/linux-master/security/integrity/ima/ |
H A D | ima_iint.c | 19 * ima_iint_find - Return the iint associated with an inode 22 * Return the IMA integrity information (iint) associated with an inode, if the 25 * Return: Found iint or NULL. 39 * files both on overlayfs and on underlying fs, we need to annotate the iint 43 static inline void ima_iint_lockdep_annotate(struct ima_iint_cache *iint, argument 54 lockdep_set_class(&iint->mutex, &ima_iint_mutex_key[depth]); 58 static void ima_iint_init_always(struct ima_iint_cache *iint, argument 61 iint->ima_hash = NULL; 62 iint->version = 0; 63 iint 75 ima_iint_free(struct ima_iint_cache *iint) argument 93 struct ima_iint_cache *iint; local 119 struct ima_iint_cache *iint; local 132 struct ima_iint_cache *iint = (struct ima_iint_cache *)foo; local [all...] |
H A D | ima_appraise.c | 87 static int ima_fix_xattr(struct dentry *dentry, struct ima_iint_cache *iint) argument 90 u8 algo = iint->ima_hash->algo; 94 iint->ima_hash->xattr.sha1.type = IMA_XATTR_DIGEST; 97 iint->ima_hash->xattr.ng.type = IMA_XATTR_DIGEST_NG; 98 iint->ima_hash->xattr.ng.algo = algo; 101 &iint->ima_hash->xattr.data[offset], 102 (sizeof(iint->ima_hash->xattr) - offset) + 103 iint->ima_hash->length, 0); 108 enum integrity_status ima_get_cache_status(struct ima_iint_cache *iint, argument 114 return iint 128 ima_set_cache_status(struct ima_iint_cache *iint, enum ima_hooks func, enum integrity_status status) argument 154 ima_cache_flags(struct ima_iint_cache *iint, enum ima_hooks func) argument 277 xattr_verify(enum ima_hooks func, struct ima_iint_cache *iint, struct evm_ima_xattr_data *xattr_value, int xattr_len, enum integrity_status *status, const char **cause) argument 444 ima_check_blacklist(struct ima_iint_cache *iint, const struct modsig *modsig, int pcr) argument 478 ima_appraise_measurement(enum ima_hooks func, struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig) argument 603 ima_update_xattr(struct ima_iint_cache *iint, struct file *file) argument 640 struct ima_iint_cache *iint; local 674 struct ima_iint_cache *iint; local [all...] |
H A D | ima_init.c | 47 struct ima_iint_cache tmp_iint, *iint = &tmp_iint; local 48 struct ima_event_data event_data = { .iint = iint, 54 memset(iint, 0, sizeof(*iint)); 56 iint->ima_hash = &hash.hdr; 57 iint->ima_hash->algo = ima_hash_algo; 58 iint->ima_hash->length = hash_digest_size[ima_hash_algo];
|
H A D | ima_main.c | 117 struct ima_iint_cache *iint, 129 if (!iint) 130 iint = ima_iint_find(inode); 132 if (iint && test_bit(IMA_MUST_MEASURE, 133 &iint->atomic_flags)) 138 set_bit(IMA_MUST_MEASURE, &iint->atomic_flags); 149 ima_add_violation(file, *pathname, iint, 152 ima_add_violation(file, *pathname, iint, 156 static void ima_check_last_writer(struct ima_iint_cache *iint, argument 165 mutex_lock(&iint 116 ima_rdwr_violation_check(struct file *file, struct ima_iint_cache *iint, int must_measure, char **pathbuf, const char **pathname, char *filename) argument 195 struct ima_iint_cache *iint; local 212 struct ima_iint_cache *iint = NULL; local 567 struct ima_iint_cache *iint = NULL, tmp_iint; local 690 struct ima_iint_cache *iint; local 721 struct ima_iint_cache *iint; local 937 struct ima_iint_cache iint = {}; local [all...] |
H A D | ima_api.c | 134 struct ima_iint_cache *iint, const char *op, 139 struct ima_event_data event_data = { .iint = iint, 204 static bool ima_get_verity_digest(struct ima_iint_cache *iint, argument 235 * storing the measurement and i_version in the iint. 237 * Must be called with iint->mutex held. 241 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, argument 264 if (iint->flags & IMA_COLLECTED) 283 if (iint->flags & IMA_VERITY_REQUIRED) { 284 if (!ima_get_verity_digest(iint, inod 133 ima_add_violation(struct file *file, const unsigned char *filename, struct ima_iint_cache *iint, const char *op, const char *cause) argument 342 ima_store_measurement(struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig, int pcr, struct ima_template_desc *template_desc) argument 386 ima_audit_measurement(struct ima_iint_cache *iint, const unsigned char *filename) argument [all...] |
H A D | ima.h | 63 struct ima_iint_cache *iint; member in struct:ima_event_data 122 /* IMA iint action cache flags */ 134 /* IMA iint policy rule cache flags */ 150 /* IMA iint subaction appraise cache flags */ 168 /* IMA iint cache atomic_flags */ 207 struct ima_iint_cache *iint) 215 *iint_sec = iint; 256 struct ima_iint_cache *iint, const char *op, 371 int ima_collect_measurement(struct ima_iint_cache *iint, struct file *file, 374 void ima_store_measurement(struct ima_iint_cache *iint, struc 206 ima_inode_set_iint(const struct inode *inode, struct ima_iint_cache *iint) argument 440 ima_check_blacklist(struct ima_iint_cache *iint, const struct modsig *modsig, int pcr) argument 446 ima_appraise_measurement(enum ima_hooks func, struct ima_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig) argument 464 ima_update_xattr(struct ima_iint_cache *iint, struct file *file) argument 470 ima_get_cache_status(struct ima_iint_cache *iint, enum ima_hooks func) argument [all...] |
H A D | ima_template_lib.c | 352 if (ima_template_hash_algo_allowed(event_data->iint->ima_hash->algo)) { 353 cur_digest = event_data->iint->ima_hash->digest; 354 cur_digestsize = event_data->iint->ima_hash->length; 409 cur_digest = event_data->iint->ima_hash->digest; 410 cur_digestsize = event_data->iint->ima_hash->length; 412 hash_algo = event_data->iint->ima_hash->algo; 433 cur_digest = event_data->iint->ima_hash->digest; 434 cur_digestsize = event_data->iint->ima_hash->length; 436 hash_algo = event_data->iint->ima_hash->algo; 437 if (event_data->iint [all...] |
/linux-master/security/integrity/evm/ |
H A D | evm_main.c | 174 * - cache the verification result in the iint, when available. 188 struct evm_iint_cache *iint = evm_iint_inode(inode); local 191 if (iint && (iint->evm_status == INTEGRITY_PASS || 192 iint->evm_status == INTEGRITY_PASS_IMMUTABLE)) 193 return iint->evm_status; 258 if (iint) 259 iint->flags |= EVM_IMMUTABLE_DIGSIG; 286 if (iint) 287 iint 520 struct evm_iint_cache *iint; local 729 struct evm_iint_cache *iint; local 1015 struct evm_iint_cache *iint = evm_iint_inode(inode); local 1027 struct evm_iint_cache *iint = evm_iint_inode(inode); local 1040 struct evm_iint_cache *iint = evm_iint_inode(inode); local [all...] |
H A D | evm_crypto.c | 325 struct evm_iint_cache *iint; local 328 iint = evm_iint_inode(inode); 329 if (iint && (iint->flags & EVM_IMMUTABLE_DIGSIG))
|
/linux-master/security/integrity/ |
H A D | Makefile | 3 # Makefile for caching inode integrity data (iint) 8 integrity-y := iint.o
|