-
Notifications
You must be signed in to change notification settings - Fork 53.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Timgad lsm v1 test #384
Closed
Closed
Timgad lsm v1 test #384
Changes from all commits
Commits
Show all changes
19 commits
Select commit
Hold shift + click to select a range
10059f7
prctl: add the TIMGAD prctl options
tixxdz b068df3
security: add the security_task_copy() hook
tixxdz 4293d92
security:core: finalize the security_task_copy() hook
tixxdz 5787f94
timgad: add Kconfig file
tixxdz 61d3cde
timgad: add makefile for timgad
tixxdz 335a42a
timgad: add the timgad lsm source
tixxdz 3cae24b
timgad: parse first parameter of prctl() correctly and pin task
tixxdz 4127f1b
timgad: a couple of fixes to timgad_lsm source
tixxdz 568acf3
timgad: add timgad core sources
tixxdz 43e4345
timgad: update the lsm hook part
tixxdz 894e80a
timgad: update get set timgad flags functions
tixxdz f9a5b14
timgad: add reclaim timgad task
tixxdz 1fefee5
timgad: add the code to lookup timgad tasks
tixxdz e49e5aa
timgad:core: add task initialization and insertion
tixxdz 5f3aeb0
timgad: fix a bunch of compilcation errors and warnings
tixxdz 097f867
timgad: register hash table parameters and give_me task helper
tixxdz 10cb436
timgad: get the timgad modharden flag
tixxdz 08712c1
timgad: improve the timgad is operation set logic
tixxdz 164efa1
timgad: improve the set logic of mod harden
tixxdz File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
config SECURITY_TIMGAD | ||
bool "TIMGAD support" | ||
depends on SECURITY | ||
default n | ||
help | ||
This selects TIMGAD, which applies restrictions on module auto-loading | ||
feature. Further information can be found in | ||
Documentation/security/timgad.txt. | ||
|
||
If you are unsure how to answer this question, answer N. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
obj-$(CONFIG_SECURITY_TIMGAD) := timgad.o | ||
|
||
timgad-y := timgad_core.o timgad_lsm.o |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,214 @@ | ||
/* | ||
* Timgad Linux Security Module | ||
* | ||
* Author: Djalal Harouni | ||
* | ||
* Copyright (C) 2017 Endocode AG. | ||
* Copyright (c) 2016 Djalal Harouni | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License version 2, as | ||
* published by the Free Software Foundation. | ||
* | ||
*/ | ||
|
||
#include <linux/ctype.h> | ||
#include <linux/errno.h> | ||
#include <linux/list.h> | ||
#include <linux/prctl.h> | ||
#include <linux/rhashtable.h> | ||
#include <linux/sched.h> | ||
#include <linux/security.h> | ||
#include <linux/spinlock.h> | ||
#include <linux/slab.h> | ||
#include <linux/types.h> | ||
#include <linux/workqueue.h> | ||
|
||
struct timgad_task { | ||
atomic_t usage; | ||
|
||
struct rhash_head node; | ||
unsigned long key; | ||
|
||
struct task_struct *task; | ||
|
||
int mod_harden:2; | ||
|
||
struct work_struct clean_work; | ||
}; | ||
|
||
static struct rhashtable timgad_tasks_table; | ||
|
||
static inline int cmp_timgad_task(struct rhashtable_compare_arg *arg, | ||
const void *obj) | ||
{ | ||
const unsigned long key = *(unsigned long *)arg->key; | ||
const struct timgad_task *ttask = obj; | ||
|
||
return atomic_read(&ttask->usage) == 0 || ttask->key != key; | ||
} | ||
|
||
static const struct rhashtable_params timgad_tasks_params = { | ||
.nelem_hint = 1024, | ||
.head_offset = offsetof(struct timgad_task, node), | ||
.key_offset = offsetof(struct timgad_task, key), | ||
.key_len = sizeof(unsigned long), | ||
.max_size = 16384, | ||
.min_size = 256, | ||
.obj_cmpfn = cmp_timgad_task, | ||
.automatic_shrinking = true, | ||
}; | ||
|
||
int timgad_tasks_init(void) | ||
{ | ||
return rhashtable_init(&timgad_tasks_table, &timgad_tasks_params); | ||
} | ||
|
||
void timgad_tasks_clean(void) | ||
{ | ||
rhashtable_destroy(&timgad_tasks_table); | ||
} | ||
|
||
static int get_timgad_task_new_flags(unsigned long op, unsigned long used, | ||
unsigned long flag, int *new_flags) | ||
{ | ||
int ret = -EINVAL; | ||
|
||
return ret; | ||
} | ||
|
||
static int update_timgad_task_flags(struct timgad_task *timgad_tsk, | ||
unsigned long op, int new_flags) | ||
{ | ||
int ret = -EINVAL; | ||
|
||
return ret; | ||
} | ||
|
||
int timgad_task_is_op_set(struct timgad_task *timgad_tsk, unsigned long op) | ||
{ | ||
if (op == PR_TIMGAD_SET_MOD_HARDEN) | ||
return timgad_tsk->mod_harden; | ||
|
||
return -EINVAL; | ||
} | ||
|
||
int timgad_task_set_op_flag(struct timgad_task *timgad_tsk, unsigned long op, | ||
unsigned long flag, unsigned long value) | ||
{ | ||
int ret = -EINVAL; | ||
int new_flag = 0; | ||
int used = timgad_task_is_op_set(timgad_tsk, op); | ||
|
||
ret = get_timgad_task_new_flags(op, used, flag, &new_flag); | ||
if (ret < 0) | ||
return ret; | ||
|
||
/* Nothing to do if new flag did not change */ | ||
if (new_flag == used) | ||
return 0; | ||
|
||
return update_timgad_task_flags(timgad_tsk, op, new_flag); | ||
} | ||
|
||
static struct timgad_task *__lookup_timgad_task(struct task_struct *tsk) | ||
{ | ||
return rhashtable_lookup_fast(&timgad_tasks_table, tsk, | ||
timgad_tasks_params); | ||
} | ||
|
||
struct timgad_task *get_timgad_task(struct task_struct *tsk) | ||
{ | ||
struct timgad_task *ttask; | ||
|
||
rcu_read_lock(); | ||
ttask = __lookup_timgad_task(tsk); | ||
if (ttask) | ||
atomic_inc(&ttask->usage); | ||
rcu_read_unlock(); | ||
|
||
return ttask; | ||
} | ||
|
||
void put_timgad_task(struct timgad_task *timgad_tsk) | ||
{ | ||
if (timgad_tsk && atomic_dec_and_test(&timgad_tsk->usage)) | ||
schedule_work(&timgad_tsk->clean_work); | ||
} | ||
|
||
struct timgad_task *lookup_timgad_task(struct task_struct *tsk) | ||
{ | ||
struct timgad_task *ttask; | ||
|
||
rcu_read_lock(); | ||
ttask = __lookup_timgad_task(tsk); | ||
rcu_read_unlock(); | ||
|
||
return ttask; | ||
} | ||
|
||
int insert_timgad_task(struct timgad_task *timgad_tsk) | ||
{ | ||
int ret; | ||
|
||
atomic_inc(&timgad_tsk->usage); | ||
ret = rhashtable_lookup_insert_key(&timgad_tasks_table, | ||
timgad_tsk->task, &timgad_tsk->node, | ||
timgad_tasks_params); | ||
if (ret) | ||
atomic_dec(&timgad_tsk->usage); | ||
|
||
return ret; | ||
} | ||
|
||
static void reclaim_timgad_task(struct work_struct *work) | ||
{ | ||
struct timgad_task *ttask = container_of(work, struct timgad_task, | ||
clean_work); | ||
|
||
WARN_ON(atomic_read(&ttask->usage) != 0); | ||
|
||
rhashtable_remove_fast(&timgad_tasks_table, &ttask->node, | ||
timgad_tasks_params); | ||
|
||
kfree(ttask); | ||
} | ||
|
||
struct timgad_task *init_timgad_task(struct task_struct *tsk, | ||
unsigned long value) | ||
{ | ||
struct timgad_task *ttask; | ||
|
||
ttask = kzalloc(sizeof(*ttask), GFP_KERNEL | __GFP_NOWARN); | ||
if (ttask == NULL) | ||
return ERR_PTR(-ENOMEM); | ||
|
||
ttask->task = tsk; | ||
ttask->mod_harden = value; | ||
|
||
atomic_set(&ttask->usage, 0); | ||
INIT_WORK(&ttask->clean_work, reclaim_timgad_task); | ||
|
||
return ttask; | ||
} | ||
|
||
/* On success, callers have to do put_timgad_task() */ | ||
struct timgad_task *give_me_timgad_task(struct task_struct *tsk, | ||
unsigned long value) | ||
{ | ||
int ret; | ||
struct timgad_task *ttask; | ||
|
||
ttask = init_timgad_task(tsk, value); | ||
if (IS_ERR(ttask)) | ||
return ttask; | ||
|
||
/* Mark it as active */ | ||
ret = insert_timgad_task(ttask); | ||
if (ret) { | ||
kfree(ttask); | ||
return ERR_PTR(ret); | ||
} | ||
|
||
return ttask; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
/* | ||
* Timgad Linux Security Module | ||
* | ||
* Author: Djalal Harouni | ||
* | ||
* Copyright (c) 2016 Djalal Harouni | ||
* Copyright (c) 2017 Endocode AG | ||
* | ||
* This program is free software; you can redistribute it and/or modify | ||
* it under the terms of the GNU General Public License version 2, as | ||
* published by the Free Software Foundation. | ||
* | ||
*/ | ||
|
||
#define TIMGAD_MOD_HARDEN 0x00000001 | ||
#define TIMGAD_MOD_HARDEN_STRICT 0x00000002 | ||
|
||
#define TIMGAD_OPTS_ALL \ | ||
((unsigned long) (TIMGAD_MOD_HARDEN | \ | ||
TIMGAD_MOD_HARDEN_STRICT)) | ||
|
||
struct timgad_task; | ||
|
||
static inline int timgad_op_to_flag(unsigned long op, | ||
unsigned long value, | ||
unsigned long *rvalue) | ||
{ | ||
return 0; | ||
} | ||
|
||
int timgad_task_set_op_flag(struct timgad_task *timgad_tsk, | ||
unsigned long op, unsigned long flag, | ||
unsigned long value); | ||
|
||
int timgad_task_is_op_set(struct timgad_task *timgad_tsk, unsigned long op); | ||
|
||
struct timgad_task *get_timgad_task(struct task_struct *tsk); | ||
void put_timgad_task(struct timgad_task *timgad_tsk); | ||
struct timgad_task *lookup_timgad_task(struct task_struct *tsk); | ||
int insert_timgad_task(struct timgad_task *timgad_tsk); | ||
|
||
struct timgad_task *init_timgad_task(struct task_struct *tsk, | ||
unsigned long flag); | ||
struct timgad_task *give_me_timgad_task(struct task_struct *tsk, | ||
unsigned long value); | ||
|
||
int timgad_tasks_init(void); | ||
void timgad_tasks_clean(void); |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Missing the further documentation. Also, Linus doesn't accept PRs on Github.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Propheis thx