Provide creation of trusted keyrings, which require all keys added to the keyrings be signed by an existing trusted key on the system trusted keyring.
Signed-off-by: Dmitry Kasatkin <[email protected]> --- security/integrity/Kconfig | 4 ++++ security/integrity/digsig.c | 31 +++++++++++++++++++++++++++++++ security/integrity/integrity.h | 10 ++++++++++ 3 files changed, 45 insertions(+) diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig index b16c9cd..89f226a 100644 --- a/security/integrity/Kconfig +++ b/security/integrity/Kconfig @@ -47,6 +47,10 @@ config INTEGRITY_AUDIT be enabled by specifying 'integrity_audit=1' on the kernel command line. +config INTEGRITY_TRUSTED_KEYRING + def_bool n + depends on IMA_TRUSTED_KEYRING || EVM_TRUSTED_KEYRING + source security/integrity/ima/Kconfig source security/integrity/evm/Kconfig diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c index b4af4eb..45adc07 100644 --- a/security/integrity/digsig.c +++ b/security/integrity/digsig.c @@ -13,7 +13,9 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #include <linux/err.h> +#include <linux/sched.h> #include <linux/rbtree.h> +#include <linux/cred.h> #include <linux/key-type.h> #include <linux/digsig.h> @@ -56,3 +58,32 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, return -EOPNOTSUPP; } + +#ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING +int integrity_init_keyring(const unsigned int id) +{ + const struct cred *cred = current_cred(); + const struct user_struct *user = cred->user; + + pr_notice("initialize trusted keyring: %s\n", keyring_name[id]); + + /* this function relies that init_root_keyring() was executed + * in 'keys' subsystem, which is initialized before integrity + */ + + keyring[id] = keyring_alloc(keyring_name[id], KUIDT_INIT(0), + KGIDT_INIT(0), cred, + ((KEY_POS_ALL & ~KEY_POS_SETATTR) | + KEY_USR_VIEW | KEY_USR_READ), + KEY_ALLOC_NOT_IN_QUOTA, user->uid_keyring); + if (IS_ERR(keyring[id])) { + long rc = PTR_ERR(keyring[id]); + pr_err("Can't allocate %s keyring (%ld)\n", + keyring_name[id], rc); + keyring[id] = NULL; + return rc; + } + set_bit(KEY_FLAG_TRUSTED_ONLY, &keyring[id]->flags); + return 0; +} +#endif diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 2fb5e53..dd26ad0 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -137,6 +137,7 @@ static inline int integrity_digsig_verify(const unsigned int id, #ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS int asymmetric_verify(struct key *keyring, const char *sig, int siglen, const char *data, int datalen); + #else static inline int asymmetric_verify(struct key *keyring, const char *sig, int siglen, const char *data, int datalen) @@ -145,6 +146,15 @@ static inline int asymmetric_verify(struct key *keyring, const char *sig, } #endif +#ifdef CONFIG_INTEGRITY_TRUSTED_KEYRING +int integrity_init_keyring(const unsigned int id); +#else +static inline int integrity_init_keyring(const unsigned int id) +{ + return 0; +} +#endif + #ifdef CONFIG_INTEGRITY_AUDIT /* declarations */ void integrity_audit_msg(int audit_msgno, struct inode *inode, -- 1.8.3.2 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
