Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/security/integrity/evm/evm_secfs.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Copyright (C) 2010 IBM Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Authors:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  * Mimi Zohar <zohar@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * File: evm_secfs.c
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  *	- Used to signal when key is on keyring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  *	- Get the key and enable EVM
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <linux/audit.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <linux/uaccess.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #include <linux/mutex.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #include "evm.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) static struct dentry *evm_dir;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) static struct dentry *evm_init_tpm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) static struct dentry *evm_symlink;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) #ifdef CONFIG_EVM_ADD_XATTRS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) static struct dentry *evm_xattrs;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) static DEFINE_MUTEX(xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) static int evm_xattrs_locked;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30)  * evm_read_key - read() for <securityfs>/evm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32)  * @filp: file pointer, not actually used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33)  * @buf: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34)  * @count: maximum to send along
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35)  * @ppos: where to start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37)  * Returns number of bytes read or error code, as appropriate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) static ssize_t evm_read_key(struct file *filp, char __user *buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 			    size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	char temp[80];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	ssize_t rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 	if (*ppos != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 	sprintf(temp, "%d", (evm_initialized & ~EVM_SETUP_COMPLETE));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55)  * evm_write_key - write() for <securityfs>/evm
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56)  * @file: file pointer, not actually used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57)  * @buf: where to get the data from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58)  * @count: bytes sent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59)  * @ppos: where to start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61)  * Used to signal that key is on the kernel key ring.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62)  * - get the integrity hmac key from the kernel key ring
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63)  * - create list of hmac protected extended attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64)  * Returns number of bytes written or error code, as appropriate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) static ssize_t evm_write_key(struct file *file, const char __user *buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 			     size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 	unsigned int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	if (!capable(CAP_SYS_ADMIN) || (evm_initialized & EVM_SETUP_COMPLETE))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 		return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	ret = kstrtouint_from_user(buf, count, 0, &i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 		return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 	/* Reject invalid values */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	if (!i || (i & ~EVM_INIT_MASK) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	 * Don't allow a request to enable metadata writes if
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	 * an HMAC key is loaded.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	if ((i & EVM_ALLOW_METADATA_WRITES) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	    (evm_initialized & EVM_INIT_HMAC) != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 		return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 	if (i & EVM_INIT_HMAC) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 		ret = evm_init_key();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 		if (ret != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 			return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 		/* Forbid further writes after the symmetric key is loaded */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 		i |= EVM_SETUP_COMPLETE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	evm_initialized |= i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	/* Don't allow protected metadata modification if a symmetric key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 	 * is loaded
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	if (evm_initialized & EVM_INIT_HMAC)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 		evm_initialized &= ~(EVM_ALLOW_METADATA_WRITES);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	return count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) static const struct file_operations evm_key_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 	.read		= evm_read_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	.write		= evm_write_key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) #ifdef CONFIG_EVM_ADD_XATTRS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118)  * evm_read_xattrs - read() for <securityfs>/evm_xattrs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120)  * @filp: file pointer, not actually used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121)  * @buf: where to put the result
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122)  * @count: maximum to send along
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123)  * @ppos: where to start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125)  * Returns number of bytes read or error code, as appropriate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) static ssize_t evm_read_xattrs(struct file *filp, char __user *buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 			       size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 	char *temp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 	int offset = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	ssize_t rc, size = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 	struct xattr_list *xattr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 	if (*ppos != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 	rc = mutex_lock_interruptible(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 	if (rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 		return -ERESTARTSYS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 	list_for_each_entry(xattr, &evm_config_xattrnames, list)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 		size += strlen(xattr->name) + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	temp = kmalloc(size + 1, GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 	if (!temp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 		mutex_unlock(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 	list_for_each_entry(xattr, &evm_config_xattrnames, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 		sprintf(temp + offset, "%s\n", xattr->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 		offset += strlen(xattr->name) + 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	mutex_unlock(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 	rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 	kfree(temp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165)  * evm_write_xattrs - write() for <securityfs>/evm_xattrs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)  * @file: file pointer, not actually used
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167)  * @buf: where to get the data from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)  * @count: bytes sent
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169)  * @ppos: where to start
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171)  * Returns number of bytes written or error code, as appropriate
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) static ssize_t evm_write_xattrs(struct file *file, const char __user *buf,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 				size_t count, loff_t *ppos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 	int len, err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 	struct xattr_list *xattr, *tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 	struct audit_buffer *ab;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 	struct iattr newattrs;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 	struct inode *inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	if (!capable(CAP_SYS_ADMIN) || evm_xattrs_locked)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 		return -EPERM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 	if (*ppos != 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 	if (count > XATTR_NAME_MAX)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 		return -E2BIG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	ab = audit_log_start(audit_context(), GFP_KERNEL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 			     AUDIT_INTEGRITY_EVM_XATTR);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) 	if (!ab)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 		return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 	xattr = kmalloc(sizeof(struct xattr_list), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 	if (!xattr) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 		err = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 	xattr->name = memdup_user_nul(buf, count);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 	if (IS_ERR(xattr->name)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 		err = PTR_ERR(xattr->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 		xattr->name = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 	/* Remove any trailing newline */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) 	len = strlen(xattr->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) 	if (len && xattr->name[len-1] == '\n')
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 		xattr->name[len-1] = '\0';
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) 	audit_log_format(ab, "xattr=");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 	audit_log_untrustedstring(ab, xattr->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 	if (strcmp(xattr->name, ".") == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 		evm_xattrs_locked = 1;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 		newattrs.ia_mode = S_IFREG | 0440;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 		newattrs.ia_valid = ATTR_MODE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 		inode = evm_xattrs->d_inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 		inode_lock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 		err = simple_setattr(evm_xattrs, &newattrs);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 		inode_unlock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 		if (!err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) 			err = count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 	if (strncmp(xattr->name, XATTR_SECURITY_PREFIX,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 		    XATTR_SECURITY_PREFIX_LEN) != 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 		err = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 	 * xattr_list_mutex guards against races in evm_read_xattrs().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	 * Entries are only added to the evm_config_xattrnames list
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 	 * and never deleted. Therefore, the list is traversed
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	 * using list_for_each_entry_lockless() without holding
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	 * the mutex in evm_calc_hmac_or_hash(), evm_find_protected_xattrs()
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	 * and evm_protected_xattr().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 	mutex_lock(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 	list_for_each_entry(tmp, &evm_config_xattrnames, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 		if (strcmp(xattr->name, tmp->name) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 			err = -EEXIST;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 			mutex_unlock(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 			goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 	list_add_tail_rcu(&xattr->list, &evm_config_xattrnames);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 	mutex_unlock(&xattr_list_mutex);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 	audit_log_format(ab, " res=0");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 	audit_log_end(ab);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 	return count;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) 	audit_log_format(ab, " res=%d", err);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) 	audit_log_end(ab);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) 	if (xattr) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 		kfree(xattr->name);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) 		kfree(xattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) static const struct file_operations evm_xattr_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) 	.read		= evm_read_xattrs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) 	.write		= evm_write_xattrs,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) static int evm_init_xattrs(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 	evm_xattrs = securityfs_create_file("evm_xattrs", 0660, evm_dir, NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) 					    &evm_xattr_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) 	if (!evm_xattrs || IS_ERR(evm_xattrs))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) 		return -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) static int evm_init_xattrs(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) int __init evm_init_secfs(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) 	int error = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) 	evm_dir = securityfs_create_dir("evm", integrity_dir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) 	if (!evm_dir || IS_ERR(evm_dir))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) 		return -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) 	evm_init_tpm = securityfs_create_file("evm", 0660,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 					      evm_dir, NULL, &evm_key_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) 	if (!evm_init_tpm || IS_ERR(evm_init_tpm)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) 		error = -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) 	evm_symlink = securityfs_create_symlink("evm", NULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) 						"integrity/evm/evm", NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) 	if (!evm_symlink || IS_ERR(evm_symlink)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) 		error = -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) 	if (evm_init_xattrs() != 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) 		error = -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) 	securityfs_remove(evm_symlink);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) 	securityfs_remove(evm_init_tpm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) 	securityfs_remove(evm_dir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) 	return error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.