1 // SPDX-License-Identifier: GPL-2.0 1
2 /*
3 * Ioctl to get a verity file's digest
4 *
5 * Copyright 2019 Google LLC
6 */
7
8 #include "fsverity_private.h"
9
10 #include <linux/bpf.h>
11 #include <linux/btf.h>
12 #include <linux/uaccess.h>
13
14 /**
15 * fsverity_ioctl_measure() - get a verity fil
16 * @filp: file to get digest of
17 * @_uarg: user pointer to fsverity_digest
18 *
19 * Retrieve the file digest that the kernel is
20 * file. See the "FS_IOC_MEASURE_VERITY" sect
21 * Documentation/filesystems/fsverity.rst for
22 *
23 * Return: 0 on success, -errno on failure
24 */
25 int fsverity_ioctl_measure(struct file *filp,
26 {
27 const struct inode *inode = file_inode
28 struct fsverity_digest __user *uarg =
29 const struct fsverity_info *vi;
30 const struct fsverity_hash_alg *hash_a
31 struct fsverity_digest arg;
32
33 vi = fsverity_get_info(inode);
34 if (!vi)
35 return -ENODATA; /* not a veri
36 hash_alg = vi->tree_params.hash_alg;
37
38 /*
39 * The user specifies the digest_size
40 * return the digest if it fits in the
41 * the actual size, which may be short
42 */
43
44 if (get_user(arg.digest_size, &uarg->d
45 return -EFAULT;
46 if (arg.digest_size < hash_alg->digest
47 return -EOVERFLOW;
48
49 memset(&arg, 0, sizeof(arg));
50 arg.digest_algorithm = hash_alg - fsve
51 arg.digest_size = hash_alg->digest_siz
52
53 if (copy_to_user(uarg, &arg, sizeof(ar
54 return -EFAULT;
55
56 if (copy_to_user(uarg->digest, vi->fil
57 return -EFAULT;
58
59 return 0;
60 }
61 EXPORT_SYMBOL_GPL(fsverity_ioctl_measure);
62
63 /**
64 * fsverity_get_digest() - get a verity file's
65 * @inode: inode to get digest of
66 * @raw_digest: (out) the raw file digest
67 * @alg: (out) the digest's algorithm, as a FS
68 * @halg: (out) the digest's algorithm, as a H
69 *
70 * Retrieves the fsverity digest of the given
71 * opened at least once since the inode was la
72 * otherwise this function will not recognize
73 *
74 * The file's fsverity digest consists of @raw
75 * @alg or @halg. (The caller can choose whic
76 *
77 * IMPORTANT: Callers *must* make use of one o
78 * @raw_digest is meaningless without knowing
79 * provides no security guarantee for users wh
80 * they use the digest size (since algorithms
81 *
82 * Return: The size of the raw digest in bytes
83 * fsverity enabled.
84 */
85 int fsverity_get_digest(struct inode *inode,
86 u8 raw_digest[FS_VERIT
87 u8 *alg, enum hash_alg
88 {
89 const struct fsverity_info *vi;
90 const struct fsverity_hash_alg *hash_a
91
92 vi = fsverity_get_info(inode);
93 if (!vi)
94 return 0; /* not a verity file
95
96 hash_alg = vi->tree_params.hash_alg;
97 memcpy(raw_digest, vi->file_digest, ha
98 if (alg)
99 *alg = hash_alg - fsverity_has
100 if (halg)
101 *halg = hash_alg->algo_id;
102 return hash_alg->digest_size;
103 }
104 EXPORT_SYMBOL_GPL(fsverity_get_digest);
105
106 #ifdef CONFIG_BPF_SYSCALL
107
108 /* bpf kfuncs */
109 __bpf_kfunc_start_defs();
110
111 /**
112 * bpf_get_fsverity_digest: read fsverity dige
113 * @file: file to get digest from
114 * @digest_p: (out) dynptr for struct fsverity
115 *
116 * Read fsverity_digest of *file* into *digest
117 *
118 * Return: 0 on success, a negative value on e
119 */
120 __bpf_kfunc int bpf_get_fsverity_digest(struct
121 {
122 struct bpf_dynptr_kern *digest_ptr = (
123 const struct inode *inode = file_inode
124 u32 dynptr_sz = __bpf_dynptr_size(dige
125 struct fsverity_digest *arg;
126 const struct fsverity_info *vi;
127 const struct fsverity_hash_alg *hash_a
128 int out_digest_sz;
129
130 if (dynptr_sz < sizeof(struct fsverity
131 return -EINVAL;
132
133 arg = __bpf_dynptr_data_rw(digest_ptr,
134 if (!arg)
135 return -EINVAL;
136
137 if (!IS_ALIGNED((uintptr_t)arg, __alig
138 return -EINVAL;
139
140 vi = fsverity_get_info(inode);
141 if (!vi)
142 return -ENODATA; /* not a veri
143
144 hash_alg = vi->tree_params.hash_alg;
145
146 arg->digest_algorithm = hash_alg - fsv
147 arg->digest_size = hash_alg->digest_si
148
149 out_digest_sz = dynptr_sz - sizeof(str
150
151 /* copy digest */
152 memcpy(arg->digest, vi->file_digest,
153
154 /* fill the extra buffer with zeros */
155 if (out_digest_sz > hash_alg->digest_s
156 memset(arg->digest + arg->dige
157
158 return 0;
159 }
160
161 __bpf_kfunc_end_defs();
162
163 BTF_KFUNCS_START(fsverity_set_ids)
164 BTF_ID_FLAGS(func, bpf_get_fsverity_digest, KF
165 BTF_KFUNCS_END(fsverity_set_ids)
166
167 static int bpf_get_fsverity_digest_filter(cons
168 {
169 if (!btf_id_set8_contains(&fsverity_se
170 return 0;
171
172 /* Only allow to attach from LSM hooks
173 return prog->type != BPF_PROG_TYPE_LSM
174 }
175
176 static const struct btf_kfunc_id_set bpf_fsver
177 .owner = THIS_MODULE,
178 .set = &fsverity_set_ids,
179 .filter = bpf_get_fsverity_digest_filt
180 };
181
182 void __init fsverity_init_bpf(void)
183 {
184 register_btf_kfunc_id_set(BPF_PROG_TYP
185 }
186
187 #endif /* CONFIG_BPF_SYSCALL */
188
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.