static int ima_eventname_init_common(struct integrity_iint_cache *iint,
struct file *file,
const unsigned char *filename,
struct ima_field_data *field_data,
bool size_limit)
{
const char *cur_filename = NULL;
u32 cur_filename_len = 0;
enum data_formats fmt = size_limit ?
DATA_FMT_EVENT_NAME : DATA_FMT_STRING;
BUG_ON(filename == NULL && file == NULL);
if (filename) {
cur_filename = filename;
cur_filename_len = strlen(filename);
if (!size_limit || cur_filename_len <= IMA_EVENT_NAME_LEN_MAX)
goto out;
}
if (file) {
cur_filename = file->f_dentry->d_name.name;
cur_filename_len = strlen(cur_filename);
} else
/*
* Truncate filename if the latter is too long and
* the file descriptor is not available.
*/
cur_filename_len = IMA_EVENT_NAME_LEN_MAX;
out:
return ima_write_template_field_data(cur_filename, cur_filename_len,
fmt, field_data);
}
static int ima_eventname_init_common(struct ima_event_data *event_data,
struct ima_field_data *field_data,
bool size_limit)
{
const char *cur_filename = NULL;
u32 cur_filename_len = 0;
BUG_ON(event_data->filename == NULL && event_data->file == NULL);
if (event_data->filename) {
cur_filename = event_data->filename;
cur_filename_len = strlen(event_data->filename);
if (!size_limit || cur_filename_len <= IMA_EVENT_NAME_LEN_MAX)
goto out;
}
if (event_data->file) {
cur_filename = event_data->file->f_path.dentry->d_name.name;
cur_filename_len = strlen(cur_filename);
} else
/*
* Truncate filename if the latter is too long and
* the file descriptor is not available.
*/
cur_filename_len = IMA_EVENT_NAME_LEN_MAX;
out:
return ima_write_template_field_data(cur_filename, cur_filename_len,
DATA_FMT_STRING, field_data);
}
static int ima_eventdigest_init_common(u8 *digest, u32 digestsize, u8 hash_algo,
struct ima_field_data *field_data)
{
/*
* digest formats:
* - DATA_FMT_DIGEST: digest
* - DATA_FMT_DIGEST_WITH_ALGO: [<hash algo>] + ':' + '\0' + digest,
* where <hash algo> is provided if the hash algoritm is not
* SHA1 or MD5
*/
u8 buffer[CRYPTO_MAX_ALG_NAME + 2 + IMA_MAX_DIGEST_SIZE] = { 0 };
enum data_formats fmt = DATA_FMT_DIGEST;
u32 offset = 0;
if (hash_algo < HASH_ALGO__LAST) {
fmt = DATA_FMT_DIGEST_WITH_ALGO;
offset += snprintf(buffer, CRYPTO_MAX_ALG_NAME + 1, "%s",
hash_algo_name[hash_algo]);
buffer[offset] = ':';
offset += 2;
}
if (digest)
memcpy(buffer + offset, digest, digestsize);
else
/*
* If digest is NULL, the event being recorded is a violation.
* Make room for the digest by increasing the offset of
* IMA_DIGEST_SIZE.
*/
offset += IMA_DIGEST_SIZE;
return ima_write_template_field_data(buffer, offset + digestsize,
fmt, field_data);
}
/*
* ima_eventsig_init - include the file signature as part of the template data
*/
int ima_eventsig_init(struct integrity_iint_cache *iint, struct file *file,
const unsigned char *filename,
struct evm_ima_xattr_data *xattr_value, int xattr_len,
struct ima_field_data *field_data)
{
enum data_formats fmt = DATA_FMT_HEX;
int rc = 0;
if ((!xattr_value) || (xattr_value->type != EVM_IMA_XATTR_DIGSIG))
goto out;
rc = ima_write_template_field_data(xattr_value, xattr_len, fmt,
field_data);
out:
return rc;
}
/*
* ima_eventsig_init - include the file signature as part of the template data
*/
int ima_eventsig_init(struct ima_event_data *event_data,
struct ima_field_data *field_data)
{
enum data_formats fmt = DATA_FMT_HEX;
struct evm_ima_xattr_data *xattr_value = event_data->xattr_value;
int xattr_len = event_data->xattr_len;
int rc = 0;
if ((!xattr_value) || (xattr_value->type != EVM_IMA_XATTR_DIGSIG))
goto out;
rc = ima_write_template_field_data(xattr_value, xattr_len, fmt,
field_data);
out:
return rc;
}
