1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2021 Microsoft Corporation 4 * 5 * Author: Tushar Sugandhi <tusharsu@linux.microsoft.com> 6 * 7 * Header file for device mapper IMA measurements. 8 */ 9 10 #ifndef DM_IMA_H 11 #define DM_IMA_H 12 13 #define DM_IMA_MEASUREMENT_BUF_LEN 4096 14 #define DM_IMA_DEVICE_BUF_LEN 1024 15 #define DM_IMA_TARGET_METADATA_BUF_LEN 128 16 #define DM_IMA_TARGET_DATA_BUF_LEN 2048 17 #define DM_IMA_DEVICE_CAPACITY_BUF_LEN 128 18 19 #define __dm_ima_stringify(s) #s 20 #define __dm_ima_str(s) __dm_ima_stringify(s) 21 22 #define DM_IMA_VERSION_STR "dm_version=" \ 23 __dm_ima_str(DM_VERSION_MAJOR) "." \ 24 __dm_ima_str(DM_VERSION_MINOR) "." \ 25 __dm_ima_str(DM_VERSION_PATCHLEVEL) ";" 26 27 enum dm_ima_table_op { 28 DM_IMA_TABLE_SAVE, 29 DM_IMA_TABLE_RESTORE, 30 }; 31 32 #ifdef CONFIG_IMA 33 34 struct dm_ima_device_table_metadata { 35 /* 36 * Contains data specific to the device which is common across 37 * all the targets in the table (e.g. name, uuid, major, minor, etc). 38 * The values are stored in comma separated list of key1=val1,key2=val2; 39 * pairs delimited by a semicolon at the end of the list. 40 */ 41 char *device_metadata; 42 unsigned int device_metadata_len; 43 unsigned int num_targets; 44 sector_t capacity; 45 46 /* 47 * Contains the sha256 hashes of the IMA measurements of the target 48 * attributes' key-value pairs from the active/inactive tables. 49 */ 50 char *hash; 51 unsigned int hash_len; 52 }; 53 54 struct dm_ima_context { 55 struct dm_ima_device_table_metadata table; 56 unsigned int update_idx; 57 char dev_name[DM_NAME_LEN*2]; 58 char dev_uuid[DM_UUID_LEN*2]; 59 }; 60 61 /* 62 * This structure contains device metadata, and table hash for 63 * active and inactive tables for ima measurements. 64 */ 65 struct dm_ima_measurements { 66 unsigned int update_idx; 67 unsigned int measure_idx; 68 struct wait_queue_head ima_wq; 69 spinlock_t ima_lock; 70 struct dm_ima_device_table_metadata active_table; 71 struct dm_ima_device_table_metadata inactive_table; 72 }; 73 74 void dm_ima_init(struct mapped_device *md); 75 void dm_ima_alloc_context(struct dm_ima_context **context, bool noio); 76 void dm_ima_free_context(struct dm_ima_context *context); 77 void dm_ima_context_table_op(struct mapped_device *md, 78 struct dm_ima_context *context, 79 enum dm_ima_table_op op); 80 void dm_ima_measure_on_table_load(struct dm_table *table, 81 struct dm_ima_context *context); 82 void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap, 83 struct dm_ima_context *context); 84 void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all, 85 struct dm_ima_context *context, 86 unsigned int idx); 87 void dm_ima_measure_on_table_clear(struct mapped_device *md, 88 struct dm_ima_context *context); 89 void dm_ima_measure_on_device_rename(struct mapped_device *md, 90 struct dm_ima_context *context); 91 92 #else 93 94 struct dm_ima_context; 95 96 static inline void dm_ima_init(struct mapped_device *md) {} 97 static inline void dm_ima_alloc_context(struct dm_ima_context **context, bool noio) {} 98 static inline void dm_ima_free_context(struct dm_ima_context *context) {} 99 static inline void dm_ima_context_table_op(struct mapped_device *md, 100 struct dm_ima_context *context, 101 enum dm_ima_table_op op) {} 102 static inline void dm_ima_measure_on_table_load(struct dm_table *table, 103 struct dm_ima_context *context) {} 104 static inline void dm_ima_measure_on_device_resume(struct mapped_device *md, 105 bool swap, 106 struct dm_ima_context *context) {} 107 static inline void dm_ima_measure_on_device_remove(struct mapped_device *md, 108 bool remove_all, 109 struct dm_ima_context *context, 110 unsigned int idx) {} 111 static inline void dm_ima_measure_on_table_clear(struct mapped_device *md, 112 struct dm_ima_context *context) {} 113 static inline void dm_ima_measure_on_device_rename(struct mapped_device *md, 114 struct dm_ima_context *context) {} 115 116 #endif /* CONFIG_IMA */ 117 118 #endif /* DM_IMA_H */ 119