Message ID | 20240130214620.3155380-4-stefanb@linux.ibm.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id gs7csp1513441dyb; Tue, 30 Jan 2024 13:47:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IG7m/pFUF0XlngHpQXF7tlmKBJG0ZFbsqTbjyyNkrYLZE8nPMPjak1n+oN6TDXuNfCFI0xw X-Received: by 2002:ad4:5ba3:0:b0:68c:60d6:a937 with SMTP id 3-20020ad45ba3000000b0068c60d6a937mr2905812qvq.36.1706651277318; Tue, 30 Jan 2024 13:47:57 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706651277; cv=pass; d=google.com; s=arc-20160816; b=Y2uxLxtIcOPy6AcqY0xICL82L+2mAXbxAnx5Ac7XWDuqhPkvzUEGQZFXmNVXm/n3cb DrxUXAI63fC+Iu/l9Ix5GU6M/bNMtqGjBE89kvWrTJjOcXjXq+jf35jxgV9XTDR3yPR0 wvxPHH8mfq+523tXfiFyeruT1iyAyrQJBqHXR8FTq+7PFecjTjYNNVxgYaxrO9V/M0lU /fuZm7XMYOcMUrCsBqkdGbtNURUBeQ3Wf//WWzMHOt0Ou0MzoPPlvhp46MewQuutSXDq si8vJpCBslSoSyHOyFnHtVIr1YHrJe0gwETSXeBzU8xMBd2NVtU+9Ez/8Lt6EOoBfx7h Z+PA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=mAlx22Ahv7RnWALJi16RhDsHycOIjE8NeYAg7sZHGGw=; fh=ncez+Zuks3r0u/GH7GwMN7W85FP2C9GgAvOVpsEx2iM=; b=ueygRAVX1Xg2bIYGzlqobuU2S9UYg27w5aiJgnW3RyPrrufOpCqoEjxn0fuRHWjMZO y7jla5iuFfP44AvIqyvWpP3q4dyO4X0nbO8593OQBCrnjoRtKfY4JXqF1Poe5Dw1e5d6 wBBqEdPcBA9rc98St69IPX0NEHosgI2uxUixzNcq+ruRe9wyRi8sEnbtuMdd4t2zPpq5 XdlwH3T7tj2ZocQoSV9G1YkxBw/sk2f+OxtC77rGr5qYST+kYrup44riq17Hz7J7Xnjj ht11KN5VC+gb9pkwz8e0n96VTGSLoCGi+CHsFQxnE5H34dgloenlqMoTnmBduKgDXazZ f7TA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=p588R8yj; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id x9-20020a05620a0b4900b007832941b17csi10711806qkg.173.2024.01.30.13.47.57 for <ouuuleilei@gmail.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 30 Jan 2024 13:47:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@ibm.com header.s=pp1 header.b=p588R8yj; arc=pass (i=1 spf=pass spfdomain=linux.ibm.com dkim=pass dkdomain=ibm.com dmarc=pass fromdomain=linux.ibm.com); spf=pass (google.com: domain of linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-45344-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=NONE dis=NONE) header.from=ibm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id D1FD11C2267C for <ouuuleilei@gmail.com>; Tue, 30 Jan 2024 21:47:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 441461586FF; Tue, 30 Jan 2024 21:46:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="p588R8yj" Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7FE3678B63; Tue, 30 Jan 2024 21:46:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706651214; cv=none; b=kSfci2l9DbQn9PQUEqHgw2bhee7TjffKAeoKqu2RRGYSxCQeqKLH8Wg4mygn/fue+p7VvFsIpuO8OAwE5lDeiJTk5LaiNfIRj5hmCAQn+WOfuFbyQExe36HhuQESisteyoki9nEx/E+1al6OS9VzfSmttXgLWQMVlZSFFsaUuwU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706651214; c=relaxed/simple; bh=g3XohpEx+AqEZl5s7sOl5bPcV3dAbvI8Q4t0hJNfxO4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G9FR7a2jEnhM4u+BvXgS820JXjhHcHua1OdrpdaeMBwYDUq5BBrXjdzKvNg5UmLHOpJl67OsbA97Bw5U/J/5TI9dJU4wIleyd/OZ9OPLGlGTvAg7TxIpiEEsToTnQ8ZamD7effz5APDP4DmitnOWCGTqlrDbUyzg+5Re2DN5bds= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=p588R8yj; arc=none smtp.client-ip=148.163.156.1 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 40ULVFM9009379; Tue, 30 Jan 2024 21:46:33 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=mAlx22Ahv7RnWALJi16RhDsHycOIjE8NeYAg7sZHGGw=; b=p588R8yjSQHvf3whFXlEXFe+TQwM1SCEnBATmv4XPny7BM+i6lYbdxlaCmkclOn2mHQG FPAK0l84E5ERWrdU1/5rjp3urrBNA6HKkqjnjCaR/jgNYermSIBolbQ+hT1J7htihRHf Yxi5K5a5aTIwzobQ3830Jm1LIECkct53eomRhvLHEcoZK6MpJD9GDZR9vYYcDNtDjshF t0nJqx1hdpzDVCFcqfLPkyFWJ93ecp1DkLLE1lpIX7x1xU1Nj+xH+9NRoA82hUYGCPZE S/+dASKYHWkv1Wz+HpnZacYGNxltkDKZII2h1/XkiqiRearIpa8ewCkGrsSLZDrP4+wJ Wg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3vy8ews1p7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 30 Jan 2024 21:46:33 +0000 Received: from m0353729.ppops.net (m0353729.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 40ULkWhO020764; Tue, 30 Jan 2024 21:46:32 GMT Received: from ppma21.wdc07v.mail.ibm.com (5b.69.3da9.ip4.static.sl-reverse.com [169.61.105.91]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3vy8ews1ne-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 30 Jan 2024 21:46:32 +0000 Received: from pps.filterd (ppma21.wdc07v.mail.ibm.com [127.0.0.1]) by ppma21.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 40UJNwwC010535; Tue, 30 Jan 2024 21:46:30 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([172.16.1.68]) by ppma21.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3vwd5nsf60-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 30 Jan 2024 21:46:30 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 40ULkTtL57016818 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 30 Jan 2024 21:46:29 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6682A58056; Tue, 30 Jan 2024 21:46:29 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BDE8F58052; Tue, 30 Jan 2024 21:46:28 +0000 (GMT) Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Tue, 30 Jan 2024 21:46:28 +0000 (GMT) From: Stefan Berger <stefanb@linux.ibm.com> To: linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, linux-unionfs@vger.kernel.org Cc: linux-kernel@vger.kernel.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, roberto.sassu@huawei.com, amir73il@gmail.com, miklos@szeredi.hu, Stefan Berger <stefanb@linux.ibm.com> Subject: [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file Date: Tue, 30 Jan 2024 16:46:18 -0500 Message-ID: <20240130214620.3155380-4-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240130214620.3155380-1-stefanb@linux.ibm.com> References: <20240130214620.3155380-1-stefanb@linux.ibm.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: <linux-kernel.vger.kernel.org> List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: hSY_ubgPqweHLnnU1uF16aBWXdxnw9Jz X-Proofpoint-ORIG-GUID: t4eLxYBI81pwHaLkFRofusXABLnLq-sn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-30_12,2024-01-30_01,2023-05-22_02 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 bulkscore=0 mlxscore=0 mlxlogscore=615 lowpriorityscore=0 priorityscore=1501 adultscore=0 spamscore=0 impostorscore=0 suspectscore=0 clxscore=1015 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2401300163 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789553569708840422 X-GMAIL-MSGID: 1789553569708840422 |
Series |
evm: Support signatures on stacked filesystem
|
|
Commit Message
Stefan Berger
Jan. 30, 2024, 9:46 p.m. UTC
To avoid caching effects to take effect reset the EVM status upon
detecting changes to the overlay backing files. This prevents a not-yet-
copied-up file on the overlay from executing if for example the
security.evm xattr on the file on the 'lower' layer has been removed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
include/linux/evm.h | 8 ++++++++
security/integrity/evm/evm_main.c | 7 +++++++
security/integrity/ima/ima_main.c | 2 ++
3 files changed, 17 insertions(+)
Comments
On Tue, Jan 30, 2024 at 11:46 PM Stefan Berger <stefanb@linux.ibm.com> wrote: > > To avoid caching effects to take effect reset the EVM status upon > detecting changes to the overlay backing files. This prevents a not-yet- > copied-up file on the overlay from executing if for example the > security.evm xattr on the file on the 'lower' layer has been removed. > And what is expected to happen when file is executed after copy up? Doesn't this change also protect the same threat after copy up? > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > include/linux/evm.h | 8 ++++++++ > security/integrity/evm/evm_main.c | 7 +++++++ > security/integrity/ima/ima_main.c | 2 ++ > 3 files changed, 17 insertions(+) > > diff --git a/include/linux/evm.h b/include/linux/evm.h > index d8c0343436b8..e7d6742eee9d 100644 > --- a/include/linux/evm.h > +++ b/include/linux/evm.h > @@ -66,6 +66,8 @@ extern int evm_protected_xattr_if_enabled(const char *req_xattr_name); > extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, > int buffer_size, char type, > bool canonical_fmt); > +extern void evm_reset_cache_status(struct dentry *dentry, > + struct integrity_iint_cache *iint); > #ifdef CONFIG_FS_POSIX_ACL > extern int posix_xattr_acl(const char *xattrname); > #else > @@ -189,5 +191,11 @@ static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, > return -EOPNOTSUPP; > } > > +static inline void evm_reset_cache_status(struct dentry *dentry, > + struct integrity_iint_cache *iint) > +{ > + return; > +} > + > #endif /* CONFIG_EVM */ > #endif /* LINUX_EVM_H */ > diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c > index 22a5e26860ea..e96d127b48a2 100644 > --- a/security/integrity/evm/evm_main.c > +++ b/security/integrity/evm/evm_main.c > @@ -721,6 +721,13 @@ static void evm_reset_status(struct inode *inode) > iint->evm_status = INTEGRITY_UNKNOWN; > } > > +void evm_reset_cache_status(struct dentry *dentry, > + struct integrity_iint_cache *iint) > +{ > + if (d_real_inode(dentry) != d_backing_inode(dentry)) > + iint->evm_status = INTEGRITY_UNKNOWN; > +} > + > /** > * evm_revalidate_status - report whether EVM status re-validation is necessary > * @xattr_name: pointer to the affected extended attribute name > diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c > index cc1217ac2c6f..84bdc6e58329 100644 > --- a/security/integrity/ima/ima_main.c > +++ b/security/integrity/ima/ima_main.c > @@ -26,6 +26,7 @@ > #include <linux/ima.h> > #include <linux/fs.h> > #include <linux/iversion.h> > +#include <linux/evm.h> > > #include "ima.h" > > @@ -295,6 +296,7 @@ static int process_measurement(struct file *file, const struct cred *cred, > !inode_eq_iversion(backing_inode, iint->version)) { > iint->flags &= ~IMA_DONE_MASK; > iint->measured_pcrs = 0; > + evm_reset_cache_status(file_dentry(file), iint); > } > } Make sense. Unrelated to your change, I now noticed something odd about Mimi's change: backing_inode = d_real_inode(file_dentry(file)); I find the choice of variable name to be quite confusing, because ima/evm code uses d_backing_inode() all over the place and d_real_inode() != d_backing_inode(). First of all, there is never any reason to use d_backing_inode() and its name is quite confusing in the first place, but it will be a big cleanup to remove them all. Suggest to rename the variable to real_inode, same as in ima_collect_measurement() to be consistent and reduce confusion factor, which is already high enough ;) Thanks, Amir.
On 1/31/24 08:56, Amir Goldstein wrote: > On Tue, Jan 30, 2024 at 11:46 PM Stefan Berger <stefanb@linux.ibm.com> wrote: >> >> To avoid caching effects to take effect reset the EVM status upon >> detecting changes to the overlay backing files. This prevents a not-yet- >> copied-up file on the overlay from executing if for example the >> security.evm xattr on the file on the 'lower' layer has been removed. >> > > And what is expected to happen when file is executed after copy up? The copy-up may be triggered by changing file content or file metadata. For EVM file metadata (file attributes and xattrs) are important and if they change EVM would re-evaluate the file, meaning that it would determine the file mode bits, uid, gid and xattrs and calculate a hash over them and compare this hash against the signature in security.evm. > Doesn't this change also protect the same threat after copy up? From what I remember from my testing is that file attribute or extended attribute changes on an already copied-up file were already handled correctly, meaning they caused the re-evaluation of the file as described above. > >> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> >> --- >> include/linux/evm.h | 8 ++++++++ >> security/integrity/evm/evm_main.c | 7 +++++++ >> security/integrity/ima/ima_main.c | 2 ++ >> 3 files changed, 17 insertions(+) >> >> diff --git a/include/linux/evm.h b/include/linux/evm.h >> index d8c0343436b8..e7d6742eee9d 100644 >> --- a/include/linux/evm.h >> +++ b/include/linux/evm.h >> @@ -66,6 +66,8 @@ extern int evm_protected_xattr_if_enabled(const char *req_xattr_name); >> extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, >> int buffer_size, char type, >> bool canonical_fmt); >> +extern void evm_reset_cache_status(struct dentry *dentry, >> + struct integrity_iint_cache *iint); >> #ifdef CONFIG_FS_POSIX_ACL >> extern int posix_xattr_acl(const char *xattrname); >> #else >> @@ -189,5 +191,11 @@ static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, >> return -EOPNOTSUPP; >> } >> >> +static inline void evm_reset_cache_status(struct dentry *dentry, >> + struct integrity_iint_cache *iint) >> +{ >> + return; >> +} >> + >> #endif /* CONFIG_EVM */ >> #endif /* LINUX_EVM_H */ >> diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c >> index 22a5e26860ea..e96d127b48a2 100644 >> --- a/security/integrity/evm/evm_main.c >> +++ b/security/integrity/evm/evm_main.c >> @@ -721,6 +721,13 @@ static void evm_reset_status(struct inode *inode) >> iint->evm_status = INTEGRITY_UNKNOWN; >> } >> >> +void evm_reset_cache_status(struct dentry *dentry, >> + struct integrity_iint_cache *iint) >> +{ >> + if (d_real_inode(dentry) != d_backing_inode(dentry)) >> + iint->evm_status = INTEGRITY_UNKNOWN; >> +} >> + >> /** >> * evm_revalidate_status - report whether EVM status re-validation is necessary >> * @xattr_name: pointer to the affected extended attribute name >> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c >> index cc1217ac2c6f..84bdc6e58329 100644 >> --- a/security/integrity/ima/ima_main.c >> +++ b/security/integrity/ima/ima_main.c >> @@ -26,6 +26,7 @@ >> #include <linux/ima.h> >> #include <linux/fs.h> >> #include <linux/iversion.h> >> +#include <linux/evm.h> >> >> #include "ima.h" >> >> @@ -295,6 +296,7 @@ static int process_measurement(struct file *file, const struct cred *cred, >> !inode_eq_iversion(backing_inode, iint->version)) { >> iint->flags &= ~IMA_DONE_MASK; >> iint->measured_pcrs = 0; >> + evm_reset_cache_status(file_dentry(file), iint); >> } >> } > > Make sense. > Unrelated to your change, I now noticed something odd about Mimi's change: > > backing_inode = d_real_inode(file_dentry(file)); > > I find the choice of variable name to be quite confusing, because ima/evm code > uses d_backing_inode() all over the place and d_real_inode() != > d_backing_inode(). > > First of all, there is never any reason to use d_backing_inode() and its name is > quite confusing in the first place, but it will be a big cleanup to > remove them all. > > Suggest to rename the variable to real_inode, same as in > ima_collect_measurement() > to be consistent and reduce confusion factor, which is already high enough ;) > > Thanks, > Amir.
diff --git a/include/linux/evm.h b/include/linux/evm.h index d8c0343436b8..e7d6742eee9d 100644 --- a/include/linux/evm.h +++ b/include/linux/evm.h @@ -66,6 +66,8 @@ extern int evm_protected_xattr_if_enabled(const char *req_xattr_name); extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, int buffer_size, char type, bool canonical_fmt); +extern void evm_reset_cache_status(struct dentry *dentry, + struct integrity_iint_cache *iint); #ifdef CONFIG_FS_POSIX_ACL extern int posix_xattr_acl(const char *xattrname); #else @@ -189,5 +191,11 @@ static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, return -EOPNOTSUPP; } +static inline void evm_reset_cache_status(struct dentry *dentry, + struct integrity_iint_cache *iint) +{ + return; +} + #endif /* CONFIG_EVM */ #endif /* LINUX_EVM_H */ diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 22a5e26860ea..e96d127b48a2 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -721,6 +721,13 @@ static void evm_reset_status(struct inode *inode) iint->evm_status = INTEGRITY_UNKNOWN; } +void evm_reset_cache_status(struct dentry *dentry, + struct integrity_iint_cache *iint) +{ + if (d_real_inode(dentry) != d_backing_inode(dentry)) + iint->evm_status = INTEGRITY_UNKNOWN; +} + /** * evm_revalidate_status - report whether EVM status re-validation is necessary * @xattr_name: pointer to the affected extended attribute name diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index cc1217ac2c6f..84bdc6e58329 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -26,6 +26,7 @@ #include <linux/ima.h> #include <linux/fs.h> #include <linux/iversion.h> +#include <linux/evm.h> #include "ima.h" @@ -295,6 +296,7 @@ static int process_measurement(struct file *file, const struct cred *cred, !inode_eq_iversion(backing_inode, iint->version)) { iint->flags &= ~IMA_DONE_MASK; iint->measured_pcrs = 0; + evm_reset_cache_status(file_dentry(file), iint); } }