~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/integrity/ima/ima_mok.c

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /security/integrity/ima/ima_mok.c (Architecture ppc) and /security/integrity/ima/ima_mok.c (Architecture i386)

  1 // SPDX-License-Identifier: GPL-2.0-only            1 // SPDX-License-Identifier: GPL-2.0-only
  2 /*                                                  2 /*
  3  * Copyright (C) 2015 Juniper Networks, Inc.        3  * Copyright (C) 2015 Juniper Networks, Inc.
  4  *                                                  4  *
  5  * Author:                                          5  * Author:
  6  * Petko Manolov <petko.manolov@konsulko.com>       6  * Petko Manolov <petko.manolov@konsulko.com>
  7  */                                                 7  */
  8                                                     8 
  9 #include <linux/export.h>                           9 #include <linux/export.h>
 10 #include <linux/kernel.h>                          10 #include <linux/kernel.h>
 11 #include <linux/sched.h>                           11 #include <linux/sched.h>
 12 #include <linux/cred.h>                            12 #include <linux/cred.h>
 13 #include <linux/err.h>                             13 #include <linux/err.h>
 14 #include <linux/init.h>                            14 #include <linux/init.h>
 15 #include <linux/slab.h>                            15 #include <linux/slab.h>
 16 #include <keys/system_keyring.h>                   16 #include <keys/system_keyring.h>
 17                                                    17 
 18                                                    18 
 19 struct key *ima_blacklist_keyring;                 19 struct key *ima_blacklist_keyring;
 20                                                    20 
 21 /*                                                 21 /*
 22  * Allocate the IMA blacklist keyring              22  * Allocate the IMA blacklist keyring
 23  */                                                23  */
 24 static __init int ima_mok_init(void)               24 static __init int ima_mok_init(void)
 25 {                                                  25 {
 26         struct key_restriction *restriction;       26         struct key_restriction *restriction;
 27                                                    27 
 28         pr_notice("Allocating IMA blacklist ke     28         pr_notice("Allocating IMA blacklist keyring.\n");
 29                                                    29 
 30         restriction = kzalloc(sizeof(struct ke     30         restriction = kzalloc(sizeof(struct key_restriction), GFP_KERNEL);
 31         if (!restriction)                          31         if (!restriction)
 32                 panic("Can't allocate IMA blac     32                 panic("Can't allocate IMA blacklist restriction.");
 33                                                    33 
 34         restriction->check = restrict_link_by_     34         restriction->check = restrict_link_by_builtin_trusted;
 35                                                    35 
 36         ima_blacklist_keyring = keyring_alloc(     36         ima_blacklist_keyring = keyring_alloc(".ima_blacklist",
 37                                 KUIDT_INIT(0),     37                                 KUIDT_INIT(0), KGIDT_INIT(0), current_cred(),
 38                                 (KEY_POS_ALL &     38                                 (KEY_POS_ALL & ~KEY_POS_SETATTR) |
 39                                 KEY_USR_VIEW |     39                                 KEY_USR_VIEW | KEY_USR_READ |
 40                                 KEY_USR_WRITE      40                                 KEY_USR_WRITE | KEY_USR_SEARCH,
 41                                 KEY_ALLOC_NOT_     41                                 KEY_ALLOC_NOT_IN_QUOTA |
 42                                 KEY_ALLOC_SET_     42                                 KEY_ALLOC_SET_KEEP,
 43                                 restriction, N     43                                 restriction, NULL);
 44                                                    44 
 45         if (IS_ERR(ima_blacklist_keyring))         45         if (IS_ERR(ima_blacklist_keyring))
 46                 panic("Can't allocate IMA blac     46                 panic("Can't allocate IMA blacklist keyring.");
 47         return 0;                                  47         return 0;
 48 }                                                  48 }
 49 device_initcall(ima_mok_init);                     49 device_initcall(ima_mok_init);
 50                                                    50
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php