ima: fail file signature verification on non-init mounted filesystems (57b56ac6) · Commits · e / devices / android_kernel_teracube_mt6765

include/linux/fs.h

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1321,6 +1321,8 @@ extern int send_sigurg(struct fown_struct *fown);

	/* sb->s_iflags to limit user namespace mounts */		/* sb->s_iflags to limit user namespace mounts */
	#define SB_I_USERNS_VISIBLE 0x00000010 /* fstype already mounted */		#define SB_I_USERNS_VISIBLE 0x00000010 /* fstype already mounted */
			#define SB_I_IMA_UNVERIFIABLE_SIGNATURE 0x00000020
			#define SB_I_UNTRUSTED_MOUNTER 0x00000040

	/* Possible states of 'frozen' field */		/* Possible states of 'frozen' field */
	enum {		enum {

+14 −1

Original line number	Original line	Diff line number	Diff line
	@@ -302,7 +302,19 @@ int ima_appraise_measurement(enum ima_hooks func,
	}		}

	out:		out:
	if (status != INTEGRITY_PASS) {		/*
			* File signatures on some filesystems can not be properly verified.
			* On these filesytems, that are mounted by an untrusted mounter,
			* fail the file signature verification.
			*/
			if ((inode->i_sb->s_iflags &
			(SB_I_IMA_UNVERIFIABLE_SIGNATURE \| SB_I_UNTRUSTED_MOUNTER)) ==
			(SB_I_IMA_UNVERIFIABLE_SIGNATURE \| SB_I_UNTRUSTED_MOUNTER)) {
			status = INTEGRITY_FAIL;
			cause = "unverifiable-signature";
			integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, filename,
			op, cause, rc, 0);
			} else if (status != INTEGRITY_PASS) {
	if ((ima_appraise & IMA_APPRAISE_FIX) &&		if ((ima_appraise & IMA_APPRAISE_FIX) &&
	(!xattr_value \|\|		(!xattr_value \|\|
	xattr_value->type != EVM_IMA_XATTR_DIGSIG)) {		xattr_value->type != EVM_IMA_XATTR_DIGSIG)) {
	@@ -319,6 +331,7 @@ int ima_appraise_measurement(enum ima_hooks func,
	} else {		} else {
	ima_cache_flags(iint, func);		ima_cache_flags(iint, func);
	}		}

	ima_set_cache_status(iint, func, status);		ima_set_cache_status(iint, func, status);
	return status;		return status;
	}		}