aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_fs.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/ima_fs.c')
-rw-r--r--security/integrity/ima/ima_fs.c67
1 files changed, 31 insertions, 36 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 38477c9c3415..d47a7c86a21d 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -88,8 +88,7 @@ static void *ima_measurements_next(struct seq_file *m, void *v, loff_t *pos)
88 * against concurrent list-extension 88 * against concurrent list-extension
89 */ 89 */
90 rcu_read_lock(); 90 rcu_read_lock();
91 qe = list_entry_rcu(qe->later.next, 91 qe = list_entry_rcu(qe->later.next, struct ima_queue_entry, later);
92 struct ima_queue_entry, later);
93 rcu_read_unlock(); 92 rcu_read_unlock();
94 (*pos)++; 93 (*pos)++;
95 94
@@ -100,7 +99,7 @@ static void ima_measurements_stop(struct seq_file *m, void *v)
100{ 99{
101} 100}
102 101
103static void ima_putc(struct seq_file *m, void *data, int datalen) 102void ima_putc(struct seq_file *m, void *data, int datalen)
104{ 103{
105 while (datalen--) 104 while (datalen--)
106 seq_putc(m, *(char *)data++); 105 seq_putc(m, *(char *)data++);
@@ -111,6 +110,7 @@ static void ima_putc(struct seq_file *m, void *data, int datalen)
111 * char[20]=template digest 110 * char[20]=template digest
112 * 32bit-le=template name size 111 * 32bit-le=template name size
113 * char[n]=template name 112 * char[n]=template name
113 * [eventdata length]
114 * eventdata[n]=template specific data 114 * eventdata[n]=template specific data
115 */ 115 */
116static int ima_measurements_show(struct seq_file *m, void *v) 116static int ima_measurements_show(struct seq_file *m, void *v)
@@ -120,6 +120,7 @@ static int ima_measurements_show(struct seq_file *m, void *v)
120 struct ima_template_entry *e; 120 struct ima_template_entry *e;
121 int namelen; 121 int namelen;
122 u32 pcr = CONFIG_IMA_MEASURE_PCR_IDX; 122 u32 pcr = CONFIG_IMA_MEASURE_PCR_IDX;
123 int i;
123 124
124 /* get entry */ 125 /* get entry */
125 e = qe->entry; 126 e = qe->entry;
@@ -134,18 +135,25 @@ static int ima_measurements_show(struct seq_file *m, void *v)
134 ima_putc(m, &pcr, sizeof pcr); 135 ima_putc(m, &pcr, sizeof pcr);
135 136
136 /* 2nd: template digest */ 137 /* 2nd: template digest */
137 ima_putc(m, e->digest, IMA_DIGEST_SIZE); 138 ima_putc(m, e->digest, TPM_DIGEST_SIZE);
138 139
139 /* 3rd: template name size */ 140 /* 3rd: template name size */
140 namelen = strlen(e->template_name); 141 namelen = strlen(e->template_desc->name);
141 ima_putc(m, &namelen, sizeof namelen); 142 ima_putc(m, &namelen, sizeof namelen);
142 143
143 /* 4th: template name */ 144 /* 4th: template name */
144 ima_putc(m, (void *)e->template_name, namelen); 145 ima_putc(m, e->template_desc->name, namelen);
146
147 /* 5th: template length (except for 'ima' template) */
148 if (strcmp(e->template_desc->name, IMA_TEMPLATE_IMA_NAME) != 0)
149 ima_putc(m, &e->template_data_len,
150 sizeof(e->template_data_len));
145 151
146 /* 5th: template specific data */ 152 /* 6th: template specific data */
147 ima_template_show(m, (struct ima_template_data *)&e->template, 153 for (i = 0; i < e->template_desc->num_fields; i++) {
148 IMA_SHOW_BINARY); 154 e->template_desc->fields[i]->field_show(m, IMA_SHOW_BINARY,
155 &e->template_data[i]);
156 }
149 return 0; 157 return 0;
150} 158}
151 159
@@ -168,41 +176,21 @@ static const struct file_operations ima_measurements_ops = {
168 .release = seq_release, 176 .release = seq_release,
169}; 177};
170 178
171static void ima_print_digest(struct seq_file *m, u8 *digest) 179void ima_print_digest(struct seq_file *m, u8 *digest, int size)
172{ 180{
173 int i; 181 int i;
174 182
175 for (i = 0; i < IMA_DIGEST_SIZE; i++) 183 for (i = 0; i < size; i++)
176 seq_printf(m, "%02x", *(digest + i)); 184 seq_printf(m, "%02x", *(digest + i));
177} 185}
178 186
179void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show)
180{
181 struct ima_template_data *entry = e;
182 int namelen;
183
184 switch (show) {
185 case IMA_SHOW_ASCII:
186 ima_print_digest(m, entry->digest);
187 seq_printf(m, " %s\n", entry->file_name);
188 break;
189 case IMA_SHOW_BINARY:
190 ima_putc(m, entry->digest, IMA_DIGEST_SIZE);
191
192 namelen = strlen(entry->file_name);
193 ima_putc(m, &namelen, sizeof namelen);
194 ima_putc(m, entry->file_name, namelen);
195 default:
196 break;
197 }
198}
199
200/* print in ascii */ 187/* print in ascii */
201static int ima_ascii_measurements_show(struct seq_file *m, void *v) 188static int ima_ascii_measurements_show(struct seq_file *m, void *v)
202{ 189{
203 /* the list never shrinks, so we don't need a lock here */ 190 /* the list never shrinks, so we don't need a lock here */
204 struct ima_queue_entry *qe = v; 191 struct ima_queue_entry *qe = v;
205 struct ima_template_entry *e; 192 struct ima_template_entry *e;
193 int i;
206 194
207 /* get entry */ 195 /* get entry */
208 e = qe->entry; 196 e = qe->entry;
@@ -213,14 +201,21 @@ static int ima_ascii_measurements_show(struct seq_file *m, void *v)
213 seq_printf(m, "%2d ", CONFIG_IMA_MEASURE_PCR_IDX); 201 seq_printf(m, "%2d ", CONFIG_IMA_MEASURE_PCR_IDX);
214 202
215 /* 2nd: SHA1 template hash */ 203 /* 2nd: SHA1 template hash */
216 ima_print_digest(m, e->digest); 204 ima_print_digest(m, e->digest, TPM_DIGEST_SIZE);
217 205
218 /* 3th: template name */ 206 /* 3th: template name */
219 seq_printf(m, " %s ", e->template_name); 207 seq_printf(m, " %s", e->template_desc->name);
220 208
221 /* 4th: template specific data */ 209 /* 4th: template specific data */
222 ima_template_show(m, (struct ima_template_data *)&e->template, 210 for (i = 0; i < e->template_desc->num_fields; i++) {
223 IMA_SHOW_ASCII); 211 seq_puts(m, " ");
212 if (e->template_data[i].len == 0)
213 continue;
214
215 e->template_desc->fields[i]->field_show(m, IMA_SHOW_ASCII,
216 &e->template_data[i]);
217 }
218 seq_puts(m, "\n");
224 return 0; 219 return 0;
225} 220}
226 221
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-25 16:14:21 -0500