Menu
▾
▴
[Linux-ima-user] [RFC][PATCH][1/2] ima: fix loading multi line policies from userspace
|
From: Roberto S. <rob...@po...> - 2010-04-14 09:52:11
|
A new item in the list pointed by "ima_measure" is allocated when a new line is parsed from the policy loaded through the /sys interface. Signed-off-by: Roberto Sassu <rob...@po...> Acked-by: Gianluca Ramunno <ra...@po...> diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 4759d0f..668e40f 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -10,6 +10,30 @@ * - initialize default measure policy rules * */ +/* ==================================================================== + * Copyright (C) 2009-2010 Politecnico di Torino, Italy + * TORSEC group -- http://security.polito.it + * Author: Roberto Sassu <rob...@po...> + * + * The original IMA source code from IBM, has been modified by Roberto Sassu + * to correctly load a set of policies for measuring files depending on given + * criteria. + * + * DISCLAIMER of WARRANTY + * + * The following software "IMA" with the patch applied by Roberto Sassu + * is experimental and is provided "as is", and no guarantee or warranty + * is given by Politecnico di Torino (TORSEC group), that the software is + * fit for any particular purpose. The user thereof uses the software at its + * sole risk and liability. Politecnico di Torino shall have no obligation to + * maintain or support this software. Politecnico di Torino MAKES NO + * EXPRESS OR IMPLIED WARRANTY OF ANY KIND REGARDING THIS SOFTWARE. + * Politecnico di Torino SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, + * SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES, WHETHER BASED ON + * CONTRACT, TORT OR ANY OTHER LEGAL THEORY, IN CONNECTION WITH OR + * ARISING OUT OF THE FURNISHING, PERFORMANCE OR USE OF THIS SOFTWARE. + */ + #include <linux/module.h> #include <linux/list.h> #include <linux/security.h> @@ -261,7 +289,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE); entry->action = -1; - while ((p = strsep(&rule, " \n")) != NULL) { + while ((p = strsep(&rule, " ")) != NULL) { substring_t args[MAX_OPT_ARGS]; int token; unsigned long lnum; @@ -388,9 +416,11 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) int ima_parse_add_rule(char *rule) { const char *op = "update_policy"; - struct ima_measure_rule_entry *entry; + struct ima_measure_rule_entry *entry, *tmp; int result = 0; int audit_info = 0; + int fail = 0; + char *p; /* Prevent installed policy from changing */ if (ima_measure != &measure_default_rules) { @@ -400,25 +430,39 @@ int ima_parse_add_rule(char *rule) return -EACCES; } - entry = kzalloc(sizeof(*entry), GFP_KERNEL); - if (!entry) { - integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, - NULL, op, "-ENOMEM", -ENOMEM, audit_info); - return -ENOMEM; - } - - INIT_LIST_HEAD(&entry->list); - - result = ima_parse_rule(rule, entry); - if (!result) { - mutex_lock(&ima_measure_mutex); - list_add_tail(&entry->list, &measure_policy_rules); - mutex_unlock(&ima_measure_mutex); - } else { - kfree(entry); - integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, + while ((p = strsep(&rule, "\n")) != NULL) { + if(!*p) + continue; + if(*p == '#') + continue; + + entry = kzalloc(sizeof(*entry), GFP_KERNEL); + if (!entry) { + integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, + NULL, op, "-ENOMEM", -ENOMEM, audit_info); + return -ENOMEM; + } + result = ima_parse_rule(p, entry); + if (!result) { + mutex_lock(&ima_measure_mutex); + list_add_tail(&entry->list, &measure_policy_rules); + mutex_unlock(&ima_measure_mutex); + } else { + kfree(entry); + integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL, NULL, op, "invalid policy", result, audit_info); + fail = 1; + break; + } + } + if(fail) { + mutex_lock(&ima_measure_mutex); + list_for_each_entry_safe(entry, tmp, &measure_policy_rules, list) { + list_del(&entry->list); + kfree(entry); + } + mutex_unlock(&ima_measure_mutex); } return result; } |
