Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\evm\evm_main.c Create Date:2022-07-28 19:59:57
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:vm_verify_current_integrity - verify the dentry's metadata integrity*@dentry: pointer to the affected dentry* Verify and return the dentry's metadata integrity. The exceptions are* before EVM is initialized or in 'fix' mode.

Proto:static enum integrity_status evm_verify_current_integrity(struct dentry *dentry)

Type:enum integrity_status

Parameter:

TypeParameterName
struct dentry *dentry
293  inode = d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
295  If Not evm_key_loaded() || Not S_ISREG(i_mode) || evm_fixmode Then Return 0
297  Return vm_verify_hmac - calculate and compare the HMAC with the EVM xattr* Compute the HMAC on the dentry's protected set of extended attributes* and compare it against the stored security
Caller
NameDescribe
evm_protect_xattrvm_protect_xattr - protect the EVM extended attribute* Prevent security.evm from being modified or removed without the* necessary permissions or when the existing value is invalid.* The posix xattr acls are 'system' prefixed, which normally would not
evm_inode_setattrvm_inode_setattr - prevent updating an invalid EVM extended attribute*@dentry: pointer to the affected dentry* Permit update of file attributes when files have a valid EVM signature,* except in the case of them having an immutable portable signature.