evm: replace hmac_status with evm_status

We will use digital signatures in addtion to hmac. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
author: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> 2011-05-06 04:34:17 -0400
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2011-07-18 12:29:48 -0400
commit: 24e0198efe0df50034ec1c14b2d7b5bb0f66d54a (patch)
tree: 64f7d23cd7b07dabe826c2a6ed37f7c1842816b2 /security
parent: 6d38ca01c0c2d6c2e46ec1984db9ada6bad6ca26 (diff)
3 files changed, 9 insertions, 9 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index bfe44dff61bb..eb07f9d13c24 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -56,8 +56,8 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
        struct evm_ima_xattr_data xattr_data;
        int rc;
-        if (iint->hmac_status == INTEGRITY_PASS)
+        if (iint->evm_status == INTEGRITY_PASS)
-                return iint->hmac_status;
+                return iint->evm_status;
        /* if status is not PASS, try to check again - against -ENOMEM */
@@ -71,18 +71,18 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
                           sizeof xattr_data, GFP_NOFS);
        if (rc < 0)
                goto err_out;
-        iint->hmac_status = INTEGRITY_PASS;
+        iint->evm_status = INTEGRITY_PASS;
-        return iint->hmac_status;
+        return iint->evm_status;
 err_out:
        switch (rc) {
        case -ENODATA:          /* file not labelled */
-                iint->hmac_status = INTEGRITY_NOLABEL;
+                iint->evm_status = INTEGRITY_NOLABEL;
                break;
        default:
-                iint->hmac_status = INTEGRITY_FAIL;
+                iint->evm_status = INTEGRITY_FAIL;
        }
-        return iint->hmac_status;
+        return iint->evm_status;
 }
 static int evm_protected_xattr(const char *req_xattr_name)
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index 991df20709b0..0a23e075e1d2 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -157,7 +157,7 @@ static void init_once(void *foo)
        iint->version = 0;
        iint->flags = 0UL;
        mutex_init(&iint->mutex);
-        iint->hmac_status = INTEGRITY_UNKNOWN;
+        iint->evm_status = INTEGRITY_UNKNOWN;
 }
 static int __init integrity_iintcache_init(void)
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index 7efbf560b7d5..880bbee2f534 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -37,7 +37,7 @@ struct integrity_iint_cache {
        unsigned char flags;
        u8 digest[SHA1_DIGEST_SIZE];
        struct mutex mutex;     /* protects: version, flags, digest */
-        enum integrity_status hmac_status;
+        enum integrity_status evm_status;
 };
 /* rbtree tree calls to lookup, insert, delete
author	Dmitry Kasatkin <dmitry.kasatkin@nokia.com>	2011-05-06 04:34:17 -0400
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2011-07-18 12:29:48 -0400
commit	24e0198efe0df50034ec1c14b2d7b5bb0f66d54a (patch)
tree	64f7d23cd7b07dabe826c2a6ed37f7c1842816b2 /security
parent	6d38ca01c0c2d6c2e46ec1984db9ada6bad6ca26 (diff)

diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index bfe44dff61bb..eb07f9d13c24 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c
@@ -56,8 +56,8 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
56	struct evm_ima_xattr_data xattr_data;	56	struct evm_ima_xattr_data xattr_data;
57	int rc;	57	int rc;
58		58
59	if (iint->hmac_status == INTEGRITY_PASS)	59	if (iint->evm_status == INTEGRITY_PASS)
60	return iint->hmac_status;	60	return iint->evm_status;
61		61
62	/* if status is not PASS, try to check again - against -ENOMEM */	62	/* if status is not PASS, try to check again - against -ENOMEM */
63		63
@@ -71,18 +71,18 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
71	sizeof xattr_data, GFP_NOFS);	71	sizeof xattr_data, GFP_NOFS);
72	if (rc < 0)	72	if (rc < 0)
73	goto err_out;	73	goto err_out;
74	iint->hmac_status = INTEGRITY_PASS;	74	iint->evm_status = INTEGRITY_PASS;
75	return iint->hmac_status;	75	return iint->evm_status;
76		76
77	err_out:	77	err_out:
78	switch (rc) {	78	switch (rc) {
79	case -ENODATA: /* file not labelled */	79	case -ENODATA: /* file not labelled */
80	iint->hmac_status = INTEGRITY_NOLABEL;	80	iint->evm_status = INTEGRITY_NOLABEL;
81	break;	81	break;
82	default:	82	default:
83	iint->hmac_status = INTEGRITY_FAIL;	83	iint->evm_status = INTEGRITY_FAIL;
84	}	84	}
85	return iint->hmac_status;	85	return iint->evm_status;
86	}	86	}
87		87
88	static int evm_protected_xattr(const char *req_xattr_name)	88	static int evm_protected_xattr(const char *req_xattr_name)


diff --git a/security/integrity/iint.c b/security/integrity/iint.c index 991df20709b0..0a23e075e1d2 100644 --- a/security/integrity/iint.c +++ b/security/integrity/iint.c
@@ -157,7 +157,7 @@ static void init_once(void *foo)
157	iint->version = 0;	157	iint->version = 0;
158	iint->flags = 0UL;	158	iint->flags = 0UL;
159	mutex_init(&iint->mutex);	159	mutex_init(&iint->mutex);
160	iint->hmac_status = INTEGRITY_UNKNOWN;	160	iint->evm_status = INTEGRITY_UNKNOWN;
161	}	161	}
162		162
163	static int __init integrity_iintcache_init(void)	163	static int __init integrity_iintcache_init(void)


diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index 7efbf560b7d5..880bbee2f534 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h
@@ -37,7 +37,7 @@ struct integrity_iint_cache {
37	unsigned char flags;	37	unsigned char flags;
38	u8 digest[SHA1_DIGEST_SIZE];	38	u8 digest[SHA1_DIGEST_SIZE];
39	struct mutex mutex; /* protects: version, flags, digest */	39	struct mutex mutex; /* protects: version, flags, digest */
40	enum integrity_status hmac_status;	40	enum integrity_status evm_status;
41	};	41	};
42		42
43	/* rbtree tree calls to lookup, insert, delete	43	/* rbtree tree calls to lookup, insert, delete