[PATCH] 4 of 5 IMA: module measurement patch

From: Reiner Sailer
Date: Wed Jun 15 2005 - 09:56:20 EST

Next message: Alexander Sandler: "Weirdness in error handling in SCSI and block layers."
Previous message: Lukasz Stelmach: "Re: A Great Idea (tm) about reimplementing NLS."
Next in thread: Greg KH: "Re: [PATCH] 4 of 5 IMA: module measurement patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch applies against linux-2.6.12-rc6-mm1 and provides an additional
measurement hook for measuring kernel modules before they are relocated
and available. At this point, the modules are still an exact copy of the
file on the disk and yield representative measurements.

This is a kernel patch because we could not find a fitting LSM-hook.

Signed-off-by: Reiner Sailer <sailer@xxxxxxxxxxxxxx>
---

diff -uprN linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h
--- linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h 1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h 2005-06-14 16:25:13.000000000 -0400
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2005 IBM Corporation
+ *
+ * Authors:
+ * Reiner Sailer <sailer@xxxxxxxxxxxxxx>
+ *
+ * Maintained by: Reiner Sailer <sailer@xxxxxxxxxxxxxx>
+ *
+ * LSM IBM Integrity Measurement Architecture.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * File: ima_module.h
+ * define modules measurement hook (no LSM hook) to measure
+ * modules before they are relocated
+ */
+#ifdef CONFIG_IMA_MEASURE
+extern int ima_terminating;
+extern void measure_kernel_module(void *start, unsigned long len, const char __user *uargs);
+
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+ if (!ima_terminating)
+ measure_kernel_module(start, len, uargs);
+}
+#else
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+}
+#endif
diff -uprN linux-2.6.12-rc6-mm1_orig/kernel/module.c linux-2.6.12-rc6-mm1-ima/kernel/module.c
--- linux-2.6.12-rc6-mm1_orig/kernel/module.c 2005-06-14 11:34:27.000000000 -0400
+++ linux-2.6.12-rc6-mm1-ima/kernel/module.c 2005-06-14 16:25:13.000000000 -0400
@@ -39,6 +39,7 @@
#include <asm/uaccess.h>
#include <asm/semaphore.h>
#include <asm/cacheflush.h>
+#include <linux/ima_module.h>

#if 0
#define DEBUGP printk
@@ -1531,6 +1532,8 @@ static struct module *load_module(void _
if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr))
goto truncated;

+ ima_measure_module((void *)hdr, len, uargs);
+
/* Convenience variables */
sechdrs = (void *)hdr + hdr->e_shoff;
secstrings = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Sandler: "Weirdness in error handling in SCSI and block layers."
Previous message: Lukasz Stelmach: "Re: A Great Idea (tm) about reimplementing NLS."
Next in thread: Greg KH: "Re: [PATCH] 4 of 5 IMA: module measurement patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]