1// SPDX-License-Identifier: GPL-2.0 2/* 3 * fs-verity module initialization and logging 4 * 5 * Copyright 2019 Google LLC 6 */ 7 8#include "fsverity_private.h" 9 10#include <linux/ratelimit.h> 11 12#ifdef CONFIG_SYSCTL 13static struct ctl_table_header *fsverity_sysctl_header; 14 15static struct ctl_table fsverity_sysctl_table[] = { 16#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES 17 { 18 .procname = "require_signatures", 19 .data = &fsverity_require_signatures, 20 .maxlen = sizeof(int), 21 .mode = 0644, 22 .proc_handler = proc_dointvec_minmax, 23 .extra1 = SYSCTL_ZERO, 24 .extra2 = SYSCTL_ONE, 25 }, 26#endif 27}; 28 29static void __init fsverity_init_sysctl(void) 30{ 31 fsverity_sysctl_header = register_sysctl("fs/verity", 32 fsverity_sysctl_table); 33 if (!fsverity_sysctl_header) 34 panic("fsverity sysctl registration failed"); 35} 36#else /* CONFIG_SYSCTL */ 37static inline void fsverity_init_sysctl(void) 38{ 39} 40#endif /* !CONFIG_SYSCTL */ 41 42void fsverity_msg(const struct inode *inode, const char *level, 43 const char *fmt, ...) 44{ 45 static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, 46 DEFAULT_RATELIMIT_BURST); 47 struct va_format vaf; 48 va_list args; 49 50 if (!__ratelimit(&rs)) 51 return; 52 53 va_start(args, fmt); 54 vaf.fmt = fmt; 55 vaf.va = &args; 56 if (inode) 57 printk("%sfs-verity (%s, inode %lu): %pV\n", 58 level, inode->i_sb->s_id, inode->i_ino, &vaf); 59 else 60 printk("%sfs-verity: %pV\n", level, &vaf); 61 va_end(args); 62} 63 64static int __init fsverity_init(void) 65{ 66 fsverity_check_hash_algs(); 67 fsverity_init_info_cache(); 68 fsverity_init_workqueue(); 69 fsverity_init_sysctl(); 70 fsverity_init_signature(); 71 fsverity_init_bpf(); 72 return 0; 73} 74late_initcall(fsverity_init) 75