Commit 779cb194 authored by Roberto Sassu's avatar Roberto Sassu Committed by Paul Moore
Browse files

evm: Align evm_inode_post_setxattr() definition with LSM infrastructure 



Change evm_inode_post_setxattr() definition, so that it can be registered
as implementation of the inode_post_setxattr hook.

Signed-off-by: default avatarRoberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: default avatarStefan Berger <stefanb@linux.ibm.com>
Reviewed-by: default avatarMimi Zohar <zohar@linux.ibm.com>
Reviewed-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Acked-by: default avatarMimi Zohar <zohar@linux.ibm.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 2b6a4054

include/linux/evm.h

+5 −3
Original line number Diff line number Diff line
@@ -31,7 +31,8 @@ extern int evm_inode_setxattr(struct mnt_idmap *idmap, 
extern void evm_inode_post_setxattr(struct dentry *dentry,

				    const char *xattr_name,

				    const void *xattr_value,

				    size_t xattr_value_len);

				    size_t xattr_value_len,

				    int flags);

extern int evm_inode_copy_up_xattr(const char *name);

extern int evm_inode_removexattr(struct mnt_idmap *idmap,

				 struct dentry *dentry, const char *xattr_name);
@@ -56,7 +57,7 @@ static inline void evm_inode_post_set_acl(struct dentry *dentry, 
					  const char *acl_name,

					  struct posix_acl *kacl)

{

	return evm_inode_post_setxattr(dentry, acl_name, NULL, 0);

	return evm_inode_post_setxattr(dentry, acl_name, NULL, 0, 0);

}



int evm_inode_init_security(struct inode *inode, struct inode *dir,
@@ -115,7 +116,8 @@ static inline int evm_inode_setxattr(struct mnt_idmap *idmap, 
static inline void evm_inode_post_setxattr(struct dentry *dentry,

					   const char *xattr_name,

					   const void *xattr_value,

					   size_t xattr_value_len)

					   size_t xattr_value_len,

					   int flags)

{

	return;

}

security/integrity/evm/evm_main.c

+3 −1
Original line number Diff line number Diff line
@@ -753,6 +753,7 @@ bool evm_revalidate_status(const char *xattr_name) 
 * @xattr_name: pointer to the affected extended attribute name

 * @xattr_value: pointer to the new extended attribute value

 * @xattr_value_len: pointer to the new extended attribute value length

 * @flags: flags to pass into filesystem operations

 *

 * Update the HMAC stored in 'security.evm' to reflect the change.

 *
@@ -761,7 +762,8 @@ bool evm_revalidate_status(const char *xattr_name) 
 * i_mutex lock.

 */

void evm_inode_post_setxattr(struct dentry *dentry, const char *xattr_name,

			     const void *xattr_value, size_t xattr_value_len)

			     const void *xattr_value, size_t xattr_value_len,

			     int flags)

{

	if (!evm_revalidate_status(xattr_name))

		return;

security/security.c

+1 −1
Original line number Diff line number Diff line
@@ -2367,7 +2367,7 @@ void security_inode_post_setxattr(struct dentry *dentry, const char *name, 
	if (unlikely(IS_PRIVATE(d_backing_inode(dentry))))

		return;

	call_void_hook(inode_post_setxattr, dentry, name, value, size, flags);

	evm_inode_post_setxattr(dentry, name, value, size);

	evm_inode_post_setxattr(dentry, name, value, size, flags);

}



/**