Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp4198379yba; Tue, 23 Apr 2019 17:18:34 -0700 (PDT) X-Google-Smtp-Source: APXvYqzKtPk+4pfa+SmOgjOSJGW7PRRzKAzQM3820vL+/ypY5C8MtdA4M7mXyYMCvce0WLWsTKfe X-Received: by 2002:aa7:9089:: with SMTP id i9mr29909266pfa.115.1556065114615; Tue, 23 Apr 2019 17:18:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556065114; cv=none; d=google.com; s=arc-20160816; b=La17B6Ov1zeijvgW7RnJ9R6BQshRPUNSvcerg7gx/kfd9T2LMOakqTP+RaEAG76KCa dxW9aWpeeaHOnAqqFjRtF4jbRnYexsDoomunh6CNmC8OYhmjFjZbfIzBvQd2RYQ8zFlI KAWEi2fNyncc9Rf4SPcIfXD8uEBsuOEavWXE0dwBJky4GGax85I1YHUOUz+au7vTXh01 Cfb9eri44M1Bb6b+ry5hHkcDW35jdlsYNjbye9pASzIxt3jgyISUy7IEycx8xJlGWePo 4johPmAd3w3J8HxK0uKbtrEXygjVDTowMXcgK8URf6JPX5jYc2PDJSQXJ1vHwt1B3KX1 8BGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=h9bNhb/vyVI8CKaP4voIFfDYS/TIEFClb5DV8TzqYBo=; b=YDhFI5ZT89ug5gva9CYZOdUPUFDq4AotLeS1UWJgjipn6lbLmSCZpatmExumdI4V1q uamXx0NOEdAAhJw0F7cnOxWs4oDsQd+AHavnW2/QbXfLUUHxFRJtLKeHBmgF/kM1z9Fh P4gQ9LMNVjP+X8rv3jVxjx9AefSbFS1y35FNjTXt8eWZCVb+hJDiPpOZBy3fw4lhkCWu SaT3dP6i4VsdhaoZtblXaXclFc8MfZD76stax72kM0jKz3WpegTPk+Nzr7GhWJ2883Ti GzfpyEbly9iEnNGgLf249BZ7E0coR/UzMb4k1hJ4KqxM5h5tH7atYLyyDK4KZUkH2csw lgDw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=NyxVWfA6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5si17060975plk.328.2019.04.23.17.18.15; Tue, 23 Apr 2019 17:18:34 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=NyxVWfA6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728962AbfDXAP6 (ORCPT + 99 others); Tue, 23 Apr 2019 20:15:58 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:39005 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728933AbfDXAPz (ORCPT ); Tue, 23 Apr 2019 20:15:55 -0400 Received: by mail-pf1-f194.google.com with SMTP id i17so8314088pfo.6; Tue, 23 Apr 2019 17:15:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=h9bNhb/vyVI8CKaP4voIFfDYS/TIEFClb5DV8TzqYBo=; b=NyxVWfA6b3lwfqX0Bt2LiGHyJgN7my9cHOcHQ+EswGBahIzm3rWa4Dc6YqEq4YFTOH WgSkqBAKF2MToU3LdMAZXok9TiXu777a/uYSwE2g4eSPtkQ4p6680kaOjwvtnFmhzRq2 wSxenJJpIoz3ejvm7rz1txhnIJauG0N2lo0LtGQGakRFZ5qeq+V+X7v9icD4MMC0leBq usyiNJ4c40lkQsVdeVTGYRWgxGw/n4r4Ix0+le0eaSWNxjRc9kJh5shy1XuD9He3JE2P 45mLmfUGBa0xorKpc0p+/+iW+gRCHjU25ojQjOSnjX02l1MRYVcRgQbbHCYf98jSnyb3 Y+ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=h9bNhb/vyVI8CKaP4voIFfDYS/TIEFClb5DV8TzqYBo=; b=MDrISQruprB7WhyY7VNI3nOn3NvVRZkHDQ36MZlHMFGimsRdr+FhFlnqmcdtJWJL2H MQjGL8l6Gf+V0CnX15QIJ5NtPiVVIcvRkcRRyqa8JIcgLDv510p3keoVJMiiYV4l+d4S aPgEgUJyhgfTGw+CnkR9jnTiHF2eX0VMj4/mz8i7k/IzxuAZtrxHT2/nlII/4mcJ9fgJ r/WKXtWxdgQgHo90pHo0zbD58+8PUZlKjxWW6aygwTwsr6TyYq3mEyub0BLHvKYkVmNi tIc1dKexbEUzMV53nW/iAp0lsBbnCvkHOnmK1pfv6J8NHxeIAjGL01uWs7TkQBGjOMC8 bVSg== X-Gm-Message-State: APjAAAUABdA7rIond7ptqQF4SIoZImkmE1LfNatHPEIou5pkQTrqEU5+ yAXozGyrQ0i+qxSOEXEwp9WT0NNo1Os= X-Received: by 2002:a63:575e:: with SMTP id h30mr27650448pgm.54.1556064954844; Tue, 23 Apr 2019 17:15:54 -0700 (PDT) Received: from prsriva-linux.corp.microsoft.com ([2001:4898:80e8:1:d4f:4d24:45fa:d461]) by smtp.gmail.com with ESMTPSA id n21sm58955712pfb.42.2019.04.23.17.15.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 23 Apr 2019 17:15:53 -0700 (PDT) From: Prakhar Srivastava X-Google-Original-From: Prakhar Srivastava To: linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, inux-security-module@vger.kernel.org Cc: zohar@linux.ibm.com, ebiederm@xmission.com, vgoyal@redhat.com, Prakhar Srivastava , Prakhar Srivastava Subject: [PATCH v2 4/5 RFC] added a buffer_check LSM hook Date: Tue, 23 Apr 2019 17:15:43 -0700 Message-Id: <20190424001544.7188-4-prsriva02@gmail.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190424001544.7188-1-prsriva02@gmail.com> References: <20190424001544.7188-1-prsriva02@gmail.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Prakhar Srivastava Signed-off-by: Prakhar Srivastava --- Currently for soft reboot(kexec_file_load) the kernel file and signature is measured by IMA. The cmdline args used to load the kernel is not measured. The boot aggregate that gets calculated will have no change since the EFI loader has not been triggered. Adding the kexec cmdline args measure and kernel version will add some attestable criteria. This patch adds a LSM hook for buffer_check Suggested by Mimi Zohar include/linux/lsm_hooks.h | 3 +++ include/linux/security.h | 5 +++++ security/security.c | 7 +++++++ 3 files changed, 15 insertions(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 080f34e66017..854bf3cac716 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1568,6 +1568,8 @@ union security_list_options { int (*inode_setsecctx)(struct dentry *dentry, void *ctx, u32 ctxlen); int (*inode_getsecctx)(struct inode *inode, void **ctx, u32 *ctxlen); + int (*buffer_check)(const void *buff, int size, const char *eventname); + #ifdef CONFIG_SECURITY_NETWORK int (*unix_stream_connect)(struct sock *sock, struct sock *other, struct sock *newsk); @@ -1813,6 +1815,7 @@ struct security_hook_heads { struct list_head inode_notifysecctx; struct list_head inode_setsecctx; struct list_head inode_getsecctx; + struct list_head buffer_check; #ifdef CONFIG_SECURITY_NETWORK struct list_head unix_stream_connect; struct list_head unix_may_send; diff --git a/include/linux/security.h b/include/linux/security.h index af675b576645..cbba0e119234 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -377,6 +377,8 @@ void security_inode_invalidate_secctx(struct inode *inode); int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); + +void security_buffer_measure(const void *buff, int size, char *eventname); #else /* CONFIG_SECURITY */ struct security_mnt_opts { }; @@ -776,6 +778,9 @@ static inline void security_inode_getsecid(struct inode *inode, u32 *secid) *secid = 0; } +static inline void security_buffer_measure(const void *buff, int size, char *eventname) +{ } + static inline int security_inode_copy_up(struct dentry *src, struct cred **new) { return 0; diff --git a/security/security.c b/security/security.c index 38316bb28b16..a0dfdb015412 100644 --- a/security/security.c +++ b/security/security.c @@ -320,6 +320,13 @@ int security_bprm_check(struct linux_binprm *bprm) return ima_bprm_check(bprm); } +void security_buffer_measure(const void *buff, int size, char *eventname) +{ + call_void_hook(buffer_check, buff, size, eventname); + return ima_buffer_check(buff, size, eventname); +} + + void security_bprm_committing_creds(struct linux_binprm *bprm) { call_void_hook(bprm_committing_creds, bprm); -- 2.17.1