Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1161314Ab1FBMZw (ORCPT ); Thu, 2 Jun 2011 08:25:52 -0400 Received: from e5.ny.us.ibm.com ([32.97.182.145]:52406 "EHLO e5.ny.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1161280Ab1FBMZs (ORCPT ); Thu, 2 Jun 2011 08:25:48 -0400 From: Mimi Zohar To: linux-security-module@vger.kernel.org Cc: Dmitry Kasatkin , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, James Morris , David Safford , Andrew Morton , Greg KH , Dmitry Kasatkin , Mimi Zohar Subject: [PATCH v6 18/20] evm: replace hmac_status with evm_status Date: Thu, 2 Jun 2011 08:23:41 -0400 Message-Id: <1307017423-15093-19-git-send-email-zohar@linux.vnet.ibm.com> X-Mailer: git-send-email 1.7.3.4 In-Reply-To: <1307017423-15093-1-git-send-email-zohar@linux.vnet.ibm.com> References: <1307017423-15093-1-git-send-email-zohar@linux.vnet.ibm.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2764 Lines: 85 From: Dmitry Kasatkin We will use digital signatures in addtion to hmac. Signed-off-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar --- security/integrity/evm/evm_main.c | 14 +++++++------- security/integrity/iint.c | 2 +- security/integrity/integrity.h | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 9abe75b..0dbb562 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -56,8 +56,8 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry, struct evm_ima_xattr_data xattr_data; int rc; - if (iint->hmac_status == INTEGRITY_PASS) - return iint->hmac_status; + if (iint->evm_status == INTEGRITY_PASS) + return iint->evm_status; /* if status is not PASS, try to check again - against -ENOMEM */ @@ -71,18 +71,18 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry, sizeof xattr_data, GFP_NOFS); if (rc < 0) goto err_out; - iint->hmac_status = INTEGRITY_PASS; - return iint->hmac_status; + iint->evm_status = INTEGRITY_PASS; + return iint->evm_status; err_out: switch (rc) { case -ENODATA: /* file not labelled */ - iint->hmac_status = INTEGRITY_NOLABEL; + iint->evm_status = INTEGRITY_NOLABEL; break; default: - iint->hmac_status = INTEGRITY_FAIL; + iint->evm_status = INTEGRITY_FAIL; } - return iint->hmac_status; + return iint->evm_status; } static int evm_protected_xattr(const char *req_xattr_name) diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 991df20..0a23e07 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c @@ -157,7 +157,7 @@ static void init_once(void *foo) iint->version = 0; iint->flags = 0UL; mutex_init(&iint->mutex); - iint->hmac_status = INTEGRITY_UNKNOWN; + iint->evm_status = INTEGRITY_UNKNOWN; } static int __init integrity_iintcache_init(void) diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 7efbf56..880bbee 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -37,7 +37,7 @@ struct integrity_iint_cache { unsigned char flags; u8 digest[SHA1_DIGEST_SIZE]; struct mutex mutex; /* protects: version, flags, digest */ - enum integrity_status hmac_status; + enum integrity_status evm_status; }; /* rbtree tree calls to lookup, insert, delete -- 1.7.3.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/