summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorThiago Jung Bauermann <bauerman@linux.vnet.ibm.com>2018-03-15 23:33:42 +0300
committerMimi Zohar <zohar@linux.vnet.ibm.com>2018-03-25 14:26:30 +0300
commitf5e51fa368fd6612608bc36f39e55cde08ce0039 (patch)
tree756645114becbeb4be95807b492d5c9ce35a82c8 /security
parent1775cb87b063cd60a5021c38412f6024f93cc376 (diff)
downloadlinux-f5e51fa368fd6612608bc36f39e55cde08ce0039.tar.xz
ima: Improvements in ima_appraise_measurement()
Replace nested ifs in the EVM xattr verification logic with a switch statement, making the code easier to understand. Also, add comments to the if statements in the out section and constify the cause variable. Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com> Acked-by: Serge Hallyn <serge@hallyn.com>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima_appraise.c35
1 files changed, 22 insertions, 13 deletions
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 0c5f94b7b9c3..8bd7a0733e51 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -215,7 +215,7 @@ int ima_appraise_measurement(enum ima_hooks func,
int xattr_len, int opened)
{
static const char op[] = "appraise_data";
- char *cause = "unknown";
+ const char *cause = "unknown";
struct dentry *dentry = file_dentry(file);
struct inode *inode = d_backing_inode(dentry);
enum integrity_status status = INTEGRITY_UNKNOWN;
@@ -241,16 +241,22 @@ int ima_appraise_measurement(enum ima_hooks func,
}
status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, rc, iint);
- if ((status != INTEGRITY_PASS) &&
- (status != INTEGRITY_PASS_IMMUTABLE) &&
- (status != INTEGRITY_UNKNOWN)) {
- if ((status == INTEGRITY_NOLABEL)
- || (status == INTEGRITY_NOXATTRS))
- cause = "missing-HMAC";
- else if (status == INTEGRITY_FAIL)
- cause = "invalid-HMAC";
+ switch (status) {
+ case INTEGRITY_PASS:
+ case INTEGRITY_PASS_IMMUTABLE:
+ case INTEGRITY_UNKNOWN:
+ break;
+ case INTEGRITY_NOXATTRS: /* No EVM protected xattrs. */
+ case INTEGRITY_NOLABEL: /* No security.evm xattr. */
+ cause = "missing-HMAC";
+ goto out;
+ case INTEGRITY_FAIL: /* Invalid HMAC/signature. */
+ cause = "invalid-HMAC";
goto out;
+ default:
+ WARN_ONCE(true, "Unexpected integrity status %d\n", status);
}
+
switch (xattr_value->type) {
case IMA_XATTR_DIGEST_NG:
/* first byte contains algorithm id */
@@ -316,17 +322,20 @@ out:
integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, filename,
op, cause, rc, 0);
} else if (status != INTEGRITY_PASS) {
+ /* Fix mode, but don't replace file signatures. */
if ((ima_appraise & IMA_APPRAISE_FIX) &&
(!xattr_value ||
xattr_value->type != EVM_IMA_XATTR_DIGSIG)) {
if (!ima_fix_xattr(dentry, iint))
status = INTEGRITY_PASS;
- } else if ((inode->i_size == 0) &&
- (iint->flags & IMA_NEW_FILE) &&
- (xattr_value &&
- xattr_value->type == EVM_IMA_XATTR_DIGSIG)) {
+ }
+
+ /* Permit new files with file signatures, but without data. */
+ if (inode->i_size == 0 && iint->flags & IMA_NEW_FILE &&
+ xattr_value && xattr_value->type == EVM_IMA_XATTR_DIGSIG) {
status = INTEGRITY_PASS;
}
+
integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, filename,
op, cause, rc, 0);
} else {