diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-03-09 20:40:44 +0100 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-07-18 18:29:45 +0200 |
commit | cb72318069d5e92eb74840118732c66eb38c812f (patch) | |
tree | eb4e9a6c923567e01ddd1340f9430eb3c43f4aeb /security/integrity/evm/evm_crypto.c | |
parent | evm: imbed evm_inode_post_setattr (diff) | |
download | linux-cb72318069d5e92eb74840118732c66eb38c812f.tar.xz linux-cb72318069d5e92eb74840118732c66eb38c812f.zip |
evm: add evm_inode_init_security to initialize new files
Initialize 'security.evm' for new files.
Changelog v7:
- renamed evm_inode_post_init_security to evm_inode_init_security
- moved struct xattr definition to earlier patch
- allocate xattr name
Changelog v6:
- Use 'struct evm_ima_xattr_data'
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'security/integrity/evm/evm_crypto.c')
-rw-r--r-- | security/integrity/evm/evm_crypto.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index c631b99bda95..c9902bddcb9a 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -157,6 +157,26 @@ int evm_update_evmxattr(struct dentry *dentry, const char *xattr_name, return rc; } +int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr, + char *hmac_val) +{ + struct hash_desc desc; + struct scatterlist sg[1]; + int error; + + error = init_desc(&desc); + if (error != 0) { + printk(KERN_INFO "init_desc failed\n"); + return error; + } + + sg_init_one(sg, lsm_xattr->value, lsm_xattr->value_len); + crypto_hash_update(&desc, sg, lsm_xattr->value_len); + hmac_add_misc(&desc, inode, hmac_val); + crypto_free_hash(desc.tfm); + return 0; +} + /* * Get the key from the TPM for the SHA1-HMAC */ |