From patchwork Fri May 20 16:11:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 12856953 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1EBE1C433EF for ; Fri, 20 May 2022 16:11:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1351443AbiETQLh (ORCPT ); Fri, 20 May 2022 12:11:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36114 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351551AbiETQLS (ORCPT ); Fri, 20 May 2022 12:11:18 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 02C0A165B0 for ; Fri, 20 May 2022 09:11:18 -0700 (PDT) Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24KFpAnf017368; Fri, 20 May 2022 16:11:15 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=v8Ae+RkMxkLpDKMCL1vCQylns6uxzM2Rnn9XUNfqVxk=; b=OpHVJcu0ewm+4bq+n2MXEMTOZbjf/fW77CS7pMK53kDtpDg9Ocof5O59xkdsCoI5zqUZ qKWK6PINGDSqW3jrum39+jH1Ev/Q7w6jhHJpySuJlFjMI3R3Gk5JeweIfhs3NgYIQWWN 8HNMqouPfuAlH4F3CT3BPyIRDT8KwiJ4MRyaPCOur57cAQCFMSbiVQESP5kXJvLmUWFr BSc8oCrr++7b2gD4VK6AVH5xYezA5y9CJC+NUwrkr4ijoh+QlAEqkUHDqP5TjFC+CyPt 2L0exj4XEqzFE+KRbTC6+5KG5SrLIN+lOaSnGWzDRt04PN0M1jqqOSGCoRaGuY7pKw3v 4w== Received: from ppma06ams.nl.ibm.com (66.31.33a9.ip4.static.sl-reverse.com [169.51.49.102]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3g6dyygcmb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:15 +0000 Received: from pps.filterd (ppma06ams.nl.ibm.com [127.0.0.1]) by ppma06ams.nl.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 24KFrBE7016023; Fri, 20 May 2022 16:11:13 GMT Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by ppma06ams.nl.ibm.com with ESMTP id 3g23pjh3pm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:13 +0000 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 24KGBAoi15729062 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 May 2022 16:11:10 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 641145204E; Fri, 20 May 2022 16:11:10 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.65.82.251]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id C278652052; Fri, 20 May 2022 16:11:09 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar , Eric Biggers , Stefan Berger Subject: [PATCH v3 ima-evm-utils 1/3] Reset 'errno' after failure to open or access a file Date: Fri, 20 May 2022 12:11:01 -0400 Message-Id: <20220520161103.373554-2-zohar@linux.ibm.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20220520161103.373554-1-zohar@linux.ibm.com> References: <20220520161103.373554-1-zohar@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: uToSZT-rDcrHJSh-raT3fyNjVEOfBlnf X-Proofpoint-ORIG-GUID: uToSZT-rDcrHJSh-raT3fyNjVEOfBlnf X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-20_04,2022-05-20_02,2022-02-23_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 impostorscore=0 priorityscore=1501 lowpriorityscore=0 mlxscore=0 suspectscore=0 spamscore=0 malwarescore=0 clxscore=1015 phishscore=0 mlxlogscore=999 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2205200106 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Not being able to open a file is not necessarily a problem. If and when it occurs, an informational or error message with the actual filename is emitted as needed. Reset 'errno' to prevent the "errno: No such file or directory (2)" generic message. Signed-off-by: Mimi Zohar --- src/evmctl.c | 16 ++++++++++++++-- src/libimaevm.c | 4 ++++ src/utils.c | 5 ++++- 3 files changed, 22 insertions(+), 3 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index 8bdd34817408..101cd407e05d 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -181,6 +181,7 @@ static int bin2file(const char *file, const char *ext, const unsigned char *data fp = fopen(name, "w"); if (!fp) { log_err("Failed to open: %s\n", name); + errno = 0; return -1; } err = fwrite(data, len, 1, fp); @@ -206,6 +207,7 @@ static unsigned char *file2bin(const char *file, const char *ext, int *size) fp = fopen(name, "r"); if (!fp) { log_err("Failed to open: %s\n", name); + errno = 0; return NULL; } if (fstat(fileno(fp), &stats) == -1) { @@ -312,8 +314,10 @@ static int get_uuid(struct stat *st, char *uuid) sprintf(path, "blkid -s UUID -o value /dev/block/%u:%u", major, minor); fp = popen(path, "r"); - if (!fp) + if (!fp) { + errno = 0; goto err; + } len = fread(_uuid, 1, sizeof(_uuid), fp); pclose(fp); @@ -370,6 +374,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash) if (fd < 0) { log_err("Failed to open: %s\n", file); + errno = 0; return -1; } if (ioctl(fd, FS_IOC_GETVERSION, &generation)) { @@ -1122,6 +1127,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h if (fd < 0) { log_err("Failed to open %s\n", file); + errno = 0; goto out; } if (ioctl(fd, FS_IOC_GETVERSION, &generation)) { @@ -1312,6 +1318,7 @@ static int ima_fix(const char *path) fd = open(path, O_RDONLY); if (fd < 0) { log_errno("Failed to open file: %s", path); + errno = 0; return -1; } @@ -1828,8 +1835,10 @@ static int read_sysfs_pcrs(int num_banks, struct tpm_bank_info *tpm_banks) int i, result; fp = fopen(pcrs, "r"); - if (!fp) + if (!fp) { fp = fopen(misc_pcrs, "r"); + errno = 0; + } if (!fp) return -1; @@ -1892,6 +1901,7 @@ static int read_file_pcrs(int num_banks, struct tpm_bank_info *tpm_banks) fp = fopen(path, "r"); if (!fp) { log_err("Could not open '%s'\n", path); + errno = 0; return -1; } @@ -1984,6 +1994,7 @@ static int ima_measurement(const char *file) fp = fopen(file, "rb"); if (!fp) { log_err("Failed to open measurement file: %s\n", file); + errno = 0; return -1; } @@ -2229,6 +2240,7 @@ static int read_binary_bios_measurements(char *file, struct tpm_bank_info *bank) fp = fopen(file, "r"); if (!fp) { log_errno("Failed to open TPM 1.2 event log.\n"); + errno = 0; return 1; } diff --git a/src/libimaevm.c b/src/libimaevm.c index 388b726f1e3a..a4f2ec40684d 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -144,6 +144,7 @@ static int add_file_hash(const char *file, EVP_MD_CTX *ctx) fp = fopen(file, "r"); if (!fp) { log_err("Failed to open: %s\n", file); + errno = 0; return -1; } @@ -258,6 +259,7 @@ EVP_PKEY *read_pub_pkey(const char *keyfile, int x509) if (!fp) { if (imaevm_params.verbose > LOG_INFO) log_info("Failed to open keyfile: %s\n", keyfile); + errno = 0; return NULL; } @@ -735,6 +737,7 @@ static int read_keyid_from_cert(uint32_t *keyid_be, const char *certfile, int tr if (!(fp = fopen(certfile, "r"))) { log_err("Cannot open %s: %s\n", certfile, strerror(errno)); + errno = 0; return -1; } if (!PEM_read_X509(fp, &x, NULL, NULL)) { @@ -826,6 +829,7 @@ static EVP_PKEY *read_priv_pkey(const char *keyfile, const char *keypass) fp = fopen(keyfile, "r"); if (!fp) { log_err("Failed to open keyfile: %s\n", keyfile); + errno = 0; return NULL; } pkey = PEM_read_PrivateKey(fp, NULL, NULL, (void *)keypass); diff --git a/src/utils.c b/src/utils.c index 294dac554392..1026d44776da 100644 --- a/src/utils.c +++ b/src/utils.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "utils.h" @@ -26,8 +27,10 @@ static int file_exist(const char *path) { struct stat st; - if (!access(path, R_OK) && !stat(path, &st) && S_ISREG(st.st_mode)) + if (!access(path, R_OK) && !stat(path, &st) && S_ISREG(st.st_mode)) { + errno = 0; return 1; + } return 0; } From patchwork Fri May 20 16:11:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 12856950 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 947A7C433EF for ; Fri, 20 May 2022 16:11:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S245261AbiETQLb (ORCPT ); Fri, 20 May 2022 12:11:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36536 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351585AbiETQL1 (ORCPT ); Fri, 20 May 2022 12:11:27 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9E9451D301 for ; Fri, 20 May 2022 09:11:24 -0700 (PDT) Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24KFop3l016273; Fri, 20 May 2022 16:11:16 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=xDgeCyc0dKLlkNODqaurJx1AihyWwgZfTd9GIKJ786c=; b=pN8KfLpXRSFZz1lNZYLjp3or8lMncCYDUT9jxlBlA/TsD8SaQ52+5Ykdf/H3t0xWOPP7 r2OVC9cjPqmoP83WP15BAOYs8sSBxbukJmjZNSee0JDyW73pe9wfEQvrBit0J/q5z7Fx LPizxk7tHa0mL3y0kHuOs1bQUM4ww/t1Gj/Ld7fJlIHN2jD4+KiOa597LuZlBohkYwsy CsHAi0Svqk/AGb/cOFPaxh4n1E/99Bg3atu/xRCkdmBNSTZNUI49WTKhN85ORwOUpRwu zEKq0lEevh/Dkc9vQNz4BtlCoaqk5siekULMkWesA6IgFRZtv91gB/j2bhyN6VfVvRjp 3Q== Received: from ppma06ams.nl.ibm.com (66.31.33a9.ip4.static.sl-reverse.com [169.51.49.102]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3g6bp2v444-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:15 +0000 Received: from pps.filterd (ppma06ams.nl.ibm.com [127.0.0.1]) by ppma06ams.nl.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 24KFqvpv015993; Fri, 20 May 2022 16:11:14 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma06ams.nl.ibm.com with ESMTP id 3g23pjh3pp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:14 +0000 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 24KGBBxY45678990 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 May 2022 16:11:11 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 299665204F; Fri, 20 May 2022 16:11:11 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.65.82.251]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id 89D7C5204E; Fri, 20 May 2022 16:11:10 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar , Eric Biggers , Stefan Berger Subject: [PATCH v3 ima-evm-utils 2/3] Sign an fs-verity file digest Date: Fri, 20 May 2022 12:11:02 -0400 Message-Id: <20220520161103.373554-3-zohar@linux.ibm.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20220520161103.373554-1-zohar@linux.ibm.com> References: <20220520161103.373554-1-zohar@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: IDaeuxR--mbqS6G2hr0PnTA2-Dje1QRA X-Proofpoint-GUID: IDaeuxR--mbqS6G2hr0PnTA2-Dje1QRA X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-20_04,2022-05-20_02,2022-02-23_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 phishscore=0 adultscore=0 bulkscore=0 lowpriorityscore=0 mlxlogscore=999 impostorscore=0 suspectscore=0 mlxscore=0 spamscore=0 malwarescore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2205200106 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Sign fs-verity file digests provided in the format as produced by "fsverity digest". The output is of the same format as the input, but with the file signature appended. Use setfattr to write the signature as security.ima xattr. fsverity digest format: : output format: : Instead of directly signing the fsverity hash, to disambiguate the original IMA signatures from the fs-verity signatures stored in the security.ima xattr a new signature format version 3 (sigv3) was defined as the hash of the xattr type (enum evm_ima_xattr_type), the hash algorithm (enum hash_algo), and the hash. Example: fsverity digest | evmctl sign_hash --veritysig \ --key Signed-off-by: Mimi Zohar --- README | 3 +- src/evmctl.c | 99 +++++++++++++++++++++++++++++++++++++++++-------- src/imaevm.h | 5 ++- src/libimaevm.c | 85 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 175 insertions(+), 17 deletions(-) diff --git a/README b/README index 5b5ecb52a74b..ffe46ad75728 100644 --- a/README +++ b/README @@ -34,7 +34,7 @@ COMMANDS ima_hash file ima_measurement [--ignore-violations] [--verify-sig [--key "key1, key2, ..."]] [--pcrs [hash-algorithm,]file [--pcrs hash-algorithm,file] ...] file ima_fix [-t fdsxm] path - sign_hash [--key key] [--pass password] + sign_hash [--veritysig] [--key key] [--pass password] hmac [--imahash | --imasig ] file @@ -43,6 +43,7 @@ OPTIONS -a, --hashalgo sha1, sha224, sha256, sha384, sha512 -s, --imasig make IMA signature + --veritysig sign an fs-verity file digest hash -d, --imahash make IMA hash -f, --sigfile store IMA signature in .sig file instead of xattr --xattr-user store xattrs in user namespace (for testing purposes) diff --git a/src/evmctl.c b/src/evmctl.c index 101cd407e05d..c7c8c8cf6e89 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -135,6 +135,7 @@ static int msize; static dev_t fs_dev; static bool evm_immutable; static bool evm_portable; +static bool veritysig; #define HMAC_FLAG_NO_UUID 0x0001 #define HMAC_FLAG_CAPS_SET 0x0002 @@ -731,33 +732,97 @@ static int cmd_sign_ima(struct command *cmd) return do_cmd(cmd, sign_ima_file); } +/* + * Sign file hash(es) provided in the format as produced by either + * sha*sum or "fsverity digest". + * + * sha*sum format: + * fsverity digest format: : + * + * To disambiguate the resulting file signatures, a new signature format + * version 3 (sigv3) was defined as the hash of the xattr type (enum + * evm_ima_xattr_type), the hash algorithm (enum hash_algo), and the hash. + * + * Either directly sign the sha*sum hash or indirectly sign the fsverity + * hash (sigv3). + * + * The output is the same format as the input with the resulting file + * signature appended. + */ static int cmd_sign_hash(struct command *cmd) { + unsigned char sigv3_hash[MAX_DIGEST_SIZE]; + unsigned char sig[MAX_SIGNATURE_SIZE]; + unsigned char hash[MAX_DIGEST_SIZE]; + int siglen, algolen = 0, hashlen = 0; + char *line = NULL, *token, *hashp; + size_t line_len = 0; const char *key; - char *token, *line = NULL; - int hashlen = 0; - size_t line_len; + char algo[7]; /* Current maximum fsverity hash algo name length */ ssize_t len; - unsigned char hash[MAX_DIGEST_SIZE]; - unsigned char sig[MAX_SIGNATURE_SIZE] = "\x03"; - int siglen; + int ret; key = imaevm_params.keyfile ? : "/etc/keys/privkey_evm.pem"; - /* support reading hash (eg. output of shasum) */ while ((len = getline(&line, &line_len, stdin)) > 0) { /* remove end of line */ if (line[len - 1] == '\n') line[--len] = '\0'; - /* find the end of the hash */ - token = strpbrk(line, ", \t"); - hashlen = token ? token - line : strlen(line); + /* + * Before either directly or indirectly signing the hash, + * convert the hex-ascii hash representation to binary. + */ + if (veritysig) { + + /* split the algorithm from the hash */ + hashp = strpbrk(line, ":"); + if (hashp) /* pointer to the delimiter */ + algolen = hashp - line; + + if (!hashp || algolen <= 0 || + algolen >= sizeof(algo)) { + log_err("Missing/invalid fsverity hash algorithm\n"); + continue; + } + + strncpy(algo, line, algolen); + algo[algolen] = '\0'; /* Nul terminate algorithm */ + + hashp++; + token = strpbrk(line, ", \t"); + hashlen = token - hashp; + if (hashlen <= 0) { + log_err("Missing fsverity hash\n"); + continue; + } + + assert(hashlen / 2 <= sizeof(hash)); + hex2bin(hash, hashp, hashlen / 2); + + ret = calc_hash_sigv3(IMA_VERITY_DIGSIG, algo, hash, + sigv3_hash); + if (ret < 0 || ret == 1) { + log_info("Failure to calculate fs-verity hash\n"); + continue; + } + + siglen = sign_hash(algo, sigv3_hash, hashlen / 2, + key, NULL, sig + 1); + + sig[0] = IMA_VERITY_DIGSIG; + sig[1] = DIGSIG_VERSION_3; /* sigv3 */ + } else { + token = strpbrk(line, ", \t"); + hashlen = token ? token - line : strlen(line); + assert(hashlen / 2 <= sizeof(hash)); + hex2bin(hash, line, hashlen / 2); + + siglen = sign_hash(imaevm_params.hash_algo, hash, + hashlen / 2, key, NULL, sig + 1); + sig[0] = EVM_IMA_XATTR_DIGSIG; + } - assert(hashlen / 2 <= sizeof(hash)); - hex2bin(hash, line, hashlen / 2); - siglen = sign_hash(imaevm_params.hash_algo, hash, hashlen / 2, - key, NULL, sig + 1); if (siglen <= 1) return siglen; assert(siglen < sizeof(sig)); @@ -2568,7 +2633,7 @@ struct command cmds[] = { {"ima_boot_aggregate", cmd_ima_bootaggr, 0, "[--pcrs hash-algorithm,file] [TPM 1.2 BIOS event log]", "Calculate per TPM bank boot_aggregate digests\n"}, {"ima_fix", cmd_ima_fix, 0, "[-t fdsxm] path", "Recursively fix IMA/EVM xattrs in fix mode.\n"}, {"ima_clear", cmd_ima_clear, 0, "[-t fdsxm] path", "Recursively remove IMA/EVM xattrs.\n"}, - {"sign_hash", cmd_sign_hash, 0, "[--key key] [--pass [password]", "Sign hashes from shaXsum output.\n"}, + {"sign_hash", cmd_sign_hash, 0, "[--veritysig] [--key key] [--pass [password]", "Sign hashes from either shaXsum or \"fsverity digest\" output.\n"}, #ifdef DEBUG {"hmac", cmd_hmac_evm, 0, "[--imahash | --imasig ] file", "Sign file metadata with HMAC using symmetric key (for testing purpose).\n"}, #endif @@ -2608,6 +2673,7 @@ static struct option opts[] = { {"verify-bank", 2, 0, 143}, {"keyid", 1, 0, 144}, {"keyid-from-cert", 1, 0, 145}, + {"veritysig", 0, 0, 146}, {} }; @@ -2838,6 +2904,9 @@ int main(int argc, char *argv[]) } imaevm_params.keyid = keyid; break; + case 146: + veritysig = 1; + break; case '?': exit(1); break; diff --git a/src/imaevm.h b/src/imaevm.h index 0d53a0232ae4..afcf1e042014 100644 --- a/src/imaevm.h +++ b/src/imaevm.h @@ -93,6 +93,7 @@ enum evm_ima_xattr_type { EVM_IMA_XATTR_DIGSIG, IMA_XATTR_DIGEST_NG, EVM_XATTR_PORTABLE_DIGSIG, + IMA_VERITY_DIGSIG, }; struct h_misc { @@ -138,7 +139,8 @@ enum digest_algo { enum digsig_version { DIGSIG_VERSION_1 = 1, - DIGSIG_VERSION_2 + DIGSIG_VERSION_2, + DIGSIG_VERSION_3 /* hash of ima_file_id struct (portion used) */ }; struct pubkey_hdr { @@ -233,5 +235,6 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsig void init_public_keys(const char *keyfiles); int imaevm_hash_algo_from_sig(unsigned char *sig); const char *imaevm_hash_algo_by_id(int algo); +int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo, const unsigned char *in_hash, unsigned char *out_hash); #endif diff --git a/src/libimaevm.c b/src/libimaevm.c index a4f2ec40684d..af145bd62ac9 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -497,6 +497,91 @@ err: return ret; } +#define HASH_MAX_DIGESTSIZE 512 + +struct ima_file_id { + __u8 hash_type; /* xattr type [enum evm_ima_xattr_type] */ + __u8 hash_algorithm; /* Digest algorithm [enum hash_algo] */ + __u8 hash[HASH_MAX_DIGESTSIZE]; +} __packed; + +/* + * Calculate the signature format version 3 hash based on the portion + * of the ima_file_id structure used, not the entire structure. + * + * For openssl errors return 1, other errors return -EINVAL. + */ +int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo, + const unsigned char *in_hash, unsigned char *out_hash) +{ + struct ima_file_id file_id = { .hash_type = IMA_VERITY_DIGSIG }; + uint8_t *data = (uint8_t *) &file_id; + + const EVP_MD *md; + EVP_MD_CTX *pctx; + unsigned int mdlen; + int err; +#if OPENSSL_VERSION_NUMBER < 0x10100000 + EVP_MD_CTX ctx; + pctx = &ctx; +#else + pctx = EVP_MD_CTX_new(); +#endif + int hash_algo; + int hash_size; + unsigned int unused; + + if (type != IMA_VERITY_DIGSIG) { + log_err("Only fsverity supports signature format v3 (sigv3)\n"); + return -EINVAL; + } + + if ((hash_algo = imaevm_get_hash_algo(algo)) < 0) { + log_err("Hash algorithm %s not supported\n", algo); + return -EINVAL; + } + file_id.hash_algorithm = hash_algo; + + md = EVP_get_digestbyname(algo); + if (!md) { + log_err("EVP_get_digestbyname(%s) failed\n", algo); + err = 1; + goto err; + } + + hash_size = EVP_MD_size(md); + memcpy(file_id.hash, in_hash, hash_size); + + err = EVP_DigestInit(pctx, md); + if (!err) { + log_err("EVP_DigestInit() failed\n"); + err = 1; + goto err; + } + + unused = HASH_MAX_DIGESTSIZE - hash_size; + if (!EVP_DigestUpdate(pctx, data, sizeof(file_id) - unused)) { + log_err("EVP_DigestUpdate() failed\n"); + err = 1; + goto err; + } + + err = EVP_DigestFinal(pctx, out_hash, &mdlen); + if (!err) { + log_err("EVP_DigestFinal() failed\n"); + err = 1; + goto err; + } + err = mdlen; +err: + if (err == 1) + output_openssl_errors(); +#if OPENSSL_VERSION_NUMBER >= 0x10100000 + EVP_MD_CTX_free(pctx); +#endif + return err; +} + int imaevm_get_hash_algo(const char *algo) { int i; From patchwork Fri May 20 16:11:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 12856951 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8485EC433F5 for ; Fri, 20 May 2022 16:11:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237517AbiETQLc (ORCPT ); Fri, 20 May 2022 12:11:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36342 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1351573AbiETQLX (ORCPT ); Fri, 20 May 2022 12:11:23 -0400 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E0D11D301 for ; Fri, 20 May 2022 09:11:19 -0700 (PDT) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24KFvYSn025425; Fri, 20 May 2022 16:11:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=gi1GSpgjWZSeFPeZ/+t7zcpxDuaJQ+rCFqStyFdpChA=; b=QuWwwE0dUP6zmclJEqtwguuRzgw0OAvWGT1F1KPYqkIq5AhxR6NiwK4xTtOeTqA6FjpZ 9PAgYh3VQwfOHsloJfU/TYSYbkwdmS1ertSIGk7cGAiU1P1yfxJ4caCj6EJ6B6igjRW2 QuMZvUB6lvMZfuYUv8L1sJICwS1yATAdHN+AwA7hUGCdfYJjvFBUZWkwd6HAUN8aOaDd ycIbZvaC/aFJcUyc153QagxmWbyp4NA6as08mpSqsF515F1LvEWgjFC575IlR+73WXQg VLPrg9f8Jfr9YNvjJrtJcKixprvFZC7S4zisqrpgCl/UtAcbShAAiHvnUky5rzM6EaLQ LA== Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3g6e3a887q-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:17 +0000 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 24KFql1X023399; Fri, 20 May 2022 16:11:15 GMT Received: from b06cxnps4076.portsmouth.uk.ibm.com (d06relay13.portsmouth.uk.ibm.com [9.149.109.198]) by ppma03ams.nl.ibm.com with ESMTP id 3g2429h2sq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 20 May 2022 16:11:15 +0000 Received: from d06av21.portsmouth.uk.ibm.com (d06av21.portsmouth.uk.ibm.com [9.149.105.232]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 24KGBCOa39125404 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 20 May 2022 16:11:12 GMT Received: from d06av21.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EA1BF5204E; Fri, 20 May 2022 16:11:11 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.65.82.251]) by d06av21.portsmouth.uk.ibm.com (Postfix) with ESMTP id 4F3F85204F; Fri, 20 May 2022 16:11:11 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar , Eric Biggers , Stefan Berger Subject: [PATCH v3 ima-evm-utils 3/3] Verify an fs-verity file digest based signature Date: Fri, 20 May 2022 12:11:03 -0400 Message-Id: <20220520161103.373554-4-zohar@linux.ibm.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20220520161103.373554-1-zohar@linux.ibm.com> References: <20220520161103.373554-1-zohar@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: HWD1erkWIIx9ZiAP4TaRtY9Ol04L2MmQ X-Proofpoint-ORIG-GUID: HWD1erkWIIx9ZiAP4TaRtY9Ol04L2MmQ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-20_04,2022-05-20_02,2022-02-23_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 priorityscore=1501 impostorscore=0 bulkscore=0 spamscore=0 mlxscore=0 phishscore=0 suspectscore=0 lowpriorityscore=0 malwarescore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2205200106 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org ima-evm-utils does not attempt to calculate or even read the fs-verity file hash, but can verify the fs-verity signature based on the fsverity file hash, both contained in the measurement list record. Example: evmctl ima_measurement --key \ --verify-sig /sys/kernel/security/ima/binary_runtime_measurements Modify 'sig' argument of verify_hash() to be the full xattr in order to differentiate signatures types. Note: Kernel commit b1aaab22e263 ("ima: pass full xattr with the signature") added the 'type' to signature_v2_hdr struct, which hasn't been reflected here. (todo) Signed-off-by: Mimi Zohar Reviewed-by: Stefan Berger --- src/evmctl.c | 11 +++++-- src/libimaevm.c | 77 ++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 75 insertions(+), 13 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index c7c8c8cf6e89..6af72255bf72 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -909,7 +909,7 @@ static int verify_evm(const char *file) return mdlen; assert(mdlen <= sizeof(hash)); - return verify_hash(file, hash, mdlen, sig + 1, len - 1); + return verify_hash(file, hash, mdlen, sig, len); } static int cmd_verify_evm(struct command *cmd) @@ -1574,7 +1574,8 @@ void ima_ng_show(struct template_entry *entry) fieldp += field_len; total_len -= field_len; - if (!strcmp(entry->name, "ima-sig")) { + if (!strcmp(entry->name, "ima-sig") || + !strcmp(entry->name, "ima-sigv2")) { /* get signature */ field_len = *(uint32_t *)fieldp; fieldp += sizeof(field_len); @@ -1620,11 +1621,17 @@ void ima_ng_show(struct template_entry *entry) log_info(" "); log_dump(sig, sig_len); } + + /* + * Either verify the signature against the hash contained in + * the measurement list or calculate the hash. + */ if (verify_list_sig) err = ima_verify_signature(path, sig, sig_len, digest, digest_len); else err = ima_verify_signature(path, sig, sig_len, NULL, 0); + if (!err && imaevm_params.verbose > LOG_INFO) log_info("%s: verification is OK\n", path); } else { diff --git a/src/libimaevm.c b/src/libimaevm.c index af145bd62ac9..739ace5459e5 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -424,10 +424,21 @@ void init_public_keys(const char *keyfiles) } /* + * Verify a signature, prefixed with the signature_v2_hdr, either based + * directly or indirectly on the file data hash. + * + * version 2: directly based on the file data hash (e.g. sha*sum) + * version 3: indirectly based on the hash of the struct ima_file_id, which + * contains the xattr type (enum evm_ima_xattr_type), the hash + * algorithm (enum hash_algo), and the file data hash + * (e.g. fsverity digest). + * * Return: 0 verification good, 1 verification bad, -1 error. + * + * (Note: signature_v2_hdr struct does not contain the 'type'.) */ -static int verify_hash_v2(const char *file, const unsigned char *hash, int size, - unsigned char *sig, int siglen) +static int verify_hash_common(const char *file, const unsigned char *hash, + int size, unsigned char *sig, int siglen) { int ret = -1; EVP_PKEY *pkey, *pkey_free = NULL; @@ -497,6 +508,39 @@ err: return ret; } +/* + * Verify a signature, prefixed with the signature_v2_hdr, directly based + * on the file data hash. + * + * Return: 0 verification good, 1 verification bad, -1 error. + */ +static int verify_hash_v2(const char *file, const unsigned char *hash, + int size, unsigned char *sig, int siglen) +{ + /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ + return verify_hash_common(file, hash, size, sig + 1, siglen - 1); +} + +/* + * Verify a signature, prefixed with the signature_v2_hdr, indirectly based + * on the file data hash. + * + * Return: 0 verification good, 1 verification bad, -1 error. + */ +static int verify_hash_v3(const char *file, const unsigned char *hash, + int size, unsigned char *sig, int siglen) +{ + unsigned char sigv3_hash[MAX_DIGEST_SIZE]; + int ret; + + ret = calc_hash_sigv3(sig[0], NULL, hash, sigv3_hash); + if (ret < 0) + return ret; + + /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ + return verify_hash_common(file, sigv3_hash, size, sig + 1, siglen - 1); +} + #define HASH_MAX_DIGESTSIZE 512 struct ima_file_id { @@ -536,6 +580,9 @@ int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo, return -EINVAL; } + if (!algo) + algo = imaevm_params.hash_algo; + if ((hash_algo = imaevm_get_hash_algo(algo)) < 0) { log_err("Hash algorithm %s not supported\n", algo); return -EINVAL; @@ -624,7 +671,7 @@ int imaevm_hash_algo_from_sig(unsigned char *sig) default: return -1; } - } else if (sig[0] == DIGSIG_VERSION_2) { + } else if (sig[0] == DIGSIG_VERSION_2 || sig[0] == DIGSIG_VERSION_3) { hashalgo = ((struct signature_v2_hdr *)sig)->hash_algo; if (hashalgo >= PKEY_HASH__LAST) return -1; @@ -633,11 +680,11 @@ int imaevm_hash_algo_from_sig(unsigned char *sig) return -1; } -int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, - int siglen) +int verify_hash(const char *file, const unsigned char *hash, int size, + unsigned char *sig, int siglen) { /* Get signature type from sig header */ - if (sig[0] == DIGSIG_VERSION_1) { + if (sig[1] == DIGSIG_VERSION_1) { const char *key = NULL; /* Read pubkey from RSA key */ @@ -645,9 +692,12 @@ int verify_hash(const char *file, const unsigned char *hash, int size, unsigned key = "/etc/keys/pubkey_evm.pem"; else key = imaevm_params.keyfile; - return verify_hash_v1(file, hash, size, sig, siglen, key); - } else if (sig[0] == DIGSIG_VERSION_2) { + return verify_hash_v1(file, hash, size, sig + 1, siglen - 1, + key); + } else if (sig[1] == DIGSIG_VERSION_2) { return verify_hash_v2(file, hash, size, sig, siglen); + } else if (sig[1] == DIGSIG_VERSION_3) { + return verify_hash_v3(file, hash, size, sig, siglen); } else return -1; } @@ -658,11 +708,16 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsigned char hash[MAX_DIGEST_SIZE]; int hashlen, sig_hash_algo; - if (sig[0] != EVM_IMA_XATTR_DIGSIG) { + if (sig[0] != EVM_IMA_XATTR_DIGSIG && sig[0] != IMA_VERITY_DIGSIG) { log_err("%s: xattr ima has no signature\n", file); return -1; } + if (!digest && sig[0] == IMA_VERITY_DIGSIG) { + log_err("%s: calculating the fs-verity digest is not supported\n", file); + return -1; + } + sig_hash_algo = imaevm_hash_algo_from_sig(sig + 1); if (sig_hash_algo < 0) { log_err("%s: Invalid signature\n", file); @@ -676,14 +731,14 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen, * measurement list, not by calculating the local file digest. */ if (digestlen > 0) - return verify_hash(file, digest, digestlen, sig + 1, siglen - 1); + return verify_hash(file, digest, digestlen, sig, siglen); hashlen = ima_calc_hash(file, hash); if (hashlen <= 1) return hashlen; assert(hashlen <= sizeof(hash)); - return verify_hash(file, hash, hashlen, sig + 1, siglen - 1); + return verify_hash(file, hash, hashlen, sig, siglen); } /*