have
> > > a field dictionary here:
> > >
> > > https://github.com/linux-audit/audit-documentation/blob/main/specs/fields/
> > > field-dictionary.csv
> > >
> > > For example, dev is expected to be 2 hex numbers separated by a colon which
> > > are the device major and minor numbers. But down a couple lines from here, we
> > > find dev="tmpfs". But isn't that a filesystem type?
> >
> > What Steve said.
> >
> > I'll also add an administrative note, we just moved upstream Linux
> > audit development to a new mailing list, [email protected], please
> > use that in future patch submissions. As a positive, it's a fully
> > open list so you won't run into moderation delays/notifications/etc.
> >
> Thanks for the info, I will update the address.
>
> > > > This patch also adds support for success auditing, allowing users to
> > > > identify how a resource passed policy. It is recommended to use this
> > > > option with caution, as it is quite noisy.
> > > >
> > > > This patch adds the following audit records:
> > > >
> > > > audit: AUDIT1420 path="/tmp/tmpwxmam366/deny/bin/hello" dev="tmpfs"
> > > > ino=72 rule="DEFAULT op=EXECUTE action=DENY"
> > >
> > > Do we really need to log the whole rule?
> >
> > Fan, would it be reasonable to list the properties which caused the
> > access denial? That seems like it might be more helpful than the
> > specific rule, or am I missing something?
>
> Audit the whole rule can let the user find the reason of a policy decision.
> We need the whole rule because an allow/block is not caused by a specific
> property, but the combination of all property conditions in a rule.

Okay, that's a reasonable argument for logging the rule along with the
decision. I think it helps that the IPE policy rules are not
particularly long.

> We could also add a verbose switch such that we only audit
> the whole rule when a user turned the verbose switch on.

I'm not sure that's necessary, and honestly it might be annoying as we
would still need to output a 'rule="?"' field in the audit record as
it is considered good practice to not have fields magically appear and
disappear from the record format. However, if there are concerns
about record sizes, that could be a potential mitigation.

--
paul-moore.com

2023-04-11 23:42:33

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 07/16] uapi|audit|ipe: add ipe auditing support

On Thu, Mar 2, 2023 at 2:05 PM Paul Moore <[email protected]> wrote:
> On Tue, Jan 31, 2023 at 12:11 PM Steve Grubb <[email protected]> wrote:
> > On Monday, January 30, 2023 5:57:22 PM EST Fan Wu wrote:

...

> > > audit: MAC_POLICY_LOAD policy_name="dmverity_roothash"
> > > policy_version=0.0.0 sha256=DC67AC19E05894EFB3170A8E55DE529794E248C2
> > > auid=4294967295 ses=4294967295 lsm=ipe res=1
> >
> > The MAC_POLICY_LOAD record type simply states the lsm that had it's policy
> > loaded. There isn't name, version, and hash information. I'd prefer to see
> > all users of this record type decide if it should be extended because they
> > also have that information available to record.
>
> Not all LSMs which load policy have that information; as an example,
> SELinux doesn't have the concept of a policy name or version. The
> SELinux policy version you might see in the kernel sources refers to
> the policy format version and has no bearing on the actual policy
> content beyond that dictated by the format.
>
> If additional information is required by IPE, perhaps an auxiliary IPE
> policy load record could be created with those additional fields.

The issue of policy load audit records came up in an offline
discussion with Fan today and I think it's worth talking about this a
bit more to reach some consensus.

Currently only SELinux generates MAC_POLICY_LOAD records, and it
contains all of the information that is present in the IPE example
above with the exception of the 'policy_name', 'policy_version', and
the policy digest. I personally don't have a problem extending the
MAC_POLICY_LOAD record with these fields, and leaving them unused/"?"
in the SELinux generated records. It's possible we may even want to
use the policy digest field at some point, as it would be nice to be
able to have some policy "key" within SELinux that could be used to
help identify the loaded policy.

The only catch is that we may want to find a better field name than
just 'sha256', in the context of the MAC_POLICY_LOAD record it seems
easily understood, but in the larger context of a full audit stream it
might be too ambiguous. We would also need to decide if we wanted to
encode the digest algorithm in the field name, the field value, or
have it as a separate field. I might lean towards encoding it in the
field value like this:

policy_digest=sha256:XXXXX

... however that is something that would need some discussion from the
other folks on the To/CC line.

--
paul-moore.com

2023-04-12 23:37:07

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > > >
> > > > From: Deven Bowers <[email protected]>
> > > >
> > > > As is typical with LSMs, IPE uses securityfs as its interface with
> > > > userspace. for a complete list of the interfaces and the respective
> > > > inputs/outputs, please see the documentation under
> > > > admin-guide/LSM/ipe.rst
> > > >
> > > > Signed-off-by: Deven Bowers <[email protected]>
> > > > Signed-off-by: Fan Wu <[email protected]>
> > >
> > > ...
> > >
> > > > ---
> > > > security/ipe/Makefile | 2 +
> > > > security/ipe/fs.c | 101 +++++++++
> > > > security/ipe/fs.h | 17 ++
> > > > security/ipe/ipe.c | 3 +
> > > > security/ipe/ipe.h | 2 +
> > > > security/ipe/policy.c | 135 ++++++++++++
> > > > security/ipe/policy.h | 7 +
> > > > security/ipe/policy_fs.c | 459 +++++++++++++++++++++++++++++++++++++++
> > > > 8 files changed, 726 insertions(+)
> > > > create mode 100644 security/ipe/fs.c
> > > > create mode 100644 security/ipe/fs.h
> > > > create mode 100644 security/ipe/policy_fs.c
>
> ...
>
> > > > +/**
> > > > + * ipe_update_policy - parse a new policy and replace @old with it.
> > > > + * @addr: Supplies a pointer to the i_private for saving policy.
> > > > + * @text: Supplies a pointer to the plain text policy.
> > > > + * @textlen: Supplies the length of @text.
> > > > + * @pkcs7: Supplies a pointer to a buffer containing a pkcs7 message.
> > > > + * @pkcs7len: Supplies the length of @pkcs7len.
> > > > + *
> > > > + * @text/@textlen is mutually exclusive with @pkcs7/@pkcs7len - see
> > > > + * ipe_new_policy.
> > > > + *
> > > > + * Return:
> > > > + * * !IS_ERR - OK
> > > > + * * -ENOENT - Policy doesn't exist
> > > > + * * -EINVAL - New policy is invalid
> > > > + */
> > > > +struct ipe_policy *ipe_update_policy(struct ipe_policy __rcu **addr,
> > > > + const char *text, size_t textlen,
> > > > + const char *pkcs7, size_t pkcs7len)
> > > > +{
> > > > + int rc = 0;
> > > > + struct ipe_policy *old, *new;
> > > > +
> > > > + old = ipe_get_policy_rcu(*addr);
> > > > + if (!old) {
> > > > + rc = -ENOENT;
> > > > + goto err;
> > > > + }
> > > > +
> > > > + new = ipe_new_policy(text, textlen, pkcs7, pkcs7len);
> > > > + if (IS_ERR(new)) {
> > > > + rc = PTR_ERR(new);
> > > > + goto err;
> > > > + }
> > > > +
> > > > + if (strcmp(new->parsed->name, old->parsed->name)) {
> > > > + rc = -EINVAL;
> > > > + goto err;
> > > > + }
> > > > +
> > > > + if (ver_to_u64(old) > ver_to_u64(new)) {
> > > > + rc = -EINVAL;
> > > > + goto err;
> > > > + }
> > > > +
> > > > + if (ipe_is_policy_active(old)) {
> > >
> > > I don't understand the is-active check, you want to make @new the new
> > > active policy regardless, right? Could this is-active check ever be
> > > false?
> >
> > Actually this is needed. Policy updates can be applied to any deployed
> > policy, which may be saved in two places: the securityfs file node
> > and the ipe_active_policy pointer. To update a policy, this function first
> > checks if the policy saved in the securityfs file node is currently active.
> > If so, it updates the ipe_active_policy pointer to point to the new policy,
> > and finally updates the policy pointer in the securityfs to the new policy.
>
> Ah, okay. I must have forgotten, or not realized, that multiple
> policies could be loaded and not active.
>
> I guess this does make me wonder about keeping a non-active policy
> loaded in the kernel, what purpose does that serve?
>

The non-active policy doesn't serve anything unless it is activated. User can
even delete a policy if that is no longer needed. Non-active is just the default
state when a new policy is loaded.

If IPE supports namespace, there is another use case where different containers
can select different policies as the active policy from among multiple loaded
policies. Deven has presented a demo of this during LSS 2021. But this goes
beyond the scope of this version.

-Fan

> --
> paul-moore.com

2023-04-13 18:46:38

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Wed, Apr 12, 2023 at 7:36 PM Fan Wu <[email protected]> wrote:
> On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> > On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:

...

> > I guess this does make me wonder about keeping a non-active policy
> > loaded in the kernel, what purpose does that serve?
> >
>
> The non-active policy doesn't serve anything unless it is activated. User can
> even delete a policy if that is no longer needed. Non-active is just the default
> state when a new policy is loaded.
>
> If IPE supports namespace, there is another use case where different containers
> can select different policies as the active policy from among multiple loaded
> policies. Deven has presented a demo of this during LSS 2021. But this goes
> beyond the scope of this version.

Do you plan to add namespace support at some point in the
not-too-distant future? If so, I'm okay with keeping support for
multiple policies, but if you think you're only going to support one
active policy at a time, it might be better to remove support for
multiple (inactive) policies.

--
paul-moore.com

2023-04-17 18:10:09

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Thu, Apr 13, 2023 at 02:45:07PM -0400, Paul Moore wrote:
> On Wed, Apr 12, 2023 at 7:36???PM Fan Wu <[email protected]> wrote:
> > On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> > > On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > > > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
>
> ...
>
> > > I guess this does make me wonder about keeping a non-active policy
> > > loaded in the kernel, what purpose does that serve?
> > >
> >
> > The non-active policy doesn't serve anything unless it is activated. User can
> > even delete a policy if that is no longer needed. Non-active is just the default
> > state when a new policy is loaded.
> >
> > If IPE supports namespace, there is another use case where different containers
> > can select different policies as the active policy from among multiple loaded
> > policies. Deven has presented a demo of this during LSS 2021. But this goes
> > beyond the scope of this version.
>
> Do you plan to add namespace support at some point in the
> not-too-distant future? If so, I'm okay with keeping support for
> multiple policies, but if you think you're only going to support one
> active policy at a time, it might be better to remove support for
> multiple (inactive) policies.
>
> --
> paul-moore.com

Another benefit of having multiple policies is that it provides isolation
between different policies. For instance, if we have two policies named
"policy_a" and "policy_b," we can ensure that only team a can update "policy_a,"
and only team b can update "policy_b." This way, both teams can update
their policy without affecting others. However, if there is only one policy
in the system, both teams will have to operate on the same policy, making it
less manageable.

Besides, removing multiple (inactive) policies support will
render the policy_name field meaningless, and we should only audit the policy
hash. I am fine if we decide to go for the single policy option.

-Fan

2023-04-17 20:17:21

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, Apr 17, 2023 at 2:06 PM Fan Wu <[email protected]> wrote:
> On Thu, Apr 13, 2023 at 02:45:07PM -0400, Paul Moore wrote:
> > On Wed, Apr 12, 2023 at 7:36???PM Fan Wu <[email protected]> wrote:
> > > On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> > > > On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > > > > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > > > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> >
> > ...
> >
> > > > I guess this does make me wonder about keeping a non-active policy
> > > > loaded in the kernel, what purpose does that serve?
> > > >
> > >
> > > The non-active policy doesn't serve anything unless it is activated. User can
> > > even delete a policy if that is no longer needed. Non-active is just the default
> > > state when a new policy is loaded.
> > >
> > > If IPE supports namespace, there is another use case where different containers
> > > can select different policies as the active policy from among multiple loaded
> > > policies. Deven has presented a demo of this during LSS 2021. But this goes
> > > beyond the scope of this version.
> >
> > Do you plan to add namespace support at some point in the
> > not-too-distant future? If so, I'm okay with keeping support for
> > multiple policies, but if you think you're only going to support one
> > active policy at a time, it might be better to remove support for
> > multiple (inactive) policies.
> >
> > --
> > paul-moore.com
>
> Another benefit of having multiple policies is that it provides isolation
> between different policies. For instance, if we have two policies named
> "policy_a" and "policy_b," we can ensure that only team a can update "policy_a,"
> and only team b can update "policy_b." This way, both teams can update
> their policy without affecting others. However, if there is only one policy
> in the system, both teams will have to operate on the same policy, making it
> less manageable.

That only really matters if both policies are active at the same time;
if only one policy can be active at one point in time the only
permission that matters is the one who can load/activate a policy.

Allowing for multiple policies complicates the code. If there is
another feature that requires multiple policies, e.g. IPE namespaces,
then that is okay. However, if there is no feature which requires
multiple active policies, supporting multiple loaded policies only
increases the risk of an exploitable bug in the IPE code.

> Besides, removing multiple (inactive) policies support will
> render the policy_name field meaningless, and we should only audit the policy
> hash. I am fine if we decide to go for the single policy option.

Once again, I think it comes back to: do you still want to support IPE
namespaces at some point in the future, and if so, when do you expect
to work on that?

--
paul-moore.com

2023-04-17 21:32:05

by Fan Wu

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, Apr 17, 2023 at 04:16:29PM -0400, Paul Moore wrote:
> On Mon, Apr 17, 2023 at 2:06???PM Fan Wu <[email protected]> wrote:
> > On Thu, Apr 13, 2023 at 02:45:07PM -0400, Paul Moore wrote:
> > > On Wed, Apr 12, 2023 at 7:36???PM Fan Wu <[email protected]> wrote:
> > > > On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> > > > > On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > > > > > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > > > > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > >
> > > ...
> > >
> > > > > I guess this does make me wonder about keeping a non-active policy
> > > > > loaded in the kernel, what purpose does that serve?
> > > > >
> > > >
> > > > The non-active policy doesn't serve anything unless it is activated. User can
> > > > even delete a policy if that is no longer needed. Non-active is just the default
> > > > state when a new policy is loaded.
> > > >
> > > > If IPE supports namespace, there is another use case where different containers
> > > > can select different policies as the active policy from among multiple loaded
> > > > policies. Deven has presented a demo of this during LSS 2021. But this goes
> > > > beyond the scope of this version.
> > >
> > > Do you plan to add namespace support at some point in the
> > > not-too-distant future? If so, I'm okay with keeping support for
> > > multiple policies, but if you think you're only going to support one
> > > active policy at a time, it might be better to remove support for
> > > multiple (inactive) policies.
> > >
> > > --
> > > paul-moore.com
> >
> > Another benefit of having multiple policies is that it provides isolation
> > between different policies. For instance, if we have two policies named
> > "policy_a" and "policy_b," we can ensure that only team a can update "policy_a,"
> > and only team b can update "policy_b." This way, both teams can update
> > their policy without affecting others. However, if there is only one policy
> > in the system, both teams will have to operate on the same policy, making it
> > less manageable.
>
> That only really matters if both policies are active at the same time;
> if only one policy can be active at one point in time the only
> permission that matters is the one who can load/activate a policy.
>
> Allowing for multiple policies complicates the code. If there is
> another feature that requires multiple policies, e.g. IPE namespaces,
> then that is okay. However, if there is no feature which requires
> multiple active policies, supporting multiple loaded policies only
> increases the risk of an exploitable bug in the IPE code.
>
> > Besides, removing multiple (inactive) policies support will
> > render the policy_name field meaningless, and we should only audit the policy
> > hash. I am fine if we decide to go for the single policy option.
>
> Once again, I think it comes back to: do you still want to support IPE
> namespaces at some point in the future, and if so, when do you expect
> to work on that?
>

Yes, absolutely! We definitely have plans to support namespaces in the future.
However, it's worth mentioning that there are other tasks that we may need
to prioritize due to their relatively lower complexity. For example, before
we can fully implement namespaces, we need to address some other important
aspects of the system, such as adding a policy language for integrity
enforcement on configuration files and defining trusted certificates
that can sign the root hash. Therefore, the timeline for implementing
namespaces will depend on the completion time of these tasks.

I understand your concerns, and we can proceed with a single policy design
for the initial version.

-Fan

2023-04-17 21:41:04

by Paul Moore

[permalink] [raw]
Subject: Re: [RFC PATCH v9 05/16] ipe: add userspace interface

On Mon, Apr 17, 2023 at 5:18 PM Fan Wu <[email protected]> wrote:
> On Mon, Apr 17, 2023 at 04:16:29PM -0400, Paul Moore wrote:
> > On Mon, Apr 17, 2023 at 2:06???PM Fan Wu <[email protected]> wrote:
> > > On Thu, Apr 13, 2023 at 02:45:07PM -0400, Paul Moore wrote:
> > > > On Wed, Apr 12, 2023 at 7:36???PM Fan Wu <[email protected]> wrote:
> > > > > On Tue, Apr 11, 2023 at 05:45:41PM -0400, Paul Moore wrote:
> > > > > > On Mon, Apr 10, 2023 at 3:10???PM Fan Wu <[email protected]> wrote:
> > > > > > > On Thu, Mar 02, 2023 at 02:04:42PM -0500, Paul Moore wrote:
> > > > > > > > On Mon, Jan 30, 2023 at 5:58???PM Fan Wu <[email protected]> wrote:
> > > >
> > > > ...
> > > >
> > > > > > I guess this does make me wonder about keeping a non-active policy
> > > > > > loaded in the kernel, what purpose does that serve?
> > > > > >
> > > > >
> > > > > The non-active policy doesn't serve anything unless it is activated. User can
> > > > > even delete a policy if that is no longer needed. Non-active is just the default
> > > > > state when a new policy is loaded.
> > > > >
> > > > > If IPE supports namespace, there is another use case where different containers
> > > > > can select different policies as the active policy from among multiple loaded
> > > > > policies. Deven has presented a demo of this during LSS 2021. But this goes
> > > > > beyond the scope of this version.
> > > >
> > > > Do you plan to add namespace support at some point in the
> > > > not-too-distant future? If so, I'm okay with keeping support for
> > > > multiple policies, but if you think you're only going to support one
> > > > active policy at a time, it might be better to remove support for
> > > > multiple (inactive) policies.
> > > >
> > > > --
> > > > paul-moore.com
> > >
> > > Another benefit of having multiple policies is that it provides isolation
> > > between different policies. For instance, if we have two policies named
> > > "policy_a" and "policy_b," we can ensure that only team a can update "policy_a,"
> > > and only team b can update "policy_b." This way, both teams can update
> > > their policy without affecting others. However, if there is only one policy
> > > in the system, both teams will have to operate on the same policy, making it
> > > less manageable.
> >
> > That only really matters if both policies are active at the same time;
> > if only one policy can be active at one point in time the only
> > permission that matters is the one who can load/activate a policy.
> >
> > Allowing for multiple policies complicates the code. If there is
> > another feature that requires multiple policies, e.g. IPE namespaces,
> > then that is okay. However, if there is no feature which requires
> > multiple active policies, supporting multiple loaded policies only
> > increases the risk of an exploitable bug in the IPE code.
> >
> > > Besides, removing multiple (inactive) policies support will
> > > render the policy_name field meaningless, and we should only audit the policy
> > > hash. I am fine if we decide to go for the single policy option.
> >
> > Once again, I think it comes back to: do you still want to support IPE
> > namespaces at some point in the future, and if so, when do you expect
> > to work on that?
>
> Yes, absolutely! We definitely have plans to support namespaces in the future.
> However, it's worth mentioning that there are other tasks that we may need
> to prioritize due to their relatively lower complexity. For example, before
> we can fully implement namespaces, we need to address some other important
> aspects of the system, such as adding a policy language for integrity
> enforcement on configuration files and defining trusted certificates
> that can sign the root hash. Therefore, the timeline for implementing
> namespaces will depend on the completion time of these tasks.
>
> I understand your concerns, and we can proceed with a single policy design
> for the initial version.

I think it's okay to stick with the multi-policy code for the initial
submission, you've got the code now, and it's tested. I just wanted
to make sure there were plans to make use of it at some point, if not
we might as well drop it now. However, it sounds like you've got a
plan to utilize the multi-policy support so that's fine with me.

--
paul-moore.com