From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> Remove hardcoded calls to integrity functions from the LSM infrastructure and, instead, register them in integrity_lsm_init() with the IMA or EVM LSM ID (the first non-NULL returned by ima_get_lsm_id() and evm_get_lsm_id()). Also move the global declaration of integrity_inode_get() to security/integrity/integrity.h, so that the function can be still called by IMA. Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> --- include/linux/integrity.h | 26 -------------------------- security/integrity/iint.c | 30 +++++++++++++++++++++++++++++- security/integrity/integrity.h | 7 +++++++ security/security.c | 9 +-------- 4 files changed, 37 insertions(+), 35 deletions(-) diff --git a/include/linux/integrity.h b/include/linux/integrity.h index 2ea0f2f65ab6..afaae7ad26f4 100644 --- a/include/linux/integrity.h +++ b/include/linux/integrity.h @@ -21,38 +21,12 @@ enum integrity_status { /* List of EVM protected security xattrs */ #ifdef CONFIG_INTEGRITY -extern struct integrity_iint_cache *integrity_inode_get(struct inode *inode); -extern void integrity_inode_free(struct inode *inode); extern void __init integrity_load_keys(void); #else -static inline struct integrity_iint_cache * - integrity_inode_get(struct inode *inode) -{ - return NULL; -} - -static inline void integrity_inode_free(struct inode *inode) -{ - return; -} - static inline void integrity_load_keys(void) { } #endif /* CONFIG_INTEGRITY */ -#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS - -extern int integrity_kernel_module_request(char *kmod_name); - -#else - -static inline int integrity_kernel_module_request(char *kmod_name) -{ - return 0; -} - -#endif /* CONFIG_INTEGRITY_ASYMMETRIC_KEYS */ - #endif /* _LINUX_INTEGRITY_H */ diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 0b0ac71142e8..882fde2a2607 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -171,7 +171,7 @@ struct integrity_iint_cache *integrity_inode_get(struct inode *inode) * * Free the integrity information(iint) associated with an inode. */ -void integrity_inode_free(struct inode *inode) +static void integrity_inode_free(struct inode *inode) { struct integrity_iint_cache *iint; @@ -193,11 +193,39 @@ static void iint_init_once(void *foo) memset(iint, 0, sizeof(*iint)); } +static struct security_hook_list integrity_hooks[] __ro_after_init = { + LSM_HOOK_INIT(inode_free_security, integrity_inode_free), +#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS + LSM_HOOK_INIT(kernel_module_request, integrity_kernel_module_request), +#endif +}; + +/* + * Perform the initialization of the 'integrity', 'ima' and 'evm' LSMs to + * ensure that the management of integrity metadata is working at the time + * IMA and EVM hooks are registered to the LSM infrastructure, and to keep + * the original ordering of IMA and EVM functions as when they were hardcoded. + */ static int __init integrity_lsm_init(void) { + const struct lsm_id *lsmid; + iint_cache = kmem_cache_create("iint_cache", sizeof(struct integrity_iint_cache), 0, SLAB_PANIC, iint_init_once); + /* + * Obtain either the IMA or EVM LSM ID to register integrity-specific + * hooks under that LSM, since there is no LSM ID assigned to the + * 'integrity' LSM. + */ + lsmid = ima_get_lsm_id(); + if (!lsmid) + lsmid = evm_get_lsm_id(); + /* No point in continuing, since both IMA and EVM are disabled. */ + if (!lsmid) + return 0; + + security_add_hooks(integrity_hooks, ARRAY_SIZE(integrity_hooks), lsmid); init_ima_lsm(); init_evm_lsm(); return 0; diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 7534ec06324e..e4df82d6f6e7 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -180,6 +180,7 @@ struct integrity_iint_cache { * integrity data associated with an inode. */ struct integrity_iint_cache *integrity_iint_find(struct inode *inode); +struct integrity_iint_cache *integrity_inode_get(struct inode *inode); int integrity_kernel_read(struct file *file, loff_t offset, void *addr, unsigned long count); @@ -266,12 +267,18 @@ static inline int __init integrity_load_cert(const unsigned int id, #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS int asymmetric_verify(struct key *keyring, const char *sig, int siglen, const char *data, int datalen); +int integrity_kernel_module_request(char *kmod_name); #else static inline int asymmetric_verify(struct key *keyring, const char *sig, int siglen, const char *data, int datalen) { return -EOPNOTSUPP; } + +static inline int integrity_kernel_module_request(char *kmod_name) +{ + return 0; +} #endif #ifdef CONFIG_IMA_APPRAISE_MODSIG diff --git a/security/security.c b/security/security.c index 9703549b6ddc..0d9eaa4cd260 100644 --- a/security/security.c +++ b/security/security.c @@ -19,7 +19,6 @@ #include <linux/kernel.h> #include <linux/kernel_read_file.h> #include <linux/lsm_hooks.h> -#include <linux/integrity.h> #include <linux/fsnotify.h> #include <linux/mman.h> #include <linux/mount.h> @@ -1597,7 +1596,6 @@ static void inode_free_by_rcu(struct rcu_head *head) */ void security_inode_free(struct inode *inode) { - integrity_inode_free(inode); call_void_hook(inode_free_security, inode); /* * The inode may still be referenced in a path walk and @@ -3182,12 +3180,7 @@ int security_kernel_create_files_as(struct cred *new, struct inode *inode) */ int security_kernel_module_request(char *kmod_name) { - int ret; - - ret = call_int_hook(kernel_module_request, 0, kmod_name); - if (ret) - return ret; - return integrity_kernel_module_request(kmod_name); + return call_int_hook(kernel_module_request, 0, kmod_name); } /** -- 2.34.1