tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / include / linux / ima.h
at v5.0 3.0 kB view raw
1/* 2 * Copyright (C) 2008 IBM Corporation 3 * Author: Mimi Zohar <zohar@us.ibm.com> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation, version 2 of the License. 8 */ 9 10#ifndef _LINUX_IMA_H 11#define _LINUX_IMA_H 12 13#include <linux/fs.h> 14#include <linux/security.h> 15#include <linux/kexec.h> 16struct linux_binprm; 17 18#ifdef CONFIG_IMA 19extern int ima_bprm_check(struct linux_binprm *bprm); 20extern int ima_file_check(struct file *file, int mask); 21extern void ima_file_free(struct file *file); 22extern int ima_file_mmap(struct file *file, unsigned long prot); 23extern int ima_load_data(enum kernel_load_data_id id); 24extern int ima_read_file(struct file *file, enum kernel_read_file_id id); 25extern int ima_post_read_file(struct file *file, void *buf, loff_t size, 26 enum kernel_read_file_id id); 27extern void ima_post_path_mknod(struct dentry *dentry); 28 29#ifdef CONFIG_IMA_KEXEC 30extern void ima_add_kexec_buffer(struct kimage *image); 31#endif 32 33#if defined(CONFIG_X86) && defined(CONFIG_EFI) 34extern bool arch_ima_get_secureboot(void); 35extern const char * const *arch_get_ima_policy(void); 36#else 37static inline bool arch_ima_get_secureboot(void) 38{ 39 return false; 40} 41 42static inline const char * const *arch_get_ima_policy(void) 43{ 44 return NULL; 45} 46#endif 47 48#else 49static inline int ima_bprm_check(struct linux_binprm *bprm) 50{ 51 return 0; 52} 53 54static inline int ima_file_check(struct file *file, int mask) 55{ 56 return 0; 57} 58 59static inline void ima_file_free(struct file *file) 60{ 61 return; 62} 63 64static inline int ima_file_mmap(struct file *file, unsigned long prot) 65{ 66 return 0; 67} 68 69static inline int ima_load_data(enum kernel_load_data_id id) 70{ 71 return 0; 72} 73 74static inline int ima_read_file(struct file *file, enum kernel_read_file_id id) 75{ 76 return 0; 77} 78 79static inline int ima_post_read_file(struct file *file, void *buf, loff_t size, 80 enum kernel_read_file_id id) 81{ 82 return 0; 83} 84 85static inline void ima_post_path_mknod(struct dentry *dentry) 86{ 87 return; 88} 89 90#endif /* CONFIG_IMA */ 91 92#ifndef CONFIG_IMA_KEXEC 93struct kimage; 94 95static inline void ima_add_kexec_buffer(struct kimage *image) 96{} 97#endif 98 99#ifdef CONFIG_IMA_APPRAISE 100extern bool is_ima_appraise_enabled(void); 101extern void ima_inode_post_setattr(struct dentry *dentry); 102extern int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name, 103 const void *xattr_value, size_t xattr_value_len); 104extern int ima_inode_removexattr(struct dentry *dentry, const char *xattr_name); 105#else 106static inline bool is_ima_appraise_enabled(void) 107{ 108 return 0; 109} 110 111static inline void ima_inode_post_setattr(struct dentry *dentry) 112{ 113 return; 114} 115 116static inline int ima_inode_setxattr(struct dentry *dentry, 117 const char *xattr_name, 118 const void *xattr_value, 119 size_t xattr_value_len) 120{ 121 return 0; 122} 123 124static inline int ima_inode_removexattr(struct dentry *dentry, 125 const char *xattr_name) 126{ 127 return 0; 128} 129#endif /* CONFIG_IMA_APPRAISE */ 130#endif /* _LINUX_IMA_H */