mirror of
https://github.com/brain-hackers/linux-brain.git
synced 2024-06-09 23:36:23 +09:00
3878d505aa
Define new "d-modsig" template field which holds the digest that is expected to match the one contained in the modsig, and also new "modsig" template field which holds the appended file signature. Add a new "ima-modsig" defined template descriptor with the new fields as well as the ones from the "ima-sig" descriptor. Change ima_store_measurement() to accept a struct modsig * argument so that it can be passed along to the templates via struct ima_event_data. Suggested-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
50 lines
2.1 KiB
C
50 lines
2.1 KiB
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* Copyright (C) 2013 Politecnico di Torino, Italy
|
|
* TORSEC group -- http://security.polito.it
|
|
*
|
|
* Author: Roberto Sassu <roberto.sassu@polito.it>
|
|
*
|
|
* File: ima_template_lib.h
|
|
* Header for the library of supported template fields.
|
|
*/
|
|
#ifndef __LINUX_IMA_TEMPLATE_LIB_H
|
|
#define __LINUX_IMA_TEMPLATE_LIB_H
|
|
|
|
#include <linux/seq_file.h>
|
|
#include "ima.h"
|
|
|
|
#define ENFORCE_FIELDS 0x00000001
|
|
#define ENFORCE_BUFEND 0x00000002
|
|
|
|
void ima_show_template_digest(struct seq_file *m, enum ima_show_type show,
|
|
struct ima_field_data *field_data);
|
|
void ima_show_template_digest_ng(struct seq_file *m, enum ima_show_type show,
|
|
struct ima_field_data *field_data);
|
|
void ima_show_template_string(struct seq_file *m, enum ima_show_type show,
|
|
struct ima_field_data *field_data);
|
|
void ima_show_template_sig(struct seq_file *m, enum ima_show_type show,
|
|
struct ima_field_data *field_data);
|
|
void ima_show_template_buf(struct seq_file *m, enum ima_show_type show,
|
|
struct ima_field_data *field_data);
|
|
int ima_parse_buf(void *bufstartp, void *bufendp, void **bufcurp,
|
|
int maxfields, struct ima_field_data *fields, int *curfields,
|
|
unsigned long *len_mask, int enforce_mask, char *bufname);
|
|
int ima_eventdigest_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventname_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventdigest_ng_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventdigest_modsig_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventname_ng_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventsig_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventbuf_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
int ima_eventmodsig_init(struct ima_event_data *event_data,
|
|
struct ima_field_data *field_data);
|
|
#endif /* __LINUX_IMA_TEMPLATE_LIB_H */
|