1 /* SPDX-License-Identifier: GPL-2.0 */ 1 /* SPDX-License-Identifier: GPL-2.0 */
2 /* 2 /*
3 * evm.h 3 * evm.h
4 * 4 *
5 * Copyright (c) 2009 IBM Corporation 5 * Copyright (c) 2009 IBM Corporation
6 * Author: Mimi Zohar <zohar@us.ibm.com> 6 * Author: Mimi Zohar <zohar@us.ibm.com>
7 */ 7 */
8 8
9 #ifndef _LINUX_EVM_H 9 #ifndef _LINUX_EVM_H
10 #define _LINUX_EVM_H 10 #define _LINUX_EVM_H
11 11
12 #include <linux/integrity.h> 12 #include <linux/integrity.h>
13 #include <linux/xattr.h> 13 #include <linux/xattr.h>
14 14
>> 15 struct integrity_iint_cache;
>> 16
15 #ifdef CONFIG_EVM 17 #ifdef CONFIG_EVM
16 extern int evm_set_key(void *key, size_t keyle 18 extern int evm_set_key(void *key, size_t keylen);
17 extern enum integrity_status evm_verifyxattr(s 19 extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
18 c 20 const char *xattr_name,
19 v 21 void *xattr_value,
20 s !! 22 size_t xattr_value_len,
21 int evm_inode_init_security(struct inode *inod !! 23 struct integrity_iint_cache *iint);
22 const struct qstr !! 24 extern int evm_inode_setattr(struct dentry *dentry, struct iattr *attr);
23 int *xattr_count); !! 25 extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
>> 26 extern int evm_inode_setxattr(struct user_namespace *mnt_userns,
>> 27 struct dentry *dentry, const char *name,
>> 28 const void *value, size_t size);
>> 29 extern void evm_inode_post_setxattr(struct dentry *dentry,
>> 30 const char *xattr_name,
>> 31 const void *xattr_value,
>> 32 size_t xattr_value_len);
>> 33 extern int evm_inode_removexattr(struct user_namespace *mnt_userns,
>> 34 struct dentry *dentry, const char *xattr_name);
>> 35 extern void evm_inode_post_removexattr(struct dentry *dentry,
>> 36 const char *xattr_name);
>> 37 extern int evm_inode_init_security(struct inode *inode,
>> 38 const struct xattr *xattr_array,
>> 39 struct xattr *evm);
24 extern bool evm_revalidate_status(const char * 40 extern bool evm_revalidate_status(const char *xattr_name);
25 extern int evm_protected_xattr_if_enabled(cons 41 extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
26 extern int evm_read_protected_xattrs(struct de 42 extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
27 int buffe 43 int buffer_size, char type,
28 bool cano 44 bool canonical_fmt);
29 extern bool evm_metadata_changed(struct inode <<
30 struct inode <<
31 #ifdef CONFIG_FS_POSIX_ACL 45 #ifdef CONFIG_FS_POSIX_ACL
32 extern int posix_xattr_acl(const char *xattrna 46 extern int posix_xattr_acl(const char *xattrname);
33 #else 47 #else
34 static inline int posix_xattr_acl(const char * 48 static inline int posix_xattr_acl(const char *xattrname)
35 { 49 {
36 return 0; 50 return 0;
37 } 51 }
38 #endif 52 #endif
39 #else 53 #else
40 54
41 static inline int evm_set_key(void *key, size_ 55 static inline int evm_set_key(void *key, size_t keylen)
42 { 56 {
43 return -EOPNOTSUPP; 57 return -EOPNOTSUPP;
44 } 58 }
45 59
46 #ifdef CONFIG_INTEGRITY 60 #ifdef CONFIG_INTEGRITY
47 static inline enum integrity_status evm_verify 61 static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
48 62 const char *xattr_name,
49 63 void *xattr_value,
50 !! 64 size_t xattr_value_len,
>> 65 struct integrity_iint_cache *iint)
51 { 66 {
52 return INTEGRITY_UNKNOWN; 67 return INTEGRITY_UNKNOWN;
53 } 68 }
54 #endif 69 #endif
55 70
56 static inline int evm_inode_init_security(stru !! 71 static inline int evm_inode_setattr(struct dentry *dentry, struct iattr *attr)
57 cons !! 72 {
58 stru !! 73 return 0;
59 int !! 74 }
>> 75
>> 76 static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid)
>> 77 {
>> 78 return;
>> 79 }
>> 80
>> 81 static inline int evm_inode_setxattr(struct user_namespace *mnt_userns,
>> 82 struct dentry *dentry, const char *name,
>> 83 const void *value, size_t size)
>> 84 {
>> 85 return 0;
>> 86 }
>> 87
>> 88 static inline void evm_inode_post_setxattr(struct dentry *dentry,
>> 89 const char *xattr_name,
>> 90 const void *xattr_value,
>> 91 size_t xattr_value_len)
>> 92 {
>> 93 return;
>> 94 }
>> 95
>> 96 static inline int evm_inode_removexattr(struct user_namespace *mnt_userns,
>> 97 struct dentry *dentry,
>> 98 const char *xattr_name)
>> 99 {
>> 100 return 0;
>> 101 }
>> 102
>> 103 static inline void evm_inode_post_removexattr(struct dentry *dentry,
>> 104 const char *xattr_name)
>> 105 {
>> 106 return;
>> 107 }
>> 108
>> 109 static inline int evm_inode_init_security(struct inode *inode,
>> 110 const struct xattr *xattr_array,
>> 111 struct xattr *evm)
60 { 112 {
61 return 0; 113 return 0;
62 } 114 }
63 115
64 static inline bool evm_revalidate_status(const 116 static inline bool evm_revalidate_status(const char *xattr_name)
65 { 117 {
66 return false; 118 return false;
67 } 119 }
68 120
69 static inline int evm_protected_xattr_if_enabl 121 static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
70 { 122 {
71 return false; 123 return false;
72 } 124 }
73 125
74 static inline int evm_read_protected_xattrs(st 126 static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
75 in 127 int buffer_size, char type,
76 bo 128 bool canonical_fmt)
77 { 129 {
78 return -EOPNOTSUPP; 130 return -EOPNOTSUPP;
79 } <<
80 <<
81 static inline bool evm_metadata_changed(struct <<
82 struct <<
83 { <<
84 return false; <<
85 } 131 }
86 132
87 #endif /* CONFIG_EVM */ 133 #endif /* CONFIG_EVM */
88 #endif /* LINUX_EVM_H */ 134 #endif /* LINUX_EVM_H */
89 135
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.