/linux/security/integrity/ima/ |
H A D | ima_iint.c | 43 static inline void ima_iint_lockdep_annotate(struct ima_iint_cache *iint, in ima_iint_lockdep_annotate() argument 54 lockdep_set_class(&iint->mutex, &ima_iint_mutex_key[depth]); in ima_iint_lockdep_annotate() 58 static void ima_iint_init_always(struct ima_iint_cache *iint, in ima_iint_init_always() argument 61 iint->ima_hash = NULL; in ima_iint_init_always() 62 iint->real_inode.version = 0; in ima_iint_init_always() 63 iint->flags = 0UL; in ima_iint_init_always() 64 iint->atomic_flags = 0UL; in ima_iint_init_always() 65 iint->ima_file_status = INTEGRITY_UNKNOWN; in ima_iint_init_always() 66 iint->ima_mmap_status = INTEGRITY_UNKNOWN; in ima_iint_init_always() 67 iint->ima_bprm_status = INTEGRITY_UNKNOWN; in ima_iint_init_always() [all …]
|
H A D | ima_appraise.c | 88 static int ima_fix_xattr(struct dentry *dentry, struct ima_iint_cache *iint) in ima_fix_xattr() argument 91 u8 algo = iint->ima_hash->algo; in ima_fix_xattr() 95 iint->ima_hash->xattr.sha1.type = IMA_XATTR_DIGEST; in ima_fix_xattr() 98 iint->ima_hash->xattr.ng.type = IMA_XATTR_DIGEST_NG; in ima_fix_xattr() 99 iint->ima_hash->xattr.ng.algo = algo; in ima_fix_xattr() 102 &iint->ima_hash->xattr.data[offset], in ima_fix_xattr() 103 (sizeof(iint->ima_hash->xattr) - offset) + in ima_fix_xattr() 104 iint->ima_hash->length, 0); in ima_fix_xattr() 109 enum integrity_status ima_get_cache_status(struct ima_iint_cache *iint, in ima_get_cache_status() argument 115 return iint->ima_mmap_status; in ima_get_cache_status() [all …]
|
H A D | ima_main.c | 118 struct ima_iint_cache *iint, in ima_rdwr_violation_check() argument 130 if (!iint) in ima_rdwr_violation_check() 131 iint = ima_iint_find(inode); in ima_rdwr_violation_check() 133 if (iint && test_bit(IMA_MUST_MEASURE, in ima_rdwr_violation_check() 134 &iint->atomic_flags)) in ima_rdwr_violation_check() 139 set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); in ima_rdwr_violation_check() 150 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check() 153 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check() 157 static void ima_check_last_writer(struct ima_iint_cache *iint, in ima_check_last_writer() argument 166 mutex_lock(&iint->mutex); in ima_check_last_writer() [all …]
|
H A D | ima.h | 71 struct ima_iint_cache *iint; member 216 struct ima_iint_cache *iint) in ima_inode_set_iint() argument 224 *iint_sec = iint; in ima_inode_set_iint() 265 struct ima_iint_cache *iint, const char *op, 381 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, 384 void ima_store_measurement(struct ima_iint_cache *iint, struct file *file, 394 void ima_audit_measurement(struct ima_iint_cache *iint, 432 int ima_check_blacklist(struct ima_iint_cache *iint, 434 int ima_appraise_measurement(enum ima_hooks func, struct ima_iint_cache *iint, 440 void ima_update_xattr(struct ima_iint_cache *iint, struct file *file); [all …]
|
H A D | ima_template_lib.c | 360 if (ima_template_hash_algo_allowed(event_data->iint->ima_hash->algo)) { in ima_eventdigest_init() 361 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_init() 362 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_init() 417 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ng_init() 418 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_ng_init() 420 hash_algo = event_data->iint->ima_hash->algo; in ima_eventdigest_ng_init() 441 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ngv2_init() 442 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_ngv2_init() 444 hash_algo = event_data->iint->ima_hash->algo; in ima_eventdigest_ngv2_init() 445 if (event_data->iint->flags & IMA_VERITY_REQUIRED) in ima_eventdigest_ngv2_init()
|
/linux/security/integrity/evm/ |
H A D | evm_main.c | 188 struct evm_iint_cache *iint = evm_iint_inode(inode); in evm_verify_hmac() local 191 if (iint && (iint->evm_status == INTEGRITY_PASS || in evm_verify_hmac() 192 iint->evm_status == INTEGRITY_PASS_IMMUTABLE)) in evm_verify_hmac() 193 return iint->evm_status; in evm_verify_hmac() 234 xattr_value_len, &digest, iint); in evm_verify_hmac() 256 iint); in evm_verify_hmac() 264 if (iint) in evm_verify_hmac() 265 iint->flags |= EVM_IMMUTABLE_DIGSIG; in evm_verify_hmac() 293 if (iint) in evm_verify_hmac() 294 iint->evm_status = evm_status; in evm_verify_hmac() [all …]
|
H A D | evm_crypto.c | 225 struct evm_iint_cache *iint) in evm_calc_hmac_or_hash() argument 299 if (inode != d_backing_inode(dentry) && iint) { in evm_calc_hmac_or_hash() 302 integrity_inode_attrs_store(&iint->metadata_inode, i_version, in evm_calc_hmac_or_hash() 317 struct evm_digest *data, struct evm_iint_cache *iint) in evm_calc_hmac() argument 321 iint); in evm_calc_hmac() 326 char type, struct evm_digest *data, struct evm_iint_cache *iint) in evm_calc_hash() argument 329 req_xattr_value_len, type, data, iint); in evm_calc_hash() 335 struct evm_iint_cache *iint; in evm_is_immutable() local 338 iint = evm_iint_inode(inode); in evm_is_immutable() 339 if (iint && (iint->flags & EVM_IMMUTABLE_DIGSIG)) in evm_is_immutable() [all …]
|
H A D | evm.h | 79 struct evm_iint_cache *iint); 83 struct evm_digest *data, struct evm_iint_cache *iint);
|
/linux/security/integrity/ |
H A D | Makefile | 8 integrity-y := iint.o
|