From e90805656d4683f84d360276102ae63adc777a38 Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Mon, 3 Sep 2012 17:11:56 +0300 Subject: evm: remove unused cleanup functions EVM cannot be built as a kernel module. Remove the unncessary __exit functions. Signed-off-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar --- security/integrity/evm/evm.h | 1 - security/integrity/evm/evm_main.c | 9 --------- security/integrity/evm/evm_secfs.c | 6 ------ 3 files changed, 16 deletions(-) (limited to 'security/integrity/evm') diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h index c885247ebcf..3eb30c6db41 100644 --- a/security/integrity/evm/evm.h +++ b/security/integrity/evm/evm.h @@ -45,6 +45,5 @@ extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name, extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr, char *hmac_val); extern int evm_init_secfs(void); -extern void evm_cleanup_secfs(void); #endif diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index eb5484504f5..a78a5e21ef7 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -427,15 +427,6 @@ err: return error; } -static void __exit cleanup_evm(void) -{ - evm_cleanup_secfs(); - if (hmac_tfm) - crypto_free_shash(hmac_tfm); - if (hash_tfm) - crypto_free_shash(hash_tfm); -} - /* * evm_display_config - list the EVM protected security extended attributes */ diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c index ac762995057..30f670ad6ac 100644 --- a/security/integrity/evm/evm_secfs.c +++ b/security/integrity/evm/evm_secfs.c @@ -100,9 +100,3 @@ int __init evm_init_secfs(void) error = -EFAULT; return error; } - -void __exit evm_cleanup_secfs(void) -{ - if (evm_init_tpm) - securityfs_remove(evm_init_tpm); -} -- cgit v1.2.3 From 74de66842473bdafa798010e58f1999ec70a8983 Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Mon, 10 Sep 2012 10:37:20 +0300 Subject: evm: add file system uuid to EVM hmac EVM uses the same key for all file systems to calculate the HMAC, making it possible to paste inodes from one file system on to another one, without EVM being able to detect it. To prevent such an attack, it is necessary to make the EVM HMAC file system specific. This patch uses the file system UUID, a file system unique identifier, to bind the EVM HMAC to the file system. The value inode->i_sb->s_uuid is used for the HMAC hash calculation, instead of using it for deriving the file system specific key. Initializing the key for every inode HMAC calculation is a bit more expensive operation than adding the uuid to the HMAC hash. Changing the HMAC calculation method or adding additional info to the calculation, requires existing EVM labeled file systems to be relabeled. This patch adds a Kconfig HMAC version option for backwards compatability. Changelog v1: - squash "hmac version setting" Changelog v0: - add missing Kconfig depends (Mimi) Signed-off-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar --- security/integrity/evm/Kconfig | 13 +++++++++++++ security/integrity/evm/evm.h | 1 + security/integrity/evm/evm_crypto.c | 3 +++ security/integrity/evm/evm_main.c | 1 + 4 files changed, 18 insertions(+) (limited to 'security/integrity/evm') diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig index afbb59dd262..fea9749c375 100644 --- a/security/integrity/evm/Kconfig +++ b/security/integrity/evm/Kconfig @@ -11,3 +11,16 @@ config EVM integrity attacks. If you are unsure how to answer this question, answer N. + +config EVM_HMAC_VERSION + int "EVM HMAC version" + depends on EVM + default 2 + help + This options adds EVM HMAC version support. + 1 - original version + 2 - add per filesystem unique identifier (UUID) (default) + + WARNING: changing the HMAC calculation method or adding + additional info to the calculation, requires existing EVM + labeled file systems to be relabeled. diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h index 3eb30c6db41..30bd1ec0232 100644 --- a/security/integrity/evm/evm.h +++ b/security/integrity/evm/evm.h @@ -24,6 +24,7 @@ extern int evm_initialized; extern char *evm_hmac; extern char *evm_hash; +extern int evm_hmac_version; extern struct crypto_shash *hmac_tfm; extern struct crypto_shash *hash_tfm; diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index dfb26918699..ff8e2abf8f2 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -110,6 +110,9 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); hmac_misc.mode = inode->i_mode; crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); + if (evm_hmac_version > 1) + crypto_shash_update(desc, inode->i_sb->s_uuid, + sizeof(inode->i_sb->s_uuid)); crypto_shash_final(desc, digest); } diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index a78a5e21ef7..cdbde176218 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -26,6 +26,7 @@ int evm_initialized; char *evm_hmac = "hmac(sha1)"; char *evm_hash = "sha1"; +int evm_hmac_version = CONFIG_EVM_HMAC_VERSION; char *evm_config_xattrnames[] = { #ifdef CONFIG_SECURITY_SELINUX -- cgit v1.2.3