Openwrt-EcoNet/kernel-49
1
0
Fork 0
Code Activity
Files
master
kernel-49/security/integrity/evm/evm.h
Greg Kroah-Hartman e1df0ff86c Merge 4.9.142 into android-4.9 
Changes in 4.9.142
	usb: core: Fix hub port connection events lost
	usb: dwc3: core: Clean up ULPI device
	usb: xhci: fix timeout for transition from RExit to U0
	MAINTAINERS: Add Sasha as a stable branch maintainer
	gpio: don't free unallocated ida on gpiochip_add_data_with_key() error path
	iwlwifi: mvm: support sta_statistics() even on older firmware
	iwlwifi: mvm: fix regulatory domain update when the firmware starts
	brcmfmac: fix reporting support for 160 MHz channels
	tools/power/cpupower: fix compilation with STATIC=true
	v9fs_dir_readdir: fix double-free on p9stat_read error
	selinux: Add __GFP_NOWARN to allocation at str_read()
	bfs: add sanity check at bfs_fill_super()
	sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
	gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
	llc: do not use sk_eat_skb()
	mm: don't warn about large allocations for slab
	drm/ast: change resolution may cause screen blurred
	drm/ast: fixed cursor may disappear sometimes
	drm/ast: Remove existing framebuffers before loading driver
	can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb()
	can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length
	can: dev: __can_get_echo_skb(): Don't crash the kernel if can_priv::echo_skb is accessed out of bounds
	can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb
	IB/core: Fix for core panic
	IB/hfi1: Eliminate races in the SDMA send error path
	usb: xhci: Prevent bus suspend if a port connect change or polling state is detected
	pinctrl: meson: fix pinconf bias disable
	KVM: PPC: Move and undef TRACE_INCLUDE_PATH/FILE
	cpufreq: imx6q: add return value check for voltage scale
	rtc: pcf2127: fix a kmemleak caused in pcf2127_i2c_gather_write
	floppy: fix race condition in __floppy_read_block_0()
	powerpc/io: Fix the IO workarounds code to work with Radix
	perf/x86/intel/uncore: Add more IMC PCI IDs for KabyLake and CoffeeLake CPUs
	SUNRPC: Fix a bogus get/put in generic_key_to_expire()
	kdb: Use strscpy with destination buffer size
	powerpc/numa: Suppress "VPHN is not supported" messages
	efi/arm: Revert deferred unmap of early memmap mapping
	tmpfs: make lseek(SEEK_DATA/SEK_HOLE) return ENXIO with a negative offset
	of: add helper to lookup compatible child node
	NFC: nfcmrvl_uart: fix OF child-node lookup
	net: bcmgenet: fix OF child-node lookup
	arm64: remove no-op -p linker flag
	ath10k: fix kernel panic due to race in accessing arvif list
	Input: xpad - add product ID for Xbox One S pad
	Input: xpad - fix Xbox One rumble stopping after 2.5 secs
	Input: xpad - correctly sort vendor id's
	Input: xpad - move reporting xbox one home button to common function
	Input: xpad - simplify error condition in init_output
	Input: xpad - don't depend on endpoint order
	Input: xpad - fix stuck mode button on Xbox One S pad
	Input: xpad - restore LED state after device resume
	Input: xpad - support some quirky Xbox One pads
	Input: xpad - sort supported devices by USB ID
	Input: xpad - sync supported devices with xboxdrv
	Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth
	Input: xpad - sync supported devices with 360Controller
	Input: xpad - sync supported devices with XBCD
	Input: xpad - constify usb_device_id
	Input: xpad - fix PowerA init quirk for some gamepad models
	Input: xpad - validate USB endpoint type during probe
	Input: xpad - add support for PDP Xbox One controllers
	Input: xpad - add PDP device id 0x02a4
	Input: xpad - fix some coding style issues
	Input: xpad - avoid using __set_bit() for capabilities
	Input: xpad - add GPD Win 2 Controller USB IDs
	Input: xpad - fix GPD Win 2 controller name
	Input: xpad - add support for Xbox1 PDP Camo series gamepad
	cw1200: Don't leak memory if krealloc failes
	mwifiex: prevent register accesses after host is sleeping
	mwifiex: report error to PCIe for suspend failure
	mwifiex: Fix NULL pointer dereference in skb_dequeue()
	mwifiex: fix p2p device doesn't find in scan problem
	scsi: ufs: fix bugs related to null pointer access and array size
	scsi: ufshcd: Fix race between clk scaling and ungate work
	scsi: ufs: fix race between clock gating and devfreq scaling work
	scsi: ufshcd: release resources if probe fails
	include/linux/pfn_t.h: force '~' to be parsed as an unary operator
	tty: wipe buffer.
	tty: wipe buffer if not echoing data
	usb: xhci: fix uninitialized completion when USB3 port got wrong status
	sched/core: Allow __sched_setscheduler() in interrupts when PI is not used
	namei: allow restricted O_CREAT of FIFOs and regular files
	lan78xx: Read MAC address from DT if present
	s390/mm: Check for valid vma before zapping in gmap_discard
	net: ieee802154: 6lowpan: fix frag reassembly
	Revert "evm: Translate user/group ids relative to s_user_ns when computing HMAC"
	ima: always measure and audit files in policy
	EVM: Add support for portable signature format
	ima: re-introduce own integrity cache lock
	ima: re-initialize iint->atomic_flags
	Linux 4.9.142

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2019-02-11 23:00:57 +03:00

57 lines
1.4 KiB
C
Raw Permalink Blame History

/*
* Copyright (C) 2005-2010 IBM Corporation
*
* Authors:
* Mimi Zohar <zohar@us.ibm.com>
* Kylene Hall <kjhall@us.ibm.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 2 of the License.
*
* File: evm.h
*
*/
#ifndef __INTEGRITY_EVM_H
#define __INTEGRITY_EVM_H
#include <linux/xattr.h>
#include <linux/security.h>
#include "../integrity.h"
#define EVM_INIT_HMAC 0x0001
#define EVM_INIT_X509 0x0002
extern int evm_initialized;
extern char *evm_hmac;
extern char *evm_hash;
#define EVM_ATTR_FSUUID 0x0001
extern int evm_hmac_attrs;
extern struct crypto_shash *hmac_tfm;
extern struct crypto_shash *hash_tfm;
/* List of EVM protected security xattrs */
extern char *evm_config_xattrnames[];
int evm_init_key(void);
int evm_update_evmxattr(struct dentry *dentry,
const char *req_xattr_name,
const char *req_xattr_value,
size_t req_xattr_value_len);
int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
const char *req_xattr_value,
size_t req_xattr_value_len, char *digest);
int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
const char *req_xattr_value,
size_t req_xattr_value_len, char type, char *digest);
int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
char *hmac_val);
int evm_init_secfs(void);
#endif
View Git Blame Copy Permalink