diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2020-10-15 15:58:18 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-10-15 15:58:18 -0700 |
commit | 840e5bb326bbcb16ce82dd2416d2769de4839aea (patch) | |
tree | 0db7a077c3ae35dd99a89f0128b760951d95db72 /security/integrity/ima/ima_appraise.c | |
parent | fefa636d815975b34afc45f50852a2810fb23ba9 (diff) | |
parent | aa662fc04f5b290b3979332588bf8d812b189962 (diff) |
Merge tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity updates from Mimi Zohar:
"Continuing IMA policy rule cleanup and validation in particular for
measuring keys, adding/removing/updating informational and error
messages (e.g. "ima_appraise" boot command line option), and other bug
fixes (e.g. minimal data size validation before use, return code and
NULL pointer checking)"
* tag 'integrity-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
ima: Fix NULL pointer dereference in ima_file_hash
evm: Check size of security.evm before using it
ima: Remove semicolon at the end of ima_get_binary_runtime_size()
ima: Don't ignore errors from crypto_shash_update()
ima: Use kmemdup rather than kmalloc+memcpy
integrity: include keyring name for unknown key request
ima: limit secure boot feedback scope for appraise
integrity: invalid kernel parameters feedback
ima: add check for enforced appraise option
integrity: Use current_uid() in integrity_audit_message()
ima: Fail rule parsing when asymmetric key measurement isn't supportable
ima: Pre-parse the list of keyrings in a KEY_CHECK rule
Diffstat (limited to 'security/integrity/ima/ima_appraise.c')
-rw-r--r-- | security/integrity/ima/ima_appraise.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index b8848f53c8cc..3dd8c2e4314e 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -19,18 +19,29 @@ static int __init default_appraise_setup(char *str) { #ifdef CONFIG_IMA_APPRAISE_BOOTPARAM - if (arch_ima_get_secureboot()) { - pr_info("Secure boot enabled: ignoring ima_appraise=%s boot parameter option", - str); - return 1; - } + bool sb_state = arch_ima_get_secureboot(); + int appraisal_state = ima_appraise; if (strncmp(str, "off", 3) == 0) - ima_appraise = 0; + appraisal_state = 0; else if (strncmp(str, "log", 3) == 0) - ima_appraise = IMA_APPRAISE_LOG; + appraisal_state = IMA_APPRAISE_LOG; else if (strncmp(str, "fix", 3) == 0) - ima_appraise = IMA_APPRAISE_FIX; + appraisal_state = IMA_APPRAISE_FIX; + else if (strncmp(str, "enforce", 7) == 0) + appraisal_state = IMA_APPRAISE_ENFORCE; + else + pr_err("invalid \"%s\" appraise option", str); + + /* If appraisal state was changed, but secure boot is enabled, + * keep its default */ + if (sb_state) { + if (!(appraisal_state & IMA_APPRAISE_ENFORCE)) + pr_info("Secure boot enabled: ignoring ima_appraise=%s option", + str); + } else { + ima_appraise = appraisal_state; + } #endif return 1; } |