tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / include / linux / evm.h
at v6.1 3.6 kB view raw
1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * evm.h 4 * 5 * Copyright (c) 2009 IBM Corporation 6 * Author: Mimi Zohar <zohar@us.ibm.com> 7 */ 8 9#ifndef _LINUX_EVM_H 10#define _LINUX_EVM_H 11 12#include <linux/integrity.h> 13#include <linux/xattr.h> 14 15struct integrity_iint_cache; 16 17#ifdef CONFIG_EVM 18extern int evm_set_key(void *key, size_t keylen); 19extern enum integrity_status evm_verifyxattr(struct dentry *dentry, 20 const char *xattr_name, 21 void *xattr_value, 22 size_t xattr_value_len, 23 struct integrity_iint_cache *iint); 24extern int evm_inode_setattr(struct user_namespace *mnt_userns, 25 struct dentry *dentry, struct iattr *attr); 26extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid); 27extern int evm_inode_setxattr(struct user_namespace *mnt_userns, 28 struct dentry *dentry, const char *name, 29 const void *value, size_t size); 30extern void evm_inode_post_setxattr(struct dentry *dentry, 31 const char *xattr_name, 32 const void *xattr_value, 33 size_t xattr_value_len); 34extern int evm_inode_removexattr(struct user_namespace *mnt_userns, 35 struct dentry *dentry, const char *xattr_name); 36extern void evm_inode_post_removexattr(struct dentry *dentry, 37 const char *xattr_name); 38extern int evm_inode_init_security(struct inode *inode, 39 const struct xattr *xattr_array, 40 struct xattr *evm); 41extern bool evm_revalidate_status(const char *xattr_name); 42extern int evm_protected_xattr_if_enabled(const char *req_xattr_name); 43extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, 44 int buffer_size, char type, 45 bool canonical_fmt); 46#ifdef CONFIG_FS_POSIX_ACL 47extern int posix_xattr_acl(const char *xattrname); 48#else 49static inline int posix_xattr_acl(const char *xattrname) 50{ 51 return 0; 52} 53#endif 54#else 55 56static inline int evm_set_key(void *key, size_t keylen) 57{ 58 return -EOPNOTSUPP; 59} 60 61#ifdef CONFIG_INTEGRITY 62static inline enum integrity_status evm_verifyxattr(struct dentry *dentry, 63 const char *xattr_name, 64 void *xattr_value, 65 size_t xattr_value_len, 66 struct integrity_iint_cache *iint) 67{ 68 return INTEGRITY_UNKNOWN; 69} 70#endif 71 72static inline int evm_inode_setattr(struct user_namespace *mnt_userns, 73 struct dentry *dentry, struct iattr *attr) 74{ 75 return 0; 76} 77 78static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid) 79{ 80 return; 81} 82 83static inline int evm_inode_setxattr(struct user_namespace *mnt_userns, 84 struct dentry *dentry, const char *name, 85 const void *value, size_t size) 86{ 87 return 0; 88} 89 90static inline void evm_inode_post_setxattr(struct dentry *dentry, 91 const char *xattr_name, 92 const void *xattr_value, 93 size_t xattr_value_len) 94{ 95 return; 96} 97 98static inline int evm_inode_removexattr(struct user_namespace *mnt_userns, 99 struct dentry *dentry, 100 const char *xattr_name) 101{ 102 return 0; 103} 104 105static inline void evm_inode_post_removexattr(struct dentry *dentry, 106 const char *xattr_name) 107{ 108 return; 109} 110 111static inline int evm_inode_init_security(struct inode *inode, 112 const struct xattr *xattr_array, 113 struct xattr *evm) 114{ 115 return 0; 116} 117 118static inline bool evm_revalidate_status(const char *xattr_name) 119{ 120 return false; 121} 122 123static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name) 124{ 125 return false; 126} 127 128static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer, 129 int buffer_size, char type, 130 bool canonical_fmt) 131{ 132 return -EOPNOTSUPP; 133} 134 135#endif /* CONFIG_EVM */ 136#endif /* LINUX_EVM_H */