// SPDX-License-Identifier: GPL-2.0-only /* * Copyright (C) 2011 Intel Corporation * * Author: * Dmitry Kasatkin <[email protected]> */ #include <linux/err.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/cred.h> #include <linux/kernel_read_file.h> #include <linux/key-type.h> #include <linux/digsig.h> #include <linux/vmalloc.h> #include <crypto/public_key.h> #include <keys/system_keyring.h> #include "integrity.h" static struct key *keyring[INTEGRITY_KEYRING_MAX]; static const char * const keyring_name[INTEGRITY_KEYRING_MAX] = …; #ifdef CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY #define restrict_link_to_ima … #else #define restrict_link_to_ima … #endif static struct key *integrity_keyring_from_id(const unsigned int id) { … } int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen, const char *digest, int digestlen) { … } int integrity_modsig_verify(const unsigned int id, const struct modsig *modsig) { … } static int __init __integrity_init_keyring(const unsigned int id, key_perm_t perm, struct key_restriction *restriction) { … } int __init integrity_init_keyring(const unsigned int id) { … } static int __init integrity_add_key(const unsigned int id, const void *data, off_t size, key_perm_t perm) { … } int __init integrity_load_x509(const unsigned int id, const char *path) { … } int __init integrity_load_cert(const unsigned int id, const char *source, const void *data, size_t len, key_perm_t perm) { … }
Codebase Browser
linux