Blame view
security/integrity/integrity.h
1.79 KB
f381c2722 integrity: move i... |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
/* * Copyright (C) 2009-2010 IBM Corporation * * Authors: * Mimi Zohar <zohar@us.ibm.com> * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, version 2 of the * License. * */ #include <linux/types.h> #include <linux/integrity.h> #include <crypto/sha.h> /* iint cache flags */ #define IMA_MEASURED 0x01 |
6be5cc524 evm: add support ... |
20 21 22 23 24 25 26 27 28 29 |
enum evm_ima_xattr_type { IMA_XATTR_DIGEST = 0x01, EVM_XATTR_HMAC, EVM_IMA_XATTR_DIGSIG, }; struct evm_ima_xattr_data { u8 type; u8 digest[SHA1_DIGEST_SIZE]; } __attribute__((packed)); |
f381c2722 integrity: move i... |
30 31 32 33 34 35 36 37 |
/* integrity data associated with an inode */ struct integrity_iint_cache { struct rb_node rb_node; /* rooted in integrity_iint_tree */ struct inode *inode; /* back pointer to inode in question */ u64 version; /* track inode changes */ unsigned char flags; u8 digest[SHA1_DIGEST_SIZE]; struct mutex mutex; /* protects: version, flags, digest */ |
24e0198ef evm: replace hmac... |
38 |
enum integrity_status evm_status; |
f381c2722 integrity: move i... |
39 40 41 42 43 44 45 |
}; /* rbtree tree calls to lookup, insert, delete * integrity data associated with an inode. */ struct integrity_iint_cache *integrity_iint_insert(struct inode *inode); struct integrity_iint_cache *integrity_iint_find(struct inode *inode); |
4892722e0 integrity: sparse... |
46 |
|
8607c5014 integrity: digita... |
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
#define INTEGRITY_KEYRING_EVM 0 #define INTEGRITY_KEYRING_MODULE 1 #define INTEGRITY_KEYRING_IMA 2 #define INTEGRITY_KEYRING_MAX 3 #ifdef CONFIG_INTEGRITY_DIGSIG int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, const char *digest, int digestlen); #else static inline int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, const char *digest, int digestlen) { return -EOPNOTSUPP; } #endif /* CONFIG_INTEGRITY_DIGSIG */ |
4892722e0 integrity: sparse... |
67 68 |
/* set during initialization */ extern int iint_initialized; |