LSM: bury struct security_mnt_opts
[muen/linux.git] / security / integrity / integrity.h
1 /*
2  * Copyright (C) 2009-2010 IBM Corporation
3  *
4  * Authors:
5  * Mimi Zohar <zohar@us.ibm.com>
6  *
7  * This program is free software; you can redistribute it and/or
8  * modify it under the terms of the GNU General Public License as
9  * published by the Free Software Foundation, version 2 of the
10  * License.
11  *
12  */
13
14 #include <linux/types.h>
15 #include <linux/integrity.h>
16 #include <crypto/sha.h>
17 #include <linux/key.h>
18 #include <linux/audit.h>
19
20 /* iint action cache flags */
21 #define IMA_MEASURE             0x00000001
22 #define IMA_MEASURED            0x00000002
23 #define IMA_APPRAISE            0x00000004
24 #define IMA_APPRAISED           0x00000008
25 /*#define IMA_COLLECT           0x00000010  do not use this flag */
26 #define IMA_COLLECTED           0x00000020
27 #define IMA_AUDIT               0x00000040
28 #define IMA_AUDITED             0x00000080
29 #define IMA_HASH                0x00000100
30 #define IMA_HASHED              0x00000200
31
32 /* iint cache flags */
33 #define IMA_ACTION_FLAGS        0xff000000
34 #define IMA_DIGSIG_REQUIRED     0x01000000
35 #define IMA_PERMIT_DIRECTIO     0x02000000
36 #define IMA_NEW_FILE            0x04000000
37 #define EVM_IMMUTABLE_DIGSIG    0x08000000
38 #define IMA_FAIL_UNVERIFIABLE_SIGS      0x10000000
39
40 #define IMA_DO_MASK             (IMA_MEASURE | IMA_APPRAISE | IMA_AUDIT | \
41                                  IMA_HASH | IMA_APPRAISE_SUBMASK)
42 #define IMA_DONE_MASK           (IMA_MEASURED | IMA_APPRAISED | IMA_AUDITED | \
43                                  IMA_HASHED | IMA_COLLECTED | \
44                                  IMA_APPRAISED_SUBMASK)
45
46 /* iint subaction appraise cache flags */
47 #define IMA_FILE_APPRAISE       0x00001000
48 #define IMA_FILE_APPRAISED      0x00002000
49 #define IMA_MMAP_APPRAISE       0x00004000
50 #define IMA_MMAP_APPRAISED      0x00008000
51 #define IMA_BPRM_APPRAISE       0x00010000
52 #define IMA_BPRM_APPRAISED      0x00020000
53 #define IMA_READ_APPRAISE       0x00040000
54 #define IMA_READ_APPRAISED      0x00080000
55 #define IMA_CREDS_APPRAISE      0x00100000
56 #define IMA_CREDS_APPRAISED     0x00200000
57 #define IMA_APPRAISE_SUBMASK    (IMA_FILE_APPRAISE | IMA_MMAP_APPRAISE | \
58                                  IMA_BPRM_APPRAISE | IMA_READ_APPRAISE | \
59                                  IMA_CREDS_APPRAISE)
60 #define IMA_APPRAISED_SUBMASK   (IMA_FILE_APPRAISED | IMA_MMAP_APPRAISED | \
61                                  IMA_BPRM_APPRAISED | IMA_READ_APPRAISED | \
62                                  IMA_CREDS_APPRAISED)
63
64 /* iint cache atomic_flags */
65 #define IMA_CHANGE_XATTR        0
66 #define IMA_UPDATE_XATTR        1
67 #define IMA_CHANGE_ATTR         2
68 #define IMA_DIGSIG              3
69 #define IMA_MUST_MEASURE        4
70
71 enum evm_ima_xattr_type {
72         IMA_XATTR_DIGEST = 0x01,
73         EVM_XATTR_HMAC,
74         EVM_IMA_XATTR_DIGSIG,
75         IMA_XATTR_DIGEST_NG,
76         EVM_XATTR_PORTABLE_DIGSIG,
77         IMA_XATTR_LAST
78 };
79
80 struct evm_ima_xattr_data {
81         u8 type;
82         u8 digest[SHA1_DIGEST_SIZE];
83 } __packed;
84
85 #define IMA_MAX_DIGEST_SIZE     64
86
87 struct ima_digest_data {
88         u8 algo;
89         u8 length;
90         union {
91                 struct {
92                         u8 unused;
93                         u8 type;
94                 } sha1;
95                 struct {
96                         u8 type;
97                         u8 algo;
98                 } ng;
99                 u8 data[2];
100         } xattr;
101         u8 digest[0];
102 } __packed;
103
104 /*
105  * signature format v2 - for using with asymmetric keys
106  */
107 struct signature_v2_hdr {
108         uint8_t type;           /* xattr type */
109         uint8_t version;        /* signature format version */
110         uint8_t hash_algo;      /* Digest algorithm [enum hash_algo] */
111         __be32 keyid;           /* IMA key identifier - not X509/PGP specific */
112         __be16 sig_size;        /* signature size */
113         uint8_t sig[0];         /* signature payload */
114 } __packed;
115
116 /* integrity data associated with an inode */
117 struct integrity_iint_cache {
118         struct rb_node rb_node; /* rooted in integrity_iint_tree */
119         struct mutex mutex;     /* protects: version, flags, digest */
120         struct inode *inode;    /* back pointer to inode in question */
121         u64 version;            /* track inode changes */
122         unsigned long flags;
123         unsigned long measured_pcrs;
124         unsigned long atomic_flags;
125         enum integrity_status ima_file_status:4;
126         enum integrity_status ima_mmap_status:4;
127         enum integrity_status ima_bprm_status:4;
128         enum integrity_status ima_read_status:4;
129         enum integrity_status ima_creds_status:4;
130         enum integrity_status evm_status:4;
131         struct ima_digest_data *ima_hash;
132 };
133
134 /* rbtree tree calls to lookup, insert, delete
135  * integrity data associated with an inode.
136  */
137 struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
138
139 int integrity_kernel_read(struct file *file, loff_t offset,
140                           void *addr, unsigned long count);
141
142 #define INTEGRITY_KEYRING_EVM           0
143 #define INTEGRITY_KEYRING_IMA           1
144 #define INTEGRITY_KEYRING_MODULE        2
145 #define INTEGRITY_KEYRING_MAX           3
146
147 extern struct dentry *integrity_dir;
148
149 #ifdef CONFIG_INTEGRITY_SIGNATURE
150
151 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
152                             const char *digest, int digestlen);
153
154 int __init integrity_init_keyring(const unsigned int id);
155 int __init integrity_load_x509(const unsigned int id, const char *path);
156 #else
157
158 static inline int integrity_digsig_verify(const unsigned int id,
159                                           const char *sig, int siglen,
160                                           const char *digest, int digestlen)
161 {
162         return -EOPNOTSUPP;
163 }
164
165 static inline int integrity_init_keyring(const unsigned int id)
166 {
167         return 0;
168 }
169 #endif /* CONFIG_INTEGRITY_SIGNATURE */
170
171 #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
172 int asymmetric_verify(struct key *keyring, const char *sig,
173                       int siglen, const char *data, int datalen);
174 #else
175 static inline int asymmetric_verify(struct key *keyring, const char *sig,
176                                     int siglen, const char *data, int datalen)
177 {
178         return -EOPNOTSUPP;
179 }
180 #endif
181
182 #ifdef CONFIG_IMA_LOAD_X509
183 void __init ima_load_x509(void);
184 #else
185 static inline void ima_load_x509(void)
186 {
187 }
188 #endif
189
190 #ifdef CONFIG_EVM_LOAD_X509
191 void __init evm_load_x509(void);
192 #else
193 static inline void evm_load_x509(void)
194 {
195 }
196 #endif
197
198 #ifdef CONFIG_INTEGRITY_AUDIT
199 /* declarations */
200 void integrity_audit_msg(int audit_msgno, struct inode *inode,
201                          const unsigned char *fname, const char *op,
202                          const char *cause, int result, int info);
203
204 static inline struct audit_buffer *
205 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
206 {
207         return audit_log_start(ctx, gfp_mask, type);
208 }
209
210 #else
211 static inline void integrity_audit_msg(int audit_msgno, struct inode *inode,
212                                        const unsigned char *fname,
213                                        const char *op, const char *cause,
214                                        int result, int info)
215 {
216 }
217
218 static inline struct audit_buffer *
219 integrity_audit_log_start(struct audit_context *ctx, gfp_t gfp_mask, int type)
220 {
221         return NULL;
222 }
223
224 #endif