Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\evm\evm_crypto.c Create Date:2022-07-28 20:00:09
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:Protect against 'cutting & pasting' security.evm xattr, include inode* specific info.* (Additional directory/file metadata needs to be added for more complete* protection.)

Proto:static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, char type, char *digest)

Type:void

Parameter:

TypeParameterName
struct shash_desc *desc
struct inode *inode
chartype
char *digest
145  struct h_misc{unsigned long ino;__u32 generation;uid_t uid;gid_t gid;umode_t mode;}hmac_misc
153  memset( & hmac_misc, 0, size of hmac_misc )
157  If type != EVM_XATTR_PORTABLE_DIGSIG Then
158  ino = Stat data, not accessed from path walking
159  generation = i_generation
169  uid = m_kuid - Create a uid from a kuid user-namespace pair.*@targ: The user namespace we want a uid in.*@kuid: The kernel internal uid to start with.* Map @kuid into the user-namespace specified by @targ and* return the resulting uid.
170  gid = m_kgid - Create a gid from a kgid user-namespace pair.*@targ: The user namespace we want a gid in.*@kgid: The kernel internal gid to start with.* Map @kgid into the user-namespace specified by @targ and* return the resulting gid.
171  mode = i_mode
172  rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data
173  If evm_hmac_attrs & EVM_ATTR_FSUUID && type != EVM_XATTR_PORTABLE_DIGSIG Then rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data
176  rypto_shash_final() - calculate message digest*@desc: operational state handle that is already filled with data*@out: output buffer filled with the message digest* Finalize the message digest operation and create the message digest
Caller
NameDescribe
evm_calc_hmac_or_hashCalculate the HMAC value across the set of protected security xattrs.* Instead of retrieving the requested xattr, for performance, calculate* the hmac using the requested xattr value. Don't alloc/free memory for
evm_init_hmac