| From 949279ab2fae8cc52b96e978f4f2ec2168a56996 Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Thu, 9 Jul 2020 01:19:05 -0500 |
| Subject: ima: Fail rule parsing when the KEY_CHECK hook is combined with an |
| invalid cond |
| |
| From: Tyler Hicks <tyhicks@linux.microsoft.com> |
| |
| [ Upstream commit eb624fe214a2e156ddafd9868377cf91499f789d ] |
| |
| The KEY_CHECK function only supports the uid, pcr, and keyrings |
| conditionals. Make this clear at policy load so that IMA policy authors |
| don't assume that other conditionals are supported. |
| |
| Fixes: 5808611cccb2 ("IMA: Add KEY_CHECK func to measure keys") |
| Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> |
| Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com> |
| Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| security/integrity/ima/ima_policy.c | 7 +++++++ |
| 1 file changed, 7 insertions(+) |
| |
| diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c |
| index a77e0b34e72f7..3e3e568c81309 100644 |
| --- a/security/integrity/ima/ima_policy.c |
| +++ b/security/integrity/ima/ima_policy.c |
| @@ -1023,6 +1023,13 @@ static bool ima_validate_rule(struct ima_rule_entry *entry) |
| if (entry->action & ~(MEASURE | DONT_MEASURE)) |
| return false; |
| |
| + if (entry->flags & ~(IMA_FUNC | IMA_UID | IMA_PCR | |
| + IMA_KEYRINGS)) |
| + return false; |
| + |
| + if (ima_rule_contains_lsm_cond(entry)) |
| + return false; |
| + |
| break; |
| default: |
| return false; |
| -- |
| 2.25.1 |
| |