Home
last modified time | relevance | path

Searched refs:iint (Results 1 – 10 of 10) sorted by relevance

/linux/security/integrity/ima/
H A Dima_iint.c43 static inline void ima_iint_lockdep_annotate(struct ima_iint_cache *iint, in ima_iint_lockdep_annotate() argument
54 lockdep_set_class(&iint->mutex, &ima_iint_mutex_key[depth]); in ima_iint_lockdep_annotate()
58 static void ima_iint_init_always(struct ima_iint_cache *iint, in ima_iint_init_always() argument
61 iint->ima_hash = NULL; in ima_iint_init_always()
62 iint->real_inode.version = 0; in ima_iint_init_always()
63 iint->flags = 0UL; in ima_iint_init_always()
64 iint->atomic_flags = 0UL; in ima_iint_init_always()
65 iint->ima_file_status = INTEGRITY_UNKNOWN; in ima_iint_init_always()
66 iint->ima_mmap_status = INTEGRITY_UNKNOWN; in ima_iint_init_always()
67 iint->ima_bprm_status = INTEGRITY_UNKNOWN; in ima_iint_init_always()
[all …]
H A Dima_appraise.c88 static int ima_fix_xattr(struct dentry *dentry, struct ima_iint_cache *iint) in ima_fix_xattr() argument
91 u8 algo = iint->ima_hash->algo; in ima_fix_xattr()
95 iint->ima_hash->xattr.sha1.type = IMA_XATTR_DIGEST; in ima_fix_xattr()
98 iint->ima_hash->xattr.ng.type = IMA_XATTR_DIGEST_NG; in ima_fix_xattr()
99 iint->ima_hash->xattr.ng.algo = algo; in ima_fix_xattr()
102 &iint->ima_hash->xattr.data[offset], in ima_fix_xattr()
103 (sizeof(iint->ima_hash->xattr) - offset) + in ima_fix_xattr()
104 iint->ima_hash->length, 0); in ima_fix_xattr()
109 enum integrity_status ima_get_cache_status(struct ima_iint_cache *iint, in ima_get_cache_status() argument
115 return iint in ima_get_cache_status()
129 ima_set_cache_status(struct ima_iint_cache * iint,enum ima_hooks func,enum integrity_status status) ima_set_cache_status() argument
155 ima_cache_flags(struct ima_iint_cache * iint,enum ima_hooks func) ima_cache_flags() argument
278 xattr_verify(enum ima_hooks func,struct ima_iint_cache * iint,struct evm_ima_xattr_data * xattr_value,int xattr_len,enum integrity_status * status,const char ** cause) xattr_verify() argument
447 ima_check_blacklist(struct ima_iint_cache * iint,const struct modsig * modsig,int pcr) ima_check_blacklist() argument
492 ima_appraise_measurement(enum ima_hooks func,struct ima_iint_cache * iint,struct file * file,const unsigned char * filename,struct evm_ima_xattr_data * xattr_value,int xattr_len,const struct modsig * modsig) ima_appraise_measurement() argument
628 ima_update_xattr(struct ima_iint_cache * iint,struct file * file) ima_update_xattr() argument
665 struct ima_iint_cache *iint; ima_inode_post_setattr() local
708 struct ima_iint_cache *iint; ima_reset_appraise_flags() local
[all...]
H A Dima_main.c138 struct ima_iint_cache *iint, in ima_rdwr_violation_check() argument
150 if (!iint) in ima_rdwr_violation_check()
151 iint = ima_iint_find(inode); in ima_rdwr_violation_check()
154 if (iint && test_and_clear_bit(IMA_MAY_EMIT_TOMTOU, in ima_rdwr_violation_check()
155 &iint->atomic_flags)) in ima_rdwr_violation_check()
160 set_bit(IMA_MAY_EMIT_TOMTOU, &iint->atomic_flags); in ima_rdwr_violation_check()
165 &iint->atomic_flags)) in ima_rdwr_violation_check()
176 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check()
179 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check()
188 static bool ima_detect_file_change(struct ima_iint_cache *iint, in ima_check_last_writer()
183 ima_check_last_writer(struct ima_iint_cache * iint,struct inode * inode,struct file * file) ima_check_last_writer() argument
224 struct ima_iint_cache *iint; ima_file_free() local
242 struct ima_iint_cache *iint = NULL; process_measurement() local
671 struct ima_iint_cache *iint = NULL, tmp_iint; __ima_inode_hash() local
794 struct ima_iint_cache *iint; ima_post_create_tmpfile() local
825 struct ima_iint_cache *iint; ima_post_path_mknod() local
1049 struct ima_iint_cache iint = {}; process_buffer_measurement() local
[all...]
H A Dima_api.c136 struct ima_iint_cache *iint, const char *op, in ima_add_violation() argument
141 struct ima_event_data event_data = { .iint = iint, in ima_add_violation()
206 static bool ima_get_verity_digest(struct ima_iint_cache *iint, in ima_get_verity_digest() argument
237 * storing the measurement and i_version in the iint.
239 * Must be called with iint->mutex held.
243 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, in ima_collect_measurement() argument
268 if (iint->flags & IMA_COLLECTED) in ima_collect_measurement()
292 if (iint->flags & IMA_VERITY_REQUIRED) { in ima_collect_measurement()
293 if (!ima_get_verity_digest(iint, inod in ima_collect_measurement()
350 ima_store_measurement(struct ima_iint_cache * iint,struct file * file,const unsigned char * filename,struct evm_ima_xattr_data * xattr_value,int xattr_len,const struct modsig * modsig,int pcr,struct ima_template_desc * template_desc) ima_store_measurement() argument
394 ima_audit_measurement(struct ima_iint_cache * iint,const unsigned char * filename) ima_audit_measurement() argument
[all...]
H A Dima.h72 struct ima_iint_cache *iint;
131 /* IMA iint action cache flags */
143 /* IMA iint policy rule cache flags */
163 /* IMA iint subaction appraise cache flags */
182 * IMA iint cache atomic_flags
186 * iint->flags to re-evaluate policy and perform IMA functions again.
190 * iint->flags IMA_DONE_MASK to re-appraise.
244 struct ima_iint_cache *iint)
252 *iint_sec = iint;
299 struct ima_iint_cache *iint, cons
71 struct ima_iint_cache *iint; global() member
217 ima_inode_set_iint(const struct inode * inode,struct ima_iint_cache * iint) ima_inode_set_iint() argument
451 ima_check_blacklist(struct ima_iint_cache * iint,const struct modsig * modsig,int pcr) ima_check_blacklist() argument
458 ima_appraise_measurement(enum ima_hooks func,struct ima_iint_cache * iint,struct file * file,const unsigned char * filename,struct evm_ima_xattr_data * xattr_value,int xattr_len,const struct modsig * modsig) ima_appraise_measurement() argument
475 ima_update_xattr(struct ima_iint_cache * iint,struct file * file) ima_update_xattr() argument
481 ima_get_cache_status(struct ima_iint_cache * iint,enum ima_hooks func) ima_get_cache_status() argument
[all...]
H A Dima_template_lib.c360 if (ima_template_hash_algo_allowed(event_data->iint->ima_hash->algo)) { in ima_eventdigest_init()
361 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_init()
362 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_init()
417 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ng_init()
418 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_ng_init()
420 hash_algo = event_data->iint->ima_hash->algo; in ima_eventdigest_ng_init()
441 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ngv2_init()
442 cur_digestsize = event_data->iint->ima_hash->length; in ima_eventdigest_ngv2_init()
444 hash_algo = event_data->iint->ima_hash->algo; in ima_eventdigest_ngv2_init()
445 if (event_data->iint->flags & IMA_VERITY_REQUIRED) in ima_eventdigest_ngv2_init()
/linux/security/integrity/evm/
H A Devm_main.c190 * - cache the verification result in the iint, when available. in evm_verify_hmac()
204 struct evm_iint_cache *iint = evm_iint_inode(inode); in evm_verify_hmac()
207 if (iint && (iint->evm_status == INTEGRITY_PASS || in evm_verify_hmac()
208 iint->evm_status == INTEGRITY_PASS_IMMUTABLE)) in evm_verify_hmac()
209 return iint->evm_status; in evm_verify_hmac()
250 xattr_value_len, &digest, iint); in evm_verify_hmac()
278 iint); in evm_verify_hmac()
287 if (iint) in evm_verify_hmac()
288 iint in evm_verify_hmac()
188 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_verify_hmac() local
524 struct evm_iint_cache *iint; evm_protect_xattr() local
733 struct evm_iint_cache *iint; evm_reset_status() local
751 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_metadata_changed() local
1069 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_inode_alloc_security() local
1081 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_file_release() local
1095 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_post_path_mknod() local
[all...]
H A Devm_crypto.c232 struct evm_iint_cache *iint) in evm_calc_hmac_or_hash()
306 if (inode != d_backing_inode(dentry) && iint) { in evm_calc_hmac_or_hash()
309 integrity_inode_attrs_store(&iint->metadata_inode, i_version, in evm_calc_hmac_or_hash()
324 struct evm_digest *data, struct evm_iint_cache *iint) in evm_calc_hash()
328 iint); in evm_calc_hash()
333 char type, struct evm_digest *data, struct evm_iint_cache *iint) in evm_is_immutable()
336 req_xattr_value_len, type, data, iint); in evm_is_immutable()
342 struct evm_iint_cache *iint; in evm_is_immutable()
345 iint = evm_iint_inode(inode); in evm_is_immutable()
346 if (iint in evm_is_immutable()
225 evm_calc_hmac_or_hash(struct dentry * dentry,const char * req_xattr_name,const char * req_xattr_value,size_t req_xattr_value_len,uint8_t type,struct evm_digest * data,struct evm_iint_cache * iint) evm_calc_hmac_or_hash() argument
317 evm_calc_hmac(struct dentry * dentry,const char * req_xattr_name,const char * req_xattr_value,size_t req_xattr_value_len,struct evm_digest * data,struct evm_iint_cache * iint) evm_calc_hmac() argument
326 evm_calc_hash(struct dentry * dentry,const char * req_xattr_name,const char * req_xattr_value,size_t req_xattr_value_len,char type,struct evm_digest * data,struct evm_iint_cache * iint) evm_calc_hash() argument
335 struct evm_iint_cache *iint; evm_is_immutable() local
370 struct evm_iint_cache *iint = evm_iint_inode(inode); evm_update_evmxattr() local
[all...]
H A Devm.h80 struct evm_iint_cache *iint);
84 struct evm_digest *data, struct evm_iint_cache *iint);
/linux/security/integrity/
H A DMakefile3 # Makefile for caching inode integrity data (iint)
8 integrity-y := iint.o