// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (C) 2010 IBM Corporation * * Authors: * Mimi Zohar <[email protected]> * * File: evm_secfs.c * - Used to signal when key is on keyring * - Get the key and enable EVM */ #include <linux/audit.h> #include <linux/uaccess.h> #include <linux/init.h> #include <linux/mutex.h> #include "evm.h" static struct dentry *evm_dir; static struct dentry *evm_init_tpm; static struct dentry *evm_symlink; #ifdef CONFIG_EVM_ADD_XATTRS static struct dentry *evm_xattrs; static DEFINE_MUTEX(xattr_list_mutex); static int evm_xattrs_locked; #endif /** * evm_read_key - read() for <securityfs>/evm * * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate */ static ssize_t evm_read_key(struct file *filp, char __user *buf, size_t count, loff_t *ppos) { … } /** * evm_write_key - write() for <securityfs>/evm * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Used to signal that key is on the kernel key ring. * - get the integrity hmac key from the kernel key ring * - create list of hmac protected extended attributes * Returns number of bytes written or error code, as appropriate */ static ssize_t evm_write_key(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { … } static const struct file_operations evm_key_ops = …; #ifdef CONFIG_EVM_ADD_XATTRS /** * evm_read_xattrs - read() for <securityfs>/evm_xattrs * * @filp: file pointer, not actually used * @buf: where to put the result * @count: maximum to send along * @ppos: where to start * * Returns number of bytes read or error code, as appropriate */ static ssize_t evm_read_xattrs(struct file *filp, char __user *buf, size_t count, loff_t *ppos) { … } /** * evm_write_xattrs - write() for <securityfs>/evm_xattrs * @file: file pointer, not actually used * @buf: where to get the data from * @count: bytes sent * @ppos: where to start * * Returns number of bytes written or error code, as appropriate */ static ssize_t evm_write_xattrs(struct file *file, const char __user *buf, size_t count, loff_t *ppos) { … } static const struct file_operations evm_xattr_ops = …; static int evm_init_xattrs(void) { … } #else static int evm_init_xattrs(void) { return 0; } #endif int __init evm_init_secfs(void) { … }
Codebase Browser
linux