/linux-master/security/integrity/ima/ |
H A D | ima_iint.c | 19 * ima_iint_find - Return the iint associated with an inode 22 * Return the IMA integrity information (iint) associated with an inode, if the 25 * Return: Found iint or NULL. 39 * files both on overlayfs and on underlying fs, we need to annotate the iint 43 static inline void ima_iint_lockdep_annotate(struct ima_iint_cache *iint, argument 54 lockdep_set_class(&iint->mutex, &ima_iint_mutex_key[depth]); 58 static void ima_iint_init_always(struct ima_iint_cache *iint, argument 61 iint->ima_hash = NULL; 62 iint->real_inode.version = 0; 63 iint 75 ima_iint_free(struct ima_iint_cache *iint) argument 93 struct ima_iint_cache *iint; local 119 struct ima_iint_cache *iint; local 132 struct ima_iint_cache *iint = (struct ima_iint_cache *)foo; local [all...] |
H A D | ima_appraise.c | 87 static int ima_fix_xattr(struct dentry *dentry, struct ima_iint_cache *iint) argument 90 u8 algo = iint->ima_hash->algo; 94 iint->ima_hash->xattr.sha1.type = IMA_XATTR_DIGEST; 97 iint->ima_hash->xattr.ng.type = IMA_XATTR_DIGEST_NG; 98 iint->ima_hash->xattr.ng.algo = algo; 101 &iint->ima_hash->xattr.data[offset], 102 (sizeof(iint->ima_hash->xattr) - offset) + 103 iint->ima_hash->length, 0); 108 enum integrity_status ima_get_cache_status(struct ima_iint_cache *iint, argument 114 return iint 128 ima_set_cache_status(struct ima_iint_cache *iint, enum ima_hooks func, enum integrity_status status) argument 154 ima_cache_flags(struct ima_iint_cache *iint, enum ima_hooks func) argument 277 xattr_verify(enum ima_hooks func, struct ima_iint_cache *iint, struct evm_ima_xattr_data *xattr_value, int xattr_len, enum integrity_status *status, const char **cause) argument 446 ima_check_blacklist(struct ima_iint_cache *iint, const struct modsig *modsig, int pcr) argument 480 ima_appraise_measurement(enum ima_hooks func, struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig) argument 605 ima_update_xattr(struct ima_iint_cache *iint, struct file *file) argument 642 struct ima_iint_cache *iint; local 676 struct ima_iint_cache *iint; local [all...] |
H A D | ima_init.c | 47 struct ima_iint_cache tmp_iint, *iint = &tmp_iint; local 48 struct ima_event_data event_data = { .iint = iint, 56 memset(iint, 0, sizeof(*iint)); 58 iint->ima_hash = hash_hdr; 59 iint->ima_hash->algo = ima_hash_algo; 60 iint->ima_hash->length = hash_digest_size[ima_hash_algo];
|
H A D | ima_main.c | 118 struct ima_iint_cache *iint, 130 if (!iint) 131 iint = ima_iint_find(inode); 133 if (iint && test_bit(IMA_MUST_MEASURE, 134 &iint->atomic_flags)) 139 set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); 150 ima_add_violation(file, *pathname, iint, 153 ima_add_violation(file, *pathname, iint, 157 static void ima_check_last_writer(struct ima_iint_cache *iint, argument 166 mutex_lock(&iint 117 ima_rdwr_violation_check(struct file *file, struct ima_iint_cache *iint, int must_measure, char **pathbuf, const char **pathname, char *filename) argument 196 struct ima_iint_cache *iint; local 213 struct ima_iint_cache *iint = NULL; local 580 struct ima_iint_cache *iint = NULL, tmp_iint; local 703 struct ima_iint_cache *iint; local 734 struct ima_iint_cache *iint; local 957 struct ima_iint_cache iint = {}; local [all...] |
H A D | ima_api.c | 134 struct ima_iint_cache *iint, const char *op, 139 struct ima_event_data event_data = { .iint = iint, 204 static bool ima_get_verity_digest(struct ima_iint_cache *iint, argument 235 * storing the measurement and i_version in the iint. 237 * Must be called with iint->mutex held. 241 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, argument 266 if (iint->flags & IMA_COLLECTED) 285 if (iint->flags & IMA_VERITY_REQUIRED) { 286 if (!ima_get_verity_digest(iint, inod 133 ima_add_violation(struct file *file, const unsigned char *filename, struct ima_iint_cache *iint, const char *op, const char *cause) argument 348 ima_store_measurement(struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig, int pcr, struct ima_template_desc *template_desc) argument 392 ima_audit_measurement(struct ima_iint_cache *iint, const unsigned char *filename) argument [all...] |
H A D | ima.h | 71 struct ima_iint_cache *iint; member in struct:ima_event_data 130 /* IMA iint action cache flags */ 142 /* IMA iint policy rule cache flags */ 158 /* IMA iint subaction appraise cache flags */ 176 /* IMA iint cache atomic_flags */ 213 struct ima_iint_cache *iint) 221 *iint_sec = iint; 262 struct ima_iint_cache *iint, const char *op, 377 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, 380 void ima_store_measurement(struct ima_iint_cache *iint, struc 212 ima_inode_set_iint(const struct inode *inode, struct ima_iint_cache *iint) argument 446 ima_check_blacklist(struct ima_iint_cache *iint, const struct modsig *modsig, int pcr) argument 452 ima_appraise_measurement(enum ima_hooks func, struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig) argument 470 ima_update_xattr(struct ima_iint_cache *iint, struct file *file) argument 476 ima_get_cache_status(struct ima_iint_cache *iint, enum ima_hooks func) argument [all...] |
H A D | ima_template_lib.c | 354 if (ima_template_hash_algo_allowed(event_data->iint->ima_hash->algo)) { 355 cur_digest = event_data->iint->ima_hash->digest; 356 cur_digestsize = event_data->iint->ima_hash->length; 411 cur_digest = event_data->iint->ima_hash->digest; 412 cur_digestsize = event_data->iint->ima_hash->length; 414 hash_algo = event_data->iint->ima_hash->algo; 435 cur_digest = event_data->iint->ima_hash->digest; 436 cur_digestsize = event_data->iint->ima_hash->length; 438 hash_algo = event_data->iint->ima_hash->algo; 439 if (event_data->iint [all...] |
/linux-master/security/integrity/evm/ |
H A D | evm_main.c | 174 * - cache the verification result in the iint, when available. 188 struct evm_iint_cache *iint = evm_iint_inode(inode); local 191 if (iint && (iint->evm_status == INTEGRITY_PASS || 192 iint->evm_status == INTEGRITY_PASS_IMMUTABLE)) 193 return iint->evm_status; 234 xattr_value_len, &digest, iint); 256 iint); 264 if (iint) 265 iint 524 struct evm_iint_cache *iint; local 733 struct evm_iint_cache *iint; local 751 struct evm_iint_cache *iint = evm_iint_inode(inode); local 1069 struct evm_iint_cache *iint = evm_iint_inode(inode); local 1081 struct evm_iint_cache *iint = evm_iint_inode(inode); local 1094 struct evm_iint_cache *iint = evm_iint_inode(inode); local [all...] |
H A D | evm.h | 79 struct evm_iint_cache *iint); 83 struct evm_digest *data, struct evm_iint_cache *iint);
|
H A D | evm_crypto.c | 225 struct evm_iint_cache *iint) 299 if (inode != d_backing_inode(dentry) && iint) { 302 integrity_inode_attrs_store(&iint->metadata_inode, i_version, 317 struct evm_digest *data, struct evm_iint_cache *iint) 321 iint); 326 char type, struct evm_digest *data, struct evm_iint_cache *iint) 329 req_xattr_value_len, type, data, iint); 335 struct evm_iint_cache *iint; local 338 iint = evm_iint_inode(inode); 339 if (iint 220 evm_calc_hmac_or_hash(struct dentry *dentry, const char *req_xattr_name, const char *req_xattr_value, size_t req_xattr_value_len, uint8_t type, struct evm_digest *data, struct evm_iint_cache *iint) argument 315 evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, const char *req_xattr_value, size_t req_xattr_value_len, struct evm_digest *data, struct evm_iint_cache *iint) argument 324 evm_calc_hash(struct dentry *dentry, const char *req_xattr_name, const char *req_xattr_value, size_t req_xattr_value_len, char type, struct evm_digest *data, struct evm_iint_cache *iint) argument 370 struct evm_iint_cache *iint = evm_iint_inode(inode); local [all...] |
/linux-master/security/integrity/ |
H A D | Makefile | 3 # Makefile for caching inode integrity data (iint) 8 integrity-y := iint.o
|