~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,3 +1,4 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* Copyright (C) 2005-2010 IBM Corporation
3	4	*
..	..	@@ -5,18 +6,12 @@
5	6	* Mimi Zohar <zohar@us.ibm.com>
6	7	* Kylene Hall <kjhall@us.ibm.com>
7	8	*
8		- * This program is free software; you can redistribute it and/or modify
9		- * it under the terms of the GNU General Public License as published by
10		- * the Free Software Foundation, version 2 of the License.
11		- *
12	9	* File: evm_main.c
13	10	* implements evm_inode_setxattr, evm_inode_post_setxattr,
14	11	* evm_inode_removexattr, and evm_verifyxattr
15	12	*/
16	13
17		-#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18		-
19		-#include <linux/module.h>
	14	+#include <linux/init.h>
20	15	#include <linux/crypto.h>
21	16	#include <linux/audit.h>
22	17	#include <linux/xattr.h>
..	..	@@ -64,7 +59,10 @@
64	59	{
65	60	if (strncmp(str, "fix", 3) == 0)
66	61	evm_fixmode = 1;
67		- return 0;
	62	+ else
	63	+ pr_err("invalid \"%s\" mode", str);
	64	+
	65	+ return 1;
68	66	}
69	67	__setup("evm=", evm_set_fixmode);
70	68
..	..	@@ -103,7 +101,8 @@
103	101	return -EOPNOTSUPP;
104	102
105	103	list_for_each_entry_lockless(xattr, &evm_config_xattrnames, list) {
106		- error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0);
	104	+ error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0,
	105	+ XATTR_NOSECURITY);
107	106	if (error < 0) {
108	107	if (error == -ENODATA)
109	108	continue;
..	..	@@ -169,7 +168,7 @@
169	168	/* check value type */
170	169	switch (xattr_data->type) {
171	170	case EVM_XATTR_HMAC:
172		- if (xattr_len != sizeof(struct evm_ima_xattr_data)) {
	171	+ if (xattr_len != sizeof(struct evm_xattr)) {
173	172	evm_status = INTEGRITY_FAIL;
174	173	goto out;
175	174	}
..	..	@@ -179,7 +178,7 @@
179	178	xattr_value_len, &digest);
180	179	if (rc)
181	180	break;
182		- rc = crypto_memneq(xattr_data->digest, digest.digest,
	181	+ rc = crypto_memneq(xattr_data->data, digest.digest,
183	182	SHA1_DIGEST_SIZE);
184	183	if (rc)
185	184	rc = -EINVAL;
..	..	@@ -474,7 +473,9 @@
474	473
475	474	/**
476	475	* evm_inode_setattr - prevent updating an invalid EVM extended attribute
	476	+ * @idmap: idmap of the mount
477	477	* @dentry: pointer to the affected dentry
	478	+ * @attr: iattr structure containing the new file attributes
478	479	*
479	480	* Permit update of file attributes when files have a valid EVM signature,
480	481	* except in the case of them having an immutable portable signature.
..	..	@@ -529,7 +530,7 @@
529	530	const struct xattr *lsm_xattr,
530	531	struct xattr *evm_xattr)
531	532	{
532		- struct evm_ima_xattr_data *xattr_data;
	533	+ struct evm_xattr *xattr_data;
533	534	int rc;
534	535
535	536	if (!(evm_initialized & EVM_INIT_HMAC) \|\|
..	..	@@ -540,7 +541,7 @@
540	541	if (!xattr_data)
541	542	return -ENOMEM;
542	543
543		- xattr_data->type = EVM_XATTR_HMAC;
	544	+ xattr_data->data.type = EVM_XATTR_HMAC;
544	545	rc = evm_init_hmac(inode, lsm_xattr, xattr_data->digest);
545	546	if (rc < 0)
546	547	goto out;
..	..	@@ -570,7 +571,6 @@
570	571	{
571	572	int error;
572	573	struct list_head pos, q;
573		- struct xattr_list *xattr;
574	574
575	575	evm_init_config();
576	576
..	..	@@ -587,11 +587,8 @@
587	587	error:
588	588	if (error != 0) {
589	589	if (!list_empty(&evm_config_xattrnames)) {
590		- list_for_each_safe(pos, q, &evm_config_xattrnames) {
591		- xattr = list_entry(pos, struct xattr_list,
592		- list);
	590	+ list_for_each_safe(pos, q, &evm_config_xattrnames)
593	591	list_del(pos);
594		- }
595	592	}
596	593	}
597	594
..	..	@@ -599,6 +596,3 @@
599	596	}
600	597
601	598	late_initcall(init_evm);
602		-
603		-MODULE_DESCRIPTION("Extended Verification Module");
604		-MODULE_LICENSE("GPL");