[PATCH] 4 of 5 IMA: module measurement patch

This patch applies against linux-2.6.12-rc6-mm1 and provides an additional
measurement hook for measuring kernel modules before they are relocated
and available. At this point, the modules are still an exact copy of the 
file on the disk and yield representative measurements.

This is a kernel patch because we could not find a fitting LSM-hook.

Signed-off-by: Reiner Sailer <[email protected]>
---


diff -uprN linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h
--- linux-2.6.12-rc6-mm1_orig/include/linux/ima_module.h	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.12-rc6-mm1-ima/include/linux/ima_module.h	2005-06-14 16:25:13.000000000 -0400
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2005 IBM Corporation
+ *
+ * Authors:
+ * Reiner Sailer <[email protected]>
+ *
+ * Maintained by: Reiner Sailer <[email protected]>
+ *
+ * LSM IBM Integrity Measurement Architecture.		  
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ * File: ima_module.h
+ *             define modules measurement hook (no LSM hook) to measure
+ *             modules before they are relocated
+ */
+#ifdef CONFIG_IMA_MEASURE
+extern int ima_terminating;
+extern void measure_kernel_module(void *start, unsigned long len, const char __user *uargs);
+
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+	if (!ima_terminating)
+		measure_kernel_module(start, len, uargs);
+}
+#else
+static inline void ima_measure_module(void *start, unsigned long len, const char __user *uargs)
+{
+}
+#endif
diff -uprN linux-2.6.12-rc6-mm1_orig/kernel/module.c linux-2.6.12-rc6-mm1-ima/kernel/module.c
--- linux-2.6.12-rc6-mm1_orig/kernel/module.c	2005-06-14 11:34:27.000000000 -0400
+++ linux-2.6.12-rc6-mm1-ima/kernel/module.c	2005-06-14 16:25:13.000000000 -0400
@@ -39,6 +39,7 @@
 #include <asm/uaccess.h>
 #include <asm/semaphore.h>
 #include <asm/cacheflush.h>
+#include <linux/ima_module.h>
 
 #if 0
 #define DEBUGP printk
@@ -1531,6 +1532,8 @@ static struct module *load_module(void _
 	if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr))
 		goto truncated;
 
+	ima_measure_module((void *)hdr, len, uargs);
+
 	/* Convenience variables */
 	sechdrs = (void *)hdr + hdr->e_shoff;
 	secstrings = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [PATCH] 4 of 5 IMA: module measurement patch
    • From: Greg KH <[email protected]>

• Prev by Date: Re: A Great Idea (tm) about reimplementing NLS.
• Next by Date: Weirdness in error handling in SCSI and block layers.
• Previous by thread: [PATCH] 3 of 5 IMA: LSM-based measurement code
• Next by thread: Re: [PATCH] 4 of 5 IMA: module measurement patch
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]