1*3f805f8cSMatthias Kaehlcke /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ 2*3f805f8cSMatthias Kaehlcke /* 3*3f805f8cSMatthias Kaehlcke * Copyright (c) 2022, Google LLC 4*3f805f8cSMatthias Kaehlcke */ 5*3f805f8cSMatthias Kaehlcke 6*3f805f8cSMatthias Kaehlcke #ifndef _UAPI_LINUX_LOOP_LOADPIN_H 7*3f805f8cSMatthias Kaehlcke #define _UAPI_LINUX_LOOP_LOADPIN_H 8*3f805f8cSMatthias Kaehlcke 9*3f805f8cSMatthias Kaehlcke #define LOADPIN_IOC_MAGIC 'L' 10*3f805f8cSMatthias Kaehlcke 11*3f805f8cSMatthias Kaehlcke /** 12*3f805f8cSMatthias Kaehlcke * LOADPIN_IOC_SET_TRUSTED_VERITY_DIGESTS - Set up the root digests of verity devices 13*3f805f8cSMatthias Kaehlcke * that loadpin should trust. 14*3f805f8cSMatthias Kaehlcke * 15*3f805f8cSMatthias Kaehlcke * Takes a file descriptor from which to read the root digests of trusted verity devices. The file 16*3f805f8cSMatthias Kaehlcke * is expected to contain a list of digests in ASCII format, with one line per digest. The ioctl 17*3f805f8cSMatthias Kaehlcke * must be issued on the securityfs attribute 'loadpin/dm-verity' (which can be typically found 18*3f805f8cSMatthias Kaehlcke * under /sys/kernel/security/loadpin/dm-verity). 19*3f805f8cSMatthias Kaehlcke */ 20*3f805f8cSMatthias Kaehlcke #define LOADPIN_IOC_SET_TRUSTED_VERITY_DIGESTS _IOW(LOADPIN_IOC_MAGIC, 0x00, unsigned int) 21*3f805f8cSMatthias Kaehlcke 22*3f805f8cSMatthias Kaehlcke #endif /* _UAPI_LINUX_LOOP_LOADPIN_H */ 23