evm: Move to LSM infrastructure (92383111) · Commits · git / linux-net

fs/attr.c

+0 −2

Original line number	Diff line number	Diff line
		@@ -16,7 +16,6 @@
		#include <linux/fcntl.h>
		#include <linux/filelock.h>
		#include <linux/security.h>
		#include <linux/evm.h>

		#include "internal.h"

		@@ -502,7 +501,6 @@ int notify_change(struct mnt_idmap idmap, struct dentry dentry,
		if (!error) {
		fsnotify_change(dentry, ia_valid);
		security_inode_post_setattr(idmap, dentry, ia_valid);
		evm_inode_post_setattr(idmap, dentry, ia_valid);
		}

		return error;

fs/posix_acl.c

+0 −3

Original line number	Diff line number	Diff line
		@@ -26,7 +26,6 @@
		#include <linux/mnt_idmapping.h>
		#include <linux/iversion.h>
		#include <linux/security.h>
		#include <linux/evm.h>
		#include <linux/fsnotify.h>
		#include <linux/filelock.h>

		@@ -1138,7 +1137,6 @@ int vfs_set_acl(struct mnt_idmap idmap, struct dentry dentry,
		if (!error) {
		fsnotify_xattr(dentry);
		security_inode_post_set_acl(dentry, acl_name, kacl);
		evm_inode_post_set_acl(dentry, acl_name, kacl);
		}

		out_inode_unlock:
		@@ -1247,7 +1245,6 @@ int vfs_remove_acl(struct mnt_idmap idmap, struct dentry dentry,
		if (!error) {
		fsnotify_xattr(dentry);
		security_inode_post_remove_acl(idmap, dentry, acl_name);
		evm_inode_post_remove_acl(idmap, dentry, acl_name);
		}

		out_inode_unlock:

fs/xattr.c

+0 −2

Original line number	Diff line number	Diff line
		@@ -16,7 +16,6 @@
		#include <linux/mount.h>
		#include <linux/namei.h>
		#include <linux/security.h>
		#include <linux/evm.h>
		#include <linux/syscalls.h>
		#include <linux/export.h>
		#include <linux/fsnotify.h>
		@@ -557,7 +556,6 @@ __vfs_removexattr_locked(struct mnt_idmap *idmap,

		fsnotify_xattr(dentry);
		security_inode_post_removexattr(dentry, name);
		evm_inode_post_removexattr(dentry, name);

		out:
		return error;

include/linux/evm.h

+0 −113

Original line number	Diff line number	Diff line
		@@ -21,45 +21,6 @@ extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
		void *xattr_value,
		size_t xattr_value_len,
		struct integrity_iint_cache *iint);
		extern int evm_inode_setattr(struct mnt_idmap *idmap,
		struct dentry dentry, struct iattr attr);
		extern void evm_inode_post_setattr(struct mnt_idmap *idmap,
		struct dentry *dentry, int ia_valid);
		extern int evm_inode_setxattr(struct mnt_idmap *idmap,
		struct dentry dentry, const char name,
		const void *value, size_t size, int flags);
		extern void evm_inode_post_setxattr(struct dentry *dentry,
		const char *xattr_name,
		const void *xattr_value,
		size_t xattr_value_len,
		int flags);
		extern int evm_inode_copy_up_xattr(const char *name);
		extern int evm_inode_removexattr(struct mnt_idmap *idmap,
		struct dentry dentry, const char xattr_name);
		extern void evm_inode_post_removexattr(struct dentry *dentry,
		const char *xattr_name);
		static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap,
		struct dentry *dentry,
		const char *acl_name)
		{
		evm_inode_post_removexattr(dentry, acl_name);
		}
		extern int evm_inode_set_acl(struct mnt_idmap *idmap,
		struct dentry dentry, const char acl_name,
		struct posix_acl *kacl);
		static inline int evm_inode_remove_acl(struct mnt_idmap *idmap,
		struct dentry *dentry,
		const char *acl_name)
		{
		return evm_inode_set_acl(idmap, dentry, acl_name, NULL);
		}
		static inline void evm_inode_post_set_acl(struct dentry *dentry,
		const char *acl_name,
		struct posix_acl *kacl)
		{
		return evm_inode_post_setxattr(dentry, acl_name, NULL, 0, 0);
		}

		int evm_inode_init_security(struct inode inode, struct inode dir,
		const struct qstr qstr, struct xattr xattrs,
		int *xattr_count);
		@@ -94,80 +55,6 @@ static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
		}
		#endif

		static inline int evm_inode_setattr(struct mnt_idmap *idmap,
		struct dentry dentry, struct iattr attr)
		{
		return 0;
		}

		static inline void evm_inode_post_setattr(struct mnt_idmap *idmap,
		struct dentry *dentry, int ia_valid)
		{
		return;
		}

		static inline int evm_inode_setxattr(struct mnt_idmap *idmap,
		struct dentry dentry, const char name,
		const void *value, size_t size, int flags)
		{
		return 0;
		}

		static inline void evm_inode_post_setxattr(struct dentry *dentry,
		const char *xattr_name,
		const void *xattr_value,
		size_t xattr_value_len,
		int flags)
		{
		return;
		}

		static inline int evm_inode_copy_up_xattr(const char *name)
		{
		return 0;
		}

		static inline int evm_inode_removexattr(struct mnt_idmap *idmap,
		struct dentry *dentry,
		const char *xattr_name)
		{
		return 0;
		}

		static inline void evm_inode_post_removexattr(struct dentry *dentry,
		const char *xattr_name)
		{
		return;
		}

		static inline void evm_inode_post_remove_acl(struct mnt_idmap *idmap,
		struct dentry *dentry,
		const char *acl_name)
		{
		return;
		}

		static inline int evm_inode_set_acl(struct mnt_idmap *idmap,
		struct dentry dentry, const char acl_name,
		struct posix_acl *kacl)
		{
		return 0;
		}

		static inline int evm_inode_remove_acl(struct mnt_idmap *idmap,
		struct dentry *dentry,
		const char *acl_name)
		{
		return 0;
		}

		static inline void evm_inode_post_set_acl(struct dentry *dentry,
		const char *acl_name,
		struct posix_acl *kacl)
		{
		return;
		}

		static inline int evm_inode_init_security(struct inode inode, struct inode dir,
		const struct qstr *qstr,
		struct xattr *xattrs,

include/uapi/linux/lsm.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -63,6 +63,7 @@ struct lsm_ctx {
		#define LSM_ID_BPF 109
		#define LSM_ID_LANDLOCK 110
		#define LSM_ID_IMA 111
		#define LSM_ID_EVM 112

		/*
		* LSM_ATTR_XXX definitions identify different LSM attributes