| ima_crypto.c (bf61c8840efe60fd8f91446860b63338fb424158) | ima_crypto.c (c7c8bb237fdbff932b5e431aebee5ce862ea07d1) |
|---|---|
| 1/* 2 * Copyright (C) 2005,2006,2007,2008 IBM Corporation 3 * 4 * Authors: 5 * Mimi Zohar <zohar@us.ibm.com> 6 * Kylene Hall <kjhall@us.ibm.com> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 6 unchanged lines hidden (view full) --- 15 16#include <linux/kernel.h> 17#include <linux/file.h> 18#include <linux/crypto.h> 19#include <linux/scatterlist.h> 20#include <linux/err.h> 21#include <linux/slab.h> 22#include <crypto/hash.h> | 1/* 2 * Copyright (C) 2005,2006,2007,2008 IBM Corporation 3 * 4 * Authors: 5 * Mimi Zohar <zohar@us.ibm.com> 6 * Kylene Hall <kjhall@us.ibm.com> 7 * 8 * This program is free software; you can redistribute it and/or modify --- 6 unchanged lines hidden (view full) --- 15 16#include <linux/kernel.h> 17#include <linux/file.h> 18#include <linux/crypto.h> 19#include <linux/scatterlist.h> 20#include <linux/err.h> 21#include <linux/slab.h> 22#include <crypto/hash.h> |
| 23#include <crypto/hash_info.h> |
|
| 23#include "ima.h" 24 25static struct crypto_shash *ima_shash_tfm; 26 27int ima_init_crypto(void) 28{ 29 long rc; 30 | 24#include "ima.h" 25 26static struct crypto_shash *ima_shash_tfm; 27 28int ima_init_crypto(void) 29{ 30 long rc; 31 |
| 31 ima_shash_tfm = crypto_alloc_shash(ima_hash, 0, 0); | 32 ima_shash_tfm = crypto_alloc_shash(hash_algo_name[ima_hash_algo], 0, 0); |
| 32 if (IS_ERR(ima_shash_tfm)) { 33 rc = PTR_ERR(ima_shash_tfm); | 33 if (IS_ERR(ima_shash_tfm)) { 34 rc = PTR_ERR(ima_shash_tfm); |
| 34 pr_err("Can not allocate %s (reason: %ld)\n", ima_hash, rc); | 35 pr_err("Can not allocate %s (reason: %ld)\n", 36 hash_algo_name[ima_hash_algo], rc); |
| 35 return rc; 36 } 37 return 0; 38} 39 40/* 41 * Calculate the MD5/SHA1 file digest 42 */ | 37 return rc; 38 } 39 return 0; 40} 41 42/* 43 * Calculate the MD5/SHA1 file digest 44 */ |
| 43int ima_calc_file_hash(struct file *file, char *digest) | 45static int ima_calc_file_hash_tfm(struct file *file, 46 struct ima_digest_data *hash, 47 struct crypto_shash *tfm) |
| 44{ 45 loff_t i_size, offset = 0; 46 char *rbuf; 47 int rc, read = 0; 48 struct { 49 struct shash_desc shash; | 48{ 49 loff_t i_size, offset = 0; 50 char *rbuf; 51 int rc, read = 0; 52 struct { 53 struct shash_desc shash; |
| 50 char ctx[crypto_shash_descsize(ima_shash_tfm)]; | 54 char ctx[crypto_shash_descsize(tfm)]; |
| 51 } desc; 52 | 55 } desc; 56 |
| 53 desc.shash.tfm = ima_shash_tfm; | 57 desc.shash.tfm = tfm; |
| 54 desc.shash.flags = 0; 55 56 rc = crypto_shash_init(&desc.shash); 57 if (rc != 0) 58 return rc; 59 60 rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL); 61 if (!rbuf) { --- 18 unchanged lines hidden (view full) --- 80 offset += rbuf_len; 81 82 rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len); 83 if (rc) 84 break; 85 } 86 kfree(rbuf); 87 if (!rc) | 58 desc.shash.flags = 0; 59 60 rc = crypto_shash_init(&desc.shash); 61 if (rc != 0) 62 return rc; 63 64 rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL); 65 if (!rbuf) { --- 18 unchanged lines hidden (view full) --- 84 offset += rbuf_len; 85 86 rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len); 87 if (rc) 88 break; 89 } 90 kfree(rbuf); 91 if (!rc) |
| 88 rc = crypto_shash_final(&desc.shash, digest); | 92 rc = crypto_shash_final(&desc.shash, hash->digest); |
| 89 if (read) 90 file->f_mode &= ~FMODE_READ; 91out: 92 return rc; 93} 94 | 93 if (read) 94 file->f_mode &= ~FMODE_READ; 95out: 96 return rc; 97} 98 |
| 99int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash) 100{ 101 struct crypto_shash *tfm = ima_shash_tfm; 102 int rc; 103 104 if (hash->algo != ima_hash_algo && hash->algo < HASH_ALGO__LAST) { 105 tfm = crypto_alloc_shash(hash_algo_name[hash->algo], 0, 0); 106 if (IS_ERR(tfm)) { 107 rc = PTR_ERR(tfm); 108 pr_err("Can not allocate %s (reason: %d)\n", 109 hash_algo_name[hash->algo], rc); 110 return rc; 111 } 112 } 113 114 hash->length = crypto_shash_digestsize(tfm); 115 116 rc = ima_calc_file_hash_tfm(file, hash, tfm); 117 118 if (tfm != ima_shash_tfm) 119 crypto_free_shash(tfm); 120 121 return rc; 122} 123 |
|
| 95/* 96 * Calculate the hash of a given buffer 97 */ | 124/* 125 * Calculate the hash of a given buffer 126 */ |
| 98int ima_calc_buffer_hash(const void *data, int len, char *digest) | 127int ima_calc_buffer_hash(const void *buf, int len, struct ima_digest_data *hash) |
| 99{ 100 struct { 101 struct shash_desc shash; 102 char ctx[crypto_shash_descsize(ima_shash_tfm)]; 103 } desc; 104 105 desc.shash.tfm = ima_shash_tfm; 106 desc.shash.flags = 0; 107 | 128{ 129 struct { 130 struct shash_desc shash; 131 char ctx[crypto_shash_descsize(ima_shash_tfm)]; 132 } desc; 133 134 desc.shash.tfm = ima_shash_tfm; 135 desc.shash.flags = 0; 136 |
| 108 return crypto_shash_digest(&desc.shash, data, len, digest); | 137 /* this function uses default algo */ 138 hash->algo = ima_hash_algo; 139 hash->length = crypto_shash_digestsize(ima_shash_tfm); 140 141 return crypto_shash_digest(&desc.shash, buf, len, hash->digest); |
| 109} 110 111static void __init ima_pcrread(int idx, u8 *pcr) 112{ 113 if (!ima_used_chip) 114 return; 115 116 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0) --- 32 unchanged lines hidden --- | 142} 143 144static void __init ima_pcrread(int idx, u8 *pcr) 145{ 146 if (!ima_used_chip) 147 return; 148 149 if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0) --- 32 unchanged lines hidden --- |