ima: support fs-verity file digest based version 3 signatures

			fgroup:= decimal value

		  lsm:  are LSM specific

		  option:

			appraise_type:= [imasig] [imasig|modsig]

			appraise_type:= [imasig] | [imasig|modsig] | [sigv3]

			    where 'imasig' is the original or the signature

				format v2.

			    where 'modsig' is an appended signature,

			    where 'sigv3' is the signature format v3. (Currently

				limited to fsverity digest based signatures

				stored in security.ima xattr. Requires

				specifying "digest_type=verity" first.)

			appraise_flag:= [check_blacklist]

			Currently, blacklist check is only for files signed with appended

			signature.

			measure func=FILE_CHECK digest_type=verity \

				template=ima-ngv2

		Example of 'measure' and 'appraise' rules requiring fs-verity

		signatures (format version 3) stored in security.ima xattr.

		The 'measure' rule specifies the 'ima-sigv3' template option,

		which includes the indication of type of digest and the file

		signature in the measurement list.

			measure func=BPRM_CHECK digest_type=verity \

				template=ima-sigv3

		The 'appraise' rule specifies the type and signature format

		version (sigv3) required.

			appraise func=BPRM_CHECK digest_type=verity \

				appraise_type=sigv3

		All of these policy rules could, for example, be constrained

		either based on a filesystem's UUID (fsuuid) or based on LSM

		labels.

   (field format: <digest type>:<hash algo>:digest);

 - 'd-modsig': the digest of the event without the appended modsig;

 - 'n-ng': the name of the event, without size limitations;

 - 'sig': the file signature, or the EVM portable signature if the file

   signature is not found;

 - 'sig': the file signature, based on either the file's/fsverity's digest[1],

   or the EVM portable signature, if 'security.ima' contains a file hash.

 - 'modsig' the appended file signature;

 - 'buf': the buffer data that was used to generate the hash without size limitations;

 - 'evmsig': the EVM portable signature;

		/* v1 API expect signature without xattr type */

		return digsig_verify(keyring, sig + 1, siglen - 1, digest,

				     digestlen);

	case 2:

	case 2: /* regular file data hash based signature */

	case 3: /* struct ima_file_id data based signature */

		return asymmetric_verify(keyring, sig, siglen, digest,

					 digestlen);

	}

#include <linux/magic.h>

#include <linux/ima.h>

#include <linux/evm.h>

#include <linux/fsverity.h>

#include <keys/system_keyring.h>

#include <uapi/linux/fsverity.h>

#include "ima.h"

		return ima_hash_algo;

	switch (xattr_value->type) {

	case IMA_VERITY_DIGSIG:

		sig = (typeof(sig))xattr_value;

		if (sig->version != 3 || xattr_len <= sizeof(*sig) ||

		    sig->hash_algo >= HASH_ALGO__LAST)

			return ima_hash_algo;

		return sig->hash_algo;

	case EVM_IMA_XATTR_DIGSIG:

		sig = (typeof(sig))xattr_value;

		if (sig->version != 2 || xattr_len <= sizeof(*sig)

		    || sig->hash_algo >= HASH_ALGO__LAST)

			return ima_hash_algo;

		return sig->hash_algo;

		break;

	case IMA_XATTR_DIGEST_NG:

		/* first byte contains algorithm id */

		ret = xattr_value->data[0];

	return ret;

}

/*

 * calc_file_id_hash - calculate the hash of the ima_file_id struct data

 * @type: xattr type [enum evm_ima_xattr_type]

 * @algo: hash algorithm [enum hash_algo]

 * @digest: pointer to the digest to be hashed

 * @hash: (out) pointer to the hash

 *

 * IMA signature version 3 disambiguates the data that is signed by

 * indirectly signing the hash of the ima_file_id structure data.

 *

 * Signing the ima_file_id struct is currently only supported for

 * IMA_VERITY_DIGSIG type xattrs.

 *

 * Return 0 on success, error code otherwise.

 */

static int calc_file_id_hash(enum evm_ima_xattr_type type,

			     enum hash_algo algo, const u8 *digest,

			     struct ima_digest_data *hash)

{

	struct ima_file_id file_id = {

		.hash_type = IMA_VERITY_DIGSIG, .hash_algorithm = algo};

	unsigned int unused = HASH_MAX_DIGESTSIZE - hash_digest_size[algo];

	if (type != IMA_VERITY_DIGSIG)

		return -EINVAL;

	memcpy(file_id.hash, digest, hash_digest_size[algo]);

	hash->algo = algo;

	hash->length = hash_digest_size[algo];

	return ima_calc_buffer_hash(&file_id, sizeof(file_id) - unused, hash);

}

/*

 * xattr_verify - verify xattr digest or signature

 *

			struct evm_ima_xattr_data *xattr_value, int xattr_len,

			enum integrity_status *status, const char **cause)

{

	struct ima_max_digest_data hash;

	struct signature_v2_hdr *sig;

	int rc = -EINVAL, hash_start = 0;

	int mask;

	switch (xattr_value->type) {

	case IMA_XATTR_DIGEST_NG:

	case IMA_XATTR_DIGEST:

		if (*status != INTEGRITY_PASS_IMMUTABLE) {

			if (iint->flags & IMA_DIGSIG_REQUIRED) {

				if (iint->flags & IMA_VERITY_REQUIRED)

					*cause = "verity-signature-required";

				else

					*cause = "IMA-signature-required";

				*status = INTEGRITY_FAIL;

				break;

		break;

	case EVM_IMA_XATTR_DIGSIG:

		set_bit(IMA_DIGSIG, &iint->atomic_flags);

		mask = IMA_DIGSIG_REQUIRED | IMA_VERITY_REQUIRED;

		if ((iint->flags & mask) == mask) {

			*cause = "verity-signature-required";

			*status = INTEGRITY_FAIL;

			break;

		}

		sig = (typeof(sig))xattr_value;

		if (sig->version >= 3) {

			*cause = "invalid-signature-version";

			*status = INTEGRITY_FAIL;

			break;

		}

		rc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA,

					     (const char *)xattr_value,

					     xattr_len,

		} else {

			*status = INTEGRITY_PASS;

		}

		break;

	case IMA_VERITY_DIGSIG:

		set_bit(IMA_DIGSIG, &iint->atomic_flags);

		if (iint->flags & IMA_DIGSIG_REQUIRED) {

			if (!(iint->flags & IMA_VERITY_REQUIRED)) {

				*cause = "IMA-signature-required";

				*status = INTEGRITY_FAIL;

				break;

			}

		}

		sig = (typeof(sig))xattr_value;

		if (sig->version != 3) {

			*cause = "invalid-signature-version";

			*status = INTEGRITY_FAIL;

			break;

		}

		rc = calc_file_id_hash(IMA_VERITY_DIGSIG, iint->ima_hash->algo,

				       iint->ima_hash->digest, &hash.hdr);

		if (rc) {

			*cause = "sigv3-hashing-error";

			*status = INTEGRITY_FAIL;

			break;

		}

		rc = integrity_digsig_verify(INTEGRITY_KEYRING_IMA,

					     (const char *)xattr_value,

					     xattr_len, hash.digest,

					     hash.hdr.length);

		if (rc) {

			*cause = "invalid-verity-signature";

			*status = INTEGRITY_FAIL;

		} else {

			*status = INTEGRITY_PASS;

		}

		break;

	default:

		*status = INTEGRITY_UNKNOWN;

		if (rc && rc != -ENODATA)

			goto out;

		cause = iint->flags & IMA_DIGSIG_REQUIRED ?

				"IMA-signature-required" : "missing-hash";

		if (iint->flags & IMA_DIGSIG_REQUIRED) {

			if (iint->flags & IMA_VERITY_REQUIRED)

				cause = "verity-signature-required";

			else

				cause = "IMA-signature-required";

		} else {

			cause = "missing-hash";

		}

		status = INTEGRITY_NOLABEL;

		if (file->f_mode & FMODE_CREATED)

			iint->flags |= IMA_NEW_FILE;

	    !(entry->flags & IMA_MODSIG_ALLOWED))

		return false;

	/*

	 * Unlike for regular IMA 'appraise' policy rules where security.ima

	 * xattr may contain either a file hash or signature, the security.ima

	 * xattr for fsverity must contain a file signature (sigv3).  Ensure

	 * that 'appraise' rules for fsverity require file signatures by

	 * checking the IMA_DIGSIG_REQUIRED flag is set.

	 */

	if (entry->action == APPRAISE &&

	    (entry->flags & IMA_VERITY_REQUIRED) &&

	    !(entry->flags & IMA_DIGSIG_REQUIRED))

		return false;

	return true;

}

			break;

		case Opt_digest_type:

			ima_log_string(ab, "digest_type", args[0].from);

			if ((strcmp(args[0].from, "verity")) == 0)

			if (entry->flags & IMA_DIGSIG_REQUIRED)

				result = -EINVAL;

			else if ((strcmp(args[0].from, "verity")) == 0)

				entry->flags |= IMA_VERITY_REQUIRED;

			else

				result = -EINVAL;

			break;

		case Opt_appraise_type:

			ima_log_string(ab, "appraise_type", args[0].from);

			if ((strcmp(args[0].from, "imasig")) == 0)

			if ((strcmp(args[0].from, "imasig")) == 0) {

				if (entry->flags & IMA_VERITY_REQUIRED)

					result = -EINVAL;

				else

					entry->flags |= IMA_DIGSIG_REQUIRED;

			else if (IS_ENABLED(CONFIG_IMA_APPRAISE_MODSIG) &&

				 strcmp(args[0].from, "imasig|modsig") == 0)

			} else if (strcmp(args[0].from, "sigv3") == 0) {

				/* Only fsverity supports sigv3 for now */

				if (entry->flags & IMA_VERITY_REQUIRED)

					entry->flags |= IMA_DIGSIG_REQUIRED;

				else

					result = -EINVAL;

			} else if (IS_ENABLED(CONFIG_IMA_APPRAISE_MODSIG) &&

				 strcmp(args[0].from, "imasig|modsig") == 0) {

				if (entry->flags & IMA_VERITY_REQUIRED)

					result = -EINVAL;

				else

					entry->flags |= IMA_DIGSIG_REQUIRED |

						IMA_MODSIG_ALLOWED;

			else

			} else {

				result = -EINVAL;

			}

			break;

		case Opt_appraise_flag:

			ima_log_string(ab, "appraise_flag", args[0].from);

	if (entry->template)

		seq_printf(m, "template=%s ", entry->template->name);

	if (entry->flags & IMA_DIGSIG_REQUIRED) {

		if (entry->flags & IMA_MODSIG_ALLOWED)

		if (entry->flags & IMA_VERITY_REQUIRED)

			seq_puts(m, "appraise_type=sigv3 ");

		else if (entry->flags & IMA_MODSIG_ALLOWED)

			seq_puts(m, "appraise_type=imasig|modsig ");

		else

			seq_puts(m, "appraise_type=imasig ");