add dts config

hc

2023-12-06 08f87f769b595151be1afeff53e144f543faa614

 kernel/security/integrity/evm/evm_main.c
..
..
@@ -1,3 +1,4 @@
1
+// SPDX-License-Identifier: GPL-2.0-only
1
2
 /*
2
3
  * Copyright (C) 2005-2010 IBM Corporation
3
4
  *
..
..
@@ -5,18 +6,12 @@
5
6
  * Mimi Zohar <zohar@us.ibm.com>
6
7
  * Kylene Hall <kjhall@us.ibm.com>
7
8
  *
8
- * This program is free software; you can redistribute it and/or modify
9
- * it under the terms of the GNU General Public License as published by
10
- * the Free Software Foundation, version 2 of the License.
11
- *
12
9
  * File: evm_main.c
13
10
  *	implements evm_inode_setxattr, evm_inode_post_setxattr,
14
11
  *	evm_inode_removexattr, and evm_verifyxattr
15
12
  */
16
13
 
17
-#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
18
-
19
-#include <linux/module.h>
14
+#include <linux/init.h>
20
15
 #include <linux/crypto.h>
21
16
 #include <linux/audit.h>
22
17
 #include <linux/xattr.h>
..
..
@@ -64,7 +59,10 @@
64
59
 {
65
60
 	if (strncmp(str, "fix", 3) == 0)
66
61
 		evm_fixmode = 1;
67
-	return 0;
62
+	else
63
+		pr_err("invalid \"%s\" mode", str);
64
+
65
+	return 1;
68
66
 }
69
67
 __setup("evm=", evm_set_fixmode);
70
68
 
..
..
@@ -103,7 +101,8 @@
103
101
 		return -EOPNOTSUPP;
104
102
 
105
103
 	list_for_each_entry_lockless(xattr, &evm_config_xattrnames, list) {
106
-		error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0);
104
+		error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0,
105
+				       XATTR_NOSECURITY);
107
106
 		if (error < 0) {
108
107
 			if (error == -ENODATA)
109
108
 				continue;
..
..
@@ -169,7 +168,7 @@
169
168
 	/* check value type */
170
169
 	switch (xattr_data->type) {
171
170
 	case EVM_XATTR_HMAC:
172
-		if (xattr_len != sizeof(struct evm_ima_xattr_data)) {
171
+		if (xattr_len != sizeof(struct evm_xattr)) {
173
172
 			evm_status = INTEGRITY_FAIL;
174
173
 			goto out;
175
174
 		}
..
..
@@ -179,7 +178,7 @@
179
178
 				   xattr_value_len, &digest);
180
179
 		if (rc)
181
180
 			break;
182
-		rc = crypto_memneq(xattr_data->digest, digest.digest,
181
+		rc = crypto_memneq(xattr_data->data, digest.digest,
183
182
 				   SHA1_DIGEST_SIZE);
184
183
 		if (rc)
185
184
 			rc = -EINVAL;
..
..
@@ -529,7 +528,7 @@
529
528
 				 const struct xattr *lsm_xattr,
530
529
 				 struct xattr *evm_xattr)
531
530
 {
532
-	struct evm_ima_xattr_data *xattr_data;
531
+	struct evm_xattr *xattr_data;
533
532
 	int rc;
534
533
 
535
534
 	if (!(evm_initialized & EVM_INIT_HMAC) ||
..
..
@@ -540,7 +539,7 @@
540
539
 	if (!xattr_data)
541
540
 		return -ENOMEM;
542
541
 
543
-	xattr_data->type = EVM_XATTR_HMAC;
542
+	xattr_data->data.type = EVM_XATTR_HMAC;
544
543
 	rc = evm_init_hmac(inode, lsm_xattr, xattr_data->digest);
545
544
 	if (rc < 0)
546
545
 		goto out;
..
..
@@ -570,7 +569,6 @@
570
569
 {
571
570
 	int error;
572
571
 	struct list_head *pos, *q;
573
-	struct xattr_list *xattr;
574
572
 
575
573
 	evm_init_config();
576
574
 
..
..
@@ -587,11 +585,8 @@
587
585
 error:
588
586
 	if (error != 0) {
589
587
 		if (!list_empty(&evm_config_xattrnames)) {
590
-			list_for_each_safe(pos, q, &evm_config_xattrnames) {
591
-				xattr = list_entry(pos, struct xattr_list,
592
-						   list);
588
+			list_for_each_safe(pos, q, &evm_config_xattrnames)
593
589
 				list_del(pos);
594
-			}
595
590
 		}
596
591
 	}
597
592
 
..
..
@@ -599,6 +594,3 @@
599
594
 }
600
595
 
601
596
 late_initcall(init_evm);
602
-
603
-MODULE_DESCRIPTION("Extended Verification Module");
604
-MODULE_LICENSE("GPL");