13323eec9SMimi Zohar /* 23323eec9SMimi Zohar * Copyright (C) 2005,2006,2007,2008 IBM Corporation 33323eec9SMimi Zohar * 43323eec9SMimi Zohar * Authors: 53323eec9SMimi Zohar * Reiner Sailer <sailer@watson.ibm.com> 63323eec9SMimi Zohar * Mimi Zohar <zohar@us.ibm.com> 73323eec9SMimi Zohar * 83323eec9SMimi Zohar * This program is free software; you can redistribute it and/or 93323eec9SMimi Zohar * modify it under the terms of the GNU General Public License as 103323eec9SMimi Zohar * published by the Free Software Foundation, version 2 of the 113323eec9SMimi Zohar * License. 123323eec9SMimi Zohar * 133323eec9SMimi Zohar * File: ima.h 143323eec9SMimi Zohar * internal Integrity Measurement Architecture (IMA) definitions 153323eec9SMimi Zohar */ 163323eec9SMimi Zohar 173323eec9SMimi Zohar #ifndef __LINUX_IMA_H 183323eec9SMimi Zohar #define __LINUX_IMA_H 193323eec9SMimi Zohar 203323eec9SMimi Zohar #include <linux/types.h> 213323eec9SMimi Zohar #include <linux/crypto.h> 22cf222217SMimi Zohar #include <linux/fs.h> 233323eec9SMimi Zohar #include <linux/security.h> 243323eec9SMimi Zohar #include <linux/hash.h> 253323eec9SMimi Zohar #include <linux/tpm.h> 263323eec9SMimi Zohar #include <linux/audit.h> 271525b06dSDmitry Kasatkin #include <crypto/hash_info.h> 283323eec9SMimi Zohar 29f381c272SMimi Zohar #include "../integrity.h" 30f381c272SMimi Zohar 3194c3aac5SMimi Zohar #ifdef CONFIG_HAVE_IMA_KEXEC 3294c3aac5SMimi Zohar #include <asm/ima.h> 3394c3aac5SMimi Zohar #endif 3494c3aac5SMimi Zohar 353e8e5503SRoberto Sassu enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_BINARY_NO_FIELD_LEN, 36c019e307SRoberto Sassu IMA_SHOW_BINARY_OLD_STRING_FMT, IMA_SHOW_ASCII }; 373323eec9SMimi Zohar enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 }; 383323eec9SMimi Zohar 393323eec9SMimi Zohar /* digest size for IMA, fits SHA1 or MD5 */ 40f381c272SMimi Zohar #define IMA_DIGEST_SIZE SHA1_DIGEST_SIZE 413323eec9SMimi Zohar #define IMA_EVENT_NAME_LEN_MAX 255 423323eec9SMimi Zohar 433323eec9SMimi Zohar #define IMA_HASH_BITS 9 443323eec9SMimi Zohar #define IMA_MEASURE_HTABLE_SIZE (1 << IMA_HASH_BITS) 453323eec9SMimi Zohar 46adf53a77SRoberto Sassu #define IMA_TEMPLATE_FIELD_ID_MAX_LEN 16 47adf53a77SRoberto Sassu #define IMA_TEMPLATE_NUM_FIELDS_MAX 15 48adf53a77SRoberto Sassu 493ce1217dSRoberto Sassu #define IMA_TEMPLATE_IMA_NAME "ima" 503ce1217dSRoberto Sassu #define IMA_TEMPLATE_IMA_FMT "d|n" 513ce1217dSRoberto Sassu 52a756024eSRoberto Sassu /* current content of the policy */ 53a756024eSRoberto Sassu extern int ima_policy_flag; 54a756024eSRoberto Sassu 553323eec9SMimi Zohar /* set during initialization */ 563323eec9SMimi Zohar extern int ima_used_chip; 57c7c8bb23SDmitry Kasatkin extern int ima_hash_algo; 582fe5d6deSMimi Zohar extern int ima_appraise; 593323eec9SMimi Zohar 6023b57419SRoberto Sassu /* IMA event related data */ 6123b57419SRoberto Sassu struct ima_event_data { 6223b57419SRoberto Sassu struct integrity_iint_cache *iint; 6323b57419SRoberto Sassu struct file *file; 6423b57419SRoberto Sassu const unsigned char *filename; 6523b57419SRoberto Sassu struct evm_ima_xattr_data *xattr_value; 6623b57419SRoberto Sassu int xattr_len; 678d94eb9bSRoberto Sassu const char *violation; 6823b57419SRoberto Sassu }; 6923b57419SRoberto Sassu 70adf53a77SRoberto Sassu /* IMA template field data definition */ 71adf53a77SRoberto Sassu struct ima_field_data { 72adf53a77SRoberto Sassu u8 *data; 73adf53a77SRoberto Sassu u32 len; 74adf53a77SRoberto Sassu }; 75adf53a77SRoberto Sassu 76adf53a77SRoberto Sassu /* IMA template field definition */ 77adf53a77SRoberto Sassu struct ima_template_field { 78adf53a77SRoberto Sassu const char field_id[IMA_TEMPLATE_FIELD_ID_MAX_LEN]; 7923b57419SRoberto Sassu int (*field_init)(struct ima_event_data *event_data, 8023b57419SRoberto Sassu struct ima_field_data *field_data); 81adf53a77SRoberto Sassu void (*field_show)(struct seq_file *m, enum ima_show_type show, 82adf53a77SRoberto Sassu struct ima_field_data *field_data); 83adf53a77SRoberto Sassu }; 84adf53a77SRoberto Sassu 85adf53a77SRoberto Sassu /* IMA template descriptor definition */ 86adf53a77SRoberto Sassu struct ima_template_desc { 873f23d624SMimi Zohar struct list_head list; 88adf53a77SRoberto Sassu char *name; 89adf53a77SRoberto Sassu char *fmt; 90adf53a77SRoberto Sassu int num_fields; 91adf53a77SRoberto Sassu struct ima_template_field **fields; 92adf53a77SRoberto Sassu }; 93adf53a77SRoberto Sassu 943323eec9SMimi Zohar struct ima_template_entry { 9514b1da85SEric Richter int pcr; 96140d8022SMimi Zohar u8 digest[TPM_DIGEST_SIZE]; /* sha1 or md5 measurement hash */ 97a71dc65dSRoberto Sassu struct ima_template_desc *template_desc; /* template descriptor */ 98a71dc65dSRoberto Sassu u32 template_data_len; 99a71dc65dSRoberto Sassu struct ima_field_data template_data[0]; /* template related data */ 1003323eec9SMimi Zohar }; 1013323eec9SMimi Zohar 1023323eec9SMimi Zohar struct ima_queue_entry { 1033323eec9SMimi Zohar struct hlist_node hnext; /* place in hash collision list */ 1043323eec9SMimi Zohar struct list_head later; /* place in ima_measurements list */ 1053323eec9SMimi Zohar struct ima_template_entry *entry; 1063323eec9SMimi Zohar }; 1073323eec9SMimi Zohar extern struct list_head ima_measurements; /* list of all measurements */ 1083323eec9SMimi Zohar 10994c3aac5SMimi Zohar /* Some details preceding the binary serialized measurement list */ 11094c3aac5SMimi Zohar struct ima_kexec_hdr { 11194c3aac5SMimi Zohar u16 version; 11294c3aac5SMimi Zohar u16 _reserved0; 11394c3aac5SMimi Zohar u32 _reserved1; 11494c3aac5SMimi Zohar u64 buffer_size; 11594c3aac5SMimi Zohar u64 count; 11694c3aac5SMimi Zohar }; 11794c3aac5SMimi Zohar 11894c3aac5SMimi Zohar #ifdef CONFIG_HAVE_IMA_KEXEC 11994c3aac5SMimi Zohar void ima_load_kexec_buffer(void); 12094c3aac5SMimi Zohar #else 12194c3aac5SMimi Zohar static inline void ima_load_kexec_buffer(void) {} 12294c3aac5SMimi Zohar #endif /* CONFIG_HAVE_IMA_KEXEC */ 12394c3aac5SMimi Zohar 124d68a6fe9SMimi Zohar /* 125d68a6fe9SMimi Zohar * The default binary_runtime_measurements list format is defined as the 126d68a6fe9SMimi Zohar * platform native format. The canonical format is defined as little-endian. 127d68a6fe9SMimi Zohar */ 128d68a6fe9SMimi Zohar extern bool ima_canonical_fmt; 129d68a6fe9SMimi Zohar 1303323eec9SMimi Zohar /* Internal IMA function definitions */ 1313323eec9SMimi Zohar int ima_init(void); 132bab73937SMimi Zohar int ima_fs_init(void); 1333323eec9SMimi Zohar int ima_add_template_entry(struct ima_template_entry *entry, int violation, 1349803d413SRoberto Sassu const char *op, struct inode *inode, 1359803d413SRoberto Sassu const unsigned char *filename); 136c7c8bb23SDmitry Kasatkin int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash); 13711d7646dSDmitry Kasatkin int ima_calc_buffer_hash(const void *buf, loff_t len, 13811d7646dSDmitry Kasatkin struct ima_digest_data *hash); 139b6f8f16fSRoberto Sassu int ima_calc_field_array_hash(struct ima_field_data *field_data, 140b6f8f16fSRoberto Sassu struct ima_template_desc *desc, int num_fields, 141c7c8bb23SDmitry Kasatkin struct ima_digest_data *hash); 14209ef5435SDmitry Kasatkin int __init ima_calc_boot_aggregate(struct ima_digest_data *hash); 1437d802a22SRoberto Sassu void ima_add_violation(struct file *file, const unsigned char *filename, 1448d94eb9bSRoberto Sassu struct integrity_iint_cache *iint, 1453323eec9SMimi Zohar const char *op, const char *cause); 14676bb28f6SDmitry Kasatkin int ima_init_crypto(void); 1473ce1217dSRoberto Sassu void ima_putc(struct seq_file *m, void *data, int datalen); 14845b26133SMimi Zohar void ima_print_digest(struct seq_file *m, u8 *digest, u32 size); 149a71dc65dSRoberto Sassu struct ima_template_desc *ima_template_desc_current(void); 15094c3aac5SMimi Zohar int ima_restore_measurement_entry(struct ima_template_entry *entry); 15194c3aac5SMimi Zohar int ima_restore_measurement_list(loff_t bufsize, void *buf); 1527b8589ccSMimi Zohar int ima_measurements_show(struct seq_file *m, void *v); 153d158847aSMimi Zohar unsigned long ima_get_binary_runtime_size(void); 154a71dc65dSRoberto Sassu int ima_init_template(void); 1553f23d624SMimi Zohar void ima_init_template_list(void); 1563323eec9SMimi Zohar 1573323eec9SMimi Zohar /* 1583323eec9SMimi Zohar * used to protect h_table and sha_table 1593323eec9SMimi Zohar */ 1603323eec9SMimi Zohar extern spinlock_t ima_queue_lock; 1613323eec9SMimi Zohar 1623323eec9SMimi Zohar struct ima_h_table { 1633323eec9SMimi Zohar atomic_long_t len; /* number of stored measurements in the list */ 1643323eec9SMimi Zohar atomic_long_t violations; 1653323eec9SMimi Zohar struct hlist_head queue[IMA_MEASURE_HTABLE_SIZE]; 1663323eec9SMimi Zohar }; 1673323eec9SMimi Zohar extern struct ima_h_table ima_htable; 1683323eec9SMimi Zohar 1693323eec9SMimi Zohar static inline unsigned long ima_hash_key(u8 *digest) 1703323eec9SMimi Zohar { 1713323eec9SMimi Zohar return hash_long(*digest, IMA_HASH_BITS); 1723323eec9SMimi Zohar } 1733323eec9SMimi Zohar 1742663218bSThiago Jung Bauermann #define __ima_hooks(hook) \ 1752663218bSThiago Jung Bauermann hook(NONE) \ 1762663218bSThiago Jung Bauermann hook(FILE_CHECK) \ 1772663218bSThiago Jung Bauermann hook(MMAP_CHECK) \ 1782663218bSThiago Jung Bauermann hook(BPRM_CHECK) \ 179d906c10dSMatthew Garrett hook(CREDS_CHECK) \ 1802663218bSThiago Jung Bauermann hook(POST_SETATTR) \ 1812663218bSThiago Jung Bauermann hook(MODULE_CHECK) \ 1822663218bSThiago Jung Bauermann hook(FIRMWARE_CHECK) \ 1832663218bSThiago Jung Bauermann hook(KEXEC_KERNEL_CHECK) \ 1842663218bSThiago Jung Bauermann hook(KEXEC_INITRAMFS_CHECK) \ 1852663218bSThiago Jung Bauermann hook(POLICY_CHECK) \ 1862663218bSThiago Jung Bauermann hook(MAX_CHECK) 1872663218bSThiago Jung Bauermann #define __ima_hook_enumify(ENUM) ENUM, 1882663218bSThiago Jung Bauermann 1894ad87a3dSMimi Zohar enum ima_hooks { 1902663218bSThiago Jung Bauermann __ima_hooks(__ima_hook_enumify) 1914ad87a3dSMimi Zohar }; 1924ad87a3dSMimi Zohar 1933323eec9SMimi Zohar /* LIM API function definitions */ 194d906c10dSMatthew Garrett int ima_get_action(struct inode *inode, const struct cred *cred, u32 secid, 195d906c10dSMatthew Garrett int mask, enum ima_hooks func, int *pcr); 1964ad87a3dSMimi Zohar int ima_must_measure(struct inode *inode, int mask, enum ima_hooks func); 197f381c272SMimi Zohar int ima_collect_measurement(struct integrity_iint_cache *iint, 198cf222217SMimi Zohar struct file *file, void *buf, loff_t size, 199cf222217SMimi Zohar enum hash_algo algo); 200f381c272SMimi Zohar void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, 201bcbc9b0cSMimi Zohar const unsigned char *filename, 202bcbc9b0cSMimi Zohar struct evm_ima_xattr_data *xattr_value, 20314b1da85SEric Richter int xattr_len, int pcr); 204e7c568e0SPeter Moody void ima_audit_measurement(struct integrity_iint_cache *iint, 205e7c568e0SPeter Moody const unsigned char *filename); 20623b57419SRoberto Sassu int ima_alloc_init_template(struct ima_event_data *event_data, 20723b57419SRoberto Sassu struct ima_template_entry **entry); 2083323eec9SMimi Zohar int ima_store_template(struct ima_template_entry *entry, int violation, 20914b1da85SEric Richter struct inode *inode, 21014b1da85SEric Richter const unsigned char *filename, int pcr); 211a7ed7c60SRoberto Sassu void ima_free_template_entry(struct ima_template_entry *entry); 212bc15ed66SMimi Zohar const char *ima_d_path(const struct path *path, char **pathbuf, char *filename); 2133323eec9SMimi Zohar 2143323eec9SMimi Zohar /* IMA policy related functions */ 215d906c10dSMatthew Garrett int ima_match_policy(struct inode *inode, const struct cred *cred, u32 secid, 216d906c10dSMatthew Garrett enum ima_hooks func, int mask, int flags, int *pcr); 2173323eec9SMimi Zohar void ima_init_policy(void); 2183323eec9SMimi Zohar void ima_update_policy(void); 219a756024eSRoberto Sassu void ima_update_policy_flag(void); 2206ccd0456SEric Paris ssize_t ima_parse_add_rule(char *); 2214af4662fSMimi Zohar void ima_delete_rules(void); 2220112721dSSasha Levin int ima_check_policy(void); 22380eae209SPetko Manolov void *ima_policy_start(struct seq_file *m, loff_t *pos); 22480eae209SPetko Manolov void *ima_policy_next(struct seq_file *m, void *v, loff_t *pos); 22580eae209SPetko Manolov void ima_policy_stop(struct seq_file *m, void *v); 22680eae209SPetko Manolov int ima_policy_show(struct seq_file *m, void *v); 2274af4662fSMimi Zohar 2282fe5d6deSMimi Zohar /* Appraise integrity measurements */ 2292fe5d6deSMimi Zohar #define IMA_APPRAISE_ENFORCE 0x01 2302fe5d6deSMimi Zohar #define IMA_APPRAISE_FIX 0x02 2312faa6ef3SDmitry Kasatkin #define IMA_APPRAISE_LOG 0x04 2322faa6ef3SDmitry Kasatkin #define IMA_APPRAISE_MODULES 0x08 2332faa6ef3SDmitry Kasatkin #define IMA_APPRAISE_FIRMWARE 0x10 23419f8a847SMimi Zohar #define IMA_APPRAISE_POLICY 0x20 2352fe5d6deSMimi Zohar 2362fe5d6deSMimi Zohar #ifdef CONFIG_IMA_APPRAISE 2374ad87a3dSMimi Zohar int ima_appraise_measurement(enum ima_hooks func, 2384ad87a3dSMimi Zohar struct integrity_iint_cache *iint, 239d3634d0fSDmitry Kasatkin struct file *file, const unsigned char *filename, 240d3634d0fSDmitry Kasatkin struct evm_ima_xattr_data *xattr_value, 241*6035a27bSAl Viro int xattr_len); 242d26e1936SDmitry Kasatkin int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func); 2432fe5d6deSMimi Zohar void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file); 244d79d72e0SMimi Zohar enum integrity_status ima_get_cache_status(struct integrity_iint_cache *iint, 2454ad87a3dSMimi Zohar enum ima_hooks func); 2461525b06dSDmitry Kasatkin enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value, 2471525b06dSDmitry Kasatkin int xattr_len); 248d3634d0fSDmitry Kasatkin int ima_read_xattr(struct dentry *dentry, 249d3634d0fSDmitry Kasatkin struct evm_ima_xattr_data **xattr_value); 2502fe5d6deSMimi Zohar 2512fe5d6deSMimi Zohar #else 2524ad87a3dSMimi Zohar static inline int ima_appraise_measurement(enum ima_hooks func, 253d79d72e0SMimi Zohar struct integrity_iint_cache *iint, 2542fe5d6deSMimi Zohar struct file *file, 255d3634d0fSDmitry Kasatkin const unsigned char *filename, 256d3634d0fSDmitry Kasatkin struct evm_ima_xattr_data *xattr_value, 257*6035a27bSAl Viro int xattr_len) 2582fe5d6deSMimi Zohar { 2592fe5d6deSMimi Zohar return INTEGRITY_UNKNOWN; 2602fe5d6deSMimi Zohar } 2612fe5d6deSMimi Zohar 262d26e1936SDmitry Kasatkin static inline int ima_must_appraise(struct inode *inode, int mask, 263d26e1936SDmitry Kasatkin enum ima_hooks func) 2642fe5d6deSMimi Zohar { 2652fe5d6deSMimi Zohar return 0; 2662fe5d6deSMimi Zohar } 2672fe5d6deSMimi Zohar 2682fe5d6deSMimi Zohar static inline void ima_update_xattr(struct integrity_iint_cache *iint, 2692fe5d6deSMimi Zohar struct file *file) 2702fe5d6deSMimi Zohar { 2712fe5d6deSMimi Zohar } 272d79d72e0SMimi Zohar 273d79d72e0SMimi Zohar static inline enum integrity_status ima_get_cache_status(struct integrity_iint_cache 2744ad87a3dSMimi Zohar *iint, 2754ad87a3dSMimi Zohar enum ima_hooks func) 276d79d72e0SMimi Zohar { 277d79d72e0SMimi Zohar return INTEGRITY_UNKNOWN; 278d79d72e0SMimi Zohar } 279d3634d0fSDmitry Kasatkin 2801525b06dSDmitry Kasatkin static inline enum hash_algo 2811525b06dSDmitry Kasatkin ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value, int xattr_len) 282d3634d0fSDmitry Kasatkin { 2831525b06dSDmitry Kasatkin return ima_hash_algo; 284d3634d0fSDmitry Kasatkin } 285d3634d0fSDmitry Kasatkin 286d3634d0fSDmitry Kasatkin static inline int ima_read_xattr(struct dentry *dentry, 287d3634d0fSDmitry Kasatkin struct evm_ima_xattr_data **xattr_value) 288d3634d0fSDmitry Kasatkin { 289d3634d0fSDmitry Kasatkin return 0; 290d3634d0fSDmitry Kasatkin } 291d3634d0fSDmitry Kasatkin 292bb543e39SThiago Jung Bauermann #endif /* CONFIG_IMA_APPRAISE */ 2932fe5d6deSMimi Zohar 2944af4662fSMimi Zohar /* LSM based policy rules require audit */ 2954af4662fSMimi Zohar #ifdef CONFIG_IMA_LSM_RULES 2964af4662fSMimi Zohar 2974af4662fSMimi Zohar #define security_filter_rule_init security_audit_rule_init 2984af4662fSMimi Zohar #define security_filter_rule_match security_audit_rule_match 2994af4662fSMimi Zohar 3004af4662fSMimi Zohar #else 3014af4662fSMimi Zohar 3024af4662fSMimi Zohar static inline int security_filter_rule_init(u32 field, u32 op, char *rulestr, 3034af4662fSMimi Zohar void **lsmrule) 3044af4662fSMimi Zohar { 3054af4662fSMimi Zohar return -EINVAL; 3064af4662fSMimi Zohar } 3074af4662fSMimi Zohar 3084af4662fSMimi Zohar static inline int security_filter_rule_match(u32 secid, u32 field, u32 op, 3094af4662fSMimi Zohar void *lsmrule, 3104af4662fSMimi Zohar struct audit_context *actx) 3114af4662fSMimi Zohar { 3124af4662fSMimi Zohar return -EINVAL; 3134af4662fSMimi Zohar } 3145d659f28STycho Andersen #endif /* CONFIG_IMA_LSM_RULES */ 31580eae209SPetko Manolov 31680eae209SPetko Manolov #ifdef CONFIG_IMA_READ_POLICY 31780eae209SPetko Manolov #define POLICY_FILE_FLAGS (S_IWUSR | S_IRUSR) 31880eae209SPetko Manolov #else 31980eae209SPetko Manolov #define POLICY_FILE_FLAGS S_IWUSR 3205d659f28STycho Andersen #endif /* CONFIG_IMA_READ_POLICY */ 32180eae209SPetko Manolov 32280eae209SPetko Manolov #endif /* __LINUX_IMA_H */ 323