On Thu, 2023-12-14 at 18:08 +0100, Roberto Sassu wrote:
From: Roberto Sassu roberto.sassu@huawei.com
Make the 'ima' LSM independent from the 'integrity' LSM by introducing IMA own integrity metadata (ima_iint_cache structure, with IMA-specific fields from the integrity_iint_cache structure), and by managing it directly from the 'ima' LSM.
Move the remaining IMA-specific flags to security/integrity/ima/ima.h, since they are now unnecessary in the common integrity layer.
Replace integrity_iint_cache with ima_iint_cache in various places of the IMA code.
Then, reserve space in the security blob for the entire ima_iint_cache structure, so that it is available for all inodes having the security blob allocated (those for which security_inode_alloc() was called). Adjust the IMA code accordingly, call ima_iint_inode() to retrieve the ima_iint_cache structure. Keep the non-NULL checks since there can be inodes without security blob.
Previously the 'iint' memory was only allocated for regular files in policy and were tagged S_IMA. This patch totally changes when and how memory is being allocated. Does it make sense to allocate memory at security_inode_alloc()? Is this change really necessary for making IMA a full fledged LSM?
Mimi
Don't include the inode pointer as field in the ima_iint_cache structure, since the association with the inode is clear. Since the inode field is missing in ima_iint_cache, pass the extra inode parameter to ima_get_verity_digest().
Finally, register ima_inode_alloc_security/ima_inode_free_security() to initialize/deinitialize the new ima_iint_cache structure (before this task was done by iint_init_always() and iint_free()). Also, duplicate iint_lockdep_annotate() for the ima_iint_cache structure, and name it ima_iint_lockdep_annotate().
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com