1*4882a593Smuzhiyun // SPDX-License-Identifier: GPL-2.0+
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * Copyright (C) 2019 Microsoft Corporation
4*4882a593Smuzhiyun *
5*4882a593Smuzhiyun * Author: Lakshmi Ramasubramanian (nramas@linux.microsoft.com)
6*4882a593Smuzhiyun *
7*4882a593Smuzhiyun * File: ima_queue_keys.c
8*4882a593Smuzhiyun * Enables deferred processing of keys
9*4882a593Smuzhiyun */
10*4882a593Smuzhiyun
11*4882a593Smuzhiyun #include <linux/workqueue.h>
12*4882a593Smuzhiyun #include <keys/asymmetric-type.h>
13*4882a593Smuzhiyun #include "ima.h"
14*4882a593Smuzhiyun
15*4882a593Smuzhiyun /*
16*4882a593Smuzhiyun * Flag to indicate whether a key can be processed
17*4882a593Smuzhiyun * right away or should be queued for processing later.
18*4882a593Smuzhiyun */
19*4882a593Smuzhiyun static bool ima_process_keys;
20*4882a593Smuzhiyun
21*4882a593Smuzhiyun /*
22*4882a593Smuzhiyun * To synchronize access to the list of keys that need to be measured
23*4882a593Smuzhiyun */
24*4882a593Smuzhiyun static DEFINE_MUTEX(ima_keys_lock);
25*4882a593Smuzhiyun static LIST_HEAD(ima_keys);
26*4882a593Smuzhiyun
27*4882a593Smuzhiyun /*
28*4882a593Smuzhiyun * If custom IMA policy is not loaded then keys queued up
29*4882a593Smuzhiyun * for measurement should be freed. This worker is used
30*4882a593Smuzhiyun * for handling this scenario.
31*4882a593Smuzhiyun */
32*4882a593Smuzhiyun static long ima_key_queue_timeout = 300000; /* 5 Minutes */
33*4882a593Smuzhiyun static void ima_keys_handler(struct work_struct *work);
34*4882a593Smuzhiyun static DECLARE_DELAYED_WORK(ima_keys_delayed_work, ima_keys_handler);
35*4882a593Smuzhiyun static bool timer_expired;
36*4882a593Smuzhiyun
37*4882a593Smuzhiyun /*
38*4882a593Smuzhiyun * This worker function frees keys that may still be
39*4882a593Smuzhiyun * queued up in case custom IMA policy was not loaded.
40*4882a593Smuzhiyun */
ima_keys_handler(struct work_struct * work)41*4882a593Smuzhiyun static void ima_keys_handler(struct work_struct *work)
42*4882a593Smuzhiyun {
43*4882a593Smuzhiyun timer_expired = true;
44*4882a593Smuzhiyun ima_process_queued_keys();
45*4882a593Smuzhiyun }
46*4882a593Smuzhiyun
47*4882a593Smuzhiyun /*
48*4882a593Smuzhiyun * This function sets up a worker to free queued keys in case
49*4882a593Smuzhiyun * custom IMA policy was never loaded.
50*4882a593Smuzhiyun */
ima_init_key_queue(void)51*4882a593Smuzhiyun void ima_init_key_queue(void)
52*4882a593Smuzhiyun {
53*4882a593Smuzhiyun schedule_delayed_work(&ima_keys_delayed_work,
54*4882a593Smuzhiyun msecs_to_jiffies(ima_key_queue_timeout));
55*4882a593Smuzhiyun }
56*4882a593Smuzhiyun
ima_free_key_entry(struct ima_key_entry * entry)57*4882a593Smuzhiyun static void ima_free_key_entry(struct ima_key_entry *entry)
58*4882a593Smuzhiyun {
59*4882a593Smuzhiyun if (entry) {
60*4882a593Smuzhiyun kfree(entry->payload);
61*4882a593Smuzhiyun kfree(entry->keyring_name);
62*4882a593Smuzhiyun kfree(entry);
63*4882a593Smuzhiyun }
64*4882a593Smuzhiyun }
65*4882a593Smuzhiyun
ima_alloc_key_entry(struct key * keyring,const void * payload,size_t payload_len)66*4882a593Smuzhiyun static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring,
67*4882a593Smuzhiyun const void *payload,
68*4882a593Smuzhiyun size_t payload_len)
69*4882a593Smuzhiyun {
70*4882a593Smuzhiyun int rc = 0;
71*4882a593Smuzhiyun const char *audit_cause = "ENOMEM";
72*4882a593Smuzhiyun struct ima_key_entry *entry;
73*4882a593Smuzhiyun
74*4882a593Smuzhiyun entry = kzalloc(sizeof(*entry), GFP_KERNEL);
75*4882a593Smuzhiyun if (entry) {
76*4882a593Smuzhiyun entry->payload = kmemdup(payload, payload_len, GFP_KERNEL);
77*4882a593Smuzhiyun entry->keyring_name = kstrdup(keyring->description,
78*4882a593Smuzhiyun GFP_KERNEL);
79*4882a593Smuzhiyun entry->payload_len = payload_len;
80*4882a593Smuzhiyun }
81*4882a593Smuzhiyun
82*4882a593Smuzhiyun if ((entry == NULL) || (entry->payload == NULL) ||
83*4882a593Smuzhiyun (entry->keyring_name == NULL)) {
84*4882a593Smuzhiyun rc = -ENOMEM;
85*4882a593Smuzhiyun goto out;
86*4882a593Smuzhiyun }
87*4882a593Smuzhiyun
88*4882a593Smuzhiyun INIT_LIST_HEAD(&entry->list);
89*4882a593Smuzhiyun
90*4882a593Smuzhiyun out:
91*4882a593Smuzhiyun if (rc) {
92*4882a593Smuzhiyun integrity_audit_message(AUDIT_INTEGRITY_PCR, NULL,
93*4882a593Smuzhiyun keyring->description,
94*4882a593Smuzhiyun func_measure_str(KEY_CHECK),
95*4882a593Smuzhiyun audit_cause, rc, 0, rc);
96*4882a593Smuzhiyun ima_free_key_entry(entry);
97*4882a593Smuzhiyun entry = NULL;
98*4882a593Smuzhiyun }
99*4882a593Smuzhiyun
100*4882a593Smuzhiyun return entry;
101*4882a593Smuzhiyun }
102*4882a593Smuzhiyun
ima_queue_key(struct key * keyring,const void * payload,size_t payload_len)103*4882a593Smuzhiyun bool ima_queue_key(struct key *keyring, const void *payload,
104*4882a593Smuzhiyun size_t payload_len)
105*4882a593Smuzhiyun {
106*4882a593Smuzhiyun bool queued = false;
107*4882a593Smuzhiyun struct ima_key_entry *entry;
108*4882a593Smuzhiyun
109*4882a593Smuzhiyun entry = ima_alloc_key_entry(keyring, payload, payload_len);
110*4882a593Smuzhiyun if (!entry)
111*4882a593Smuzhiyun return false;
112*4882a593Smuzhiyun
113*4882a593Smuzhiyun mutex_lock(&ima_keys_lock);
114*4882a593Smuzhiyun if (!ima_process_keys) {
115*4882a593Smuzhiyun list_add_tail(&entry->list, &ima_keys);
116*4882a593Smuzhiyun queued = true;
117*4882a593Smuzhiyun }
118*4882a593Smuzhiyun mutex_unlock(&ima_keys_lock);
119*4882a593Smuzhiyun
120*4882a593Smuzhiyun if (!queued)
121*4882a593Smuzhiyun ima_free_key_entry(entry);
122*4882a593Smuzhiyun
123*4882a593Smuzhiyun return queued;
124*4882a593Smuzhiyun }
125*4882a593Smuzhiyun
126*4882a593Smuzhiyun /*
127*4882a593Smuzhiyun * ima_process_queued_keys() - process keys queued for measurement
128*4882a593Smuzhiyun *
129*4882a593Smuzhiyun * This function sets ima_process_keys to true and processes queued keys.
130*4882a593Smuzhiyun * From here on keys will be processed right away (not queued).
131*4882a593Smuzhiyun */
ima_process_queued_keys(void)132*4882a593Smuzhiyun void ima_process_queued_keys(void)
133*4882a593Smuzhiyun {
134*4882a593Smuzhiyun struct ima_key_entry *entry, *tmp;
135*4882a593Smuzhiyun bool process = false;
136*4882a593Smuzhiyun
137*4882a593Smuzhiyun if (ima_process_keys)
138*4882a593Smuzhiyun return;
139*4882a593Smuzhiyun
140*4882a593Smuzhiyun /*
141*4882a593Smuzhiyun * Since ima_process_keys is set to true, any new key will be
142*4882a593Smuzhiyun * processed immediately and not be queued to ima_keys list.
143*4882a593Smuzhiyun * First one setting the ima_process_keys flag to true will
144*4882a593Smuzhiyun * process the queued keys.
145*4882a593Smuzhiyun */
146*4882a593Smuzhiyun mutex_lock(&ima_keys_lock);
147*4882a593Smuzhiyun if (!ima_process_keys) {
148*4882a593Smuzhiyun ima_process_keys = true;
149*4882a593Smuzhiyun process = true;
150*4882a593Smuzhiyun }
151*4882a593Smuzhiyun mutex_unlock(&ima_keys_lock);
152*4882a593Smuzhiyun
153*4882a593Smuzhiyun if (!process)
154*4882a593Smuzhiyun return;
155*4882a593Smuzhiyun
156*4882a593Smuzhiyun if (!timer_expired)
157*4882a593Smuzhiyun cancel_delayed_work_sync(&ima_keys_delayed_work);
158*4882a593Smuzhiyun
159*4882a593Smuzhiyun list_for_each_entry_safe(entry, tmp, &ima_keys, list) {
160*4882a593Smuzhiyun if (!timer_expired)
161*4882a593Smuzhiyun process_buffer_measurement(NULL, entry->payload,
162*4882a593Smuzhiyun entry->payload_len,
163*4882a593Smuzhiyun entry->keyring_name,
164*4882a593Smuzhiyun KEY_CHECK, 0,
165*4882a593Smuzhiyun entry->keyring_name);
166*4882a593Smuzhiyun list_del(&entry->list);
167*4882a593Smuzhiyun ima_free_key_entry(entry);
168*4882a593Smuzhiyun }
169*4882a593Smuzhiyun }
170*4882a593Smuzhiyun
ima_should_queue_key(void)171*4882a593Smuzhiyun inline bool ima_should_queue_key(void)
172*4882a593Smuzhiyun {
173*4882a593Smuzhiyun return !ima_process_keys;
174*4882a593Smuzhiyun }
175