kernel/security/integrity/ima/ima_template.c, branch linux-4.1.y

ima: added support for new kernel cmdline parameter ima_template_fmt

2014-10-13T12:39:02Z

This patch allows users to provide a custom template format through the new kernel command line parameter 'ima_template_fmt'. If the supplied format is not valid, IMA uses the default template descriptor. Changelog: - v3: - added check for 'fields' and 'num_fields' in template_desc_init_fields() (suggested by Mimi Zohar) - v2: - using template_desc_init_fields() to validate a format string (Roberto Sassu) - updated documentation by stating that only the chosen template descriptor is initialized (Roberto Sassu) - v1: - simplified code of ima_template_fmt_setup() (Roberto Sassu, suggested by Mimi Zohar) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: allocate field pointers array on demand in template_desc_init_fields()

2014-10-13T12:39:02Z

The allocation of a field pointers array is moved at the end of template_desc_init_fields() and done only if the value of the 'fields' and 'num_fields' parameters is not NULL. For just validating a template format string, retrieved template field pointers are placed in a temporary array. Changelog: - v3: - do not check in this patch if 'fields' and 'num_fields' are NULL (suggested by Mimi Zohar) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: don't allocate a copy of template_fmt in template_desc_init_fields()

2014-10-13T12:39:01Z

This patch removes the allocation of a copy of 'template_fmt', needed for iterating over all fields in the passed template format string. The removal was possible by replacing strcspn(), which modifies the passed string, with strchrnul(). The currently processed template field is copied in a temporary variable. The purpose of this change is use template_desc_init_fields() in two ways: for just validating a template format string (the function should work if called by a setup function, when memory cannot be allocated), and for actually initializing a template descriptor. The implementation of this feature will be complete with the next patch. Changelog: - v3: - added 'goto out' in template_desc_init_fields() to free allocated memory if a template field length is not valid (suggested by Mimi Zohar) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: display template format in meas. list if template name length is zero

2014-10-13T12:39:01Z

With the introduction of the 'ima_template_fmt' kernel cmdline parameter, a user can define a new template descriptor with custom format. However, in this case, userspace tools will be unable to parse the measurements list because the new template is unknown. For this reason, this patch modifies the current IMA behavior to display in the list the template format instead of the name (only if the length of the latter is zero) so that a tool can extract needed information if it can handle listed fields. This patch also correctly displays the error log message in ima_init_template() if the selected template cannot be initialized. Changelog: - v3: - check the first byte of 'e->template_desc->name' instead of using strlen() in ima_fs.c (suggested by Mimi Zohar) - v2: - print the template format in ima_init_template(), if the selected template is custom (Roberto Sassu) - v1: - fixed patch description (Roberto Sassu, suggested by Mimi Zohar) - set 'template_name' variable in ima_fs.c only once (Roberto Sassu, suggested by Mimi Zohar) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: added error messages to template-related functions

2014-10-13T12:39:01Z

This patch adds some error messages to inform users about the following events: template descriptor not found, invalid template descriptor, template field not found and template initialization failed. Changelog: - v2: - display an error message if the format string contains too many fields (Roberto Sassu) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: initialize only required template

2014-09-09T14:28:54Z

IMA uses only one template. This patch initializes only required template to avoid unnecessary memory allocations. Signed-off-by: Dmitry Kasatkin Reviewed-by: Roberto Sassu Signed-off-by: Mimi Zohar

ima: add missing '__init' keywords

2014-09-09T14:28:50Z

Add missing keywords to the function definition to cleanup to discard initialization code. Signed-off-by: Dmitry Kasatkin Reviewed-by: Roberto Sassu Signed-off-by: Mimi Zohar

integrity: fix checkpatch errors

2014-03-07T17:15:45Z

Between checkpatch changes (eg. sizeof) and inconsistencies between Lindent and checkpatch, unfixed checkpatch errors make it difficult to see new errors. This patch fixes them. Some lines with over 80 chars remained unchanged to improve code readability. The "extern" keyword is removed from internal evm.h to make it consistent with internal ima.h. Signed-off-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar

security: integrity: Use a more current logging style

2014-03-07T17:15:21Z

Convert printks to pr_. Add pr_fmt. Remove embedded prefixes. Signed-off-by: Joe Perches Signed-off-by: Mimi Zohar

ima: store address of template_fmt_copy in a pointer before calling strsep

2013-11-30T02:09:53Z

This patch stores the address of the 'template_fmt_copy' variable in a new variable, called 'template_fmt_ptr', so that the latter is passed as an argument of strsep() instead of the former. This modification is needed in order to correctly free the memory area referenced by 'template_fmt_copy' (strsep() modifies the pointer of the passed string). Signed-off-by: Roberto Sassu Reported-by: Sebastian Ott Signed-off-by: Mimi Zohar Signed-off-by: James Morris