integrity: move ima inode integrity data management

Move the inode integrity data(iint) management up to the integrity directory in order to share the iint among the different integrity models. Changelog: - don't define MAX_DIGEST_SIZE - rename several globally visible 'ima_' prefixed functions, structs, locks, etc to 'integrity_' - replace '20' with SHA1_DIGEST_SIZE - reflect location change in appropriate Kconfig and Makefiles - remove unnecessary initialization of iint_initialized to 0 - rebased on current ima_iint.c - define integrity_iint_store/lock as static There should be no other functional changes. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
author: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-03-09 14:13:22 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-07-18 12:29:38 -0400
commit: f381c272224f5f158f5cff64f8f3481fa0eee8b3 (patch)
tree: a003dc4c6635c9d2fa90f31577ba5e7ea7bc71b1 /security/integrity/integrity.h
parent: 9d8f13ba3f4833219e50767b022b82cd0da930eb (diff)
1 files changed, 35 insertions, 0 deletions
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
new file mode 100644
index 000000000000..7351836325a8
--- /dev/null
+++ b/security/integrity/integrity.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2009-2010 IBM Corporation
+ *
+ * Authors:
+ * Mimi Zohar <zohar@us.ibm.com>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ */
+#include <linux/types.h>
+#include <linux/integrity.h>
+#include <crypto/sha.h>
+/* iint cache flags */
+#define IMA_MEASURED            0x01
+/* integrity data associated with an inode */
+struct integrity_iint_cache {
+        struct rb_node rb_node; /* rooted in integrity_iint_tree */
+        struct inode *inode;    /* back pointer to inode in question */
+        u64 version;            /* track inode changes */
+        unsigned char flags;
+        u8 digest[SHA1_DIGEST_SIZE];
+        struct mutex mutex;     /* protects: version, flags, digest */
+};
+/* rbtree tree calls to lookup, insert, delete
+ * integrity data associated with an inode.
+ */
+struct integrity_iint_cache *integrity_iint_insert(struct inode *inode);
+struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	2011-03-09 14:13:22 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2011-07-18 12:29:38 -0400
commit	f381c272224f5f158f5cff64f8f3481fa0eee8b3 (patch)
tree	a003dc4c6635c9d2fa90f31577ba5e7ea7bc71b1 /security/integrity/integrity.h
parent	9d8f13ba3f4833219e50767b022b82cd0da930eb (diff)

diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h new file mode 100644 index 000000000000..7351836325a8 --- /dev/null +++ b/security/integrity/integrity.h
@@ -0,0 +1,35 @@
	1	/*
	2	* Copyright (C) 2009-2010 IBM Corporation
	3	*
	4	* Authors:
	5	* Mimi Zohar <zohar@us.ibm.com>
	6	*
	7	* This program is free software; you can redistribute it and/or
	8	* modify it under the terms of the GNU General Public License as
	9	* published by the Free Software Foundation, version 2 of the
	10	* License.
	11	*
	12	*/
	13
	14	#include <linux/types.h>
	15	#include <linux/integrity.h>
	16	#include <crypto/sha.h>
	17
	18	/* iint cache flags */
	19	#define IMA_MEASURED 0x01
	20
	21	/* integrity data associated with an inode */
	22	struct integrity_iint_cache {
	23	struct rb_node rb_node; /* rooted in integrity_iint_tree */
	24	struct inode inode; / back pointer to inode in question */
	25	u64 version; /* track inode changes */
	26	unsigned char flags;
	27	u8 digest[SHA1_DIGEST_SIZE];
	28	struct mutex mutex; /* protects: version, flags, digest */
	29	};
	30
	31	/* rbtree tree calls to lookup, insert, delete
	32	* integrity data associated with an inode.
	33	*/
	34	struct integrity_iint_cache integrity_iint_insert(struct inode inode);
	35	struct integrity_iint_cache integrity_iint_find(struct inode inode);