Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/security/integrity/evm/evm.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) /* SPDX-License-Identifier: GPL-2.0-only */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3)  * Copyright (C) 2005-2010 IBM Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5)  * Authors:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6)  * Mimi Zohar <zohar@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7)  * Kylene Hall <kjhall@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9)  * File: evm.h
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #ifndef __INTEGRITY_EVM_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #define __INTEGRITY_EVM_H
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) #include <linux/xattr.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #include <linux/security.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) #include "../integrity.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) #define EVM_INIT_HMAC	0x0001
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #define EVM_INIT_X509	0x0002
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) #define EVM_ALLOW_METADATA_WRITES	0x0004
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #define EVM_SETUP_COMPLETE 0x80000000 /* userland has signaled key load */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #define EVM_KEY_MASK (EVM_INIT_HMAC | EVM_INIT_X509)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #define EVM_INIT_MASK (EVM_INIT_HMAC | EVM_INIT_X509 | EVM_SETUP_COMPLETE | \
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) 		       EVM_ALLOW_METADATA_WRITES)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) struct xattr_list {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) 	struct list_head list;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) 	char *name;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) extern int evm_initialized;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) #define EVM_ATTR_FSUUID		0x0001
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) extern int evm_hmac_attrs;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) extern struct crypto_shash *hmac_tfm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) extern struct crypto_shash *hash_tfm;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) /* List of EVM protected security xattrs */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) extern struct list_head evm_config_xattrnames;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) struct evm_digest {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) 	struct ima_digest_data hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) 	char digest[IMA_MAX_DIGEST_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) } __packed;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) int evm_init_key(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) int evm_update_evmxattr(struct dentry *dentry,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) 			const char *req_xattr_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) 			const char *req_xattr_value,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) 			size_t req_xattr_value_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) 		  const char *req_xattr_value,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 		  size_t req_xattr_value_len, struct evm_digest *data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) 		  const char *req_xattr_value,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 		  size_t req_xattr_value_len, char type,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) 		  struct evm_digest *data);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) 		  char *hmac_val);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) int evm_init_secfs(void);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) #endif
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.