1
2
3
4
5
6
7
8
9#ifndef _LINUX_EVM_H
10#define _LINUX_EVM_H
11
12#include <linux/integrity.h>
13#include <linux/xattr.h>
14
15struct integrity_iint_cache;
16
17#ifdef CONFIG_EVM
18extern int evm_set_key(void *key, size_t keylen);
19extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
20 const char *xattr_name,
21 void *xattr_value,
22 size_t xattr_value_len,
23 struct integrity_iint_cache *iint);
24extern int evm_inode_setattr(struct dentry *dentry, struct iattr *attr);
25extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
26extern int evm_inode_setxattr(struct user_namespace *mnt_userns,
27 struct dentry *dentry, const char *name,
28 const void *value, size_t size);
29extern void evm_inode_post_setxattr(struct dentry *dentry,
30 const char *xattr_name,
31 const void *xattr_value,
32 size_t xattr_value_len);
33extern int evm_inode_removexattr(struct user_namespace *mnt_userns,
34 struct dentry *dentry, const char *xattr_name);
35extern void evm_inode_post_removexattr(struct dentry *dentry,
36 const char *xattr_name);
37extern int evm_inode_init_security(struct inode *inode,
38 const struct xattr *xattr_array,
39 struct xattr *evm);
40extern bool evm_revalidate_status(const char *xattr_name);
41extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
42extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
43 int buffer_size, char type,
44 bool canonical_fmt);
45#ifdef CONFIG_FS_POSIX_ACL
46extern int posix_xattr_acl(const char *xattrname);
47#else
48static inline int posix_xattr_acl(const char *xattrname)
49{
50 return 0;
51}
52#endif
53#else
54
55static inline int evm_set_key(void *key, size_t keylen)
56{
57 return -EOPNOTSUPP;
58}
59
60#ifdef CONFIG_INTEGRITY
61static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
62 const char *xattr_name,
63 void *xattr_value,
64 size_t xattr_value_len,
65 struct integrity_iint_cache *iint)
66{
67 return INTEGRITY_UNKNOWN;
68}
69#endif
70
71static inline int evm_inode_setattr(struct dentry *dentry, struct iattr *attr)
72{
73 return 0;
74}
75
76static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid)
77{
78 return;
79}
80
81static inline int evm_inode_setxattr(struct user_namespace *mnt_userns,
82 struct dentry *dentry, const char *name,
83 const void *value, size_t size)
84{
85 return 0;
86}
87
88static inline void evm_inode_post_setxattr(struct dentry *dentry,
89 const char *xattr_name,
90 const void *xattr_value,
91 size_t xattr_value_len)
92{
93 return;
94}
95
96static inline int evm_inode_removexattr(struct user_namespace *mnt_userns,
97 struct dentry *dentry,
98 const char *xattr_name)
99{
100 return 0;
101}
102
103static inline void evm_inode_post_removexattr(struct dentry *dentry,
104 const char *xattr_name)
105{
106 return;
107}
108
109static inline int evm_inode_init_security(struct inode *inode,
110 const struct xattr *xattr_array,
111 struct xattr *evm)
112{
113 return 0;
114}
115
116static inline bool evm_revalidate_status(const char *xattr_name)
117{
118 return false;
119}
120
121static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
122{
123 return false;
124}
125
126static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
127 int buffer_size, char type,
128 bool canonical_fmt)
129{
130 return -EOPNOTSUPP;
131}
132
133#endif
134#endif
135
