| Function report | 
| Source Code: security\integrity\evm\evm_main.c | Create Date:2022-07-28 19:59:57 | 
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick | 
| home page | Tree | 
| Annotation kernel can get tool activity | Download SCCT | Chinese | 
Name:vm_protect_xattr - protect the EVM extended attribute* Prevent security.evm from being modified or removed without the* necessary permissions or when the existing value is invalid.* The posix xattr acls are 'system' prefixed, which normally would not
Proto:static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name, const void *xattr_value, size_t xattr_value_len)
Type:int
Parameter:
| Type | Parameter | Name | 
|---|---|---|
| struct dentry * | dentry | |
| const char * | xattr_name | |
| const void * | xattr_value | |
| size_t | xattr_value_len | 
| 317 | If strcmp(xattr_name, XATTR_NAME_EVM) == 0 Then | 
| 318 | If Not Check operation authority Then Return -EPERM | 
| 320 | Else if Not evm_protected_xattr(xattr_name) Then | 
| 321 | If Not posix_xattr_acl(xattr_name) Then Return 0 | 
| 324 | If evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS Then Return 0 | 
| 327 | Go to out | 
| 331 | If evm_status == INTEGRITY_NOXATTRS Then | 
| 335 | If iint && flags & IMA_NEW_FILE Then Return 0 | 
| 339 | If s_magic == TMPFS_MAGIC || s_magic == SYSFS_MAGIC Then Return 0 | 
| 343 | integrity_audit_msg(Metadata integrity verification , Where the name belongs to - NULL is * negative , name, "update_metadata", integrity_status_msg[evm_status], - EPERM, 0) | 
| 349 | out : | 
| 355 | Return If evm_status == INTEGRITY_PASS Then 0 Else -EPERM | 
| Name | Describe | 
|---|---|
| evm_inode_setxattr | vm_inode_setxattr - protect the EVM extended attribute*@dentry: pointer to the affected dentry*@xattr_name: pointer to the affected extended attribute name*@xattr_value: pointer to the new extended attribute value*@xattr_value_len: pointer to the new | 
| evm_inode_removexattr | vm_inode_removexattr - protect the EVM extended attribute*@dentry: pointer to the affected dentry*@xattr_name: pointer to the affected extended attribute name* Removing 'security.evm' requires CAP_SYS_ADMIN privileges and that* the current value is valid. | 
| Source code conversion tool public plug-in interface | X | 
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |