git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Song Liu <song@kernel.org>
	Wed, 29 Nov 2023 23:44:13 +0000 (15:44 -0800)
committer	Alexei Starovoitov <ast@kernel.org>
	Sat, 2 Dec 2023 00:21:03 +0000 (16:21 -0800)
commit	67814c00de3161181cddd06c77aeaf86ac4cc584
tree	ec467b83873691b94b7e4ded55a4abdfa46ef41c	tree \| snapshot
parent	ac9c05e0e453cfcab2866f6d28f257590e4f66e5	commit \| diff

bpf, fsverity: Add kfunc bpf_get_fsverity_digest

fsverity provides fast and reliable hash of files, namely fsverity_digest.
The digest can be used by security solutions to verify file contents.

Add new kfunc bpf_get_fsverity_digest() so that we can access fsverity from
BPF LSM programs. This kfunc is added to fs/verity/measure.c because some
data structure used in the function is private to fsverity
(fs/verity/fsverity_private.h).

To avoid recursion, bpf_get_fsverity_digest is only allowed in BPF LSM
programs.

Signed-off-by: Song Liu <song@kernel.org>
Acked-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20231129234417.856536-3-song@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

fs/verity/fsverity_private.h		diff \| blob \| blame \| history
fs/verity/init.c		diff \| blob \| blame \| history
fs/verity/measure.c		diff \| blob \| blame \| history