LXR linux/security/integrity/ima/ima

   1/*
   2 * Copyright (C) 2005,2006,2007,2008 IBM Corporation
   3 *
   4 * Authors:
   5 * Mimi Zohar <zohar@us.ibm.com>
   6 * Kylene Hall <kjhall@us.ibm.com>
   7 *
   8 * This program is free software; you can redistribute it and/or modify
   9 * it under the terms of the GNU General Public License as published by
  10 * the Free Software Foundation, version 2 of the License.
  11 *
  12 * File: ima_crypto.c
  13 *      Calculates md5/sha1 file hash, template hash, boot-aggreate hash
  14 */
  15
  16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  17
  18#include <linux/kernel.h>
  19#include <linux/moduleparam.h>
  20#include <linux/ratelimit.h>
  21#include <linux/file.h>
  22#include <linux/crypto.h>
  23#include <linux/scatterlist.h>
  24#include <linux/err.h>
  25#include <linux/slab.h>
  26#include <crypto/hash.h>
  27
  28#include "ima.h"
  29
  30struct ahash_completion {
  31        struct completion completion;
  32        int err;
  33};
  34
  35/* minimum file size for ahash use */
  36static unsigned long ima_ahash_minsize;
  37module_param_named(ahash_minsize, ima_ahash_minsize, ulong, 0644);
  38MODULE_PARM_DESC(ahash_minsize, "Minimum file size for ahash use");
  39
  40/* default is 0 - 1 page. */
  41static int ima_maxorder;
  42static unsigned int ima_bufsize = PAGE_SIZE;
  43
  44static int param_set_bufsize(const char *val, const struct kernel_param *kp)
  45{
  46        unsigned long long size;
  47        int order;
  48
  49        size = memparse(val, NULL);
  50        order = get_order(size);
  51        if (order >= MAX_ORDER)
  52                return -EINVAL;
  53        ima_maxorder = order;
  54        ima_bufsize = PAGE_SIZE << order;
  55        return 0;
  56}
  57
  58static const struct kernel_param_ops param_ops_bufsize = {
  59        .set = param_set_bufsize,
  60        .get = param_get_uint,
  61};
  62#define param_check_bufsize(name, p) __param_check(name, p, unsigned int)
  63
  64module_param_named(ahash_bufsize, ima_bufsize, bufsize, 0644);
  65MODULE_PARM_DESC(ahash_bufsize, "Maximum ahash buffer size");
  66
  67static struct crypto_shash *ima_shash_tfm;
  68static struct crypto_ahash *ima_ahash_tfm;
  69
  70int __init ima_init_crypto(void)
  71{
  72        long rc;
  73
  74        ima_shash_tfm = crypto_alloc_shash(hash_algo_name[ima_hash_algo], 0, 0);
  75        if (IS_ERR(ima_shash_tfm)) {
  76                rc = PTR_ERR(ima_shash_tfm);
  77                pr_err("Can not allocate %s (reason: %ld)\n",
  78                       hash_algo_name[ima_hash_algo], rc);
  79                return rc;
  80        }
  81        return 0;
  82}
  83
  84static struct crypto_shash *ima_alloc_tfm(enum hash_algo algo)
  85{
  86        struct crypto_shash *tfm = ima_shash_tfm;
  87        int rc;
  88
  89        if (algo < 0 || algo >= HASH_ALGO__LAST)
  90                algo = ima_hash_algo;
  91
  92        if (algo != ima_hash_algo) {
  93                tfm = crypto_alloc_shash(hash_algo_name[algo], 0, 0);
  94                if (IS_ERR(tfm)) {
  95                        rc = PTR_ERR(tfm);
  96                        pr_err("Can not allocate %s (reason: %d)\n",
  97                               hash_algo_name[algo], rc);
  98                }
  99        }
 100        return tfm;
 101}
 102
 103static void ima_free_tfm(struct crypto_shash *tfm)
 104{
 105        if (tfm != ima_shash_tfm)
 106                crypto_free_shash(tfm);
 107}
 108
 109/**
 110 * ima_alloc_pages() - Allocate contiguous pages.
 111 * @max_size:       Maximum amount of memory to allocate.
 112 * @allocated_size: Returned size of actual allocation.
 113 * @last_warn:      Should the min_size allocation warn or not.
 114 *
 115 * Tries to do opportunistic allocation for memory first trying to allocate
 116 * max_size amount of memory and then splitting that until zero order is
 117 * reached. Allocation is tried without generating allocation warnings unless
 118 * last_warn is set. Last_warn set affects only last allocation of zero order.
 119 *
 120 * By default, ima_maxorder is 0 and it is equivalent to kmalloc(GFP_KERNEL)
 121 *
 122 * Return pointer to allocated memory, or NULL on failure.
 123 */
 124static void *ima_alloc_pages(loff_t max_size, size_t *allocated_size,
 125                             int last_warn)
 126{
 127        void *ptr;
 128        int order = ima_maxorder;
 129        gfp_t gfp_mask = __GFP_RECLAIM | __GFP_NOWARN | __GFP_NORETRY;
 130
 131        if (order)
 132                order = min(get_order(max_size), order);
 133
 134        for (; order; order--) {
 135                ptr = (void *)__get_free_pages(gfp_mask, order);
 136                if (ptr) {
 137                        *allocated_size = PAGE_SIZE << order;
 138                        return ptr;
 139                }
 140        }
 141
 142        /* order is zero - one page */
 143
 144        gfp_mask = GFP_KERNEL;
 145
 146        if (!last_warn)
 147                gfp_mask |= __GFP_NOWARN;
 148
 149        ptr = (void *)__get_free_pages(gfp_mask, 0);
 150        if (ptr) {
 151                *allocated_size = PAGE_SIZE;
 152                return ptr;
 153        }
 154
 155        *allocated_size = 0;
 156        return NULL;
 157}
 158
 159/**
 160 * ima_free_pages() - Free pages allocated by ima_alloc_pages().
 161 * @ptr:  Pointer to allocated pages.
 162 * @size: Size of allocated buffer.
 163 */
 164static void ima_free_pages(void *ptr, size_t size)
 165{
 166        if (!ptr)
 167                return;
 168        free_pages((unsigned long)ptr, get_order(size));
 169}
 170
 171static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
 172{
 173        struct crypto_ahash *tfm = ima_ahash_tfm;
 174        int rc;
 175
 176        if (algo < 0 || algo >= HASH_ALGO__LAST)
 177                algo = ima_hash_algo;
 178
 179        if (algo != ima_hash_algo || !tfm) {
 180                tfm = crypto_alloc_ahash(hash_algo_name[algo], 0, 0);
 181                if (!IS_ERR(tfm)) {
 182                        if (algo == ima_hash_algo)
 183                                ima_ahash_tfm = tfm;
 184                } else {
 185                        rc = PTR_ERR(tfm);
 186                        pr_err("Can not allocate %s (reason: %d)\n",
 187                               hash_algo_name[algo], rc);
 188                }
 189        }
 190        return tfm;
 191}
 192
 193static void ima_free_atfm(struct crypto_ahash *tfm)
 194{
 195        if (tfm != ima_ahash_tfm)
 196                crypto_free_ahash(tfm);
 197}
 198
 199static void ahash_complete(struct crypto_async_request *req, int err)
 200{
 201        struct ahash_completion *res = req->data;
 202
 203        if (err == -EINPROGRESS)
 204                return;
 205        res->err = err;
 206        complete(&res->completion);
 207}
 208
 209static int ahash_wait(int err, struct ahash_completion *res)
 210{
 211        switch (err) {
 212        case 0:
 213                break;
 214        case -EINPROGRESS:
 215        case -EBUSY:
 216                wait_for_completion(&res->completion);
 217                reinit_completion(&res->completion);
 218                err = res->err;
 219                /* fall through */
 220        default:
 221                pr_crit_ratelimited("ahash calculation failed: err: %d\n", err);
 222        }
 223
 224        return err;
 225}
 226
 227static int ima_calc_file_hash_atfm(struct file *file,
 228                                   struct ima_digest_data *hash,
 229                                   struct crypto_ahash *tfm)
 230{
 231        loff_t i_size, offset;
 232        char *rbuf[2] = { NULL, };
 233        int rc, read = 0, rbuf_len, active = 0, ahash_rc = 0;
 234        struct ahash_request *req;
 235        struct scatterlist sg[1];
 236        struct ahash_completion res;
 237        size_t rbuf_size[2];
 238
 239        hash->length = crypto_ahash_digestsize(tfm);
 240
 241        req = ahash_request_alloc(tfm, GFP_KERNEL);
 242        if (!req)
 243                return -ENOMEM;
 244
 245        init_completion(&res.completion);
 246        ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
 247                                   CRYPTO_TFM_REQ_MAY_SLEEP,
 248                                   ahash_complete, &res);
 249
 250        rc = ahash_wait(crypto_ahash_init(req), &res);
 251        if (rc)
 252                goto out1;
 253
 254        i_size = i_size_read(file_inode(file));
 255
 256        if (i_size == 0)
 257                goto out2;
 258
 259        /*
 260         * Try to allocate maximum size of memory.
 261         * Fail if even a single page cannot be allocated.
 262         */
 263        rbuf[0] = ima_alloc_pages(i_size, &rbuf_size[0], 1);
 264        if (!rbuf[0]) {
 265                rc = -ENOMEM;
 266                goto out1;
 267        }
 268
 269        /* Only allocate one buffer if that is enough. */
 270        if (i_size > rbuf_size[0]) {
 271                /*
 272                 * Try to allocate secondary buffer. If that fails fallback to
 273                 * using single buffering. Use previous memory allocation size
 274                 * as baseline for possible allocation size.
 275                 */
 276                rbuf[1] = ima_alloc_pages(i_size - rbuf_size[0],
 277                                          &rbuf_size[1], 0);
 278        }
 279
 280        if (!(file->f_mode & FMODE_READ)) {
 281                file->f_mode |= FMODE_READ;
 282                read = 1;
 283        }
 284
 285        for (offset = 0; offset < i_size; offset += rbuf_len) {
 286                if (!rbuf[1] && offset) {
 287                        /* Not using two buffers, and it is not the first
 288                         * read/request, wait for the completion of the
 289                         * previous ahash_update() request.
 290                         */
 291                        rc = ahash_wait(ahash_rc, &res);
 292                        if (rc)
 293                                goto out3;
 294                }
 295                /* read buffer */
 296                rbuf_len = min_t(loff_t, i_size - offset, rbuf_size[active]);
 297                rc = integrity_kernel_read(file, offset, rbuf[active],
 298                                           rbuf_len);
 299                if (rc != rbuf_len)
 300                        goto out3;
 301
 302                if (rbuf[1] && offset) {
 303                        /* Using two buffers, and it is not the first
 304                         * read/request, wait for the completion of the
 305                         * previous ahash_update() request.
 306                         */
 307                        rc = ahash_wait(ahash_rc, &res);
 308                        if (rc)
 309                                goto out3;
 310                }
 311
 312                sg_init_one(&sg[0], rbuf[active], rbuf_len);
 313                ahash_request_set_crypt(req, sg, NULL, rbuf_len);
 314
 315                ahash_rc = crypto_ahash_update(req);
 316
 317                if (rbuf[1])
 318                        active = !active; /* swap buffers, if we use two */
 319        }
 320        /* wait for the last update request to complete */
 321        rc = ahash_wait(ahash_rc, &res);
 322out3:
 323        if (read)
 324                file->f_mode &= ~FMODE_READ;
 325        ima_free_pages(rbuf[0], rbuf_size[0]);
 326        ima_free_pages(rbuf[1], rbuf_size[1]);
 327out2:
 328        if (!rc) {
 329                ahash_request_set_crypt(req, NULL, hash->digest, 0);
 330                rc = ahash_wait(crypto_ahash_final(req), &res);
 331        }
 332out1:
 333        ahash_request_free(req);
 334        return rc;
 335}
 336
 337static int ima_calc_file_ahash(struct file *file, struct ima_digest_data *hash)
 338{
 339        struct crypto_ahash *tfm;
 340        int rc;
 341
 342        tfm = ima_alloc_atfm(hash->algo);
 343        if (IS_ERR(tfm))
 344                return PTR_ERR(tfm);
 345
 346        rc = ima_calc_file_hash_atfm(file, hash, tfm);
 347
 348        ima_free_atfm(tfm);
 349
 350        return rc;
 351}
 352
 353static int ima_calc_file_hash_tfm(struct file *file,
 354                                  struct ima_digest_data *hash,
 355                                  struct crypto_shash *tfm)
 356{
 357        loff_t i_size, offset = 0;
 358        char *rbuf;
 359        int rc, read = 0;
 360        SHASH_DESC_ON_STACK(shash, tfm);
 361
 362        shash->tfm = tfm;
 363        shash->flags = 0;
 364
 365        hash->length = crypto_shash_digestsize(tfm);
 366
 367        rc = crypto_shash_init(shash);
 368        if (rc != 0)
 369                return rc;
 370
 371        i_size = i_size_read(file_inode(file));
 372
 373        if (i_size == 0)
 374                goto out;
 375
 376        rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
 377        if (!rbuf)
 378                return -ENOMEM;
 379
 380        if (!(file->f_mode & FMODE_READ)) {
 381                file->f_mode |= FMODE_READ;
 382                read = 1;
 383        }
 384
 385        while (offset < i_size) {
 386                int rbuf_len;
 387
 388                rbuf_len = integrity_kernel_read(file, offset, rbuf, PAGE_SIZE);
 389                if (rbuf_len < 0) {
 390                        rc = rbuf_len;
 391                        break;
 392                }
 393                if (rbuf_len == 0)
 394                        break;
 395                offset += rbuf_len;
 396
 397                rc = crypto_shash_update(shash, rbuf, rbuf_len);
 398                if (rc)
 399                        break;
 400        }
 401        if (read)
 402                file->f_mode &= ~FMODE_READ;
 403        kfree(rbuf);
 404out:
 405        if (!rc)
 406                rc = crypto_shash_final(shash, hash->digest);
 407        return rc;
 408}
 409
 410static int ima_calc_file_shash(struct file *file, struct ima_digest_data *hash)
 411{
 412        struct crypto_shash *tfm;
 413        int rc;
 414
 415        tfm = ima_alloc_tfm(hash->algo);
 416        if (IS_ERR(tfm))
 417                return PTR_ERR(tfm);
 418
 419        rc = ima_calc_file_hash_tfm(file, hash, tfm);
 420
 421        ima_free_tfm(tfm);
 422
 423        return rc;
 424}
 425
 426/*
 427 * ima_calc_file_hash - calculate file hash
 428 *
 429 * Asynchronous hash (ahash) allows using HW acceleration for calculating
 430 * a hash. ahash performance varies for different data sizes on different
 431 * crypto accelerators. shash performance might be better for smaller files.
 432 * The 'ima.ahash_minsize' module parameter allows specifying the best
 433 * minimum file size for using ahash on the system.
 434 *
 435 * If the ima.ahash_minsize parameter is not specified, this function uses
 436 * shash for the hash calculation.  If ahash fails, it falls back to using
 437 * shash.
 438 */
 439int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash)
 440{
 441        loff_t i_size;
 442        int rc;
 443
 444        i_size = i_size_read(file_inode(file));
 445
 446        if (ima_ahash_minsize && i_size >= ima_ahash_minsize) {
 447                rc = ima_calc_file_ahash(file, hash);
 448                if (!rc)
 449                        return 0;
 450        }
 451
 452        return ima_calc_file_shash(file, hash);
 453}
 454
 455/*
 456 * Calculate the hash of template data
 457 */
 458static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
 459                                         struct ima_template_desc *td,
 460                                         int num_fields,
 461                                         struct ima_digest_data *hash,
 462                                         struct crypto_shash *tfm)
 463{
 464        SHASH_DESC_ON_STACK(shash, tfm);
 465        int rc, i;
 466
 467        shash->tfm = tfm;
 468        shash->flags = 0;
 469
 470        hash->length = crypto_shash_digestsize(tfm);
 471
 472        rc = crypto_shash_init(shash);
 473        if (rc != 0)
 474                return rc;
 475
 476        for (i = 0; i < num_fields; i++) {
 477                u8 buffer[IMA_EVENT_NAME_LEN_MAX + 1] = { 0 };
 478                u8 *data_to_hash = field_data[i].data;
 479                u32 datalen = field_data[i].len;
 480
 481                if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
 482                        rc = crypto_shash_update(shash,
 483                                                (const u8 *) &field_data[i].len,
 484                                                sizeof(field_data[i].len));
 485                        if (rc)
 486                                break;
 487                } else if (strcmp(td->fields[i]->field_id, "n") == 0) {
 488                        memcpy(buffer, data_to_hash, datalen);
 489                        data_to_hash = buffer;
 490                        datalen = IMA_EVENT_NAME_LEN_MAX + 1;
 491                }
 492                rc = crypto_shash_update(shash, data_to_hash, datalen);
 493                if (rc)
 494                        break;
 495        }
 496
 497        if (!rc)
 498                rc = crypto_shash_final(shash, hash->digest);
 499
 500        return rc;
 501}
 502
 503int ima_calc_field_array_hash(struct ima_field_data *field_data,
 504                              struct ima_template_desc *desc, int num_fields,
 505                              struct ima_digest_data *hash)
 506{
 507        struct crypto_shash *tfm;
 508        int rc;
 509
 510        tfm = ima_alloc_tfm(hash->algo);
 511        if (IS_ERR(tfm))
 512                return PTR_ERR(tfm);
 513
 514        rc = ima_calc_field_array_hash_tfm(field_data, desc, num_fields,
 515                                           hash, tfm);
 516
 517        ima_free_tfm(tfm);
 518
 519        return rc;
 520}
 521
 522static int calc_buffer_ahash_atfm(const void *buf, loff_t len,
 523                                  struct ima_digest_data *hash,
 524                                  struct crypto_ahash *tfm)
 525{
 526        struct ahash_request *req;
 527        struct scatterlist sg;
 528        struct ahash_completion res;
 529        int rc, ahash_rc = 0;
 530
 531        hash->length = crypto_ahash_digestsize(tfm);
 532
 533        req = ahash_request_alloc(tfm, GFP_KERNEL);
 534        if (!req)
 535                return -ENOMEM;
 536
 537        init_completion(&res.completion);
 538        ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
 539                                   CRYPTO_TFM_REQ_MAY_SLEEP,
 540                                   ahash_complete, &res);
 541
 542        rc = ahash_wait(crypto_ahash_init(req), &res);
 543        if (rc)
 544                goto out;
 545
 546        sg_init_one(&sg, buf, len);
 547        ahash_request_set_crypt(req, &sg, NULL, len);
 548
 549        ahash_rc = crypto_ahash_update(req);
 550
 551        /* wait for the update request to complete */
 552        rc = ahash_wait(ahash_rc, &res);
 553        if (!rc) {
 554                ahash_request_set_crypt(req, NULL, hash->digest, 0);
 555                rc = ahash_wait(crypto_ahash_final(req), &res);
 556        }
 557out:
 558        ahash_request_free(req);
 559        return rc;
 560}
 561
 562static int calc_buffer_ahash(const void *buf, loff_t len,
 563                             struct ima_digest_data *hash)
 564{
 565        struct crypto_ahash *tfm;
 566        int rc;
 567
 568        tfm = ima_alloc_atfm(hash->algo);
 569        if (IS_ERR(tfm))
 570                return PTR_ERR(tfm);
 571
 572        rc = calc_buffer_ahash_atfm(buf, len, hash, tfm);
 573
 574        ima_free_atfm(tfm);
 575
 576        return rc;
 577}
 578
 579static int calc_buffer_shash_tfm(const void *buf, loff_t size,
 580                                struct ima_digest_data *hash,
 581                                struct crypto_shash *tfm)
 582{
 583        SHASH_DESC_ON_STACK(shash, tfm);
 584        unsigned int len;
 585        int rc;
 586
 587        shash->tfm = tfm;
 588        shash->flags = 0;
 589
 590        hash->length = crypto_shash_digestsize(tfm);
 591
 592        rc = crypto_shash_init(shash);
 593        if (rc != 0)
 594                return rc;
 595
 596        while (size) {
 597                len = size < PAGE_SIZE ? size : PAGE_SIZE;
 598                rc = crypto_shash_update(shash, buf, len);
 599                if (rc)
 600                        break;
 601                buf += len;
 602                size -= len;
 603        }
 604
 605        if (!rc)
 606                rc = crypto_shash_final(shash, hash->digest);
 607        return rc;
 608}
 609
 610static int calc_buffer_shash(const void *buf, loff_t len,
 611                             struct ima_digest_data *hash)
 612{
 613        struct crypto_shash *tfm;
 614        int rc;
 615
 616        tfm = ima_alloc_tfm(hash->algo);
 617        if (IS_ERR(tfm))
 618                return PTR_ERR(tfm);
 619
 620        rc = calc_buffer_shash_tfm(buf, len, hash, tfm);
 621
 622        ima_free_tfm(tfm);
 623        return rc;
 624}
 625
 626int ima_calc_buffer_hash(const void *buf, loff_t len,
 627                         struct ima_digest_data *hash)
 628{
 629        int rc;
 630
 631        if (ima_ahash_minsize && len >= ima_ahash_minsize) {
 632                rc = calc_buffer_ahash(buf, len, hash);
 633                if (!rc)
 634                        return 0;
 635        }
 636
 637        return calc_buffer_shash(buf, len, hash);
 638}
 639
 640static void __init ima_pcrread(int idx, u8 *pcr)
 641{
 642        if (!ima_used_chip)
 643                return;
 644
 645        if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
 646                pr_err("Error Communicating to TPM chip\n");
 647}
 648
 649/*
 650 * Calculate the boot aggregate hash
 651 */
 652static int __init ima_calc_boot_aggregate_tfm(char *digest,
 653                                              struct crypto_shash *tfm)
 654{
 655        u8 pcr_i[TPM_DIGEST_SIZE];
 656        int rc, i;
 657        SHASH_DESC_ON_STACK(shash, tfm);
 658
 659        shash->tfm = tfm;
 660        shash->flags = 0;
 661
 662        rc = crypto_shash_init(shash);
 663        if (rc != 0)
 664                return rc;
 665
 666        /* cumulative sha1 over tpm registers 0-7 */
 667        for (i = TPM_PCR0; i < TPM_PCR8; i++) {
 668                ima_pcrread(i, pcr_i);
 669                /* now accumulate with current aggregate */
 670                rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE);
 671        }
 672        if (!rc)
 673                crypto_shash_final(shash, digest);
 674        return rc;
 675}
 676
 677int __init ima_calc_boot_aggregate(struct ima_digest_data *hash)
 678{
 679        struct crypto_shash *tfm;
 680        int rc;
 681
 682        tfm = ima_alloc_tfm(hash->algo);
 683        if (IS_ERR(tfm))
 684                return PTR_ERR(tfm);
 685
 686        hash->length = crypto_shash_digestsize(tfm);
 687        rc = ima_calc_boot_aggregate_tfm(hash->digest, tfm);
 688
 689        ima_free_tfm(tfm);
 690
 691        return rc;
 692}
 693