From patchwork Sun Nov 19 16:50:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460490 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="AFsM1WiD" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84749C2 for ; Sun, 19 Nov 2023 08:50:59 -0800 (PST) Received: from pps.filterd (m0353725.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGmgr0019561 for ; Sun, 19 Nov 2023 16:50:58 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=CwkBaa4lsiRhYPNLE1On08nuVo9v/3eOSjH+gO+zC0M=; b=AFsM1WiDgCC/tuaAa5o3OR2kjhC6a7fSLTG60XQXxGnys0bBezSsodOT5vqkpd2vzO1D nOlwqJcSXPWit4tRVx87daWkVWryoYJ1WAxbpqyVVgjkjpcBlpfG2tz7mbDCenjvQRuO oriSR25S3jB/wuEhaesQ6CsWrB+3nfbQthuCMATJHlPZRO6nBMkq1y8h/0pq3VdZJHVQ pIKtw7SawbmjtzDkIAJ4Jb2KmDPYLmkkcgtSnUVvNHZC8upAxKTUBl+ULHTcQ5TUSZp7 FjZM2/caatdRV0l8U+A1fX38I14lxeV8wUlqLwMp8mVz4e1KD80MSbX1LTMLwpHHud3P kg== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ufp6s00sr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:50:58 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEEK7L007577 for ; Sun, 19 Nov 2023 16:50:57 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ufaa1khsm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:50:57 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGotCE17236692 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:50:55 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E3DCA20049; Sun, 19 Nov 2023 16:50:54 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2E5F520040; Sun, 19 Nov 2023 16:50:54 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:50:53 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 01/12] Rename "public_keys" to "g_public_keys" Date: Sun, 19 Nov 2023 11:50:32 -0500 Message-Id: <20231119165043.46960-2-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 98aBu5pSH5DfblVSr6abE6xmHIkZ9GwV X-Proofpoint-ORIG-GUID: 98aBu5pSH5DfblVSr6abE6xmHIkZ9GwV X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 bulkscore=0 phishscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 lowpriorityscore=0 suspectscore=0 priorityscore=1501 malwarescore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190128 In preparation for replacing the library global public_keys variable, which is not concurrency-safe, with a local variable, rename public_keys to g_public_keys. Signed-off-by: Mimi Zohar Reviewed-by: Stefan Berger --- src/libimaevm.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/libimaevm.c b/src/libimaevm.c index 5b224625644e..117a1a72b60c 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -370,14 +370,14 @@ struct public_key_entry { char name[9]; EVP_PKEY *key; }; -static struct public_key_entry *public_keys = NULL; +static struct public_key_entry *g_public_keys = NULL; static EVP_PKEY *find_keyid(uint32_t keyid) { - struct public_key_entry *entry, *tail = public_keys; + struct public_key_entry *entry, *tail = g_public_keys; int i = 1; - for (entry = public_keys; entry != NULL; entry = entry->next) { + for (entry = g_public_keys; entry != NULL; entry = entry->next) { if (entry->keyid == keyid) return entry->key; i++; @@ -394,7 +394,7 @@ static EVP_PKEY *find_keyid(uint32_t keyid) if (tail) tail->next = entry; else - public_keys = entry; + g_public_keys = entry; log_err("key %d: %x (unknown keyid)\n", i, __be32_to_cpup(&keyid)); return 0; } @@ -429,8 +429,8 @@ void init_public_keys(const char *keyfiles) calc_keyid_v2(&entry->keyid, entry->name, entry->key); sprintf(entry->name, "%x", __be32_to_cpup(&entry->keyid)); log_info("key %d: %s %s\n", i++, entry->name, keyfile); - entry->next = public_keys; - public_keys = entry; + entry->next = g_public_keys; + g_public_keys = entry; } free(keyfiles_free); } From patchwork Sun Nov 19 16:50:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460492 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="fuX5budB" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4574511D for ; Sun, 19 Nov 2023 08:51:09 -0800 (PST) Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAb9n012848 for ; Sun, 19 Nov 2023 16:51:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=uqVs7n8bbbpxZVlgRbqsHGQwwungLFmlOO7+nuYmo94=; b=fuX5budBQLEI3JRtYoL+ry2JB7YQS/Zy02hRwDdmWaX+ybFRyCIK0/X/yyLUIgBgcYwu ZEVohme+M5ABw4nYjd4IYJOPyCW4yS+ZOMXTRNRelL0GsUpw9wYTcJPaG7KUcYCNKvUl mxJ/VF//hOHOhhUt+HnpJMmey2YHEKH/g/TYLbT+N8ofMwMJSmssED1DTxvy+ldDIPMm KHNJ2cWul9ZyhtMrAok0OBMq+ndDV70A1mKH7i+w8mpmleW9rar3dxhZ7BhG4LJNBh6Q HD6Ack3corz5tuCfgATMYrbnLZUpWU3SQJRD80IvQ/DyrfB6lwt/uhm9TO39Y4fX6UmU PQ== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf1f6rcc8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:08 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJE8RJ9020958 for ; Sun, 19 Nov 2023 16:50:58 GMT Received: from smtprelay05.fra02v.mail.ibm.com ([9.218.2.225]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uf7ksmbgg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:50:58 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay05.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGouDK24511184 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:50:56 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0E9E92004B; Sun, 19 Nov 2023 16:50:56 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4585C20040; Sun, 19 Nov 2023 16:50:55 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:50:55 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 02/12] Free public keys list Date: Sun, 19 Nov 2023 11:50:33 -0500 Message-Id: <20231119165043.46960-3-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Lhp02MyLX2eY55NfeH2Dbaqhf0XfQbWr X-Proofpoint-ORIG-GUID: Lhp02MyLX2eY55NfeH2Dbaqhf0XfQbWr X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxscore=0 spamscore=0 bulkscore=0 suspectscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 On failure to allocate memory, free the public keys list. Signed-off-by: Mimi Zohar Reviewed-by: Stefan Berger --- src/imaevm.h | 1 + src/libimaevm.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/src/imaevm.h b/src/imaevm.h index 18d7b0e447e1..828976e52881 100644 --- a/src/imaevm.h +++ b/src/imaevm.h @@ -249,6 +249,7 @@ uint32_t imaevm_read_keyid(const char *certfile); int sign_hash(const char *algo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig); int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen); int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen); +void free_public_keys(void *public_keys); void init_public_keys(const char *keyfiles); int imaevm_hash_algo_from_sig(unsigned char *sig); const char *imaevm_hash_algo_by_id(int algo); diff --git a/src/libimaevm.c b/src/libimaevm.c index 117a1a72b60c..74e9d09b1f05 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -399,11 +399,25 @@ static EVP_PKEY *find_keyid(uint32_t keyid) return 0; } +void free_public_keys(void *public_keys) +{ + struct public_key_entry *entry = public_keys, *next; + + while (entry != NULL) { + next = entry->next; + if (entry->key) + free(entry->key); + free(entry); + entry = next; + } +} + void init_public_keys(const char *keyfiles) { struct public_key_entry *entry; char *tmp_keyfiles, *keyfiles_free; char *keyfile; + int err = 0; int i = 1; tmp_keyfiles = strdup(keyfiles); @@ -417,6 +431,7 @@ void init_public_keys(const char *keyfiles) entry = malloc(sizeof(struct public_key_entry)); if (!entry) { perror("malloc"); + err = -ENOMEM; break; } @@ -433,6 +448,8 @@ void init_public_keys(const char *keyfiles) g_public_keys = entry; } free(keyfiles_free); + if (err < 0) + free_public_keys(g_public_keys); } /* From patchwork Sun Nov 19 16:50:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460502 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="XU8rkyAa" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7BDEE128 for ; Sun, 19 Nov 2023 08:51:18 -0800 (PST) Received: from pps.filterd (m0353728.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGejvE001788 for ; Sun, 19 Nov 2023 16:51:18 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=72I2xOrg9vf1uTNNoibqCZ8b92D/DR31HNf4uRamXqA=; b=XU8rkyAaqIhKPJ73o0xHDZyk2jZbvD9MpwAv0w1OZrRGJfKL9Q3yfQDORr0NjewSTIww IKREYHO0GDH0+hI0pQQdxNAGgHWU+xfOibCDHZInnS31qOkv2ttvywSYGmEtGDjnOBGz HbEFQpOy0FcdJJiqVUwgdGvbh+PFl3oW6KXEFiQPNnIklvZ9F25iwAEiEpHT+2eJpepp hltT6MywNAUtkr6im+3Uq8H0VbHyA2gVtbZiCZbr+NLLKSuJuqak/GBz+PjS1x8BRfHA ZrlgiNiXSM3HnjwhgegpkPHsYFghjhzqXJOUjrMbU6wBlM8/+s2TP3naVFVof7FM5h9A RQ== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf0ndh2bx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:17 +0000 Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEBfQO031842 for ; Sun, 19 Nov 2023 16:51:01 GMT Received: from smtprelay07.fra02v.mail.ibm.com ([9.218.2.229]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf93kbwhn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:01 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay07.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGowPi9306814 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:50:58 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 089DF2004B; Sun, 19 Nov 2023 16:50:58 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 71E5C20040; Sun, 19 Nov 2023 16:50:56 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:50:56 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 03/12] Update library function definitions to include a "public_keys" parameter Date: Sun, 19 Nov 2023 11:50:34 -0500 Message-Id: <20231119165043.46960-4-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 0vKyW3VdzX9BaArKrp2J2m2RfffUkiky X-Proofpoint-ORIG-GUID: 0vKyW3VdzX9BaArKrp2J2m2RfffUkiky X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 spamscore=0 bulkscore=0 lowpriorityscore=0 clxscore=1015 impostorscore=0 adultscore=0 mlxscore=0 priorityscore=1501 phishscore=0 suspectscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Instead of relying on a global static "public_keys" variable, which is not concurrency-safe, update static library function definitions to include it as a parameter, define new library functions with it as a parameter, and deprecate existing functions. Define init_public_keys2(), verify_hash2(), and ima_verify_signature2() functions. Update static function defintions to include "public_keys". To avoid library incompatablity, make the existing functions - init_public_keys(), verify_hash(), ima_verify_signature() - wrappers for the new function versions. Deprecate init_public_keys(), verify_hash(), ima_verify_signature() functions. Signed-off-by: Mimi Zohar --- src/imaevm.h | 2 ++ src/libimaevm.c | 94 +++++++++++++++++++++++++++++++++++++------------ 2 files changed, 74 insertions(+), 22 deletions(-) diff --git a/src/imaevm.h b/src/imaevm.h index 828976e52881..146123ba5c42 100644 --- a/src/imaevm.h +++ b/src/imaevm.h @@ -249,8 +249,10 @@ uint32_t imaevm_read_keyid(const char *certfile); int sign_hash(const char *algo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig); int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen); int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen); +int ima_verify_signature2(void *public_keys, const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen); void free_public_keys(void *public_keys); void init_public_keys(const char *keyfiles); +int init_public_keys2(const char *keyfiles, void **public_keys); int imaevm_hash_algo_from_sig(unsigned char *sig); const char *imaevm_hash_algo_by_id(int algo); int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo, const unsigned char *in_hash, unsigned char *out_hash); diff --git a/src/libimaevm.c b/src/libimaevm.c index 74e9d09b1f05..bf8c99770ddc 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -372,12 +372,12 @@ struct public_key_entry { }; static struct public_key_entry *g_public_keys = NULL; -static EVP_PKEY *find_keyid(uint32_t keyid) +static EVP_PKEY *find_keyid(void *public_keys, uint32_t keyid) { - struct public_key_entry *entry, *tail = g_public_keys; + struct public_key_entry *entry, *tail = public_keys; int i = 1; - for (entry = g_public_keys; entry != NULL; entry = entry->next) { + for (entry = public_keys; entry != NULL; entry = entry->next) { if (entry->keyid == keyid) return entry->key; i++; @@ -394,7 +394,7 @@ static EVP_PKEY *find_keyid(uint32_t keyid) if (tail) tail->next = entry; else - g_public_keys = entry; + public_keys = (void *) entry; log_err("key %d: %x (unknown keyid)\n", i, __be32_to_cpup(&keyid)); return 0; } @@ -412,7 +412,7 @@ void free_public_keys(void *public_keys) } } -void init_public_keys(const char *keyfiles) +int init_public_keys2(const char *keyfiles, void **public_keys) { struct public_key_entry *entry; char *tmp_keyfiles, *keyfiles_free; @@ -420,6 +420,11 @@ void init_public_keys(const char *keyfiles) int err = 0; int i = 1; + if (!public_keys) + return -EINVAL; + + *public_keys = NULL; + tmp_keyfiles = strdup(keyfiles); keyfiles_free = tmp_keyfiles; @@ -444,12 +449,24 @@ void init_public_keys(const char *keyfiles) calc_keyid_v2(&entry->keyid, entry->name, entry->key); sprintf(entry->name, "%x", __be32_to_cpup(&entry->keyid)); log_info("key %d: %s %s\n", i++, entry->name, keyfile); - entry->next = g_public_keys; - g_public_keys = entry; + entry->next = (struct public_key_entry *) *public_keys; + *public_keys = (void *)entry; } + free(keyfiles_free); if (err < 0) - free_public_keys(g_public_keys); + free_public_keys(public_keys); + return err; +} + +/* + * Global static variables are not concurrency-safe. + * + * Deprecate init_public_keys() usage. + */ +void init_public_keys(const char *keyfiles) +{ + init_public_keys2(keyfiles, (void **)&g_public_keys); } /* @@ -466,7 +483,8 @@ void init_public_keys(const char *keyfiles) * * (Note: signature_v2_hdr struct does not contain the 'type'.) */ -static int verify_hash_common(const char *file, const unsigned char *hash, +static int verify_hash_common(void *public_keys, const char *file, + const unsigned char *hash, int size, unsigned char *sig, int siglen) { int ret = -1; @@ -481,7 +499,7 @@ static int verify_hash_common(const char *file, const unsigned char *hash, log_dump(hash, size); } - pkey = find_keyid(hdr->keyid); + pkey = find_keyid(public_keys, hdr->keyid); if (!pkey) { uint32_t keyid = hdr->keyid; @@ -543,11 +561,13 @@ err: * * Return: 0 verification good, 1 verification bad, -1 error. */ -static int verify_hash_v2(const char *file, const unsigned char *hash, +static int verify_hash_v2(void *public_keys, const char *file, + const unsigned char *hash, int size, unsigned char *sig, int siglen) { /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ - return verify_hash_common(file, hash, size, sig + 1, siglen - 1); + return verify_hash_common(public_keys, file, hash, size, + sig + 1, siglen - 1); } /* @@ -556,7 +576,8 @@ static int verify_hash_v2(const char *file, const unsigned char *hash, * * Return: 0 verification good, 1 verification bad, -1 error. */ -static int verify_hash_v3(const char *file, const unsigned char *hash, +static int verify_hash_v3(void *public_keys, const char *file, + const unsigned char *hash, int size, unsigned char *sig, int siglen) { unsigned char sigv3_hash[MAX_DIGEST_SIZE]; @@ -567,7 +588,8 @@ static int verify_hash_v3(const char *file, const unsigned char *hash, return ret; /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ - return verify_hash_common(file, sigv3_hash, size, sig + 1, siglen - 1); + return verify_hash_common(public_keys, file, sigv3_hash, size, + sig + 1, siglen - 1); } #define HASH_MAX_DIGESTSIZE 64 /* kernel HASH_MAX_DIGESTSIZE is 64 bytes */ @@ -710,8 +732,9 @@ int imaevm_hash_algo_from_sig(unsigned char *sig) return -1; } -int verify_hash(const char *file, const unsigned char *hash, int size, - unsigned char *sig, int siglen) +int verify_hash2(void *public_keys, const char *file, + const unsigned char *hash, int size, + unsigned char *sig, int siglen) { /* Get signature type from sig header */ if (sig[1] == DIGSIG_VERSION_1) { @@ -730,15 +753,29 @@ int verify_hash(const char *file, const unsigned char *hash, int size, return -1; #endif } else if (sig[1] == DIGSIG_VERSION_2) { - return verify_hash_v2(file, hash, size, sig, siglen); + return verify_hash_v2(public_keys, file, hash, size, + sig, siglen); } else if (sig[1] == DIGSIG_VERSION_3) { - return verify_hash_v3(file, hash, size, sig, siglen); + return verify_hash_v3(public_keys, file, hash, size, + sig, siglen); } else return -1; } -int ima_verify_signature(const char *file, unsigned char *sig, int siglen, - unsigned char *digest, int digestlen) +/* + * Global static variables are not concurrency-safe. + * + * Deprecate verify_hash() usage. + */ +int verify_hash(const char *file, const unsigned char *hash, int size, + unsigned char *sig, int siglen) +{ + return verify_hash2(g_public_keys, file, hash, size, sig, siglen); +} + +int ima_verify_signature2(void *public_keys, const char *file, + unsigned char *sig, int siglen, + unsigned char *digest, int digestlen) { unsigned char hash[MAX_DIGEST_SIZE]; int hashlen, sig_hash_algo; @@ -766,14 +803,27 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen, * measurement list, not by calculating the local file digest. */ if (digest && digestlen > 0) - return verify_hash(file, digest, digestlen, sig, siglen); + return verify_hash2(public_keys, file, digest, digestlen, + sig, siglen); hashlen = ima_calc_hash(file, hash); if (hashlen <= 1) return hashlen; assert(hashlen <= sizeof(hash)); - return verify_hash(file, hash, hashlen, sig, siglen); + return verify_hash2(public_keys, file, hash, hashlen, sig, siglen); +} + +/* + * Global static variables are not concurrency-safe. + * + * Deprecate ima_verify_signature() usage. + */ +int ima_verify_signature(const char *file, unsigned char *sig, int siglen, + unsigned char *digest, int digestlen) +{ + return ima_verify_signature2(g_public_keys, file, sig, siglen, + digest, digestlen); } #if CONFIG_SIGV1 From patchwork Sun Nov 19 16:50:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460501 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="VVidqJBS" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 78CF2129 for ; Sun, 19 Nov 2023 08:51:19 -0800 (PST) Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAXAD001007 for ; Sun, 19 Nov 2023 16:51:19 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=DAxWLUHQi7gJNhVtOjrWiEzpRRZcGPOOnQluiUzerXY=; b=VVidqJBSZf0U/KzbDzQvkP+Zutowqqh0uxfVeLymVgQtmrqj/uKIUHFtl2+oNzpYc0ua W6Tjmj5m01EFIVwjV2OPgt/JC84kd/mP3dXXE4Ipmgo9NnHNWrfnPVq0dj/idvmq7FKN vE5RM8Nav3J3h5xLkyqEoKAvlQmd3ZIjtZgCpmHgmgkSWxyYpX4wi7d4O9xAOTV4MIV6 buQyzMjTxyKcgn6QhQXZjK7apbhwqYnL2kcGij6fjMXzbYwQGf0fE0t0zqVK8d0F/IUU e+vVJfMDZVlcyZVJjiqA6y3NyxTb3afZaazMJYJPDytFzlRtos7HQgmPO39tb4BB+LQy 3A== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ueywxsk7m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:18 +0000 Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJE6GXO031867 for ; Sun, 19 Nov 2023 16:51:02 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf93kbwhp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:02 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGoxDl524874 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:50:59 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A94620049; Sun, 19 Nov 2023 16:50:59 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5792E20040; Sun, 19 Nov 2023 16:50:58 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:50:58 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 04/12] Update a library function definition to include a "hash_algo" parameter Date: Sun, 19 Nov 2023 11:50:35 -0500 Message-Id: <20231119165043.46960-5-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: rdfXLlYjpHGVDBXosMCKD2ewLk-49ZRt X-Proofpoint-ORIG-GUID: rdfXLlYjpHGVDBXosMCKD2ewLk-49ZRt X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 mlxlogscore=859 malwarescore=0 clxscore=1015 impostorscore=0 bulkscore=0 adultscore=0 priorityscore=1501 suspectscore=0 spamscore=0 lowpriorityscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Instead of relying on a global "hash_algo" variable, which is not concurrency-safe, update the verify_hash2() function definition to include a "hash_algo" parameter as a place holder. Export the verify_hash2() definition. Define verify_hash2(). To avoid library incompatablity, make the existing function verify_hash() a function wrapper for verify_hash2(). Signed-off-by: Mimi Zohar --- src/imaevm.h | 1 + src/libimaevm.c | 9 +++++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/imaevm.h b/src/imaevm.h index 146123ba5c42..1ed2c81d510d 100644 --- a/src/imaevm.h +++ b/src/imaevm.h @@ -248,6 +248,7 @@ uint32_t imaevm_read_keyid(const char *certfile); int sign_hash(const char *algo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig); int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen); +int verify_hash2(void *public_keys, const char *file, const char *hash_algo, const unsigned char *hash, int size, unsigned char *sig, int siglen); int ima_verify_signature(const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen); int ima_verify_signature2(void *public_keys, const char *file, unsigned char *sig, int siglen, unsigned char *digest, int digestlen); void free_public_keys(void *public_keys); diff --git a/src/libimaevm.c b/src/libimaevm.c index bf8c99770ddc..e64d167a2a8a 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -732,7 +732,7 @@ int imaevm_hash_algo_from_sig(unsigned char *sig) return -1; } -int verify_hash2(void *public_keys, const char *file, +int verify_hash2(void *public_keys, const char *file, const char *hash_algo, const unsigned char *hash, int size, unsigned char *sig, int siglen) { @@ -770,7 +770,7 @@ int verify_hash2(void *public_keys, const char *file, int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen) { - return verify_hash2(g_public_keys, file, hash, size, sig, siglen); + return verify_hash2(g_public_keys, file, NULL, hash, size, sig, siglen); } int ima_verify_signature2(void *public_keys, const char *file, @@ -803,7 +803,7 @@ int ima_verify_signature2(void *public_keys, const char *file, * measurement list, not by calculating the local file digest. */ if (digest && digestlen > 0) - return verify_hash2(public_keys, file, digest, digestlen, + return verify_hash2(public_keys, file, NULL, digest, digestlen, sig, siglen); hashlen = ima_calc_hash(file, hash); @@ -811,7 +811,8 @@ int ima_verify_signature2(void *public_keys, const char *file, return hashlen; assert(hashlen <= sizeof(hash)); - return verify_hash2(public_keys, file, hash, hashlen, sig, siglen); + return verify_hash2(public_keys, file, NULL, hash, hashlen, + sig, siglen); } /* From patchwork Sun Nov 19 16:50:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460495 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="hU6xiF91" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D2DE1131 for ; Sun, 19 Nov 2023 08:51:09 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAcMZ017391 for ; Sun, 19 Nov 2023 16:51:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=9vvkwpEZcAohfpkYGEMtMEDReGeC6jLu2WKBBRjVq8M=; b=hU6xiF91It2ZT/RG81R0Yim3dcBtZgm8/qh84bVt/QTBssrBrwCmEDUFxMVclMsj74vO +m2y7z/We6Mwyven1O/YmY4tmfBFCpp3y4Vghw29z2il4tPRPxya5pOmeYqGxthT6HSD 5hE8NqPd8AeHzKiVds0NdOi1Xufoi5wya/oO7zQrsD8yThv9z1nJ7qKftlO/h8YO3jri 9d89sTnC7aVrh9V26+KuHwe5Hez3WU7PnsyfbPvVX2tYqDHNWmmydEgBnDWLsB1r7l2I EDBO22jxGs2Ee/rv9rcMyFRObuhPN+H1e+7ngRvbpaueyhOzrV1Q0BNDNMb9cuSFoR8B Jw== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf0k39785-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:09 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEFH0e002179 for ; Sun, 19 Nov 2023 16:51:03 GMT Received: from smtprelay02.fra02v.mail.ibm.com ([9.218.2.226]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf7yy47kc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:03 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay02.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp0QX22413984 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:00 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7153B20049; Sun, 19 Nov 2023 16:51:00 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6AD3A20040; Sun, 19 Nov 2023 16:50:59 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:50:59 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 05/12] Update cmd_verify_ima() to define and use a local list of public keys Date: Sun, 19 Nov 2023 11:50:36 -0500 Message-Id: <20231119165043.46960-6-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: doBd-GtrH9ZZ2t5ltp4D91B4Gme6Wcuh X-Proofpoint-ORIG-GUID: doBd-GtrH9ZZ2t5ltp4D91B4Gme6Wcuh X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 spamscore=0 phishscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Update the static verify_ima() fucntion definition to include "public_keys". Replace calling init_public_keys() with the init_public_keys2() version. Similarly replace ima_verify_signature() with the ima_verify_signature2() version. Free the local public keys list. Signed-off-by: Mimi Zohar --- src/evmctl.c | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index 4190913f0295..bf1f8f07e9ca 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -972,7 +972,7 @@ static int cmd_verify_evm(struct command *cmd) return err; } -static int verify_ima(const char *file) +static int verify_ima(void *public_keys, const char *file) { unsigned char sig[MAX_SIGNATURE_SIZE]; int len; @@ -999,34 +999,37 @@ static int verify_ima(const char *file) } } - return ima_verify_signature(file, sig, len, NULL, 0); + return ima_verify_signature2(public_keys, file, sig, len, NULL, 0); } static int cmd_verify_ima(struct command *cmd) { char *file = g_argv[optind++]; + void *public_keys = NULL; int err, fails = 0; - if (imaevm_params.x509) { - if (imaevm_params.keyfile) /* Support multiple public keys */ - init_public_keys(imaevm_params.keyfile); - else /* assume read pubkey from x509 cert */ - init_public_keys("/etc/keys/x509_evm.der"); - } - if (!file) { log_err("Parameters missing\n"); print_usage(cmd); return -1; } + if (imaevm_params.x509) { + if (imaevm_params.keyfile) /* Support multiple public keys */ + init_public_keys2(imaevm_params.keyfile, &public_keys); + else /* assume read pubkey from x509 cert */ + init_public_keys2("/etc/keys/x509_evm.der", &public_keys); + } + do { - err = verify_ima(file); + err = verify_ima(public_keys, file); if (err) fails++; if (!err && imaevm_params.verbose >= LOG_INFO) log_info("%s: verification is OK\n", file); } while ((file = g_argv[optind++])); + + free_public_keys(public_keys); return fails > 0; } From patchwork Sun Nov 19 16:50:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460498 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="DCXaWRNv" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA256133 for ; Sun, 19 Nov 2023 08:51:09 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAblC017234 for ; Sun, 19 Nov 2023 16:51:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=xsFDbpYv4KK3iZzG6K+S+qOaUg39s83duIgJ/jl3FDE=; b=DCXaWRNvQtOZFRl8Cx+jMvTPHB9QRGC33+lcZZgH25TtkL/aqcj8oiEvqUm4w3JCzh4j ltWUPXdXrd5xlXXsL0aR+bgFhpyZvdowIkUw89iBas1/gO1xkxL31dfgNGBihP1gKfZx DO0k36ktJ+q21Tp7eArV6XqLqcnChHBhQPmwt3v1+XuPgSduglEdSZeDgdDIhYCKZpgu gGz/K6T446tVbcHHXf3NLlQpONT2p7xxVXXp/NmUpXY4J9RGVbgOB42YH4q8BnUp8PWw xktOrMCLkjOLZ9YdWFHbNvlo6VcWCtvOLUUMgruoYHsL1aKCfmuLPRgH6x8wZ7h4h1kc lA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf0k39787-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:08 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEADkV020985 for ; Sun, 19 Nov 2023 16:51:04 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uf7ksmbgq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:04 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp1Rb22413982 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:01 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 767CB2004B; Sun, 19 Nov 2023 16:51:01 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C245A20040; Sun, 19 Nov 2023 16:51:00 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:00 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 06/12] Update cmd_verify_evm to define and use a local list of public keys Date: Sun, 19 Nov 2023 11:50:37 -0500 Message-Id: <20231119165043.46960-7-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: cw_EPaxtff2u7qhSBtgvwxXrVoZEW_mK X-Proofpoint-ORIG-GUID: cw_EPaxtff2u7qhSBtgvwxXrVoZEW_mK X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 mlxlogscore=999 malwarescore=0 spamscore=0 phishscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Replace calling init_public_keys() with the init_public_keys2() version. Similarly replace verify_hash() with the verify_hash2() version. Update the static function verify_evm() definition to include a "public_keys" parameter. Free the local public keys list. Signed-off-by: Mimi Zohar --- src/evmctl.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index bf1f8f07e9ca..f796edfce5f1 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -905,7 +905,7 @@ static int cmd_sign_evm(struct command *cmd) return do_cmd(cmd, sign_evm_path); } -static int verify_evm(const char *file) +static int verify_evm(void *public_keys, const char *file) { unsigned char hash[MAX_DIGEST_SIZE]; unsigned char sig[MAX_SIGNATURE_SIZE]; @@ -945,12 +945,14 @@ static int verify_evm(const char *file) return mdlen; assert(mdlen <= sizeof(hash)); - return verify_hash(file, hash, mdlen, sig, len); + return verify_hash2(public_keys, file, imaevm_params.hash_algo, + hash, mdlen, sig, len); } static int cmd_verify_evm(struct command *cmd) { char *file = g_argv[optind++]; + void *public_keys = NULL; int err; if (!file) { @@ -961,14 +963,17 @@ static int cmd_verify_evm(struct command *cmd) if (imaevm_params.x509) { if (imaevm_params.keyfile) /* Support multiple public keys */ - init_public_keys(imaevm_params.keyfile); + init_public_keys2(imaevm_params.keyfile, &public_keys); else /* assume read pubkey from x509 cert */ - init_public_keys("/etc/keys/x509_evm.der"); + init_public_keys2("/etc/keys/x509_evm.der", + &public_keys); } - err = verify_evm(file); + err = verify_evm(public_keys, file); if (!err && imaevm_params.verbose >= LOG_INFO) log_info("%s: verification is OK\n", file); + + free_public_keys(public_keys); return err; } From patchwork Sun Nov 19 16:50:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460491 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="DZT/Y7kS" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 596B0C2 for ; Sun, 19 Nov 2023 08:51:07 -0800 (PST) Received: from pps.filterd (m0353724.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGjlA8001278 for ; Sun, 19 Nov 2023 16:51:06 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=h8k5e1xi3ueTVsJb0ixqXSOjGig/p/ZOnqJW5ycn/u8=; b=DZT/Y7kSDgHNlJQfe9GPdYeRo9tqxEXRi/G5cakF+6SMlpi/C85eoUPZPXPBJz1G0O+R SkyvaKeTvMydCbFnHIQ/70AeVWPQeAZjY0m6kMFYTyqpAQmbstjLRKHzAOB/wWBAoE/F UzdJaffirMsV10CG7jSUyKf17x/CeZbW6WHII4b+eghprX3kNtp5QPTqo5qlAN4DzrCH Z1H8bRshC77AaiiQGIu58+YBcVYmbc0vcRx6X9X3+5++XYIYeOzqNRg8kxt/XVIUAC9q Stfkhohje0nxVS9aEUZP28CaqFMAIJGmAbB/ayJAxFj9o6/bXH5yfsPHIiG9UH2y1bhd TQ== Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ufn9t0rnw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:06 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJE7qf8001217 for ; Sun, 19 Nov 2023 16:51:05 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf8knc1rx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:05 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp2ns30998812 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:02 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 796AC20049; Sun, 19 Nov 2023 16:51:02 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C52F920040; Sun, 19 Nov 2023 16:51:01 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:01 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 07/12] Update ima_measurements to define and use a local list of public keys Date: Sun, 19 Nov 2023 11:50:38 -0500 Message-Id: <20231119165043.46960-8-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: __znljJbG173R28CcL64POA-c-t6MjKh X-Proofpoint-GUID: __znljJbG173R28CcL64POA-c-t6MjKh X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 bulkscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 clxscore=1015 spamscore=0 priorityscore=1501 mlxscore=0 phishscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190128 Replace calling init_public_keys() with the init_public_keys2() version. Similarly replace ima_verify_signature() with the ima_verify_signature2() version. Update the static ima_ng_show() function definition to include a "public_keys" parameter. Free the local public keys list. Signed-off-by: Mimi Zohar --- src/evmctl.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index f796edfce5f1..ad4565b3ee52 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -1614,7 +1614,7 @@ static int lookup_template_name_entry(char *template_name) return 0; } -void ima_ng_show(struct template_entry *entry) +static void ima_ng_show(void *public_keys, struct template_entry *entry) { uint8_t *fieldp = entry->template; uint32_t field_len; @@ -1740,10 +1740,12 @@ void ima_ng_show(struct template_entry *entry) * the measurement list or calculate the hash. */ if (verify_list_sig) - err = ima_verify_signature(path, sig, sig_len, - digest, digest_len); + err = ima_verify_signature2(public_keys, path, + sig, sig_len, + digest, digest_len); else - err = ima_verify_signature(path, sig, sig_len, NULL, 0); + err = ima_verify_signature2(public_keys, path, + sig, sig_len, NULL, 0); if (!err && imaevm_params.verbose > LOG_INFO) log_info("%s: verification is OK\n", path); @@ -2223,6 +2225,7 @@ static int ima_measurement(const char *file) int first_record = 1; unsigned int pseudo_padded_banks_mask, pseudo_banks_mask; unsigned long entry_num = 0; + void *public_keys = NULL; int c; struct template_entry entry = { .template = NULL }; @@ -2252,9 +2255,9 @@ static int ima_measurement(const char *file) } if (imaevm_params.keyfile) /* Support multiple public keys */ - init_public_keys(imaevm_params.keyfile); + init_public_keys2(imaevm_params.keyfile, &public_keys); else /* assume read pubkey from x509 cert */ - init_public_keys("/etc/keys/x509_evm.der"); + init_public_keys2("/etc/keys/x509_evm.der", &public_keys); if (errno) log_errno_reset(LOG_DEBUG, "Failure in initializing public keys"); @@ -2405,7 +2408,7 @@ static int ima_measurement(const char *file) if (is_ima_template) ima_show(&entry); else - ima_ng_show(&entry); + ima_ng_show(public_keys, &entry); if (!tpmbanks) continue; @@ -2464,6 +2467,7 @@ out_free: free(pseudo_banks); free(pseudo_padded_banks); free(entry.template); + free_public_keys(public_keys); return err; } From patchwork Sun Nov 19 16:50:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460493 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="hvwPJ8GL" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 635EE128 for ; Sun, 19 Nov 2023 08:51:09 -0800 (PST) Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAa2W012798 for ; Sun, 19 Nov 2023 16:51:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=tNU7n3T4oJv/TBLIx91ChqGEHptee8qGFGd5ERNKrdU=; b=hvwPJ8GLZX9jpq8YmN3U5wubnWZqi65zqONg3Q4tSrlJys3ouw/vgfov4cen7fdSm3sL N+u2rLYY1gB5UArBFmMfOZkCwVl6Cht4PVkmWq6uC02veA7b4B7QJXjlfqA7XcU41fyi IaGSH3k3p4VZr6AxHbiZocz0qVZYLgGyu597oW4levxD3qshFkUl1KtYctE5YS5lBtJ3 xZ1YoZB8zAX4Rt2LtwJS9Qfla1e5Db2qC0prjzdtpbLfW7Rfsx7cHS/V5doGnrbbLWMs io9F+SMcaKzs8PUfZJYHAu/6byfqvcYoolnpOCoii+QS33gJrnwGtw+X/t8nmac+hJ3z sw== Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf1f6rcd2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:08 +0000 Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJECoT9007586 for ; Sun, 19 Nov 2023 16:51:06 GMT Received: from smtprelay05.fra02v.mail.ibm.com ([9.218.2.225]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 3ufaa1kht5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:06 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay05.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp3wr23790134 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:03 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8B76720049; Sun, 19 Nov 2023 16:51:03 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D5C2320040; Sun, 19 Nov 2023 16:51:02 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:02 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 08/12] Define library ima_calc_hash2() function with a hash algorithm parameter Date: Sun, 19 Nov 2023 11:50:39 -0500 Message-Id: <20231119165043.46960-9-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: uKdk7bo9e-nLM-pd8TfAP9ifOncEzk9n X-Proofpoint-ORIG-GUID: uKdk7bo9e-nLM-pd8TfAP9ifOncEzk9n X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxscore=0 spamscore=0 bulkscore=0 suspectscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Instead of relying on the "imaevm_params.algo" global variable, which is not concurrency-safe, define a new library ima_calc_hash2() function with the hash algorithm as a parameter. To avoid library incompatablity, make the existing ima_calc_hash() function a wrapper for ima_calc_hash2(). Deprecate ima_calc_hash(). Signed-off-by: Mimi Zohar Reviewed-by: Stefan Berger --- src/imaevm.h | 1 + src/libimaevm.c | 12 ++++++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/imaevm.h b/src/imaevm.h index 1ed2c81d510d..81acd8df41cb 100644 --- a/src/imaevm.h +++ b/src/imaevm.h @@ -237,6 +237,7 @@ extern struct libimaevm_params imaevm_params; void imaevm_do_hexdump(FILE *fp, const void *ptr, int len, bool cr); void imaevm_hexdump(const void *ptr, int len); int ima_calc_hash(const char *file, uint8_t *hash); +int ima_calc_hash2(const char *file, const char *hash_algo, uint8_t *hash); int imaevm_get_hash_algo(const char *algo); RSA *read_pub_key(const char *keyfile, int x509); EVP_PKEY *read_pub_pkey(const char *keyfile, int x509); diff --git a/src/libimaevm.c b/src/libimaevm.c index e64d167a2a8a..4c9da7a2f06b 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -181,7 +181,7 @@ out: return err; } -int ima_calc_hash(const char *file, uint8_t *hash) +int ima_calc_hash2(const char *file, const char *hash_algo, uint8_t *hash) { const EVP_MD *md; struct stat st; @@ -202,10 +202,9 @@ int ima_calc_hash(const char *file, uint8_t *hash) goto err; } - md = EVP_get_digestbyname(imaevm_params.hash_algo); + md = EVP_get_digestbyname(hash_algo); if (!md) { - log_err("EVP_get_digestbyname(%s) failed\n", - imaevm_params.hash_algo); + log_err("EVP_get_digestbyname(%s) failed\n", hash_algo); err = 1; goto err; } @@ -246,6 +245,11 @@ err: return err; } +int ima_calc_hash(const char *file, uint8_t *hash) +{ + return ima_calc_hash2(file, imaevm_params.hash_algo, hash); +} + EVP_PKEY *read_pub_pkey(const char *keyfile, int x509) { FILE *fp; From patchwork Sun Nov 19 16:50:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460494 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="NxMxZFXf" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3CD6911A for ; Sun, 19 Nov 2023 08:51:09 -0800 (PST) Received: from pps.filterd (m0356517.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAbES012838 for ; Sun, 19 Nov 2023 16:51:09 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=zzWqt7hAhOLEJyzTcvtJBkb2JUZLezTzCsPX1S5FZpY=; b=NxMxZFXfWpwFvliGkPNumul/RTMJA5IwItKd3Ol0ZZrlMoYfirHoq461dWWBM0xdVJoL Rjlet6Jsxy+rh0st7/ZiigXXZF1hv1QLCk4GpPcrU6wm4Lkst/IRgeHyIuSpY6fjADyP 7hKCSgNmvObtgatZt6CcitDJio0jzDAiOUeTyurPJohod12GRox7G69HqAQFARHi6bQC ScXm3OQW5tmw7TVdBjeylFQdT5S3/w+vjPyx4/i/SCToYAA3ww4rcx9pmWAlVmxEAPq5 /ONmedeVlpV2pGt3jMpSfIFeKsC553ovHK+dCaGUzyikiJ1TAZcKZMwm691WEPpUwZXY IA== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf1f6rcd8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:08 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJE6Jq0021000 for ; Sun, 19 Nov 2023 16:51:07 GMT Received: from smtprelay06.fra02v.mail.ibm.com ([9.218.2.230]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uf7ksmbgv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:07 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay06.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp4b143713120 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:04 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BAA7220049; Sun, 19 Nov 2023 16:51:04 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D706720040; Sun, 19 Nov 2023 16:51:03 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:03 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 09/12] Use a local hash algorithm variable when verifying file signatures Date: Sun, 19 Nov 2023 11:50:40 -0500 Message-Id: <20231119165043.46960-10-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: RURGaFTzopUBr96rCFirr8T1P7PBzUsx X-Proofpoint-ORIG-GUID: RURGaFTzopUBr96rCFirr8T1P7PBzUsx X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 lowpriorityscore=0 clxscore=1015 phishscore=0 mlxscore=0 spamscore=0 bulkscore=0 suspectscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Instead of relying on the "imaevm_params.algo" global variable, which is not concurrency-safe, define and use a local variable. Update static verify_hash_v2(), verify_hash_v3(), and verify_hash_common() function definitions to include a hash algorithm argument. Similarly update ima_verify_signature2() and ima_calc_hash2() to define and use a local hash algorithm variable. Signed-off-by: Mimi Zohar --- src/libimaevm.c | 40 ++++++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/src/libimaevm.c b/src/libimaevm.c index 4c9da7a2f06b..18b6a6f27237 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -488,6 +488,7 @@ void init_public_keys(const char *keyfiles) * (Note: signature_v2_hdr struct does not contain the 'type'.) */ static int verify_hash_common(void *public_keys, const char *file, + const char *hash_algo, const unsigned char *hash, int size, unsigned char *sig, int siglen) { @@ -499,7 +500,7 @@ static int verify_hash_common(void *public_keys, const char *file, const char *st; if (imaevm_params.verbose > LOG_INFO) { - log_info("hash(%s): ", imaevm_params.hash_algo); + log_info("hash(%s): ", hash_algo); log_dump(hash, size); } @@ -530,7 +531,7 @@ static int verify_hash_common(void *public_keys, const char *file, if (!EVP_PKEY_verify_init(ctx)) goto err; st = "EVP_get_digestbyname"; - if (!(md = EVP_get_digestbyname(imaevm_params.hash_algo))) + if (!(md = EVP_get_digestbyname(hash_algo))) goto err; st = "EVP_PKEY_CTX_set_signature_md"; if (!EVP_PKEY_CTX_set_signature_md(ctx, md)) @@ -566,11 +567,12 @@ err: * Return: 0 verification good, 1 verification bad, -1 error. */ static int verify_hash_v2(void *public_keys, const char *file, + const char *hash_algo, const unsigned char *hash, int size, unsigned char *sig, int siglen) { /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ - return verify_hash_common(public_keys, file, hash, size, + return verify_hash_common(public_keys, file, hash_algo, hash, size, sig + 1, siglen - 1); } @@ -581,19 +583,20 @@ static int verify_hash_v2(void *public_keys, const char *file, * Return: 0 verification good, 1 verification bad, -1 error. */ static int verify_hash_v3(void *public_keys, const char *file, + const char *hash_algo, const unsigned char *hash, int size, unsigned char *sig, int siglen) { unsigned char sigv3_hash[MAX_DIGEST_SIZE]; int ret; - ret = calc_hash_sigv3(sig[0], NULL, hash, sigv3_hash); + ret = calc_hash_sigv3(sig[0], hash_algo, hash, sigv3_hash); if (ret < 0) return ret; /* note: signature_v2_hdr does not contain 'type', use sig + 1 */ - return verify_hash_common(public_keys, file, sigv3_hash, size, - sig + 1, siglen - 1); + return verify_hash_common(public_keys, file, hash_algo, sigv3_hash, + size, sig + 1, siglen - 1); } #define HASH_MAX_DIGESTSIZE 64 /* kernel HASH_MAX_DIGESTSIZE is 64 bytes */ @@ -636,8 +639,10 @@ int calc_hash_sigv3(enum evm_ima_xattr_type type, const char *algo, return -EINVAL; } - if (!algo) - algo = imaevm_params.hash_algo; + if (!algo) { + log_err("Hash algorithm unspecified\n"); + return -EINVAL; + } if ((hash_algo = imaevm_get_hash_algo(algo)) < 0) { log_err("Hash algorithm %s not supported\n", algo); @@ -757,10 +762,10 @@ int verify_hash2(void *public_keys, const char *file, const char *hash_algo, return -1; #endif } else if (sig[1] == DIGSIG_VERSION_2) { - return verify_hash_v2(public_keys, file, hash, size, + return verify_hash_v2(public_keys, file, hash_algo, hash, size, sig, siglen); } else if (sig[1] == DIGSIG_VERSION_3) { - return verify_hash_v3(public_keys, file, hash, size, + return verify_hash_v3(public_keys, file, hash_algo, hash, size, sig, siglen); } else return -1; @@ -774,7 +779,8 @@ int verify_hash2(void *public_keys, const char *file, const char *hash_algo, int verify_hash(const char *file, const unsigned char *hash, int size, unsigned char *sig, int siglen) { - return verify_hash2(g_public_keys, file, NULL, hash, size, sig, siglen); + return verify_hash2(g_public_keys, file, imaevm_params.hash_algo, + hash, size, sig, siglen); } int ima_verify_signature2(void *public_keys, const char *file, @@ -783,6 +789,7 @@ int ima_verify_signature2(void *public_keys, const char *file, { unsigned char hash[MAX_DIGEST_SIZE]; int hashlen, sig_hash_algo; + const char *hash_algo; if (sig[0] != EVM_IMA_XATTR_DIGSIG && sig[0] != IMA_VERITY_DIGSIG) { log_err("%s: xattr ima has no signature\n", file); @@ -800,22 +807,23 @@ int ima_verify_signature2(void *public_keys, const char *file, return -1; } /* Use hash algorithm as retrieved from signature */ - imaevm_params.hash_algo = imaevm_hash_algo_by_id(sig_hash_algo); + hash_algo = imaevm_hash_algo_by_id(sig_hash_algo); /* * Validate the signature based on the digest included in the * measurement list, not by calculating the local file digest. */ if (digest && digestlen > 0) - return verify_hash2(public_keys, file, NULL, digest, digestlen, - sig, siglen); + return verify_hash2(public_keys, file, + hash_algo, digest, digestlen, + sig, siglen); - hashlen = ima_calc_hash(file, hash); + hashlen = ima_calc_hash2(file, hash_algo, hash); if (hashlen <= 1) return hashlen; assert(hashlen <= sizeof(hash)); - return verify_hash2(public_keys, file, NULL, hash, hashlen, + return verify_hash2(public_keys, file, hash_algo, hash, hashlen, sig, siglen); } From patchwork Sun Nov 19 16:50:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460496 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="cdFJjcz1" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CE57A137 for ; Sun, 19 Nov 2023 08:51:10 -0800 (PST) Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJF9fGG021285 for ; Sun, 19 Nov 2023 16:51:10 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=bWnqHgBdRw/DjKfOn9Z9kzFqLboIroA5nbIT14EKU9M=; b=cdFJjcz19oDzVvvqYdH3fO5mE3cXkO5qGi/Yv7+UoS5COqrO6DQ/6FcHiNpERn9gk8OC hRdpGBPZVeGRJznQncEeZdsj17DjIEClSz28Mr+RX23IuyAxrqp2UAQ5EbNvkehvl8Eb /VqfAyZfLhkP4qxXCjDDwD+E9i+dYBRHsm94PT5zoBVkeFte33pKlC15zC/VEMQy7Cx9 XM1I0SuVkLS1ARnB9E0jqvwd9EzB6tWqY6jleOELz8X6XmL9UQmX7pRylIWfztng5Igo NtyStvTjRPto1YsbYXbMvB/UXIr6JzqMJypFF99EH6i9/ZhBfektHQ6aZRXxuGj4/5Tt 5w== Received: from ppma12.dal12v.mail.ibm.com (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ufmrs9dca-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:09 +0000 Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1]) by ppma12.dal12v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEEA5R020968 for ; Sun, 19 Nov 2023 16:51:09 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 3uf7ksmbh0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:09 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp6MC18874978 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:06 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2530F20049; Sun, 19 Nov 2023 16:51:06 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2ADD920040; Sun, 19 Nov 2023 16:51:05 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:04 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 10/12] Update EVM signature verification to use a local hash algorithm variable Date: Sun, 19 Nov 2023 11:50:41 -0500 Message-Id: <20231119165043.46960-11-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: L2sGq14idHiDlNFCqopoGXoOKNItSZfH X-Proofpoint-ORIG-GUID: L2sGq14idHiDlNFCqopoGXoOKNItSZfH X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 spamscore=0 clxscore=1015 impostorscore=0 bulkscore=0 adultscore=0 lowpriorityscore=0 priorityscore=1501 malwarescore=0 mlxscore=0 phishscore=0 mlxlogscore=999 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190128 Instead of relying on the "imaevm_params.algo" global variable, which is not concurrency-safe, define and use a local file hash algorithm variable. Update calc_evm_hash(), verify_hash2(). Signed-off-by: Mimi Zohar Reviewed-by: Stefan Berger --- src/evmctl.c | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index ad4565b3ee52..7ae897d8b8b3 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -340,7 +340,8 @@ err: * Returns 0 for EVP_ function failures. Return -1 for other failures. * Return hash algorithm size on success. */ -static int calc_evm_hash(const char *file, unsigned char *hash) +static int calc_evm_hash(const char *file, const char *hash_algo, + unsigned char *hash) { const EVP_MD *md; struct stat st; @@ -408,10 +409,9 @@ static int calc_evm_hash(const char *file, unsigned char *hash) } #endif - md = EVP_get_digestbyname(imaevm_params.hash_algo); + md = EVP_get_digestbyname(hash_algo); if (!md) { - log_err("EVP_get_digestbyname(%s) failed\n", - imaevm_params.hash_algo); + log_err("EVP_get_digestbyname(%s) failed\n", hash_algo); err = 0; goto out; } @@ -570,7 +570,7 @@ static int sign_evm(const char *file, const char *key) unsigned char sig[MAX_SIGNATURE_SIZE]; int len, err; - len = calc_evm_hash(file, hash); + len = calc_evm_hash(file, imaevm_params.hash_algo, hash); if (len <= 1) return len; assert(len <= sizeof(hash)); @@ -909,6 +909,7 @@ static int verify_evm(void *public_keys, const char *file) { unsigned char hash[MAX_DIGEST_SIZE]; unsigned char sig[MAX_SIGNATURE_SIZE]; + const char *hash_algo = NULL; int sig_hash_algo; int mdlen; int len; @@ -938,15 +939,15 @@ static int verify_evm(void *public_keys, const char *file) log_err("unknown hash algo: %s\n", file); return -1; } - imaevm_params.hash_algo = imaevm_hash_algo_by_id(sig_hash_algo); + hash_algo = imaevm_hash_algo_by_id(sig_hash_algo); - mdlen = calc_evm_hash(file, hash); + mdlen = calc_evm_hash(file, hash_algo, hash); if (mdlen <= 1) return mdlen; assert(mdlen <= sizeof(hash)); - return verify_hash2(public_keys, file, imaevm_params.hash_algo, - hash, mdlen, sig, len); + return verify_hash2(public_keys, file, hash_algo, hash, + mdlen, sig, len); } static int cmd_verify_evm(struct command *cmd) From patchwork Sun Nov 19 16:50:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460497 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="XekOrZ3o" Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 06F24C2 for ; Sun, 19 Nov 2023 08:51:11 -0800 (PST) Received: from pps.filterd (m0353724.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJFkDYG001821 for ; Sun, 19 Nov 2023 16:51:11 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=8tO4FcQuyDhSJDKZzEWqKjXSstK5sb+m/qmV7RTuC20=; b=XekOrZ3o5w1DAhy/gMfItIyfNEuVa1hQJ2Q0gLcQxdfGJvUjNV5PL3xwRkcHRzpcmkqK e7N8BLk1hdrwBRr+AvPVQfmVXR0MfNnKuq2IXcImSqrvdUiW/B0eyG64i5yad5SB7ZQx 4XxhrGGUHu9NXfUzHigFpOEdB/O+oTld3beSklGkOVkM+m5lkvKieRbLauffcVDbsVPj ysSLDiO0KbMs2cfTjk25UPxCitmLZwMHklOveWbJLAcEfx6F7P2vCLfjHkIWJEOu0P4v jgaK0fqLOZpUWmwhm3a40vqopO9NUkuWpj4vn0jxrkPx+f4L0DkAtu7cR9bOT19rXHB0 oA== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3ufn9t0rpy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:10 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEC510002215 for ; Sun, 19 Nov 2023 16:51:10 GMT Received: from smtprelay02.fra02v.mail.ibm.com ([9.218.2.226]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf7yy47kq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:10 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay02.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp7CG24576698 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:07 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2993B20049; Sun, 19 Nov 2023 16:51:07 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 741CD20040; Sun, 19 Nov 2023 16:51:06 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:06 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 11/12] Use a file specific hash algorithm variable for signing files Date: Sun, 19 Nov 2023 11:50:42 -0500 Message-Id: <20231119165043.46960-12-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 4O12pPaUmiMA7xUV90XVkusE4jgKyL0R X-Proofpoint-GUID: 4O12pPaUmiMA7xUV90XVkusE4jgKyL0R X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 bulkscore=0 mlxlogscore=999 malwarescore=0 suspectscore=0 clxscore=1015 spamscore=0 priorityscore=1501 mlxscore=0 phishscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190128 Instead of relying on the library "imaevm_params.algo" global variable, which is not concurrency-safe, define and use an evmctl file specific hash algorithm variable. Propogate using the file specific hash algorithm variable in sign_evm(), sign_ima(), hash_ima(), and sign_hash() function. Replace using the library function ima_calc_hash() with ima_calc_hash2(). Signed-off-by: Mimi Zohar --- src/evmctl.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index 7ae897d8b8b3..b802eeb1bf15 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -140,6 +140,7 @@ static bool evm_immutable; static bool evm_portable; static bool veritysig; static bool hwtpm; +static char *hash_algo; #define HMAC_FLAG_NO_UUID 0x0001 #define HMAC_FLAG_CAPS_SET 0x0002 @@ -570,12 +571,12 @@ static int sign_evm(const char *file, const char *key) unsigned char sig[MAX_SIGNATURE_SIZE]; int len, err; - len = calc_evm_hash(file, imaevm_params.hash_algo, hash); + len = calc_evm_hash(file, hash_algo, hash); if (len <= 1) return len; assert(len <= sizeof(hash)); - len = sign_hash(imaevm_params.hash_algo, hash, len, key, NULL, sig + 1); + len = sign_hash(hash_algo, hash, len, key, NULL, sig + 1); if (len <= 1) return len; assert(len < sizeof(sig)); @@ -609,10 +610,10 @@ static int hash_ima(const char *file) { unsigned char hash[MAX_DIGEST_SIZE + 2]; /* +2 byte xattr header */ int len, err, offset; - int algo = imaevm_get_hash_algo(imaevm_params.hash_algo); + int algo = imaevm_get_hash_algo(hash_algo); if (algo < 0) { - log_err("Unknown hash algo: %s\n", imaevm_params.hash_algo); + log_err("Unknown hash algo: %s\n", hash_algo); return -1; } if (algo > PKEY_HASH_SHA1) { @@ -624,7 +625,7 @@ static int hash_ima(const char *file) offset = 1; } - len = ima_calc_hash(file, hash + offset); + len = ima_calc_hash2(file, hash_algo, hash + offset); if (len <= 1) return len; assert(len + offset <= sizeof(hash)); @@ -632,7 +633,7 @@ static int hash_ima(const char *file) len += offset; if (imaevm_params.verbose >= LOG_INFO) - log_info("hash(%s): ", imaevm_params.hash_algo); + log_info("hash(%s): ", hash_algo); if (sigdump || imaevm_params.verbose >= LOG_INFO) imaevm_hexdump(hash, len); @@ -656,12 +657,12 @@ static int sign_ima(const char *file, const char *key) unsigned char sig[MAX_SIGNATURE_SIZE]; int len, err; - len = ima_calc_hash(file, hash); + len = ima_calc_hash2(file, hash_algo, hash); if (len <= 1) return len; assert(len <= sizeof(hash)); - len = sign_hash(imaevm_params.hash_algo, hash, len, key, NULL, sig + 1); + len = sign_hash(hash_algo, hash, len, key, NULL, sig + 1); if (len <= 1) return len; assert(len < sizeof(sig)); @@ -854,7 +855,7 @@ static int cmd_sign_hash(struct command *cmd) assert(hashlen / 2 <= sizeof(hash)); hex2bin(hash, line, hashlen / 2); - siglen = sign_hash(imaevm_params.hash_algo, hash, + siglen = sign_hash(hash_algo, hash, hashlen / 2, key, NULL, sig + 1); sig[0] = EVM_IMA_XATTR_DIGSIG; } @@ -3077,7 +3078,7 @@ int main(int argc, char *argv[]) sigdump = 1; break; case 'a': - imaevm_params.hash_algo = optarg; + hash_algo = optarg; break; case 'p': if (optarg) From patchwork Sun Nov 19 16:50:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mimi Zohar X-Patchwork-Id: 13460499 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="tp50mtds" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2C1ED11D for ; Sun, 19 Nov 2023 08:51:13 -0800 (PST) Received: from pps.filterd (m0353726.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJGAalx017153 for ; Sun, 19 Nov 2023 16:51:13 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=vU/emekjruWUbQd1mylP30ucEFIWuRh4gPBGdMI6kfY=; b=tp50mtdsqC9dbyJnScnhijiezzw4Kh3pPPSo1U78GytkWIsvkLjlKFyl/uXkeIEixy8E CReOjZOq7+eJydLwxgu1PH2xQQgWU5ZTc3DM3dYhbDosyt/LHFSjFZnVizeY9ZrylJ+w uOkLuDV/FkYmA6YrnmysjU/30A93f7g2O6fSFessIkyBOOadvzFj8f8tlFqUtrnvDGmM q+LP0VdBl1Uwvr/+kYmONz2qREBY1cz616TuYA/blAX4bnpgnAeZU2LNnbi0bgqBGmij F673n0HH//NO1vmIQw/LWv32rskKYkuhX6bzLOLWHGgA1WR17UCGicZ1y/TejpetcnrO hA== Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3uf0k3979h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:12 +0000 Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3AJEEEJ2002233 for ; Sun, 19 Nov 2023 16:51:11 GMT Received: from smtprelay03.fra02v.mail.ibm.com ([9.218.2.224]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3uf7yy47kw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Sun, 19 Nov 2023 16:51:11 +0000 Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay03.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3AJGp8LM19792448 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Nov 2023 16:51:08 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 373F02004B; Sun, 19 Nov 2023 16:51:08 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 828B720040; Sun, 19 Nov 2023 16:51:07 +0000 (GMT) Received: from li-f45666cc-3089-11b2-a85c-c57d1a57929f.ibm.com.com (unknown [9.61.134.108]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Sun, 19 Nov 2023 16:51:07 +0000 (GMT) From: Mimi Zohar To: linux-integrity@vger.kernel.org Cc: Mimi Zohar Subject: [ima-evm-utils PATCH 12/12] Define and use a file specific "keypass" variable Date: Sun, 19 Nov 2023 11:50:43 -0500 Message-Id: <20231119165043.46960-13-zohar@linux.ibm.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231119165043.46960-1-zohar@linux.ibm.com> References: <20231119165043.46960-1-zohar@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-integrity@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: FsymO7FZzs49lXz7WUZa5dHb1IusL8J4 X-Proofpoint-ORIG-GUID: FsymO7FZzs49lXz7WUZa5dHb1IusL8J4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-11-19_15,2023-11-17_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 mlxlogscore=971 malwarescore=0 spamscore=0 phishscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 adultscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311060000 definitions=main-2311190129 Instead of relying on the "imaevm_params.keypass" global variable, which is not concurrency-safe, add keypass as a parameter to the static library functions definitions. Update function callers. To avoid library incompatablity, don't remove imaevm_params.keypass variable. Signed-off-by: Mimi Zohar --- src/evmctl.c | 9 +++++---- src/libimaevm.c | 17 ++++++++--------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/evmctl.c b/src/evmctl.c index b802eeb1bf15..6d6160159a1f 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -141,6 +141,7 @@ static bool evm_portable; static bool veritysig; static bool hwtpm; static char *hash_algo; +static char *keypass; #define HMAC_FLAG_NO_UUID 0x0001 #define HMAC_FLAG_CAPS_SET 0x0002 @@ -3082,9 +3083,9 @@ int main(int argc, char *argv[]) break; case 'p': if (optarg) - imaevm_params.keypass = optarg; + keypass = optarg; else - imaevm_params.keypass = get_password(); + keypass = get_password(); break; case 'f': sigfile = 1; @@ -3226,8 +3227,8 @@ int main(int argc, char *argv[]) } } - if (!imaevm_params.keypass) - imaevm_params.keypass = getenv("EVMCTL_KEY_PASSWORD"); + if (!keypass) + keypass = getenv("EVMCTL_KEY_PASSWORD"); if (imaevm_params.keyfile != NULL && imaevm_params.eng == NULL && diff --git a/src/libimaevm.c b/src/libimaevm.c index 18b6a6f27237..10ec847da08a 100644 --- a/src/libimaevm.c +++ b/src/libimaevm.c @@ -1124,7 +1124,8 @@ static int get_hash_algo_v1(const char *algo) } static int sign_hash_v1(const char *hashalgo, const unsigned char *hash, - int size, const char *keyfile, unsigned char *sig) + int size, const char *keyfile, const char *keypass, + unsigned char *sig) { int len = -1, hashalgo_idx; SHA_CTX ctx; @@ -1158,7 +1159,7 @@ static int sign_hash_v1(const char *hashalgo, const unsigned char *hash, log_info("hash(%s): ", hashalgo); log_dump(hash, size); - key = read_priv_key(keyfile, imaevm_params.keypass); + key = read_priv_key(keyfile, keypass); if (!key) return -1; @@ -1211,7 +1212,8 @@ out: * Return: -1 signing error, >0 length of signature */ static int sign_hash_v2(const char *algo, const unsigned char *hash, - int size, const char *keyfile, unsigned char *sig) + int size, const char *keyfile, const char *keypass, + unsigned char *sig) { struct signature_v2_hdr *hdr; int len = -1; @@ -1246,7 +1248,7 @@ static int sign_hash_v2(const char *algo, const unsigned char *hash, log_info("hash(%s): ", algo); log_dump(hash, size); - pkey = read_priv_pkey(keyfile, imaevm_params.keypass); + pkey = read_priv_pkey(keyfile, keypass); if (!pkey) return -1; @@ -1316,14 +1318,11 @@ err: int sign_hash(const char *hashalgo, const unsigned char *hash, int size, const char *keyfile, const char *keypass, unsigned char *sig) { - if (keypass) - imaevm_params.keypass = keypass; - if (imaevm_params.x509) - return sign_hash_v2(hashalgo, hash, size, keyfile, sig); + return sign_hash_v2(hashalgo, hash, size, keyfile, keypass, sig); #if CONFIG_SIGV1 else - return sign_hash_v1(hashalgo, hash, size, keyfile, sig); + return sign_hash_v1(hashalgo, hash, size, keyfile, keypass, sig); #endif log_info("Signature version 1 deprecated."); return -1;