ipe: enable support for fs-verity as a trust provider

Enable IPE policy authors to indicate trust for a singular fsverity
file, identified by the digest information, through "fsverity_digest"
and all files using valid fsverity builtin signatures via
"fsverity_signature".

This enables file-level integrity claims to be expressed in IPE,
allowing individual files to be authorized, giving some flexibility
for policy authors. Such file-level claims are important to be expressed
for enforcing the integrity of packages, as well as address some of the
scalability issues in a sole dm-verity based solution (# of loop back
devices, etc).

This solution cannot be done in userspace as the minimum threat that
IPE should mitigate is an attacker downloads malicious payload with
all required dependencies. These dependencies can lack the userspace
check, bypassing the protection entirely. A similar attack succeeds if
the userspace component is replaced with a version that does not
perform the check. As a result, this can only be done in the common
entry point - the kernel.

Signed-off-by: Deven Bowers <deven.desai@linux.microsoft.com>
Signed-off-by: Fan Wu <wufan@linux.microsoft.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Fan Wu 2024-08-02 23:08:30 -07:00 committed by Paul Moore
parent 7c373e4f14
commit 31f8c8682f
10 changed files with 237 additions and 1 deletions

View File

@ -10,6 +10,8 @@ menuconfig SECURITY_IPE
select SYSTEM_DATA_VERIFICATION select SYSTEM_DATA_VERIFICATION
select IPE_PROP_DM_VERITY if DM_VERITY select IPE_PROP_DM_VERITY if DM_VERITY
select IPE_PROP_DM_VERITY_SIGNATURE if DM_VERITY && DM_VERITY_VERIFY_ROOTHASH_SIG select IPE_PROP_DM_VERITY_SIGNATURE if DM_VERITY && DM_VERITY_VERIFY_ROOTHASH_SIG
select IPE_PROP_FS_VERITY if FS_VERITY
select IPE_PROP_FS_VERITY_BUILTIN_SIG if FS_VERITY && FS_VERITY_BUILTIN_SIGNATURES
help help
This option enables the Integrity Policy Enforcement LSM This option enables the Integrity Policy Enforcement LSM
allowing users to define a policy to enforce a trust-based access allowing users to define a policy to enforce a trust-based access
@ -39,6 +41,30 @@ config IPE_PROP_DM_VERITY_SIGNATURE
volume, which has been mounted with a valid signed root hash, volume, which has been mounted with a valid signed root hash,
is evaluated. is evaluated.
If unsure, answer Y.
config IPE_PROP_FS_VERITY
bool "Enable support for fs-verity based on file digest"
depends on FS_VERITY
help
This option enables the 'fsverity_digest' property within IPE
policies. The property evaluates to TRUE when a file is fsverity
enabled and its digest matches the supplied digest value in the
policy.
if unsure, answer Y.
config IPE_PROP_FS_VERITY_BUILTIN_SIG
bool "Enable support for fs-verity based on builtin signature"
depends on FS_VERITY && FS_VERITY_BUILTIN_SIGNATURES
help
This option enables the 'fsverity_signature' property within IPE
policies. The property evaluates to TRUE when a file is fsverity
enabled and it has a valid builtin signature whose signing cert
is in the .fs-verity keyring.
if unsure, answer Y.
endmenu endmenu
endif endif

View File

@ -56,6 +56,9 @@ static const char *const audit_prop_names[__IPE_PROP_MAX] = {
"dmverity_roothash=", "dmverity_roothash=",
"dmverity_signature=FALSE", "dmverity_signature=FALSE",
"dmverity_signature=TRUE", "dmverity_signature=TRUE",
"fsverity_digest=",
"fsverity_signature=FALSE",
"fsverity_signature=TRUE",
}; };
/** /**
@ -69,6 +72,17 @@ static void audit_dmv_roothash(struct audit_buffer *ab, const void *rh)
ipe_digest_audit(ab, rh); ipe_digest_audit(ab, rh);
} }
/**
* audit_fsv_digest() - audit the digest of a fsverity_digest property.
* @ab: Supplies a pointer to the audit_buffer to append to.
* @d: Supplies a pointer to the digest structure.
*/
static void audit_fsv_digest(struct audit_buffer *ab, const void *d)
{
audit_log_format(ab, "%s", audit_prop_names[IPE_PROP_FSV_DIGEST]);
ipe_digest_audit(ab, d);
}
/** /**
* audit_rule() - audit an IPE policy rule. * audit_rule() - audit an IPE policy rule.
* @ab: Supplies a pointer to the audit_buffer to append to. * @ab: Supplies a pointer to the audit_buffer to append to.
@ -85,6 +99,9 @@ static void audit_rule(struct audit_buffer *ab, const struct ipe_rule *r)
case IPE_PROP_DMV_ROOTHASH: case IPE_PROP_DMV_ROOTHASH:
audit_dmv_roothash(ab, ptr->value); audit_dmv_roothash(ab, ptr->value);
break; break;
case IPE_PROP_FSV_DIGEST:
audit_fsv_digest(ab, ptr->value);
break;
default: default:
audit_log_format(ab, "%s", audit_prop_names[ptr->type]); audit_log_format(ab, "%s", audit_prop_names[ptr->type]);
break; break;

View File

@ -10,6 +10,7 @@
#include <linux/sched.h> #include <linux/sched.h>
#include <linux/rcupdate.h> #include <linux/rcupdate.h>
#include <linux/moduleparam.h> #include <linux/moduleparam.h>
#include <linux/fsverity.h>
#include "ipe.h" #include "ipe.h"
#include "eval.h" #include "eval.h"
@ -51,6 +52,36 @@ static void build_ipe_bdev_ctx(struct ipe_eval_ctx *ctx, const struct inode *con
} }
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
static void build_ipe_inode_blob_ctx(struct ipe_eval_ctx *ctx,
const struct inode *const ino)
{
ctx->ipe_inode = ipe_inode(ctx->ino);
}
#else
static inline void build_ipe_inode_blob_ctx(struct ipe_eval_ctx *ctx,
const struct inode *const ino)
{
}
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
/**
* build_ipe_inode_ctx() - Build inode fields of an evaluation context.
* @ctx: Supplies a pointer to the context to be populated.
* @ino: Supplies the inode struct of the file triggered IPE event.
*/
static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
{
ctx->ino = ino;
build_ipe_inode_blob_ctx(ctx, ino);
}
#else
static void build_ipe_inode_ctx(struct ipe_eval_ctx *ctx, const struct inode *const ino)
{
}
#endif /* CONFIG_IPE_PROP_FS_VERITY */
/** /**
* ipe_build_eval_ctx() - Build an ipe evaluation context. * ipe_build_eval_ctx() - Build an ipe evaluation context.
* @ctx: Supplies a pointer to the context to be populated. * @ctx: Supplies a pointer to the context to be populated.
@ -63,13 +94,17 @@ void ipe_build_eval_ctx(struct ipe_eval_ctx *ctx,
enum ipe_op_type op, enum ipe_op_type op,
enum ipe_hook_type hook) enum ipe_hook_type hook)
{ {
struct inode *ino;
ctx->file = file; ctx->file = file;
ctx->op = op; ctx->op = op;
ctx->hook = hook; ctx->hook = hook;
if (file) { if (file) {
build_ipe_sb_ctx(ctx, file); build_ipe_sb_ctx(ctx, file);
build_ipe_bdev_ctx(ctx, d_real_inode(file->f_path.dentry)); ino = d_real_inode(file->f_path.dentry);
build_ipe_bdev_ctx(ctx, ino);
build_ipe_inode_ctx(ctx, ino);
} }
} }
@ -150,6 +185,86 @@ static bool evaluate_dmv_sig_true(const struct ipe_eval_ctx *const ctx)
} }
#endif /* CONFIG_IPE_PROP_DM_VERITY_SIGNATURE */ #endif /* CONFIG_IPE_PROP_DM_VERITY_SIGNATURE */
#ifdef CONFIG_IPE_PROP_FS_VERITY
/**
* evaluate_fsv_digest() - Evaluate @ctx against a fsv digest property.
* @ctx: Supplies a pointer to the context being evaluated.
* @p: Supplies a pointer to the property being evaluated.
*
* Return:
* * %true - The current @ctx match the @p
* * %false - The current @ctx doesn't match the @p
*/
static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
struct ipe_prop *p)
{
enum hash_algo alg;
u8 digest[FS_VERITY_MAX_DIGEST_SIZE];
struct digest_info info;
if (!ctx->ino)
return false;
if (!fsverity_get_digest((struct inode *)ctx->ino,
digest,
NULL,
&alg))
return false;
info.alg = hash_algo_name[alg];
info.digest = digest;
info.digest_len = hash_digest_size[alg];
return ipe_digest_eval(p->value, &info);
}
#else
static bool evaluate_fsv_digest(const struct ipe_eval_ctx *const ctx,
struct ipe_prop *p)
{
return false;
}
#endif /* CONFIG_IPE_PROP_FS_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
/**
* evaluate_fsv_sig_false() - Evaluate @ctx against a fsv sig false property.
* @ctx: Supplies a pointer to the context being evaluated.
*
* Return:
* * %true - The current @ctx match the property
* * %false - The current @ctx doesn't match the property
*/
static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx)
{
return !ctx->ino ||
!IS_VERITY(ctx->ino) ||
!ctx->ipe_inode ||
!ctx->ipe_inode->fs_verity_signed;
}
/**
* evaluate_fsv_sig_true() - Evaluate @ctx against a fsv sig true property.
* @ctx: Supplies a pointer to the context being evaluated.
*
* Return:
* * %true - The current @ctx match the property
* * %false - The current @ctx doesn't match the property
*/
static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx)
{
return !evaluate_fsv_sig_false(ctx);
}
#else
static bool evaluate_fsv_sig_false(const struct ipe_eval_ctx *const ctx)
{
return false;
}
static bool evaluate_fsv_sig_true(const struct ipe_eval_ctx *const ctx)
{
return false;
}
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
/** /**
* evaluate_property() - Analyze @ctx against a rule property. * evaluate_property() - Analyze @ctx against a rule property.
* @ctx: Supplies a pointer to the context to be evaluated. * @ctx: Supplies a pointer to the context to be evaluated.
@ -176,6 +291,12 @@ static bool evaluate_property(const struct ipe_eval_ctx *const ctx,
return evaluate_dmv_sig_false(ctx); return evaluate_dmv_sig_false(ctx);
case IPE_PROP_DMV_SIG_TRUE: case IPE_PROP_DMV_SIG_TRUE:
return evaluate_dmv_sig_true(ctx); return evaluate_dmv_sig_true(ctx);
case IPE_PROP_FSV_DIGEST:
return evaluate_fsv_digest(ctx, p);
case IPE_PROP_FSV_SIG_FALSE:
return evaluate_fsv_sig_false(ctx);
case IPE_PROP_FSV_SIG_TRUE:
return evaluate_fsv_sig_true(ctx);
default: default:
return false; return false;
} }

View File

@ -31,6 +31,12 @@ struct ipe_bdev {
}; };
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
struct ipe_inode {
bool fs_verity_signed;
};
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
struct ipe_eval_ctx { struct ipe_eval_ctx {
enum ipe_op_type op; enum ipe_op_type op;
enum ipe_hook_type hook; enum ipe_hook_type hook;
@ -40,6 +46,12 @@ struct ipe_eval_ctx {
#ifdef CONFIG_IPE_PROP_DM_VERITY #ifdef CONFIG_IPE_PROP_DM_VERITY
const struct ipe_bdev *ipe_bdev; const struct ipe_bdev *ipe_bdev;
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY
const struct inode *ino;
#endif /* CONFIG_IPE_PROP_FS_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
const struct ipe_inode *ipe_inode;
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
}; };
enum ipe_match { enum ipe_match {

View File

@ -283,3 +283,32 @@ err:
return -ENOMEM; return -ENOMEM;
} }
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
/**
* ipe_inode_setintegrity() - save integrity data from a inode to IPE's LSM blob.
* @inode: The inode to source the security blob from.
* @type: Supplies the integrity type.
* @value: The value to be stored.
* @size: The size of @value.
*
* This hook is currently used to save the existence of a validated fs-verity
* builtin signature into LSM blob.
*
* Return: %0 on success. If an error occurs, the function will return the
* -errno.
*/
int ipe_inode_setintegrity(const struct inode *inode,
enum lsm_integrity_type type,
const void *value, size_t size)
{
struct ipe_inode *inode_sec = ipe_inode(inode);
if (type == LSM_INT_FSVERITY_BUILTINSIG_VALID) {
inode_sec->fs_verity_signed = size > 0 && value;
return 0;
}
return -EINVAL;
}
#endif /* CONFIG_CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */

View File

@ -9,6 +9,7 @@
#include <linux/binfmts.h> #include <linux/binfmts.h>
#include <linux/security.h> #include <linux/security.h>
#include <linux/blk_types.h> #include <linux/blk_types.h>
#include <linux/fsverity.h>
enum ipe_hook_type { enum ipe_hook_type {
IPE_HOOK_BPRM_CHECK = 0, IPE_HOOK_BPRM_CHECK = 0,
@ -43,4 +44,9 @@ int ipe_bdev_setintegrity(struct block_device *bdev, enum lsm_integrity_type typ
const void *value, size_t len); const void *value, size_t len);
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
int ipe_inode_setintegrity(const struct inode *inode, enum lsm_integrity_type type,
const void *value, size_t size);
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
#endif /* _IPE_HOOKS_H */ #endif /* _IPE_HOOKS_H */

View File

@ -16,6 +16,9 @@ static struct lsm_blob_sizes ipe_blobs __ro_after_init = {
#ifdef CONFIG_IPE_PROP_DM_VERITY #ifdef CONFIG_IPE_PROP_DM_VERITY
.lbs_bdev = sizeof(struct ipe_bdev), .lbs_bdev = sizeof(struct ipe_bdev),
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
.lbs_inode = sizeof(struct ipe_inode),
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
}; };
static const struct lsm_id ipe_lsmid = { static const struct lsm_id ipe_lsmid = {
@ -35,6 +38,13 @@ struct ipe_bdev *ipe_bdev(struct block_device *b)
} }
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
struct ipe_inode *ipe_inode(const struct inode *inode)
{
return inode->i_security + ipe_blobs.lbs_inode;
}
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
static struct security_hook_list ipe_hooks[] __ro_after_init = { static struct security_hook_list ipe_hooks[] __ro_after_init = {
LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security), LSM_HOOK_INIT(bprm_check_security, ipe_bprm_check_security),
LSM_HOOK_INIT(mmap_file, ipe_mmap_file), LSM_HOOK_INIT(mmap_file, ipe_mmap_file),
@ -46,6 +56,9 @@ static struct security_hook_list ipe_hooks[] __ro_after_init = {
LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security), LSM_HOOK_INIT(bdev_free_security, ipe_bdev_free_security),
LSM_HOOK_INIT(bdev_setintegrity, ipe_bdev_setintegrity), LSM_HOOK_INIT(bdev_setintegrity, ipe_bdev_setintegrity),
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
LSM_HOOK_INIT(inode_setintegrity, ipe_inode_setintegrity),
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
}; };
/** /**

View File

@ -19,5 +19,8 @@ extern bool ipe_enabled;
#ifdef CONFIG_IPE_PROP_DM_VERITY #ifdef CONFIG_IPE_PROP_DM_VERITY
struct ipe_bdev *ipe_bdev(struct block_device *b); struct ipe_bdev *ipe_bdev(struct block_device *b);
#endif /* CONFIG_IPE_PROP_DM_VERITY */ #endif /* CONFIG_IPE_PROP_DM_VERITY */
#ifdef CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG
struct ipe_inode *ipe_inode(const struct inode *inode);
#endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
#endif /* _IPE_H */ #endif /* _IPE_H */

View File

@ -36,6 +36,9 @@ enum ipe_prop_type {
IPE_PROP_DMV_ROOTHASH, IPE_PROP_DMV_ROOTHASH,
IPE_PROP_DMV_SIG_FALSE, IPE_PROP_DMV_SIG_FALSE,
IPE_PROP_DMV_SIG_TRUE, IPE_PROP_DMV_SIG_TRUE,
IPE_PROP_FSV_DIGEST,
IPE_PROP_FSV_SIG_FALSE,
IPE_PROP_FSV_SIG_TRUE,
__IPE_PROP_MAX __IPE_PROP_MAX
}; };

View File

@ -278,6 +278,9 @@ static const match_table_t property_tokens = {
{IPE_PROP_DMV_ROOTHASH, "dmverity_roothash=%s"}, {IPE_PROP_DMV_ROOTHASH, "dmverity_roothash=%s"},
{IPE_PROP_DMV_SIG_FALSE, "dmverity_signature=FALSE"}, {IPE_PROP_DMV_SIG_FALSE, "dmverity_signature=FALSE"},
{IPE_PROP_DMV_SIG_TRUE, "dmverity_signature=TRUE"}, {IPE_PROP_DMV_SIG_TRUE, "dmverity_signature=TRUE"},
{IPE_PROP_FSV_DIGEST, "fsverity_digest=%s"},
{IPE_PROP_FSV_SIG_FALSE, "fsverity_signature=FALSE"},
{IPE_PROP_FSV_SIG_TRUE, "fsverity_signature=TRUE"},
{IPE_PROP_INVALID, NULL} {IPE_PROP_INVALID, NULL}
}; };
@ -310,6 +313,7 @@ static int parse_property(char *t, struct ipe_rule *r)
switch (token) { switch (token) {
case IPE_PROP_DMV_ROOTHASH: case IPE_PROP_DMV_ROOTHASH:
case IPE_PROP_FSV_DIGEST:
dup = match_strdup(&args[0]); dup = match_strdup(&args[0]);
if (!dup) { if (!dup) {
rc = -ENOMEM; rc = -ENOMEM;
@ -325,6 +329,8 @@ static int parse_property(char *t, struct ipe_rule *r)
case IPE_PROP_BOOT_VERIFIED_TRUE: case IPE_PROP_BOOT_VERIFIED_TRUE:
case IPE_PROP_DMV_SIG_FALSE: case IPE_PROP_DMV_SIG_FALSE:
case IPE_PROP_DMV_SIG_TRUE: case IPE_PROP_DMV_SIG_TRUE:
case IPE_PROP_FSV_SIG_FALSE:
case IPE_PROP_FSV_SIG_TRUE:
p->type = token; p->type = token;
break; break;
default: default: