[PATCH v3 5/6] IMA: add hook to measure critical data from kernel components
Tushar Sugandhi
tusharsu at linux.microsoft.com
Fri Sep 11 17:38:30 UTC 2020
On 2020-08-31 11:23 a.m., Mimi Zohar wrote:
>> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
>> index 52cbbc1f7ea2..a889bf40cb7e 100644
>> --- a/security/integrity/ima/ima_main.c
>> +++ b/security/integrity/ima/ima_main.c
>> @@ -869,6 +869,30 @@ void ima_kexec_cmdline(int kernel_fd, const void *buf, int size)
>> fdput(f);
>> }
>>
>> +/**
>> + * ima_measure_critical_data - measure critical data
>> + * @event_name: name for the given data
>> + * @event_data_source: name of the event data source
>> + * @buf: pointer to buffer containing data to measure
>> + * @buf_len: length of buffer(in bytes)
>> + * @measure_buf_hash: if set to true - will measure hash of the buf,
>> + * instead of buf
>> + *
>> + * Buffers can only be measured, not appraised.
>> + */
>> +int ima_measure_critical_data(const char *event_name,
>> + const char *event_data_source,
>> + const void *buf, int buf_len,
>> + bool measure_buf_hash)
>> +{
>> + if (!event_name || !event_data_source || !buf || !buf_len)
>> + return -EINVAL;
>> +
>> + return process_buffer_measurement(NULL, buf, buf_len, event_name,
>> + CRITICAL_DATA, 0, event_data_source,
>> + measure_buf_hash);
>
> This is exactly what I'm concerned about. Failure to measure data may
> be audited, but should never fail.
>
> Mimi
>
As I responded in patch 2, I can ignore the result of
process_buffer_measurement() in ima_measure_critical_data(), and make
ima_measure_critical_data() return type as "void".
But that’s the only place where the results of p_b_m() are being used.
So I might as well just revert the return type of p_b_m() to the
original "void".
>> +}
>
More information about the Linux-security-module-archive
mailing list