linux/fs/verity/init.c

// SPDX-License-Identifier: GPL-2.0
/*
 * fs-verity module initialization and logging
 *
 * Copyright 2019 Google LLC
 */

#include "fsverity_private.h"

#include <linux/ratelimit.h>

#ifdef CONFIG_SYSCTL
static struct ctl_table_header *fsverity_sysctl_header;

static struct ctl_table fsverity_sysctl_table[] = {
#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
	{
		.procname       = "require_signatures",
		.data           = &fsverity_require_signatures,
		.maxlen         = sizeof(int),
		.mode           = 0644,
		.proc_handler   = proc_dointvec_minmax,
		.extra1         = SYSCTL_ZERO,
		.extra2         = SYSCTL_ONE,
	},
#endif
};

static void __init fsverity_init_sysctl(void)
{
	fsverity_sysctl_header = register_sysctl("fs/verity",
						 fsverity_sysctl_table);
	if (!fsverity_sysctl_header)
		panic("fsverity sysctl registration failed");
}
#else /* CONFIG_SYSCTL */
static inline void fsverity_init_sysctl(void)
{
}
#endif /* !CONFIG_SYSCTL */

void fsverity_msg(const struct inode *inode, const char *level,
		  const char *fmt, ...)
{
	static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
				      DEFAULT_RATELIMIT_BURST);
	struct va_format vaf;
	va_list args;

	if (!__ratelimit(&rs))
		return;

	va_start(args, fmt);
	vaf.fmt = fmt;
	vaf.va = &args;
	if (inode)
		printk("%sfs-verity (%s, inode %lu): %pV\n",
		       level, inode->i_sb->s_id, inode->i_ino, &vaf);
	else
		printk("%sfs-verity: %pV\n", level, &vaf);
	va_end(args);
}

static int __init fsverity_init(void)
{
	fsverity_check_hash_algs();
	fsverity_init_info_cache();
	fsverity_init_workqueue();
	fsverity_init_sysctl();
	fsverity_init_signature();
	fsverity_init_bpf();
	return 0;
}
late_initcall(fsverity_init)
fs-verity: add Kconfig and the helper functions for hashing Add the beginnings of the fs/verity/ support layer, including the Kconfig option and various helper functions for hashing. To start, only SHA-256 is supported, but other hash algorithms can easily be added. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> 2019-07-22 09:26:21 -07:00			`// SPDX-License-Identifier: GPL-2.0`
			`/*`
fs-verity: remove filenames from file comments Embedding the file path inside kernel source code files isn't particularly useful as often files are moved around and the paths become incorrect. checkpatch.pl warns about this since v5.10-rc1. Acked-by: Luca Boccassi <luca.boccassi@microsoft.com> Link: https://lore.kernel.org/r/20201113211918.71883-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 2020-11-13 13:19:15 -08:00			`* fs-verity module initialization and logging`
fs-verity: add Kconfig and the helper functions for hashing Add the beginnings of the fs/verity/ support layer, including the Kconfig option and various helper functions for hashing. To start, only SHA-256 is supported, but other hash algorithms can easily be added. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> 2019-07-22 09:26:21 -07:00			`*`
			`* Copyright 2019 Google LLC`
			`*/`

			`#include "fsverity_private.h"`

			`#include <linux/ratelimit.h>`

fsverity: move sysctl registration out of signature.c Currently the registration of the fsverity sysctls happens in signature.c, which couples it to CONFIG_FS_VERITY_BUILTIN_SIGNATURES. This makes it hard to add new sysctls unrelated to builtin signatures. Also, some users have started checking whether the directory /proc/sys/fs/verity exists as a way to tell whether fsverity is supported. This isn't the intended method; instead, the existence of /sys/fs/$fstype/features/verity should be checked, or users should just try to use the fsverity ioctls. Regardless, it should be made to work as expected without a dependency on CONFIG_FS_VERITY_BUILTIN_SIGNATURES. Therefore, move the sysctl registration into init.c. With CONFIG_FS_VERITY_BUILTIN_SIGNATURES, nothing changes. Without it, but with CONFIG_FS_VERITY, an empty list of sysctls is now registered. Link: https://lore.kernel.org/r/20230705212743.42180-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 2023-07-05 14:27:43 -07:00			`#ifdef CONFIG_SYSCTL`
			`static struct ctl_table_header *fsverity_sysctl_header;`

			`static struct ctl_table fsverity_sysctl_table[] = {`
			`#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES`
			`{`
			`.procname = "require_signatures",`
			`.data = &fsverity_require_signatures,`
			`.maxlen = sizeof(int),`
			`.mode = 0644,`
			`.proc_handler = proc_dointvec_minmax,`
			`.extra1 = SYSCTL_ZERO,`
			`.extra2 = SYSCTL_ONE,`
			`},`
			`#endif`
			`};`

			`static void __init fsverity_init_sysctl(void)`
			`{`
			`fsverity_sysctl_header = register_sysctl("fs/verity",`
			`fsverity_sysctl_table);`
			`if (!fsverity_sysctl_header)`
			`panic("fsverity sysctl registration failed");`
			`}`
			`#else /* CONFIG_SYSCTL */`
			`static inline void fsverity_init_sysctl(void)`
			`{`
			`}`
			`#endif /* !CONFIG_SYSCTL */`

fs-verity: add Kconfig and the helper functions for hashing Add the beginnings of the fs/verity/ support layer, including the Kconfig option and various helper functions for hashing. To start, only SHA-256 is supported, but other hash algorithms can easily be added. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> 2019-07-22 09:26:21 -07:00			`void fsverity_msg(const struct inode inode, const char level,`
			`const char *fmt, ...)`
			`{`
			`static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,`
			`DEFAULT_RATELIMIT_BURST);`
			`struct va_format vaf;`
			`va_list args;`

			`if (!__ratelimit(&rs))`
			`return;`

			`va_start(args, fmt);`
			`vaf.fmt = fmt;`
			`vaf.va = &args;`
			`if (inode)`
			`printk("%sfs-verity (%s, inode %lu): %pV\n",`
			`level, inode->i_sb->s_id, inode->i_ino, &vaf);`
			`else`
			`printk("%sfs-verity: %pV\n", level, &vaf);`
			`va_end(args);`
			`}`

			`static int __init fsverity_init(void)`
			`{`
			`fsverity_check_hash_algs();`
fsverity: simplify handling of errors during initcall Since CONFIG_FS_VERITY is a bool, not a tristate, fs/verity/ can only be builtin or absent entirely; it can't be a loadable module. Therefore, the error code that gets returned from the fsverity_init() initcall is never used. If any part of the initcall does fail, which should never happen, the kernel will be left in a bad state. Following the usual convention for builtin code, just panic the kernel if any of part of the initcall fails. Link: https://lore.kernel.org/r/20230705212743.42180-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 2023-07-05 14:27:42 -07:00			`fsverity_init_info_cache();`
			`fsverity_init_workqueue();`
fsverity: move sysctl registration out of signature.c Currently the registration of the fsverity sysctls happens in signature.c, which couples it to CONFIG_FS_VERITY_BUILTIN_SIGNATURES. This makes it hard to add new sysctls unrelated to builtin signatures. Also, some users have started checking whether the directory /proc/sys/fs/verity exists as a way to tell whether fsverity is supported. This isn't the intended method; instead, the existence of /sys/fs/$fstype/features/verity should be checked, or users should just try to use the fsverity ioctls. Regardless, it should be made to work as expected without a dependency on CONFIG_FS_VERITY_BUILTIN_SIGNATURES. Therefore, move the sysctl registration into init.c. With CONFIG_FS_VERITY_BUILTIN_SIGNATURES, nothing changes. Without it, but with CONFIG_FS_VERITY, an empty list of sysctls is now registered. Link: https://lore.kernel.org/r/20230705212743.42180-3-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 2023-07-05 14:27:43 -07:00			`fsverity_init_sysctl();`
fsverity: simplify handling of errors during initcall Since CONFIG_FS_VERITY is a bool, not a tristate, fs/verity/ can only be builtin or absent entirely; it can't be a loadable module. Therefore, the error code that gets returned from the fsverity_init() initcall is never used. If any part of the initcall does fail, which should never happen, the kernel will be left in a bad state. Following the usual convention for builtin code, just panic the kernel if any of part of the initcall fails. Link: https://lore.kernel.org/r/20230705212743.42180-2-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> 2023-07-05 14:27:42 -07:00			`fsverity_init_signature();`
bpf, fsverity: Add kfunc bpf_get_fsverity_digest fsverity provides fast and reliable hash of files, namely fsverity_digest. The digest can be used by security solutions to verify file contents. Add new kfunc bpf_get_fsverity_digest() so that we can access fsverity from BPF LSM programs. This kfunc is added to fs/verity/measure.c because some data structure used in the function is private to fsverity (fs/verity/fsverity_private.h). To avoid recursion, bpf_get_fsverity_digest is only allowed in BPF LSM programs. Signed-off-by: Song Liu <song@kernel.org> Acked-by: Eric Biggers <ebiggers@google.com> Link: https://lore.kernel.org/r/20231129234417.856536-3-song@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org> 2023-11-29 15:44:13 -08:00			`fsverity_init_bpf();`
fs-verity: add Kconfig and the helper functions for hashing Add the beginnings of the fs/verity/ support layer, including the Kconfig option and various helper functions for hashing. To start, only SHA-256 is supported, but other hash algorithms can easily be added. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Reviewed-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Eric Biggers <ebiggers@google.com> 2019-07-22 09:26:21 -07:00			`return 0;`
			`}`
			`late_initcall(fsverity_init)`