include/linux/evm.h

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 /*
   3  * evm.h
   4  *
   5  * Copyright (c) 2009 IBM Corporation
   6  * Author: Mimi Zohar <zohar@us.ibm.com>
   7  */
   8
   9 #ifndef _LINUX_EVM_H
  10 #define _LINUX_EVM_H
  11
  12 #include <linux/integrity.h>
  13 #include <linux/xattr.h>
  14
  15 #ifdef CONFIG_EVM
  16 extern int evm_set_key(void *key, size_t keylen);
  17 extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
  18                                              const char *xattr_name,
  19                                              void *xattr_value,
  20                                              size_t xattr_value_len);
  21 int evm_inode_init_security(struct inode *inode, struct inode *dir,
  22                             const struct qstr *qstr, struct xattr *xattrs,
  23                             int *xattr_count);
  24 extern bool evm_revalidate_status(const char *xattr_name);
  25 extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
  26 extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
  27                                      int buffer_size, char type,
  28                                      bool canonical_fmt);
  29 extern bool evm_metadata_changed(struct inode *inode,
  30                                  struct inode *metadata_inode);
  31 #ifdef CONFIG_FS_POSIX_ACL
  32 extern int posix_xattr_acl(const char *xattrname);
  33 #else
  34 static inline int posix_xattr_acl(const char *xattrname)
  35 {
  36         return 0;
  37 }
  38 #endif
  39 #else
  40
  41 static inline int evm_set_key(void *key, size_t keylen)
  42 {
  43         return -EOPNOTSUPP;
  44 }
  45
  46 #ifdef CONFIG_INTEGRITY
  47 static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
  48                                                     const char *xattr_name,
  49                                                     void *xattr_value,
  50                                                     size_t xattr_value_len)
  51 {
  52         return INTEGRITY_UNKNOWN;
  53 }
  54 #endif
  55
  56 static inline int evm_inode_init_security(struct inode *inode, struct inode *dir,
  57                                           const struct qstr *qstr,
  58                                           struct xattr *xattrs,
  59                                           int *xattr_count)
  60 {
  61         return 0;
  62 }
  63
  64 static inline bool evm_revalidate_status(const char *xattr_name)
  65 {
  66         return false;
  67 }
  68
  69 static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
  70 {
  71         return false;
  72 }
  73
  74 static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
  75                                             int buffer_size, char type,
  76                                             bool canonical_fmt)
  77 {
  78         return -EOPNOTSUPP;
  79 }
  80
  81 static inline bool evm_metadata_changed(struct inode *inode,
  82                                         struct inode *metadata_inode)
  83 {
  84         return false;
  85 }
  86
  87 #endif /* CONFIG_EVM */
  88 #endif /* LINUX_EVM_H */