aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds2014-04-03 11:26:18 -0500
committerLinus Torvalds2014-04-03 11:26:18 -0500
commitbea803183e12a1c78a12ec70907174d13d958333 (patch)
tree56a720b1eb02bb15ce5135078d9bbcbf06b74235 /security
parentcd6362befe4cc7bf589a5236d2a780af2d47bcc9 (diff)
parentf64410ec665479d7b4b77b7519e814253ed0f686 (diff)
downloadlinux-phy-bea803183e12a1c78a12ec70907174d13d958333.tar.gz
linux-phy-bea803183e12a1c78a12ec70907174d13d958333.tar.xz
linux-phy-bea803183e12a1c78a12ec70907174d13d958333.zip
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "Apart from reordering the SELinux mmap code to ensure DAC is called before MAC, these are minor maintenance updates" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (23 commits) selinux: correctly label /proc inodes in use before the policy is loaded selinux: put the mmap() DAC controls before the MAC controls selinux: fix the output of ./scripts/get_maintainer.pl for SELinux evm: enable key retention service automatically ima: skip memory allocation for empty files evm: EVM does not use MD5 ima: return d_name.name if d_path fails integrity: fix checkpatch errors ima: fix erroneous removal of security.ima xattr security: integrity: Use a more current logging style MAINTAINERS: email updates and other misc. changes ima: reduce memory usage when a template containing the n field is used ima: restore the original behavior for sending data with ima template Integrity: Pass commname via get_task_comm() fs: move i_readcount ima: use static const char array definitions security: have cap_dentry_init_security return error ima: new helper: file_inode(file) kernel: Mark function as static in kernel/seccomp.c capability: Use current logging styles ...
Diffstat (limited to 'security')
-rw-r--r--security/Makefile12
-rw-r--r--security/apparmor/lsm.c2
-rw-r--r--security/capability.c2
-rw-r--r--security/integrity/Makefile4
-rw-r--r--security/integrity/evm/Kconfig6
-rw-r--r--security/integrity/evm/evm.h28
-rw-r--r--security/integrity/evm/evm_crypto.c8
-rw-r--r--security/integrity/evm/evm_main.c6
-rw-r--r--security/integrity/evm/evm_secfs.c6
-rw-r--r--security/integrity/iint.c2
-rw-r--r--security/integrity/ima/ima.h2
-rw-r--r--security/integrity/ima/ima_api.c20
-rw-r--r--security/integrity/ima/ima_appraise.c4
-rw-r--r--security/integrity/ima/ima_crypto.c37
-rw-r--r--security/integrity/ima/ima_fs.c8
-rw-r--r--security/integrity/ima/ima_init.c9
-rw-r--r--security/integrity/ima/ima_main.c11
-rw-r--r--security/integrity/ima/ima_policy.c79
-rw-r--r--security/integrity/ima/ima_queue.c12
-rw-r--r--security/integrity/ima/ima_template.c19
-rw-r--r--security/integrity/ima/ima_template_lib.c29
-rw-r--r--security/integrity/integrity_audit.c7
-rw-r--r--security/keys/encrypted-keys/encrypted.c2
-rw-r--r--security/keys/trusted.c6
-rw-r--r--security/selinux/hooks.c60
-rw-r--r--security/selinux/selinuxfs.c2
26 files changed, 208 insertions, 175 deletions
diff --git a/security/Makefile b/security/Makefile
index a5918e01a4f7..05f1c934d74b 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -16,14 +16,14 @@ obj-$(CONFIG_MMU) += min_addr.o
16# Object file lists 16# Object file lists
17obj-$(CONFIG_SECURITY) += security.o capability.o 17obj-$(CONFIG_SECURITY) += security.o capability.o
18obj-$(CONFIG_SECURITYFS) += inode.o 18obj-$(CONFIG_SECURITYFS) += inode.o
19obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o 19obj-$(CONFIG_SECURITY_SELINUX) += selinux/
20obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o 20obj-$(CONFIG_SECURITY_SMACK) += smack/
21obj-$(CONFIG_AUDIT) += lsm_audit.o 21obj-$(CONFIG_AUDIT) += lsm_audit.o
22obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o 22obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/
23obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/built-in.o 23obj-$(CONFIG_SECURITY_APPARMOR) += apparmor/
24obj-$(CONFIG_SECURITY_YAMA) += yama/built-in.o 24obj-$(CONFIG_SECURITY_YAMA) += yama/
25obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o 25obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o
26 26
27# Object integrity file lists 27# Object integrity file lists
28subdir-$(CONFIG_INTEGRITY) += integrity 28subdir-$(CONFIG_INTEGRITY) += integrity
29obj-$(CONFIG_INTEGRITY) += integrity/built-in.o 29obj-$(CONFIG_INTEGRITY) += integrity/
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 4257b7e2796b..998100093332 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -751,7 +751,7 @@ module_param_named(enabled, apparmor_enabled, bool, S_IRUGO);
751static int __init apparmor_enabled_setup(char *str) 751static int __init apparmor_enabled_setup(char *str)
752{ 752{
753 unsigned long enabled; 753 unsigned long enabled;
754 int error = strict_strtoul(str, 0, &enabled); 754 int error = kstrtoul(str, 0, &enabled);
755 if (!error) 755 if (!error)
756 apparmor_enabled = enabled ? 1 : 0; 756 apparmor_enabled = enabled ? 1 : 0;
757 return 1; 757 return 1;
diff --git a/security/capability.c b/security/capability.c
index 21e2b9cae685..ad0d4de69944 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -116,7 +116,7 @@ static int cap_dentry_init_security(struct dentry *dentry, int mode,
116 struct qstr *name, void **ctx, 116 struct qstr *name, void **ctx,
117 u32 *ctxlen) 117 u32 *ctxlen)
118{ 118{
119 return 0; 119 return -EOPNOTSUPP;
120} 120}
121 121
122static int cap_inode_alloc_security(struct inode *inode) 122static int cap_inode_alloc_security(struct inode *inode)
diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index 0f9cffb1f9ad..0793f4811cb7 100644
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -10,6 +10,6 @@ obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
10integrity-y := iint.o 10integrity-y := iint.o
11 11
12subdir-$(CONFIG_IMA) += ima 12subdir-$(CONFIG_IMA) += ima
13obj-$(CONFIG_IMA) += ima/built-in.o 13obj-$(CONFIG_IMA) += ima/
14subdir-$(CONFIG_EVM) += evm 14subdir-$(CONFIG_EVM) += evm
15obj-$(CONFIG_EVM) += evm/built-in.o 15obj-$(CONFIG_EVM) += evm/
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index fea9749c3756..d35b4915b00d 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -1,10 +1,10 @@
1config EVM 1config EVM
2 boolean "EVM support" 2 boolean "EVM support"
3 depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n) 3 depends on SECURITY
4 select KEYS
5 select ENCRYPTED_KEYS
4 select CRYPTO_HMAC 6 select CRYPTO_HMAC
5 select CRYPTO_MD5
6 select CRYPTO_SHA1 7 select CRYPTO_SHA1
7 select ENCRYPTED_KEYS
8 default n 8 default n
9 help 9 help
10 EVM protects a file's security extended attributes against 10 EVM protects a file's security extended attributes against
diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index 30bd1ec0232e..37c88ddb3cfe 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -32,19 +32,19 @@ extern struct crypto_shash *hash_tfm;
32/* List of EVM protected security xattrs */ 32/* List of EVM protected security xattrs */
33extern char *evm_config_xattrnames[]; 33extern char *evm_config_xattrnames[];
34 34
35extern int evm_init_key(void); 35int evm_init_key(void);
36extern int evm_update_evmxattr(struct dentry *dentry, 36int evm_update_evmxattr(struct dentry *dentry,
37 const char *req_xattr_name, 37 const char *req_xattr_name,
38 const char *req_xattr_value, 38 const char *req_xattr_value,
39 size_t req_xattr_value_len); 39 size_t req_xattr_value_len);
40extern int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, 40int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
41 const char *req_xattr_value, 41 const char *req_xattr_value,
42 size_t req_xattr_value_len, char *digest); 42 size_t req_xattr_value_len, char *digest);
43extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name, 43int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
44 const char *req_xattr_value, 44 const char *req_xattr_value,
45 size_t req_xattr_value_len, char *digest); 45 size_t req_xattr_value_len, char *digest);
46extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr, 46int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
47 char *hmac_val); 47 char *hmac_val);
48extern int evm_init_secfs(void); 48int evm_init_secfs(void);
49 49
50#endif 50#endif
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 3bab89eb21d6..babd8626bf96 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -13,6 +13,8 @@
13 * Using root's kernel master key (kmk), calculate the HMAC 13 * Using root's kernel master key (kmk), calculate the HMAC
14 */ 14 */
15 15
16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17
16#include <linux/module.h> 18#include <linux/module.h>
17#include <linux/crypto.h> 19#include <linux/crypto.h>
18#include <linux/xattr.h> 20#include <linux/xattr.h>
@@ -103,13 +105,13 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
103 umode_t mode; 105 umode_t mode;
104 } hmac_misc; 106 } hmac_misc;
105 107
106 memset(&hmac_misc, 0, sizeof hmac_misc); 108 memset(&hmac_misc, 0, sizeof(hmac_misc));
107 hmac_misc.ino = inode->i_ino; 109 hmac_misc.ino = inode->i_ino;
108 hmac_misc.generation = inode->i_generation; 110 hmac_misc.generation = inode->i_generation;
109 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); 111 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
110 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); 112 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
111 hmac_misc.mode = inode->i_mode; 113 hmac_misc.mode = inode->i_mode;
112 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); 114 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
113 if (evm_hmac_version > 1) 115 if (evm_hmac_version > 1)
114 crypto_shash_update(desc, inode->i_sb->s_uuid, 116 crypto_shash_update(desc, inode->i_sb->s_uuid,
115 sizeof(inode->i_sb->s_uuid)); 117 sizeof(inode->i_sb->s_uuid));
@@ -221,7 +223,7 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
221 223
222 desc = init_desc(EVM_XATTR_HMAC); 224 desc = init_desc(EVM_XATTR_HMAC);
223 if (IS_ERR(desc)) { 225 if (IS_ERR(desc)) {
224 printk(KERN_INFO "init_desc failed\n"); 226 pr_info("init_desc failed\n");
225 return PTR_ERR(desc); 227 return PTR_ERR(desc);
226 } 228 }
227 229
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 336b3ddfe63f..996092f21b64 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -14,6 +14,8 @@
14 * evm_inode_removexattr, and evm_verifyxattr 14 * evm_inode_removexattr, and evm_verifyxattr
15 */ 15 */
16 16
17#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
17#include <linux/module.h> 19#include <linux/module.h>
18#include <linux/crypto.h> 20#include <linux/crypto.h>
19#include <linux/audit.h> 21#include <linux/audit.h>
@@ -432,7 +434,7 @@ static int __init init_evm(void)
432 434
433 error = evm_init_secfs(); 435 error = evm_init_secfs();
434 if (error < 0) { 436 if (error < 0) {
435 printk(KERN_INFO "EVM: Error registering secfs\n"); 437 pr_info("Error registering secfs\n");
436 goto err; 438 goto err;
437 } 439 }
438 440
@@ -449,7 +451,7 @@ static int __init evm_display_config(void)
449 char **xattrname; 451 char **xattrname;
450 452
451 for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) 453 for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++)
452 printk(KERN_INFO "EVM: %s\n", *xattrname); 454 pr_info("%s\n", *xattrname);
453 return 0; 455 return 0;
454} 456}
455 457
diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
index 30f670ad6ac3..cf12a04717d3 100644
--- a/security/integrity/evm/evm_secfs.c
+++ b/security/integrity/evm/evm_secfs.c
@@ -13,6 +13,8 @@
13 * - Get the key and enable EVM 13 * - Get the key and enable EVM
14 */ 14 */
15 15
16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17
16#include <linux/uaccess.h> 18#include <linux/uaccess.h>
17#include <linux/module.h> 19#include <linux/module.h>
18#include "evm.h" 20#include "evm.h"
@@ -79,9 +81,9 @@ static ssize_t evm_write_key(struct file *file, const char __user *buf,
79 error = evm_init_key(); 81 error = evm_init_key();
80 if (!error) { 82 if (!error) {
81 evm_initialized = 1; 83 evm_initialized = 1;
82 pr_info("EVM: initialized\n"); 84 pr_info("initialized\n");
83 } else 85 } else
84 pr_err("EVM: initialization failed\n"); 86 pr_err("initialization failed\n");
85 return count; 87 return count;
86} 88}
87 89
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index c49d3f14cbec..a521edf4cbd6 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -151,7 +151,7 @@ static void init_once(void *foo)
151{ 151{
152 struct integrity_iint_cache *iint = foo; 152 struct integrity_iint_cache *iint = foo;
153 153
154 memset(iint, 0, sizeof *iint); 154 memset(iint, 0, sizeof(*iint));
155 iint->version = 0; 155 iint->version = 0;
156 iint->flags = 0UL; 156 iint->flags = 0UL;
157 iint->ima_file_status = INTEGRITY_UNKNOWN; 157 iint->ima_file_status = INTEGRITY_UNKNOWN;
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 0356e1d437ca..f79fa8be203c 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -27,7 +27,7 @@
27#include "../integrity.h" 27#include "../integrity.h"
28 28
29enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_BINARY_NO_FIELD_LEN, 29enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_BINARY_NO_FIELD_LEN,
30 IMA_SHOW_ASCII }; 30 IMA_SHOW_BINARY_OLD_STRING_FMT, IMA_SHOW_ASCII };
31enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 }; 31enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 };
32 32
33/* digest size for IMA, fits SHA1 or MD5 */ 33/* digest size for IMA, fits SHA1 or MD5 */
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index c38bbce8c6a6..ba9e4d792dd5 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -92,8 +92,8 @@ int ima_store_template(struct ima_template_entry *entry,
92 int violation, struct inode *inode, 92 int violation, struct inode *inode,
93 const unsigned char *filename) 93 const unsigned char *filename)
94{ 94{
95 const char *op = "add_template_measure"; 95 static const char op[] = "add_template_measure";
96 const char *audit_cause = "hashing_error"; 96 static const char audit_cause[] = "hashing_error";
97 char *template_name = entry->template_desc->name; 97 char *template_name = entry->template_desc->name;
98 int result; 98 int result;
99 struct { 99 struct {
@@ -132,7 +132,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename,
132 const char *op, const char *cause) 132 const char *op, const char *cause)
133{ 133{
134 struct ima_template_entry *entry; 134 struct ima_template_entry *entry;
135 struct inode *inode = file->f_dentry->d_inode; 135 struct inode *inode = file_inode(file);
136 int violation = 1; 136 int violation = 1;
137 int result; 137 int result;
138 138
@@ -160,10 +160,10 @@ err_out:
160 * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK) 160 * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK)
161 * 161 *
162 * The policy is defined in terms of keypairs: 162 * The policy is defined in terms of keypairs:
163 * subj=, obj=, type=, func=, mask=, fsmagic= 163 * subj=, obj=, type=, func=, mask=, fsmagic=
164 * subj,obj, and type: are LSM specific. 164 * subj,obj, and type: are LSM specific.
165 * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK 165 * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
166 * mask: contains the permission mask 166 * mask: contains the permission mask
167 * fsmagic: hex value 167 * fsmagic: hex value
168 * 168 *
169 * Returns IMA_MEASURE, IMA_APPRAISE mask. 169 * Returns IMA_MEASURE, IMA_APPRAISE mask.
@@ -248,7 +248,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint,
248 * 248 *
249 * We only get here if the inode has not already been measured, 249 * We only get here if the inode has not already been measured,
250 * but the measurement could already exist: 250 * but the measurement could already exist:
251 * - multiple copies of the same file on either the same or 251 * - multiple copies of the same file on either the same or
252 * different filesystems. 252 * different filesystems.
253 * - the inode was previously flushed as well as the iint info, 253 * - the inode was previously flushed as well as the iint info,
254 * containing the hashing info. 254 * containing the hashing info.
@@ -260,8 +260,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint,
260 struct evm_ima_xattr_data *xattr_value, 260 struct evm_ima_xattr_data *xattr_value,
261 int xattr_len) 261 int xattr_len)
262{ 262{
263 const char *op = "add_template_measure"; 263 static const char op[] = "add_template_measure";
264 const char *audit_cause = "ENOMEM"; 264 static const char audit_cause[] = "ENOMEM";
265 int result = -ENOMEM; 265 int result = -ENOMEM;
266 struct inode *inode = file_inode(file); 266 struct inode *inode = file_inode(file);
267 struct ima_template_entry *entry; 267 struct ima_template_entry *entry;
@@ -332,5 +332,5 @@ const char *ima_d_path(struct path *path, char **pathbuf)
332 pathname = NULL; 332 pathname = NULL;
333 } 333 }
334 } 334 }
335 return pathname; 335 return pathname ?: (const char *)path->dentry->d_name.name;
336} 336}
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 734e9468aca0..291bf0f3a46d 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -177,11 +177,11 @@ int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
177 struct evm_ima_xattr_data *xattr_value, 177 struct evm_ima_xattr_data *xattr_value,
178 int xattr_len) 178 int xattr_len)
179{ 179{
180 static const char op[] = "appraise_data";
181 char *cause = "unknown";
180 struct dentry *dentry = file->f_dentry; 182 struct dentry *dentry = file->f_dentry;
181 struct inode *inode = dentry->d_inode; 183 struct inode *inode = dentry->d_inode;
182 enum integrity_status status = INTEGRITY_UNKNOWN; 184 enum integrity_status status = INTEGRITY_UNKNOWN;
183 const char *op = "appraise_data";
184 char *cause = "unknown";
185 int rc = xattr_len, hash_start = 0; 185 int rc = xattr_len, hash_start = 0;
186 186
187 if (!ima_appraise) 187 if (!ima_appraise)
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index fdf60def52e9..1bde8e627766 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -10,9 +10,11 @@
10 * the Free Software Foundation, version 2 of the License. 10 * the Free Software Foundation, version 2 of the License.
11 * 11 *
12 * File: ima_crypto.c 12 * File: ima_crypto.c
13 * Calculates md5/sha1 file hash, template hash, boot-aggreate hash 13 * Calculates md5/sha1 file hash, template hash, boot-aggreate hash
14 */ 14 */
15 15
16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17
16#include <linux/kernel.h> 18#include <linux/kernel.h>
17#include <linux/file.h> 19#include <linux/file.h>
18#include <linux/crypto.h> 20#include <linux/crypto.h>
@@ -85,16 +87,20 @@ static int ima_calc_file_hash_tfm(struct file *file,
85 if (rc != 0) 87 if (rc != 0)
86 return rc; 88 return rc;
87 89
88 rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL); 90 i_size = i_size_read(file_inode(file));
89 if (!rbuf) { 91
90 rc = -ENOMEM; 92 if (i_size == 0)
91 goto out; 93 goto out;
92 } 94
95 rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
96 if (!rbuf)
97 return -ENOMEM;
98
93 if (!(file->f_mode & FMODE_READ)) { 99 if (!(file->f_mode & FMODE_READ)) {
94 file->f_mode |= FMODE_READ; 100 file->f_mode |= FMODE_READ;
95 read = 1; 101 read = 1;
96 } 102 }
97 i_size = i_size_read(file_inode(file)); 103
98 while (offset < i_size) { 104 while (offset < i_size) {
99 int rbuf_len; 105 int rbuf_len;
100 106
@@ -111,12 +117,12 @@ static int ima_calc_file_hash_tfm(struct file *file,
111 if (rc) 117 if (rc)
112 break; 118 break;
113 } 119 }
114 kfree(rbuf);
115 if (!rc)
116 rc = crypto_shash_final(&desc.shash, hash->digest);
117 if (read) 120 if (read)
118 file->f_mode &= ~FMODE_READ; 121 file->f_mode &= ~FMODE_READ;
122 kfree(rbuf);
119out: 123out:
124 if (!rc)
125 rc = crypto_shash_final(&desc.shash, hash->digest);
120 return rc; 126 return rc;
121} 127}
122 128
@@ -161,15 +167,22 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
161 return rc; 167 return rc;
162 168
163 for (i = 0; i < num_fields; i++) { 169 for (i = 0; i < num_fields; i++) {
170 u8 buffer[IMA_EVENT_NAME_LEN_MAX + 1] = { 0 };
171 u8 *data_to_hash = field_data[i].data;
172 u32 datalen = field_data[i].len;
173
164 if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) { 174 if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
165 rc = crypto_shash_update(&desc.shash, 175 rc = crypto_shash_update(&desc.shash,
166 (const u8 *) &field_data[i].len, 176 (const u8 *) &field_data[i].len,
167 sizeof(field_data[i].len)); 177 sizeof(field_data[i].len));
168 if (rc) 178 if (rc)
169 break; 179 break;
180 } else if (strcmp(td->fields[i]->field_id, "n") == 0) {
181 memcpy(buffer, data_to_hash, datalen);
182 data_to_hash = buffer;
183 datalen = IMA_EVENT_NAME_LEN_MAX + 1;
170 } 184 }
171 rc = crypto_shash_update(&desc.shash, field_data[i].data, 185 rc = crypto_shash_update(&desc.shash, data_to_hash, datalen);
172 field_data[i].len);
173 if (rc) 186 if (rc)
174 break; 187 break;
175 } 188 }
@@ -205,7 +218,7 @@ static void __init ima_pcrread(int idx, u8 *pcr)
205 return; 218 return;
206 219
207 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0) 220 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
208 pr_err("IMA: Error Communicating to TPM chip\n"); 221 pr_err("Error Communicating to TPM chip\n");
209} 222}
210 223
211/* 224/*
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index db01125926bd..da92fcc08d15 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -133,14 +133,14 @@ static int ima_measurements_show(struct seq_file *m, void *v)
133 * PCR used is always the same (config option) in 133 * PCR used is always the same (config option) in
134 * little-endian format 134 * little-endian format
135 */ 135 */
136 ima_putc(m, &pcr, sizeof pcr); 136 ima_putc(m, &pcr, sizeof(pcr));
137 137
138 /* 2nd: template digest */ 138 /* 2nd: template digest */
139 ima_putc(m, e->digest, TPM_DIGEST_SIZE); 139 ima_putc(m, e->digest, TPM_DIGEST_SIZE);
140 140
141 /* 3rd: template name size */ 141 /* 3rd: template name size */
142 namelen = strlen(e->template_desc->name); 142 namelen = strlen(e->template_desc->name);
143 ima_putc(m, &namelen, sizeof namelen); 143 ima_putc(m, &namelen, sizeof(namelen));
144 144
145 /* 4th: template name */ 145 /* 4th: template name */
146 ima_putc(m, e->template_desc->name, namelen); 146 ima_putc(m, e->template_desc->name, namelen);
@@ -160,6 +160,8 @@ static int ima_measurements_show(struct seq_file *m, void *v)
160 160
161 if (is_ima_template && strcmp(field->field_id, "d") == 0) 161 if (is_ima_template && strcmp(field->field_id, "d") == 0)
162 show = IMA_SHOW_BINARY_NO_FIELD_LEN; 162 show = IMA_SHOW_BINARY_NO_FIELD_LEN;
163 if (is_ima_template && strcmp(field->field_id, "n") == 0)
164 show = IMA_SHOW_BINARY_OLD_STRING_FMT;
163 field->field_show(m, show, &e->template_data[i]); 165 field->field_show(m, show, &e->template_data[i]);
164 } 166 }
165 return 0; 167 return 0;
@@ -290,7 +292,7 @@ static atomic_t policy_opencount = ATOMIC_INIT(1);
290/* 292/*
291 * ima_open_policy: sequentialize access to the policy file 293 * ima_open_policy: sequentialize access to the policy file
292 */ 294 */
293static int ima_open_policy(struct inode * inode, struct file * filp) 295static int ima_open_policy(struct inode *inode, struct file *filp)
294{ 296{
295 /* No point in being allowed to open it if you aren't going to write */ 297 /* No point in being allowed to open it if you aren't going to write */
296 if (!(filp->f_flags & O_WRONLY)) 298 if (!(filp->f_flags & O_WRONLY))
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 37122768554a..e8f9d70a465d 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -14,6 +14,9 @@
14 * File: ima_init.c 14 * File: ima_init.c
15 * initialization and cleanup functions 15 * initialization and cleanup functions
16 */ 16 */
17
18#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
19
17#include <linux/module.h> 20#include <linux/module.h>
18#include <linux/scatterlist.h> 21#include <linux/scatterlist.h>
19#include <linux/slab.h> 22#include <linux/slab.h>
@@ -42,10 +45,10 @@ int ima_used_chip;
42 */ 45 */
43static void __init ima_add_boot_aggregate(void) 46static void __init ima_add_boot_aggregate(void)
44{ 47{
48 static const char op[] = "add_boot_aggregate";
49 const char *audit_cause = "ENOMEM";
45 struct ima_template_entry *entry; 50 struct ima_template_entry *entry;
46 struct integrity_iint_cache tmp_iint, *iint = &tmp_iint; 51 struct integrity_iint_cache tmp_iint, *iint = &tmp_iint;
47 const char *op = "add_boot_aggregate";
48 const char *audit_cause = "ENOMEM";
49 int result = -ENOMEM; 52 int result = -ENOMEM;
50 int violation = 0; 53 int violation = 0;
51 struct { 54 struct {
@@ -93,7 +96,7 @@ int __init ima_init(void)
93 ima_used_chip = 1; 96 ima_used_chip = 1;
94 97
95 if (!ima_used_chip) 98 if (!ima_used_chip)
96 pr_info("IMA: No TPM chip found, activating TPM-bypass!\n"); 99 pr_info("No TPM chip found, activating TPM-bypass!\n");
97 100
98 rc = ima_init_crypto(); 101 rc = ima_init_crypto();
99 if (rc) 102 if (rc)
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 149ee1119f87..52ac6cf41f88 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -71,15 +71,14 @@ __setup("ima_hash=", hash_setup);
71 * ima_rdwr_violation_check 71 * ima_rdwr_violation_check
72 * 72 *
73 * Only invalidate the PCR for measured files: 73 * Only invalidate the PCR for measured files:
74 * - Opening a file for write when already open for read, 74 * - Opening a file for write when already open for read,
75 * results in a time of measure, time of use (ToMToU) error. 75 * results in a time of measure, time of use (ToMToU) error.
76 * - Opening a file for read when already open for write, 76 * - Opening a file for read when already open for write,
77 * could result in a file measurement error. 77 * could result in a file measurement error.
78 * 78 *
79 */ 79 */
80static void ima_rdwr_violation_check(struct file *file) 80static void ima_rdwr_violation_check(struct file *file)
81{ 81{
82 struct dentry *dentry = file->f_path.dentry;
83 struct inode *inode = file_inode(file); 82 struct inode *inode = file_inode(file);
84 fmode_t mode = file->f_mode; 83 fmode_t mode = file->f_mode;
85 int must_measure; 84 int must_measure;
@@ -111,8 +110,6 @@ out:
111 return; 110 return;
112 111
113 pathname = ima_d_path(&file->f_path, &pathbuf); 112 pathname = ima_d_path(&file->f_path, &pathbuf);
114 if (!pathname || strlen(pathname) > IMA_EVENT_NAME_LEN_MAX)
115 pathname = dentry->d_name.name;
116 113
117 if (send_tomtou) 114 if (send_tomtou)
118 ima_add_violation(file, pathname, "invalid_pcr", "ToMToU"); 115 ima_add_violation(file, pathname, "invalid_pcr", "ToMToU");
@@ -220,9 +217,7 @@ static int process_measurement(struct file *file, const char *filename,
220 if (rc != 0) 217 if (rc != 0)
221 goto out_digsig; 218 goto out_digsig;
222 219
223 pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename; 220 pathname = filename ?: ima_d_path(&file->f_path, &pathbuf);
224 if (!pathname)
225 pathname = (const char *)file->f_dentry->d_name.name;
226 221
227 if (action & IMA_MEASURE) 222 if (action & IMA_MEASURE)
228 ima_store_measurement(iint, file, pathname, 223 ima_store_measurement(iint, file, pathname,
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index a9c3d3cd1990..93873a450ff7 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -7,7 +7,7 @@
7 * the Free Software Foundation, version 2 of the License. 7 * the Free Software Foundation, version 2 of the License.
8 * 8 *
9 * ima_policy.c 9 * ima_policy.c
10 * - initialize default measure policy rules 10 * - initialize default measure policy rules
11 * 11 *
12 */ 12 */
13#include <linux/module.h> 13#include <linux/module.h>
@@ -21,8 +21,8 @@
21#include "ima.h" 21#include "ima.h"
22 22
23/* flags definitions */ 23/* flags definitions */
24#define IMA_FUNC 0x0001 24#define IMA_FUNC 0x0001
25#define IMA_MASK 0x0002 25#define IMA_MASK 0x0002
26#define IMA_FSMAGIC 0x0004 26#define IMA_FSMAGIC 0x0004
27#define IMA_UID 0x0008 27#define IMA_UID 0x0008
28#define IMA_FOWNER 0x0010 28#define IMA_FOWNER 0x0010
@@ -69,35 +69,35 @@ struct ima_rule_entry {
69 * and running executables. 69 * and running executables.
70 */ 70 */
71static struct ima_rule_entry default_rules[] = { 71static struct ima_rule_entry default_rules[] = {
72 {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 72 {.action = DONT_MEASURE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
73 {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, 73 {.action = DONT_MEASURE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
74 {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, 74 {.action = DONT_MEASURE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
75 {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, 75 {.action = DONT_MEASURE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
76 {.action = DONT_MEASURE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 76 {.action = DONT_MEASURE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
77 {.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC}, 77 {.action = DONT_MEASURE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
78 {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, 78 {.action = DONT_MEASURE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
79 {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, 79 {.action = DONT_MEASURE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
80 {.action = MEASURE,.func = MMAP_CHECK,.mask = MAY_EXEC, 80 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
81 .flags = IMA_FUNC | IMA_MASK}, 81 .flags = IMA_FUNC | IMA_MASK},
82 {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, 82 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
83 .flags = IMA_FUNC | IMA_MASK}, 83 .flags = IMA_FUNC | IMA_MASK},
84 {.action = MEASURE,.func = FILE_CHECK,.mask = MAY_READ,.uid = GLOBAL_ROOT_UID, 84 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ, .uid = GLOBAL_ROOT_UID,
85 .flags = IMA_FUNC | IMA_MASK | IMA_UID}, 85 .flags = IMA_FUNC | IMA_MASK | IMA_UID},
86 {.action = MEASURE,.func = MODULE_CHECK, .flags = IMA_FUNC}, 86 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
87}; 87};
88 88
89static struct ima_rule_entry default_appraise_rules[] = { 89static struct ima_rule_entry default_appraise_rules[] = {
90 {.action = DONT_APPRAISE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 90 {.action = DONT_APPRAISE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
91 {.action = DONT_APPRAISE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, 91 {.action = DONT_APPRAISE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
92 {.action = DONT_APPRAISE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, 92 {.action = DONT_APPRAISE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
93 {.action = DONT_APPRAISE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, 93 {.action = DONT_APPRAISE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
94 {.action = DONT_APPRAISE,.fsmagic = RAMFS_MAGIC,.flags = IMA_FSMAGIC}, 94 {.action = DONT_APPRAISE, .fsmagic = RAMFS_MAGIC, .flags = IMA_FSMAGIC},
95 {.action = DONT_APPRAISE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 95 {.action = DONT_APPRAISE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
96 {.action = DONT_APPRAISE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC}, 96 {.action = DONT_APPRAISE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
97 {.action = DONT_APPRAISE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, 97 {.action = DONT_APPRAISE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
98 {.action = DONT_APPRAISE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, 98 {.action = DONT_APPRAISE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
99 {.action = DONT_APPRAISE,.fsmagic = CGROUP_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 99 {.action = DONT_APPRAISE, .fsmagic = CGROUP_SUPER_MAGIC, .flags = IMA_FSMAGIC},
100 {.action = APPRAISE,.fowner = GLOBAL_ROOT_UID,.flags = IMA_FOWNER}, 100 {.action = APPRAISE, .fowner = GLOBAL_ROOT_UID, .flags = IMA_FOWNER},
101}; 101};
102 102
103static LIST_HEAD(ima_default_rules); 103static LIST_HEAD(ima_default_rules);
@@ -122,12 +122,12 @@ static int __init default_appraise_policy_setup(char *str)
122} 122}
123__setup("ima_appraise_tcb", default_appraise_policy_setup); 123__setup("ima_appraise_tcb", default_appraise_policy_setup);
124 124
125/* 125/*
126 * Although the IMA policy does not change, the LSM policy can be 126 * Although the IMA policy does not change, the LSM policy can be
127 * reloaded, leaving the IMA LSM based rules referring to the old, 127 * reloaded, leaving the IMA LSM based rules referring to the old,
128 * stale LSM policy. 128 * stale LSM policy.
129 * 129 *
130 * Update the IMA LSM based rules to reflect the reloaded LSM policy. 130 * Update the IMA LSM based rules to reflect the reloaded LSM policy.
131 * We assume the rules still exist; and BUG_ON() if they don't. 131 * We assume the rules still exist; and BUG_ON() if they don't.
132 */ 132 */
133static void ima_lsm_update_rules(void) 133static void ima_lsm_update_rules(void)
@@ -167,9 +167,11 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
167 const struct cred *cred = current_cred(); 167 const struct cred *cred = current_cred();
168 int i; 168 int i;
169 169
170 if ((rule->flags & IMA_FUNC) && rule->func != func) 170 if ((rule->flags & IMA_FUNC) &&
171 (rule->func != func && func != POST_SETATTR))
171 return false; 172 return false;
172 if ((rule->flags & IMA_MASK) && rule->mask != mask) 173 if ((rule->flags & IMA_MASK) &&
174 (rule->mask != mask && func != POST_SETATTR))
173 return false; 175 return false;
174 if ((rule->flags & IMA_FSMAGIC) 176 if ((rule->flags & IMA_FSMAGIC)
175 && rule->fsmagic != inode->i_sb->s_magic) 177 && rule->fsmagic != inode->i_sb->s_magic)
@@ -216,7 +218,7 @@ retry:
216 retried = 1; 218 retried = 1;
217 ima_lsm_update_rules(); 219 ima_lsm_update_rules();
218 goto retry; 220 goto retry;
219 } 221 }
220 if (!rc) 222 if (!rc)
221 return false; 223 return false;
222 } 224 }
@@ -232,7 +234,7 @@ static int get_subaction(struct ima_rule_entry *rule, int func)
232 if (!(rule->flags & IMA_FUNC)) 234 if (!(rule->flags & IMA_FUNC))
233 return IMA_FILE_APPRAISE; 235 return IMA_FILE_APPRAISE;
234 236
235 switch(func) { 237 switch (func) {
236 case MMAP_CHECK: 238 case MMAP_CHECK:
237 return IMA_MMAP_APPRAISE; 239 return IMA_MMAP_APPRAISE;
238 case BPRM_CHECK: 240 case BPRM_CHECK:
@@ -304,7 +306,7 @@ void __init ima_init_policy(void)
304 measure_entries = ima_use_tcb ? ARRAY_SIZE(default_rules) : 0; 306 measure_entries = ima_use_tcb ? ARRAY_SIZE(default_rules) : 0;
305 appraise_entries = ima_use_appraise_tcb ? 307 appraise_entries = ima_use_appraise_tcb ?
306 ARRAY_SIZE(default_appraise_rules) : 0; 308 ARRAY_SIZE(default_appraise_rules) : 0;
307 309
308 for (i = 0; i < measure_entries + appraise_entries; i++) { 310 for (i = 0; i < measure_entries + appraise_entries; i++) {
309 if (i < measure_entries) 311 if (i < measure_entries)
310 list_add_tail(&default_rules[i].list, 312 list_add_tail(&default_rules[i].list,
@@ -329,7 +331,7 @@ void __init ima_init_policy(void)
329 */ 331 */
330void ima_update_policy(void) 332void ima_update_policy(void)
331{ 333{
332 const char *op = "policy_update"; 334 static const char op[] = "policy_update";
333 const char *cause = "already exists"; 335 const char *cause = "already exists";
334 int result = 1; 336 int result = 1;
335 int audit_info = 0; 337 int audit_info = 0;
@@ -520,8 +522,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
520 break; 522 break;
521 } 523 }
522 524
523 result = strict_strtoul(args[0].from, 16, 525 result = kstrtoul(args[0].from, 16, &entry->fsmagic);
524 &entry->fsmagic);
525 if (!result) 526 if (!result)
526 entry->flags |= IMA_FSMAGIC; 527 entry->flags |= IMA_FSMAGIC;
527 break; 528 break;
@@ -547,7 +548,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
547 break; 548 break;
548 } 549 }
549 550
550 result = strict_strtoul(args[0].from, 10, &lnum); 551 result = kstrtoul(args[0].from, 10, &lnum);
551 if (!result) { 552 if (!result) {
552 entry->uid = make_kuid(current_user_ns(), (uid_t)lnum); 553 entry->uid = make_kuid(current_user_ns(), (uid_t)lnum);
553 if (!uid_valid(entry->uid) || (((uid_t)lnum) != lnum)) 554 if (!uid_valid(entry->uid) || (((uid_t)lnum) != lnum))
@@ -564,7 +565,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
564 break; 565 break;
565 } 566 }
566 567
567 result = strict_strtoul(args[0].from, 10, &lnum); 568 result = kstrtoul(args[0].from, 10, &lnum);
568 if (!result) { 569 if (!result) {
569 entry->fowner = make_kuid(current_user_ns(), (uid_t)lnum); 570 entry->fowner = make_kuid(current_user_ns(), (uid_t)lnum);
570 if (!uid_valid(entry->fowner) || (((uid_t)lnum) != lnum)) 571 if (!uid_valid(entry->fowner) || (((uid_t)lnum) != lnum))
@@ -645,7 +646,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
645 */ 646 */
646ssize_t ima_parse_add_rule(char *rule) 647ssize_t ima_parse_add_rule(char *rule)
647{ 648{
648 const char *op = "update_policy"; 649 static const char op[] = "update_policy";
649 char *p; 650 char *p;
650 struct ima_rule_entry *entry; 651 struct ima_rule_entry *entry;
651 ssize_t result, len; 652 ssize_t result, len;
diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index d85e99761f4f..552705d5a78d 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -18,6 +18,9 @@
18 * The measurement list is append-only. No entry is 18 * The measurement list is append-only. No entry is
19 * ever removed or changed during the boot-cycle. 19 * ever removed or changed during the boot-cycle.
20 */ 20 */
21
22#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
23
21#include <linux/module.h> 24#include <linux/module.h>
22#include <linux/rculist.h> 25#include <linux/rculist.h>
23#include <linux/slab.h> 26#include <linux/slab.h>
@@ -72,7 +75,7 @@ static int ima_add_digest_entry(struct ima_template_entry *entry)
72 75
73 qe = kmalloc(sizeof(*qe), GFP_KERNEL); 76 qe = kmalloc(sizeof(*qe), GFP_KERNEL);
74 if (qe == NULL) { 77 if (qe == NULL) {
75 pr_err("IMA: OUT OF MEMORY ERROR creating queue entry.\n"); 78 pr_err("OUT OF MEMORY ERROR creating queue entry\n");
76 return -ENOMEM; 79 return -ENOMEM;
77 } 80 }
78 qe->entry = entry; 81 qe->entry = entry;
@@ -95,8 +98,7 @@ static int ima_pcr_extend(const u8 *hash)
95 98
96 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash); 99 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash);
97 if (result != 0) 100 if (result != 0)
98 pr_err("IMA: Error Communicating to TPM chip, result: %d\n", 101 pr_err("Error Communicating to TPM chip, result: %d\n", result);
99 result);
100 return result; 102 return result;
101} 103}
102 104
@@ -115,7 +117,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
115 117
116 mutex_lock(&ima_extend_list_mutex); 118 mutex_lock(&ima_extend_list_mutex);
117 if (!violation) { 119 if (!violation) {
118 memcpy(digest, entry->digest, sizeof digest); 120 memcpy(digest, entry->digest, sizeof(digest));
119 if (ima_lookup_digest_entry(digest)) { 121 if (ima_lookup_digest_entry(digest)) {
120 audit_cause = "hash_exists"; 122 audit_cause = "hash_exists";
121 result = -EEXIST; 123 result = -EEXIST;
@@ -131,7 +133,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
131 } 133 }
132 134
133 if (violation) /* invalidate pcr */ 135 if (violation) /* invalidate pcr */
134 memset(digest, 0xff, sizeof digest); 136 memset(digest, 0xff, sizeof(digest));
135 137
136 tpmresult = ima_pcr_extend(digest); 138 tpmresult = ima_pcr_extend(digest);
137 if (tpmresult != 0) { 139 if (tpmresult != 0) {
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 635695f6a185..a076a967ec47 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -12,6 +12,9 @@
12 * File: ima_template.c 12 * File: ima_template.c
13 * Helpers to manage template descriptors. 13 * Helpers to manage template descriptors.
14 */ 14 */
15
16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17
15#include <crypto/hash_info.h> 18#include <crypto/hash_info.h>
16 19
17#include "ima.h" 20#include "ima.h"
@@ -19,20 +22,20 @@
19 22
20static struct ima_template_desc defined_templates[] = { 23static struct ima_template_desc defined_templates[] = {
21 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT}, 24 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
22 {.name = "ima-ng",.fmt = "d-ng|n-ng"}, 25 {.name = "ima-ng", .fmt = "d-ng|n-ng"},
23 {.name = "ima-sig",.fmt = "d-ng|n-ng|sig"}, 26 {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
24}; 27};
25 28
26static struct ima_template_field supported_fields[] = { 29static struct ima_template_field supported_fields[] = {
27 {.field_id = "d",.field_init = ima_eventdigest_init, 30 {.field_id = "d", .field_init = ima_eventdigest_init,
28 .field_show = ima_show_template_digest}, 31 .field_show = ima_show_template_digest},
29 {.field_id = "n",.field_init = ima_eventname_init, 32 {.field_id = "n", .field_init = ima_eventname_init,
30 .field_show = ima_show_template_string}, 33 .field_show = ima_show_template_string},
31 {.field_id = "d-ng",.field_init = ima_eventdigest_ng_init, 34 {.field_id = "d-ng", .field_init = ima_eventdigest_ng_init,
32 .field_show = ima_show_template_digest_ng}, 35 .field_show = ima_show_template_digest_ng},
33 {.field_id = "n-ng",.field_init = ima_eventname_ng_init, 36 {.field_id = "n-ng", .field_init = ima_eventname_ng_init,
34 .field_show = ima_show_template_string}, 37 .field_show = ima_show_template_string},
35 {.field_id = "sig",.field_init = ima_eventsig_init, 38 {.field_id = "sig", .field_init = ima_eventsig_init,
36 .field_show = ima_show_template_sig}, 39 .field_show = ima_show_template_sig},
37}; 40};
38 41
@@ -58,7 +61,7 @@ static int __init ima_template_setup(char *str)
58 */ 61 */
59 if (template_len == 3 && strcmp(str, IMA_TEMPLATE_IMA_NAME) == 0 && 62 if (template_len == 3 && strcmp(str, IMA_TEMPLATE_IMA_NAME) == 0 &&
60 ima_hash_algo != HASH_ALGO_SHA1 && ima_hash_algo != HASH_ALGO_MD5) { 63 ima_hash_algo != HASH_ALGO_SHA1 && ima_hash_algo != HASH_ALGO_MD5) {
61 pr_err("IMA: template does not support hash alg\n"); 64 pr_err("template does not support hash alg\n");
62 return 1; 65 return 1;
63 } 66 }
64 67
diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c
index 1683bbf289a4..1506f0248572 100644
--- a/security/integrity/ima/ima_template_lib.c
+++ b/security/integrity/ima/ima_template_lib.c
@@ -27,7 +27,6 @@ static bool ima_template_hash_algo_allowed(u8 algo)
27enum data_formats { 27enum data_formats {
28 DATA_FMT_DIGEST = 0, 28 DATA_FMT_DIGEST = 0,
29 DATA_FMT_DIGEST_WITH_ALGO, 29 DATA_FMT_DIGEST_WITH_ALGO,
30 DATA_FMT_EVENT_NAME,
31 DATA_FMT_STRING, 30 DATA_FMT_STRING,
32 DATA_FMT_HEX 31 DATA_FMT_HEX
33}; 32};
@@ -37,18 +36,10 @@ static int ima_write_template_field_data(const void *data, const u32 datalen,
37 struct ima_field_data *field_data) 36 struct ima_field_data *field_data)
38{ 37{
39 u8 *buf, *buf_ptr; 38 u8 *buf, *buf_ptr;
40 u32 buflen; 39 u32 buflen = datalen;
41 40
42 switch (datafmt) { 41 if (datafmt == DATA_FMT_STRING)
43 case DATA_FMT_EVENT_NAME:
44 buflen = IMA_EVENT_NAME_LEN_MAX + 1;
45 break;
46 case DATA_FMT_STRING:
47 buflen = datalen + 1; 42 buflen = datalen + 1;
48 break;
49 default:
50 buflen = datalen;
51 }
52 43
53 buf = kzalloc(buflen, GFP_KERNEL); 44 buf = kzalloc(buflen, GFP_KERNEL);
54 if (!buf) 45 if (!buf)
@@ -63,7 +54,7 @@ static int ima_write_template_field_data(const void *data, const u32 datalen,
63 * split into multiple template fields (the space is the delimitator 54 * split into multiple template fields (the space is the delimitator
64 * character for measurements lists in ASCII format). 55 * character for measurements lists in ASCII format).
65 */ 56 */
66 if (datafmt == DATA_FMT_EVENT_NAME || datafmt == DATA_FMT_STRING) { 57 if (datafmt == DATA_FMT_STRING) {
67 for (buf_ptr = buf; buf_ptr - buf < datalen; buf_ptr++) 58 for (buf_ptr = buf; buf_ptr - buf < datalen; buf_ptr++)
68 if (*buf_ptr == ' ') 59 if (*buf_ptr == ' ')
69 *buf_ptr = '_'; 60 *buf_ptr = '_';
@@ -109,13 +100,16 @@ static void ima_show_template_data_binary(struct seq_file *m,
109 enum data_formats datafmt, 100 enum data_formats datafmt,
110 struct ima_field_data *field_data) 101 struct ima_field_data *field_data)
111{ 102{
103 u32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ?
104 strlen(field_data->data) : field_data->len;
105
112 if (show != IMA_SHOW_BINARY_NO_FIELD_LEN) 106 if (show != IMA_SHOW_BINARY_NO_FIELD_LEN)
113 ima_putc(m, &field_data->len, sizeof(u32)); 107 ima_putc(m, &len, sizeof(len));
114 108
115 if (!field_data->len) 109 if (!len)
116 return; 110 return;
117 111
118 ima_putc(m, field_data->data, field_data->len); 112 ima_putc(m, field_data->data, len);
119} 113}
120 114
121static void ima_show_template_field_data(struct seq_file *m, 115static void ima_show_template_field_data(struct seq_file *m,
@@ -129,6 +123,7 @@ static void ima_show_template_field_data(struct seq_file *m,
129 break; 123 break;
130 case IMA_SHOW_BINARY: 124 case IMA_SHOW_BINARY:
131 case IMA_SHOW_BINARY_NO_FIELD_LEN: 125 case IMA_SHOW_BINARY_NO_FIELD_LEN:
126 case IMA_SHOW_BINARY_OLD_STRING_FMT:
132 ima_show_template_data_binary(m, show, datafmt, field_data); 127 ima_show_template_data_binary(m, show, datafmt, field_data);
133 break; 128 break;
134 default: 129 default:
@@ -277,8 +272,6 @@ static int ima_eventname_init_common(struct integrity_iint_cache *iint,
277{ 272{
278 const char *cur_filename = NULL; 273 const char *cur_filename = NULL;
279 u32 cur_filename_len = 0; 274 u32 cur_filename_len = 0;
280 enum data_formats fmt = size_limit ?
281 DATA_FMT_EVENT_NAME : DATA_FMT_STRING;
282 275
283 BUG_ON(filename == NULL && file == NULL); 276 BUG_ON(filename == NULL && file == NULL);
284 277
@@ -301,7 +294,7 @@ static int ima_eventname_init_common(struct integrity_iint_cache *iint,
301 cur_filename_len = IMA_EVENT_NAME_LEN_MAX; 294 cur_filename_len = IMA_EVENT_NAME_LEN_MAX;
302out: 295out:
303 return ima_write_template_field_data(cur_filename, cur_filename_len, 296 return ima_write_template_field_data(cur_filename, cur_filename_len,
304 fmt, field_data); 297 DATA_FMT_STRING, field_data);
305} 298}
306 299
307/* 300/*
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index d7efb30404aa..aab9fa5a8231 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -7,7 +7,7 @@
7 * the Free Software Foundation, version 2 of the License. 7 * the Free Software Foundation, version 2 of the License.
8 * 8 *
9 * File: integrity_audit.c 9 * File: integrity_audit.c
10 * Audit calls for the integrity subsystem 10 * Audit calls for the integrity subsystem
11 */ 11 */
12 12
13#include <linux/fs.h> 13#include <linux/fs.h>
@@ -22,7 +22,7 @@ static int __init integrity_audit_setup(char *str)
22{ 22{
23 unsigned long audit; 23 unsigned long audit;
24 24
25 if (!strict_strtoul(str, 0, &audit)) 25 if (!kstrtoul(str, 0, &audit))
26 integrity_audit_info = audit ? 1 : 0; 26 integrity_audit_info = audit ? 1 : 0;
27 return 1; 27 return 1;
28} 28}
@@ -33,6 +33,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
33 const char *cause, int result, int audit_info) 33 const char *cause, int result, int audit_info)
34{ 34{
35 struct audit_buffer *ab; 35 struct audit_buffer *ab;
36 char name[TASK_COMM_LEN];
36 37
37 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */ 38 if (!integrity_audit_info && audit_info == 1) /* Skip info messages */
38 return; 39 return;
@@ -49,7 +50,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
49 audit_log_format(ab, " cause="); 50 audit_log_format(ab, " cause=");
50 audit_log_string(ab, cause); 51 audit_log_string(ab, cause);
51 audit_log_format(ab, " comm="); 52 audit_log_format(ab, " comm=");
52 audit_log_untrustedstring(ab, current->comm); 53 audit_log_untrustedstring(ab, get_task_comm(name, current));
53 if (fname) { 54 if (fname) {
54 audit_log_format(ab, " name="); 55 audit_log_format(ab, " name=");
55 audit_log_untrustedstring(ab, fname); 56 audit_log_untrustedstring(ab, fname);
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 9e1e005c7596..5fe443d120af 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -609,7 +609,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
609 long dlen; 609 long dlen;
610 int ret; 610 int ret;
611 611
612 ret = strict_strtol(datalen, 10, &dlen); 612 ret = kstrtol(datalen, 10, &dlen);
613 if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE) 613 if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
614 return ERR_PTR(-EINVAL); 614 return ERR_PTR(-EINVAL);
615 615
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index e13fcf7636f7..6b804aa4529a 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -753,7 +753,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
753 return -EINVAL; 753 return -EINVAL;
754 break; 754 break;
755 case Opt_keyhandle: 755 case Opt_keyhandle:
756 res = strict_strtoul(args[0].from, 16, &handle); 756 res = kstrtoul(args[0].from, 16, &handle);
757 if (res < 0) 757 if (res < 0)
758 return -EINVAL; 758 return -EINVAL;
759 opt->keytype = SEAL_keytype; 759 opt->keytype = SEAL_keytype;
@@ -782,7 +782,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
782 return -EINVAL; 782 return -EINVAL;
783 break; 783 break;
784 case Opt_pcrlock: 784 case Opt_pcrlock:
785 res = strict_strtoul(args[0].from, 10, &lock); 785 res = kstrtoul(args[0].from, 10, &lock);
786 if (res < 0) 786 if (res < 0)
787 return -EINVAL; 787 return -EINVAL;
788 opt->pcrlock = lock; 788 opt->pcrlock = lock;
@@ -820,7 +820,7 @@ static int datablob_parse(char *datablob, struct trusted_key_payload *p,
820 c = strsep(&datablob, " \t"); 820 c = strsep(&datablob, " \t");
821 if (!c) 821 if (!c)
822 return -EINVAL; 822 return -EINVAL;
823 ret = strict_strtol(c, 10, &keylen); 823 ret = kstrtol(c, 10, &keylen);
824 if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE) 824 if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE)
825 return -EINVAL; 825 return -EINVAL;
826 p->key_len = keylen; 826 p->key_len = keylen;
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b332e2cc0954..869c2f1e0da1 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -106,7 +106,7 @@ int selinux_enforcing;
106static int __init enforcing_setup(char *str) 106static int __init enforcing_setup(char *str)
107{ 107{
108 unsigned long enforcing; 108 unsigned long enforcing;
109 if (!strict_strtoul(str, 0, &enforcing)) 109 if (!kstrtoul(str, 0, &enforcing))
110 selinux_enforcing = enforcing ? 1 : 0; 110 selinux_enforcing = enforcing ? 1 : 0;
111 return 1; 111 return 1;
112} 112}
@@ -119,7 +119,7 @@ int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE;
119static int __init selinux_enabled_setup(char *str) 119static int __init selinux_enabled_setup(char *str)
120{ 120{
121 unsigned long enabled; 121 unsigned long enabled;
122 if (!strict_strtoul(str, 0, &enabled)) 122 if (!kstrtoul(str, 0, &enabled))
123 selinux_enabled = enabled ? 1 : 0; 123 selinux_enabled = enabled ? 1 : 0;
124 return 1; 124 return 1;
125} 125}
@@ -1418,15 +1418,33 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1418 isec->sid = sbsec->sid; 1418 isec->sid = sbsec->sid;
1419 1419
1420 if ((sbsec->flags & SE_SBPROC) && !S_ISLNK(inode->i_mode)) { 1420 if ((sbsec->flags & SE_SBPROC) && !S_ISLNK(inode->i_mode)) {
1421 if (opt_dentry) { 1421 /* We must have a dentry to determine the label on
1422 isec->sclass = inode_mode_to_security_class(inode->i_mode); 1422 * procfs inodes */
1423 rc = selinux_proc_get_sid(opt_dentry, 1423 if (opt_dentry)
1424 isec->sclass, 1424 /* Called from d_instantiate or
1425 &sid); 1425 * d_splice_alias. */
1426 if (rc) 1426 dentry = dget(opt_dentry);
1427 goto out_unlock; 1427 else
1428 isec->sid = sid; 1428 /* Called from selinux_complete_init, try to
1429 } 1429 * find a dentry. */
1430 dentry = d_find_alias(inode);
1431 /*
1432 * This can be hit on boot when a file is accessed
1433 * before the policy is loaded. When we load policy we
1434 * may find inodes that have no dentry on the
1435 * sbsec->isec_head list. No reason to complain as
1436 * these will get fixed up the next time we go through
1437 * inode_doinit() with a dentry, before these inodes
1438 * could be used again by userspace.
1439 */
1440 if (!dentry)
1441 goto out_unlock;
1442 isec->sclass = inode_mode_to_security_class(inode->i_mode);
1443 rc = selinux_proc_get_sid(dentry, isec->sclass, &sid);
1444 dput(dentry);
1445 if (rc)
1446 goto out_unlock;
1447 isec->sid = sid;
1430 } 1448 }
1431 break; 1449 break;
1432 } 1450 }
@@ -3205,24 +3223,20 @@ error:
3205 3223
3206static int selinux_mmap_addr(unsigned long addr) 3224static int selinux_mmap_addr(unsigned long addr)
3207{ 3225{
3208 int rc = 0; 3226 int rc;
3209 u32 sid = current_sid(); 3227
3228 /* do DAC check on address space usage */
3229 rc = cap_mmap_addr(addr);
3230 if (rc)
3231 return rc;
3210 3232
3211 /*
3212 * notice that we are intentionally putting the SELinux check before
3213 * the secondary cap_file_mmap check. This is such a likely attempt
3214 * at bad behaviour/exploit that we always want to get the AVC, even
3215 * if DAC would have also denied the operation.
3216 */
3217 if (addr < CONFIG_LSM_MMAP_MIN_ADDR) { 3233 if (addr < CONFIG_LSM_MMAP_MIN_ADDR) {
3234 u32 sid = current_sid();
3218 rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT, 3235 rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT,
3219 MEMPROTECT__MMAP_ZERO, NULL); 3236 MEMPROTECT__MMAP_ZERO, NULL);
3220 if (rc)
3221 return rc;
3222 } 3237 }
3223 3238
3224 /* do DAC check on address space usage */ 3239 return rc;
3225 return cap_mmap_addr(addr);
3226} 3240}
3227 3241
3228static int selinux_mmap_file(struct file *file, unsigned long reqprot, 3242static int selinux_mmap_file(struct file *file, unsigned long reqprot,
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index d60c0ee66387..c71737f6d1cc 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -54,7 +54,7 @@ unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE;
54static int __init checkreqprot_setup(char *str) 54static int __init checkreqprot_setup(char *str)
55{ 55{
56 unsigned long checkreqprot; 56 unsigned long checkreqprot;
57 if (!strict_strtoul(str, 0, &checkreqprot)) 57 if (!kstrtoul(str, 0, &checkreqprot))
58 selinux_checkreqprot = checkreqprot ? 1 : 0; 58 selinux_checkreqprot = checkreqprot ? 1 : 0;
59 return 1; 59 return 1;
60} 60}