[thirdparty/linux.git] / include / linux / evm.h

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * evm.h
 *
 * Copyright (c) 2009 IBM Corporation
 * Author: Mimi Zohar <zohar@us.ibm.com>
 */

#ifndef _LINUX_EVM_H
#define _LINUX_EVM_H

#include <linux/integrity.h>
#include <linux/xattr.h>

struct integrity_iint_cache;

#ifdef CONFIG_EVM
extern int evm_set_key(void *key, size_t keylen);
extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
					     const char *xattr_name,
					     void *xattr_value,
					     size_t xattr_value_len,
					     struct integrity_iint_cache *iint);
extern int evm_inode_setattr(struct mnt_idmap *idmap,
			     struct dentry *dentry, struct iattr *attr);
extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
extern int evm_inode_setxattr(struct mnt_idmap *idmap,
			      struct dentry *dentry, const char *name,
			      const void *value, size_t size);
extern void evm_inode_post_setxattr(struct dentry *dentry,
				    const char *xattr_name,
				    const void *xattr_value,
				    size_t xattr_value_len);
extern int evm_inode_removexattr(struct mnt_idmap *idmap,
				 struct dentry *dentry, const char *xattr_name);
extern void evm_inode_post_removexattr(struct dentry *dentry,
				       const char *xattr_name);
static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
					     struct dentry *dentry,
					     const char *acl_name)
{
	evm_inode_post_removexattr(dentry, acl_name);
}
extern int evm_inode_set_acl(struct user_namespace *mnt_userns,
			     struct dentry *dentry, const char *acl_name,
			     struct posix_acl *kacl);
static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
				       struct dentry *dentry,
				       const char *acl_name)
{
	return evm_inode_set_acl(mnt_userns, dentry, acl_name, NULL);
}
static inline void evm_inode_post_set_acl(struct dentry *dentry,
					  const char *acl_name,
					  struct posix_acl *kacl)
{
	return evm_inode_post_setxattr(dentry, acl_name, NULL, 0);
}
extern int evm_inode_init_security(struct inode *inode,
				   const struct xattr *xattr_array,
				   struct xattr *evm);
extern bool evm_revalidate_status(const char *xattr_name);
extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
				     int buffer_size, char type,
				     bool canonical_fmt);
#ifdef CONFIG_FS_POSIX_ACL
extern int posix_xattr_acl(const char *xattrname);
#else
static inline int posix_xattr_acl(const char *xattrname)
{
	return 0;
}
#endif
#else

static inline int evm_set_key(void *key, size_t keylen)
{
	return -EOPNOTSUPP;
}

#ifdef CONFIG_INTEGRITY
static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
						    const char *xattr_name,
						    void *xattr_value,
						    size_t xattr_value_len,
					struct integrity_iint_cache *iint)
{
	return INTEGRITY_UNKNOWN;
}
#endif

static inline int evm_inode_setattr(struct mnt_idmap *idmap,
				    struct dentry *dentry, struct iattr *attr)
{
	return 0;
}

static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid)
{
	return;
}

static inline int evm_inode_setxattr(struct mnt_idmap *idmap,
				     struct dentry *dentry, const char *name,
				     const void *value, size_t size)
{
	return 0;
}

static inline void evm_inode_post_setxattr(struct dentry *dentry,
					   const char *xattr_name,
					   const void *xattr_value,
					   size_t xattr_value_len)
{
	return;
}

static inline int evm_inode_removexattr(struct mnt_idmap *idmap,
					struct dentry *dentry,
					const char *xattr_name)
{
	return 0;
}

static inline void evm_inode_post_removexattr(struct dentry *dentry,
					      const char *xattr_name)
{
	return;
}

static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
					     struct dentry *dentry,
					     const char *acl_name)
{
	return;
}

static inline int evm_inode_set_acl(struct user_namespace *mnt_userns,
				    struct dentry *dentry, const char *acl_name,
				    struct posix_acl *kacl)
{
	return 0;
}

static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
				       struct dentry *dentry,
				       const char *acl_name)
{
	return 0;
}

static inline void evm_inode_post_set_acl(struct dentry *dentry,
					  const char *acl_name,
					  struct posix_acl *kacl)
{
	return;
}

static inline int evm_inode_init_security(struct inode *inode,
					  const struct xattr *xattr_array,
					  struct xattr *evm)
{
	return 0;
}

static inline bool evm_revalidate_status(const char *xattr_name)
{
	return false;
}

static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
{
	return false;
}

static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
					    int buffer_size, char type,
					    bool canonical_fmt)
{
	return -EOPNOTSUPP;
}

#endif /* CONFIG_EVM */
#endif /* LINUX_EVM_H */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
3e1be52d MZ	2	/*
	3	* evm.h
	4	*
	5	* Copyright (c) 2009 IBM Corporation
	6	* Author: Mimi Zohar <zohar@us.ibm.com>
	7	*/
	8
	9	#ifndef _LINUX_EVM_H
	10	#define _LINUX_EVM_H
	11
	12	#include <linux/integrity.h>
cb723180	13	#include <linux/xattr.h>
3e1be52d	14
2960e6cb DK	15	struct integrity_iint_cache;
2960e6cb DK	16
3e1be52d	17	#ifdef CONFIG_EVM
76266763	18	extern int evm_set_key(void *key, size_t keylen);
3e1be52d MZ	19	extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
	20	const char *xattr_name,
	21	void *xattr_value,
2960e6cb DK	22	size_t xattr_value_len,
2960e6cb DK	23	struct integrity_iint_cache *iint);
c1632a0f	24	extern int evm_inode_setattr(struct mnt_idmap *idmap,
0e363cf3	25	struct dentry dentry, struct iattr attr);
975d2943	26	extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
39f60c1c	27	extern int evm_inode_setxattr(struct mnt_idmap *idmap,
7e135dc7	28	struct dentry dentry, const char name,
3e1be52d MZ	29	const void *value, size_t size);
	30	extern void evm_inode_post_setxattr(struct dentry *dentry,
	31	const char *xattr_name,
	32	const void *xattr_value,
	33	size_t xattr_value_len);
39f60c1c	34	extern int evm_inode_removexattr(struct mnt_idmap *idmap,
7e135dc7	35	struct dentry dentry, const char xattr_name);
c7b87de2 MZ	36	extern void evm_inode_post_removexattr(struct dentry *dentry,
c7b87de2 MZ	37	const char *xattr_name);
aeb7f005 CB	38	static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
	39	struct dentry *dentry,
	40	const char *acl_name)
	41	{
	42	evm_inode_post_removexattr(dentry, acl_name);
	43	}
e61b135f CB	44	extern int evm_inode_set_acl(struct user_namespace *mnt_userns,
	45	struct dentry dentry, const char acl_name,
	46	struct posix_acl *kacl);
	47	static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
	48	struct dentry *dentry,
	49	const char *acl_name)
	50	{
	51	return evm_inode_set_acl(mnt_userns, dentry, acl_name, NULL);
	52	}
a56df5d5 CB	53	static inline void evm_inode_post_set_acl(struct dentry *dentry,
	54	const char *acl_name,
	55	struct posix_acl *kacl)
	56	{
	57	return evm_inode_post_setxattr(dentry, acl_name, NULL, 0);
	58	}
cb723180 MZ	59	extern int evm_inode_init_security(struct inode *inode,
	60	const struct xattr *xattr_array,
	61	struct xattr *evm);
e3ccfe1a	62	extern bool evm_revalidate_status(const char *xattr_name);
8c7a703e	63	extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
8314b673 RS	64	extern int evm_read_protected_xattrs(struct dentry dentry, u8 buffer,
	65	int buffer_size, char type,
	66	bool canonical_fmt);
bf6d0f5d MZ	67	#ifdef CONFIG_FS_POSIX_ACL
	68	extern int posix_xattr_acl(const char *xattrname);
	69	#else
	70	static inline int posix_xattr_acl(const char *xattrname)
	71	{
	72	return 0;
	73	}
	74	#endif
3e1be52d	75	#else
76266763 DK	76
	77	static inline int evm_set_key(void *key, size_t keylen)
	78	{
	79	return -EOPNOTSUPP;
	80	}
	81
3e1be52d MZ	82	#ifdef CONFIG_INTEGRITY
	83	static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
	84	const char *xattr_name,
	85	void *xattr_value,
2960e6cb DK	86	size_t xattr_value_len,
2960e6cb DK	87	struct integrity_iint_cache *iint)
3e1be52d MZ	88	{
	89	return INTEGRITY_UNKNOWN;
	90	}
	91	#endif
	92
c1632a0f	93	static inline int evm_inode_setattr(struct mnt_idmap *idmap,
0e363cf3	94	struct dentry dentry, struct iattr attr)
817b54aa MZ	95	{
	96	return 0;
	97	}
	98
975d2943 MZ	99	static inline void evm_inode_post_setattr(struct dentry *dentry, int ia_valid)
	100	{
	101	return;
	102	}
	103
39f60c1c	104	static inline int evm_inode_setxattr(struct mnt_idmap *idmap,
7e135dc7	105	struct dentry dentry, const char name,
3e1be52d MZ	106	const void *value, size_t size)
	107	{
	108	return 0;
	109	}
	110
	111	static inline void evm_inode_post_setxattr(struct dentry *dentry,
	112	const char *xattr_name,
	113	const void *xattr_value,
	114	size_t xattr_value_len)
	115	{
	116	return;
	117	}
	118
39f60c1c	119	static inline int evm_inode_removexattr(struct mnt_idmap *idmap,
7e135dc7	120	struct dentry *dentry,
3e1be52d MZ	121	const char *xattr_name)
	122	{
	123	return 0;
	124	}
c7b87de2 MZ	125
	126	static inline void evm_inode_post_removexattr(struct dentry *dentry,
	127	const char *xattr_name)
	128	{
	129	return;
aeb7f005 CB	130	}
	131
	132	static inline void evm_inode_post_remove_acl(struct user_namespace *mnt_userns,
	133	struct dentry *dentry,
	134	const char *acl_name)
	135	{
	136	return;
c7b87de2 MZ	137	}
c7b87de2 MZ	138
e61b135f CB	139	static inline int evm_inode_set_acl(struct user_namespace *mnt_userns,
	140	struct dentry dentry, const char acl_name,
	141	struct posix_acl *kacl)
	142	{
	143	return 0;
	144	}
	145
	146	static inline int evm_inode_remove_acl(struct user_namespace *mnt_userns,
	147	struct dentry *dentry,
	148	const char *acl_name)
	149	{
	150	return 0;
	151	}
	152
a56df5d5 CB	153	static inline void evm_inode_post_set_acl(struct dentry *dentry,
	154	const char *acl_name,
	155	struct posix_acl *kacl)
	156	{
	157	return;
	158	}
	159
cb723180 MZ	160	static inline int evm_inode_init_security(struct inode *inode,
	161	const struct xattr *xattr_array,
	162	struct xattr *evm)
	163	{
5a4730ba	164	return 0;
cb723180 MZ	165	}
cb723180 MZ	166
e3ccfe1a RS	167	static inline bool evm_revalidate_status(const char *xattr_name)
	168	{
	169	return false;
	170	}
	171
8c7a703e RS	172	static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
	173	{
	174	return false;
	175	}
	176
8314b673 RS	177	static inline int evm_read_protected_xattrs(struct dentry dentry, u8 buffer,
	178	int buffer_size, char type,
	179	bool canonical_fmt)
	180	{
	181	return -EOPNOTSUPP;
	182	}
	183
e05a4f4f	184	#endif /* CONFIG_EVM */
3e1be52d	185	#endif /* LINUX_EVM_H */