首页 发现 帮助
注册 登录
phyus
/
linux-vybrid_public
8
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

evm: additional parameter to pass integrity cache entry 'iint'

Additional iint parameter allows to skip lookup in the cache.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Dmitry Kasatkin 14 年之前
父节点
d46eb36995
当前提交
2960e6cb5f
共有 2 个文件被更改,包括 14 次插入12 次删除
分列视图 显示文件统计
  1. 6 2
      include/linux/evm.h
  2. 8 10
      security/integrity/evm/evm_main.c

+ 6 - 2
include/linux/evm.h
查看文件 

@@ -11,11 +11,14 @@
 
 #include <linux/integrity.h>
 
 #include <linux/xattr.h>
 
 
+struct integrity_iint_cache;
 
+
 
 #ifdef CONFIG_EVM
 
 extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
 
 					     const char *xattr_name,
 
 					     void *xattr_value,
 
-					     size_t xattr_value_len);
 
+					     size_t xattr_value_len,
 
+					     struct integrity_iint_cache *iint);
 
 extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
 
 extern int evm_inode_setxattr(struct dentry *dentry, const char *name,
 
 			      const void *value, size_t size);
 
@@ -34,7 +37,8 @@ extern int evm_inode_init_security(struct inode *inode,
 
 static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
 
 						    const char *xattr_name,
 
 						    void *xattr_value,
 
-						    size_t xattr_value_len)
 
+						    size_t xattr_value_len,
 
+					struct integrity_iint_cache *iint)
 
 {
 
 	return INTEGRITY_UNKNOWN;
 
 }

+ 8 - 10
security/integrity/evm/evm_main.c
查看文件 

@@ -127,21 +127,19 @@ static int evm_protected_xattr(const char *req_xattr_name)
 
  */
 
 enum integrity_status evm_verifyxattr(struct dentry *dentry,
 
 				      const char *xattr_name,
 
-				      void *xattr_value, size_t xattr_value_len)
 
+				      void *xattr_value, size_t xattr_value_len,
 
+				      struct integrity_iint_cache *iint)
 
 {
 
-	struct inode *inode = dentry->d_inode;
 
-	struct integrity_iint_cache *iint;
 
-	enum integrity_status status;
 
-
 
 	if (!evm_initialized || !evm_protected_xattr(xattr_name))
 
 		return INTEGRITY_UNKNOWN;
 
 
-	iint = integrity_iint_find(inode);
 
-	if (!iint)
 
-		return INTEGRITY_UNKNOWN;
 
-	status = evm_verify_hmac(dentry, xattr_name, xattr_value,
 
+	if (!iint) {
 
+		iint = integrity_iint_find(dentry->d_inode);
 
+		if (!iint)
 
+			return INTEGRITY_UNKNOWN;
 
+	}
 
+	return evm_verify_hmac(dentry, xattr_name, xattr_value,
 
 				 xattr_value_len, iint);
 
-	return status;
 
 }
 
 EXPORT_SYMBOL_GPL(evm_verifyxattr);