forked from mirrors/linux
cdef685be5
If files with portable signatures are copied from one location to another or are extracted from an archive, verification can temporarily fail until all xattrs/attrs are set in the destination. Only portable signatures may be moved or copied from one file to another, as they don't depend on system-specific information such as the inode generation. Instead portable signatures must include security.ima. Unlike other security.evm types, EVM portable signatures are also immutable. Thus, it wouldn't be a problem to allow xattr/attr operations when verification fails, as portable signatures will never be replaced with the HMAC on possibly corrupted xattrs/attrs. This patch first introduces a new integrity status called INTEGRITY_FAIL_IMMUTABLE, that allows callers of evm_verify_current_integrity() to detect that a portable signature didn't pass verification and then adds an exception in evm_protect_xattr() and evm_inode_setattr() for this status and returns 0 instead of -EPERM. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
58 lines
1.2 KiB
C
58 lines
1.2 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* Copyright (C) 2009 IBM Corporation
|
|
* Author: Mimi Zohar <zohar@us.ibm.com>
|
|
*/
|
|
|
|
#ifndef _LINUX_INTEGRITY_H
|
|
#define _LINUX_INTEGRITY_H
|
|
|
|
#include <linux/fs.h>
|
|
|
|
enum integrity_status {
|
|
INTEGRITY_PASS = 0,
|
|
INTEGRITY_PASS_IMMUTABLE,
|
|
INTEGRITY_FAIL,
|
|
INTEGRITY_FAIL_IMMUTABLE,
|
|
INTEGRITY_NOLABEL,
|
|
INTEGRITY_NOXATTRS,
|
|
INTEGRITY_UNKNOWN,
|
|
};
|
|
|
|
/* List of EVM protected security xattrs */
|
|
#ifdef CONFIG_INTEGRITY
|
|
extern struct integrity_iint_cache *integrity_inode_get(struct inode *inode);
|
|
extern void integrity_inode_free(struct inode *inode);
|
|
extern void __init integrity_load_keys(void);
|
|
|
|
#else
|
|
static inline struct integrity_iint_cache *
|
|
integrity_inode_get(struct inode *inode)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
static inline void integrity_inode_free(struct inode *inode)
|
|
{
|
|
return;
|
|
}
|
|
|
|
static inline void integrity_load_keys(void)
|
|
{
|
|
}
|
|
#endif /* CONFIG_INTEGRITY */
|
|
|
|
#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
|
|
|
|
extern int integrity_kernel_module_request(char *kmod_name);
|
|
|
|
#else
|
|
|
|
static inline int integrity_kernel_module_request(char *kmod_name)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
#endif /* CONFIG_INTEGRITY_ASYMMETRIC_KEYS */
|
|
|
|
#endif /* _LINUX_INTEGRITY_H */
|