Linux/include/linux/evm.h

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 /* SPDX-License-Identifier: GPL-2.0 */ 1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 2 /* 3 * evm.h 3 * evm.h 4 * 4 * 5 * Copyright (c) 2009 IBM Corporation 5 * Copyright (c) 2009 IBM Corporation 6 * Author: Mimi Zohar <zohar@us.ibm.com> 6 * Author: Mimi Zohar <zohar@us.ibm.com> 7 */ 7 */ 8 8 9 #ifndef _LINUX_EVM_H 9 #ifndef _LINUX_EVM_H 10 #define _LINUX_EVM_H 10 #define _LINUX_EVM_H 11 11 12 #include <linux/integrity.h> 12 #include <linux/integrity.h> 13 #include <linux/xattr.h> 13 #include <linux/xattr.h> 14 14 >> 15 struct integrity_iint_cache; >> 16 15 #ifdef CONFIG_EVM 17 #ifdef CONFIG_EVM 16 extern int evm_set_key(void *key, size_t keyle 18 extern int evm_set_key(void *key, size_t keylen); 17 extern enum integrity_status evm_verifyxattr(s 19 extern enum integrity_status evm_verifyxattr(struct dentry *dentry, 18 c 20 const char *xattr_name, 19 v 21 void *xattr_value, 20 s !! 22 size_t xattr_value_len, >> 23 struct integrity_iint_cache *iint); >> 24 extern int evm_inode_setattr(struct mnt_idmap *idmap, >> 25 struct dentry *dentry, struct iattr *attr); >> 26 extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid); >> 27 extern int evm_inode_setxattr(struct mnt_idmap *idmap, >> 28 struct dentry *dentry, const char *name, >> 29 const void *value, size_t size); >> 30 extern void evm_inode_post_setxattr(struct dentry *dentry, >> 31 const char *xattr_name, >> 32 const void *xattr_value, >> 33 size_t xattr_value_len); >> 34 extern int evm_inode_copy_up_xattr(const char *name); >> 35 extern int evm_inode_removexattr(struct mnt_idmap *idmap, >> 36 struct dentry *dentry, const char *xattr_name); >> 37 extern void evm_inode_post_removexattr(struct dentry *dentry, >> 38 const char *xattr_name); >> 39 static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap, >> 40 struct dentry *dentry, >> 41 const char *acl_name) >> 42 { >> 43 evm_inode_post_removexattr(dentry, acl_name); >> 44 } >> 45 extern int evm_inode_set_acl(struct mnt_idmap *idmap, >> 46 struct dentry *dentry, const char *acl_name, >> 47 struct posix_acl *kacl); >> 48 static inline int evm_inode_remove_acl(struct mnt_idmap *idmap, >> 49 struct dentry *dentry, >> 50 const char *acl_name) >> 51 { >> 52 return evm_inode_set_acl(idmap, dentry, acl_name, NULL); >> 53 } >> 54 static inline void evm_inode_post_set_acl(struct dentry *dentry, >> 55 const char *acl_name, >> 56 struct posix_acl *kacl) >> 57 { >> 58 return evm_inode_post_setxattr(dentry, acl_name, NULL, 0); >> 59 } >> 60 21 int evm_inode_init_security(struct inode *inod 61 int evm_inode_init_security(struct inode *inode, struct inode *dir, 22 const struct qstr 62 const struct qstr *qstr, struct xattr *xattrs, 23 int *xattr_count); 63 int *xattr_count); 24 extern bool evm_revalidate_status(const char * 64 extern bool evm_revalidate_status(const char *xattr_name); 25 extern int evm_protected_xattr_if_enabled(cons 65 extern int evm_protected_xattr_if_enabled(const char *req_xattr_name); 26 extern int evm_read_protected_xattrs(struct de 66 extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, 27 int buffe 67 int buffer_size, char type, 28 bool cano 68 bool canonical_fmt); 29 extern bool evm_metadata_changed(struct inode << 30 struct inode << 31 #ifdef CONFIG_FS_POSIX_ACL 69 #ifdef CONFIG_FS_POSIX_ACL 32 extern int posix_xattr_acl(const char *xattrna 70 extern int posix_xattr_acl(const char *xattrname); 33 #else 71 #else 34 static inline int posix_xattr_acl(const char * 72 static inline int posix_xattr_acl(const char *xattrname) 35 { 73 { 36 return 0; 74 return 0; 37 } 75 } 38 #endif 76 #endif 39 #else 77 #else 40 78 41 static inline int evm_set_key(void *key, size_ 79 static inline int evm_set_key(void *key, size_t keylen) 42 { 80 { 43 return -EOPNOTSUPP; 81 return -EOPNOTSUPP; 44 } 82 } 45 83 46 #ifdef CONFIG_INTEGRITY 84 #ifdef CONFIG_INTEGRITY 47 static inline enum integrity_status evm_verify 85 static inline enum integrity_status evm_verifyxattr(struct dentry *dentry, 48 86 const char *xattr_name, 49 87 void *xattr_value, 50 !! 88 size_t xattr_value_len, >> 89 struct integrity_iint_cache *iint) 51 { 90 { 52 return INTEGRITY_UNKNOWN; 91 return INTEGRITY_UNKNOWN; 53 } 92 } 54 #endif 93 #endif 55 94 >> 95 static inline int evm_inode_setattr(struct mnt_idmap *idmap, >> 96 struct dentry *dentry, struct iattr *attr) >> 97 { >> 98 return 0; >> 99 } >> 100 >> 101 static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid) >> 102 { >> 103 return; >> 104 } >> 105 >> 106 static inline int evm_inode_setxattr(struct mnt_idmap *idmap, >> 107 struct dentry *dentry, const char *name, >> 108 const void *value, size_t size) >> 109 { >> 110 return 0; >> 111 } >> 112 >> 113 static inline void evm_inode_post_setxattr(struct dentry *dentry, >> 114 const char *xattr_name, >> 115 const void *xattr_value, >> 116 size_t xattr_value_len) >> 117 { >> 118 return; >> 119 } >> 120 >> 121 static inline int evm_inode_copy_up_xattr(const char *name) >> 122 { >> 123 return 0; >> 124 } >> 125 >> 126 static inline int evm_inode_removexattr(struct mnt_idmap *idmap, >> 127 struct dentry *dentry, >> 128 const char *xattr_name) >> 129 { >> 130 return 0; >> 131 } >> 132 >> 133 static inline void evm_inode_post_removexattr(struct dentry *dentry, >> 134 const char *xattr_name) >> 135 { >> 136 return; >> 137 } >> 138 >> 139 static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap, >> 140 struct dentry *dentry, >> 141 const char *acl_name) >> 142 { >> 143 return; >> 144 } >> 145 >> 146 static inline int evm_inode_set_acl(struct mnt_idmap *idmap, >> 147 struct dentry *dentry, const char *acl_name, >> 148 struct posix_acl *kacl) >> 149 { >> 150 return 0; >> 151 } >> 152 >> 153 static inline int evm_inode_remove_acl(struct mnt_idmap *idmap, >> 154 struct dentry *dentry, >> 155 const char *acl_name) >> 156 { >> 157 return 0; >> 158 } >> 159 >> 160 static inline void evm_inode_post_set_acl(struct dentry *dentry, >> 161 const char *acl_name, >> 162 struct posix_acl *kacl) >> 163 { >> 164 return; >> 165 } >> 166 56 static inline int evm_inode_init_security(stru 167 static inline int evm_inode_init_security(struct inode *inode, struct inode *dir, 57 cons 168 const struct qstr *qstr, 58 stru 169 struct xattr *xattrs, 59 int 170 int *xattr_count) 60 { 171 { 61 return 0; 172 return 0; 62 } 173 } 63 174 64 static inline bool evm_revalidate_status(const 175 static inline bool evm_revalidate_status(const char *xattr_name) 65 { 176 { 66 return false; 177 return false; 67 } 178 } 68 179 69 static inline int evm_protected_xattr_if_enabl 180 static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name) 70 { 181 { 71 return false; 182 return false; 72 } 183 } 73 184 74 static inline int evm_read_protected_xattrs(st 185 static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, 75 in 186 int buffer_size, char type, 76 bo 187 bool canonical_fmt) 77 { 188 { 78 return -EOPNOTSUPP; 189 return -EOPNOTSUPP; 79 } << 80 << 81 static inline bool evm_metadata_changed(struct << 82 struct << 83 { << 84 return false; << 85 } 190 } 86 191 87 #endif /* CONFIG_EVM */ 192 #endif /* CONFIG_EVM */ 88 #endif /* LINUX_EVM_H */ 193 #endif /* LINUX_EVM_H */ 89 194

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/include/linux/evm.h

Diff markup

Differences between /include/linux/evm.h (Version linux-6.12-rc7) and /include/linux/evm.h (Version linux-6.8.12)

TOMOYO Linux Cross Reference Linux/include/linux/evm.h

Diff markup

Differences between /include/linux/evm.h (Version linux-6.12-rc7) and /include/linux/evm.h (Version linux-6.8.12)

TOMOYO Linux Cross Reference
Linux/include/linux/evm.h