disable pwm7

hc

2024-05-10 23fa18eaa71266feff7ba8d83022d9e1cc83c65a

 kernel/security/integrity/ima/ima_template_lib.c
..
..
@@ -1,19 +1,13 @@
1
+// SPDX-License-Identifier: GPL-2.0-only
1
2
 /*
2
3
  * Copyright (C) 2013 Politecnico di Torino, Italy
3
- *                    TORSEC group -- http://security.polito.it
4
+ *                    TORSEC group -- https://security.polito.it
4
5
  *
5
6
  * Author: Roberto Sassu <roberto.sassu@polito.it>
6
- *
7
- * This program is free software; you can redistribute it and/or
8
- * modify it under the terms of the GNU General Public License as
9
- * published by the Free Software Foundation, version 2 of the
10
- * License.
11
7
  *
12
8
  * File: ima_template_lib.c
13
9
  *      Library of supported template fields.
14
10
  */
15
-
16
-#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17
11
 
18
12
 #include "ima_template_lib.h"
19
13
 
..
..
@@ -83,6 +77,7 @@
83
77
 		/* skip ':' and '\0' */
84
78
 		buf_ptr += 2;
85
79
 		buflen -= buf_ptr - field_data->data;
80
+		fallthrough;
86
81
 	case DATA_FMT_DIGEST:
87
82
 	case DATA_FMT_HEX:
88
83
 		if (!buflen)
..
..
@@ -161,6 +156,12 @@
161
156
 	ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data);
162
157
 }
163
158
 
159
+void ima_show_template_buf(struct seq_file *m, enum ima_show_type show,
160
+			   struct ima_field_data *field_data)
161
+{
162
+	ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data);
163
+}
164
+
164
165
 /**
165
166
  * ima_parse_buf() - Parses lengths and data from an input buffer
166
167
  * @bufstartp:       Buffer start address.
..
..
@@ -222,7 +223,8 @@
222
223
 	return 0;
223
224
 }
224
225
 
225
-static int ima_eventdigest_init_common(u8 *digest, u32 digestsize, u8 hash_algo,
226
+static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize,
227
+				       u8 hash_algo,
226
228
 				       struct ima_field_data *field_data)
227
229
 {
228
230
 	/*
..
..
@@ -343,6 +345,41 @@
343
345
 					   hash_algo, field_data);
344
346
 }
345
347
 
348
+/*
349
+ * This function writes the digest of the file which is expected to match the
350
+ * digest contained in the file's appended signature.
351
+ */
352
+int ima_eventdigest_modsig_init(struct ima_event_data *event_data,
353
+				struct ima_field_data *field_data)
354
+{
355
+	enum hash_algo hash_algo;
356
+	const u8 *cur_digest;
357
+	u32 cur_digestsize;
358
+
359
+	if (!event_data->modsig)
360
+		return 0;
361
+
362
+	if (event_data->violation) {
363
+		/* Recording a violation. */
364
+		hash_algo = HASH_ALGO_SHA1;
365
+		cur_digest = NULL;
366
+		cur_digestsize = 0;
367
+	} else {
368
+		int rc;
369
+
370
+		rc = ima_get_modsig_digest(event_data->modsig, &hash_algo,
371
+					   &cur_digest, &cur_digestsize);
372
+		if (rc)
373
+			return rc;
374
+		else if (hash_algo == HASH_ALGO__LAST || cur_digestsize == 0)
375
+			/* There was some error collecting the digest. */
376
+			return -EINVAL;
377
+	}
378
+
379
+	return ima_eventdigest_init_common(cur_digest, cur_digestsize,
380
+					   hash_algo, field_data);
381
+}
382
+
346
383
 static int ima_eventname_init_common(struct ima_event_data *event_data,
347
384
 				     struct ima_field_data *field_data,
348
385
 				     bool size_limit)
..
..
@@ -406,3 +443,44 @@
406
443
 	return ima_write_template_field_data(xattr_value, event_data->xattr_len,
407
444
 					     DATA_FMT_HEX, field_data);
408
445
 }
446
+
447
+/*
448
+ *  ima_eventbuf_init - include the buffer(kexec-cmldine) as part of the
449
+ *  template data.
450
+ */
451
+int ima_eventbuf_init(struct ima_event_data *event_data,
452
+		      struct ima_field_data *field_data)
453
+{
454
+	if ((!event_data->buf) || (event_data->buf_len == 0))
455
+		return 0;
456
+
457
+	return ima_write_template_field_data(event_data->buf,
458
+					     event_data->buf_len, DATA_FMT_HEX,
459
+					     field_data);
460
+}
461
+
462
+/*
463
+ *  ima_eventmodsig_init - include the appended file signature as part of the
464
+ *  template data
465
+ */
466
+int ima_eventmodsig_init(struct ima_event_data *event_data,
467
+			 struct ima_field_data *field_data)
468
+{
469
+	const void *data;
470
+	u32 data_len;
471
+	int rc;
472
+
473
+	if (!event_data->modsig)
474
+		return 0;
475
+
476
+	/*
477
+	 * modsig is a runtime structure containing pointers. Get its raw data
478
+	 * instead.
479
+	 */
480
+	rc = ima_get_raw_modsig(event_data->modsig, &data, &data_len);
481
+	if (rc)
482
+		return rc;
483
+
484
+	return ima_write_template_field_data(data, data_len, DATA_FMT_HEX,
485
+					     field_data);
486
+}