Release 4.15 security/integrity/evm/evm_secfs.c
/*
* Copyright (C) 2010 IBM Corporation
*
* Authors:
* Mimi Zohar <zohar@us.ibm.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 2 of the License.
*
* File: evm_secfs.c
* - Used to signal when key is on keyring
* - Get the key and enable EVM
*/
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
#include <linux/uaccess.h>
#include <linux/module.h>
#include "evm.h"
static struct dentry *evm_init_tpm;
/**
* evm_read_key - read() for <securityfs>/evm
*
* @filp: file pointer, not actually used
* @buf: where to put the result
* @count: maximum to send along
* @ppos: where to start
*
* Returns number of bytes read or error code, as appropriate
*/
static ssize_t evm_read_key(struct file *filp, char __user *buf,
size_t count, loff_t *ppos)
{
char temp[80];
ssize_t rc;
if (*ppos != 0)
return 0;
sprintf(temp, "%d", (evm_initialized & ~EVM_SETUP));
rc = simple_read_from_buffer(buf, count, ppos, temp, strlen(temp));
return rc;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Mimi Zohar | 72 | 93.51% | 1 | 50.00% |
| Matthew Garrett | 5 | 6.49% | 1 | 50.00% |
| Total | 77 | 100.00% | 2 | 100.00% |
/**
* evm_write_key - write() for <securityfs>/evm
* @file: file pointer, not actually used
* @buf: where to get the data from
* @count: bytes sent
* @ppos: where to start
*
* Used to signal that key is on the kernel key ring.
* - get the integrity hmac key from the kernel key ring
* - create list of hmac protected extended attributes
* Returns number of bytes written or error code, as appropriate
*/
static ssize_t evm_write_key(struct file *file, const char __user *buf,
size_t count, loff_t *ppos)
{
int i, ret;
if (!capable(CAP_SYS_ADMIN) || (evm_initialized & EVM_SETUP))
return -EPERM;
ret = kstrtoint_from_user(buf, count, 0, &i);
if (ret)
return ret;
/* Reject invalid values */
if (!i || (i & ~EVM_INIT_MASK) != 0)
return -EINVAL;
if (i & EVM_INIT_HMAC) {
ret = evm_init_key();
if (ret != 0)
return ret;
/* Forbid further writes after the symmetric key is loaded */
i |= EVM_SETUP;
}
evm_initialized |= i;
return count;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Mimi Zohar | 67 | 55.37% | 1 | 33.33% |
| Matthew Garrett | 51 | 42.15% | 1 | 33.33% |
| Dmitry Kasatkin | 3 | 2.48% | 1 | 33.33% |
| Total | 121 | 100.00% | 3 | 100.00% |
static const struct file_operations evm_key_ops = {
.read = evm_read_key,
.write = evm_write_key,
};
int __init evm_init_secfs(void)
{
int error = 0;
evm_init_tpm = securityfs_create_file("evm", S_IRUSR | S_IRGRP,
NULL, NULL, &evm_key_ops);
if (!evm_init_tpm || IS_ERR(evm_init_tpm))
error = -EFAULT;
return error;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Mimi Zohar | 49 | 100.00% | 1 | 100.00% |
| Total | 49 | 100.00% | 1 | 100.00% |
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| Mimi Zohar | 224 | 77.24% | 1 | 25.00% |
| Matthew Garrett | 56 | 19.31% | 1 | 25.00% |
| Joe Perches | 7 | 2.41% | 1 | 25.00% |
| Dmitry Kasatkin | 3 | 1.03% | 1 | 25.00% |
| Total | 290 | 100.00% | 4 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.