~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,19 +1,13 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* Copyright (C) 2013 Politecnico di Torino, Italy
3		- * TORSEC group -- http://security.polito.it
	4	+ * TORSEC group -- https://security.polito.it
4	5	*
5	6	* Author: Roberto Sassu <roberto.sassu@polito.it>
6		- *
7		- * This program is free software; you can redistribute it and/or
8		- * modify it under the terms of the GNU General Public License as
9		- * published by the Free Software Foundation, version 2 of the
10		- * License.
11	7	*
12	8	* File: ima_template_lib.c
13	9	* Library of supported template fields.
14	10	*/
15		-
16		-#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
17	11
18	12	#include "ima_template_lib.h"
19	13
..	..	@@ -83,6 +77,7 @@
83	77	/* skip ':' and '\0' */
84	78	buf_ptr += 2;
85	79	buflen -= buf_ptr - field_data->data;
	80	+ fallthrough;
86	81	case DATA_FMT_DIGEST:
87	82	case DATA_FMT_HEX:
88	83	if (!buflen)
..	..	@@ -161,6 +156,12 @@
161	156	ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data);
162	157	}
163	158
	159	+void ima_show_template_buf(struct seq_file *m, enum ima_show_type show,
	160	+ struct ima_field_data *field_data)
	161	+{
	162	+ ima_show_template_field_data(m, show, DATA_FMT_HEX, field_data);
	163	+}
	164	+
164	165	/**
165	166	* ima_parse_buf() - Parses lengths and data from an input buffer
166	167	* @bufstartp: Buffer start address.
..	..	@@ -222,7 +223,8 @@
222	223	return 0;
223	224	}
224	225
225		-static int ima_eventdigest_init_common(u8 *digest, u32 digestsize, u8 hash_algo,
	226	+static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize,
	227	+ u8 hash_algo,
226	228	struct ima_field_data *field_data)
227	229	{
228	230	/*
..	..	@@ -343,6 +345,41 @@
343	345	hash_algo, field_data);
344	346	}
345	347
	348	+/*
	349	+ * This function writes the digest of the file which is expected to match the
	350	+ * digest contained in the file's appended signature.
	351	+ */
	352	+int ima_eventdigest_modsig_init(struct ima_event_data *event_data,
	353	+ struct ima_field_data *field_data)
	354	+{
	355	+ enum hash_algo hash_algo;
	356	+ const u8 *cur_digest;
	357	+ u32 cur_digestsize;
	358	+
	359	+ if (!event_data->modsig)
	360	+ return 0;
	361	+
	362	+ if (event_data->violation) {
	363	+ /* Recording a violation. */
	364	+ hash_algo = HASH_ALGO_SHA1;
	365	+ cur_digest = NULL;
	366	+ cur_digestsize = 0;
	367	+ } else {
	368	+ int rc;
	369	+
	370	+ rc = ima_get_modsig_digest(event_data->modsig, &hash_algo,
	371	+ &cur_digest, &cur_digestsize);
	372	+ if (rc)
	373	+ return rc;
	374	+ else if (hash_algo == HASH_ALGO__LAST \|\| cur_digestsize == 0)
	375	+ /* There was some error collecting the digest. */
	376	+ return -EINVAL;
	377	+ }
	378	+
	379	+ return ima_eventdigest_init_common(cur_digest, cur_digestsize,
	380	+ hash_algo, field_data);
	381	+}
	382	+
346	383	static int ima_eventname_init_common(struct ima_event_data *event_data,
347	384	struct ima_field_data *field_data,
348	385	bool size_limit)
..	..	@@ -406,3 +443,44 @@
406	443	return ima_write_template_field_data(xattr_value, event_data->xattr_len,
407	444	DATA_FMT_HEX, field_data);
408	445	}
	446	+
	447	+/*
	448	+ * ima_eventbuf_init - include the buffer(kexec-cmldine) as part of the
	449	+ * template data.
	450	+ */
	451	+int ima_eventbuf_init(struct ima_event_data *event_data,
	452	+ struct ima_field_data *field_data)
	453	+{
	454	+ if ((!event_data->buf) \|\| (event_data->buf_len == 0))
	455	+ return 0;
	456	+
	457	+ return ima_write_template_field_data(event_data->buf,
	458	+ event_data->buf_len, DATA_FMT_HEX,
	459	+ field_data);
	460	+}
	461	+
	462	+/*
	463	+ * ima_eventmodsig_init - include the appended file signature as part of the
	464	+ * template data
	465	+ */
	466	+int ima_eventmodsig_init(struct ima_event_data *event_data,
	467	+ struct ima_field_data *field_data)
	468	+{
	469	+ const void *data;
	470	+ u32 data_len;
	471	+ int rc;
	472	+
	473	+ if (!event_data->modsig)
	474	+ return 0;
	475	+
	476	+ /*
	477	+ * modsig is a runtime structure containing pointers. Get its raw data
	478	+ * instead.
	479	+ */
	480	+ rc = ima_get_raw_modsig(event_data->modsig, &data, &data_len);
	481	+ if (rc)
	482	+ return rc;
	483	+
	484	+ return ima_write_template_field_data(data, data_len, DATA_FMT_HEX,
	485	+ field_data);
	486	+}