summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@huawei.com>2021-05-14 17:27:47 +0200
committerMimi Zohar <zohar@linux.ibm.com>2021-05-21 12:48:39 -0400
commitcdef685be5b4ae55c3959289e72d520402839c29 (patch)
tree9fafacdad2075d1f7e0da5cac4fa9b6c144230b5 /include
parent4a804b8a4572dfc81c3a59709d49ae206e4370ba (diff)
evm: Allow xattr/attr operations for portable signatures
If files with portable signatures are copied from one location to another or are extracted from an archive, verification can temporarily fail until all xattrs/attrs are set in the destination. Only portable signatures may be moved or copied from one file to another, as they don't depend on system-specific information such as the inode generation. Instead portable signatures must include security.ima. Unlike other security.evm types, EVM portable signatures are also immutable. Thus, it wouldn't be a problem to allow xattr/attr operations when verification fails, as portable signatures will never be replaced with the HMAC on possibly corrupted xattrs/attrs. This patch first introduces a new integrity status called INTEGRITY_FAIL_IMMUTABLE, that allows callers of evm_verify_current_integrity() to detect that a portable signature didn't pass verification and then adds an exception in evm_protect_xattr() and evm_inode_setattr() for this status and returns 0 instead of -EPERM. Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'include')
-rw-r--r--include/linux/integrity.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/integrity.h b/include/linux/integrity.h
index 2271939c5c31..2ea0f2f65ab6 100644
--- a/include/linux/integrity.h
+++ b/include/linux/integrity.h
@@ -13,6 +13,7 @@ enum integrity_status {
INTEGRITY_PASS = 0,
INTEGRITY_PASS_IMMUTABLE,
INTEGRITY_FAIL,
+ INTEGRITY_FAIL_IMMUTABLE,
INTEGRITY_NOLABEL,
INTEGRITY_NOXATTRS,
INTEGRITY_UNKNOWN,