evm_calc_hmac_or_hash

Name:Calculate the HMAC value across the set of protected security xattrs.* Instead of retrieving the requested xattr, for performance, calculate* the hmac using the requested xattr value. Don't alloc/free memory for

Proto:static int evm_calc_hmac_or_hash(struct dentry *dentry, const char *req_xattr_name, const char *req_xattr_value, size_t req_xattr_value_len, uint8_t type, struct evm_digest *data)

Type:int

Parameter:

Type	Parameter	Name
struct dentry *	dentry
const char *	req_xattr_name
const char *	req_xattr_value
size_t	req_xattr_value_len
uint8_t	type
struct evm_digest *	data

192

inode = d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper

195

196

char * xattr_value = NULL

199

bool ima_present = false

201

If Not (i_opflags & IOP_XATTR) || s_user_ns != userns count is 1 for root user, 1 for init_uts_ns,* and 1 for... ? Then Return -EOPNOTSUPP

205

desc = init_desc(type, algo)

206

If IS_ERR(desc) Then Return PTR_ERR(desc)

209

length = rypto_shash_digestsize() - obtain message digest size*@tfm: cipher handle* The size for the message digest created by the message digest cipher* referenced with the cipher handle is returned.* Return: digest size of cipher

211

error = -ENODATA

213

bool is_ima = false

215

If strcmp(name, XATTR_NAME_IMA) == 0 Then is_ima = true

218

If req_xattr_name && req_xattr_value && Not strcmp(name, req_xattr_name) Then

220

error = 0

221

rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data

223

If is_ima Then ima_present = true

225

Continue

227

size = vfs_getxattr_alloc(dentry, name, & xattr_value, xattr_size, GFP_NOFS)

229

If size == -ENOMEM Then

230

error = -ENOMEM

231

Go to out

233

If size < 0 Then Continue

236

error = 0

237

xattr_size = size

238

rypto_shash_update() - add data to message digest for processing*@desc: operational state handle that is already initialized*@data: input data to be added to the message digest*@len: length of the input data

239

If is_ima Then ima_present = true

242

Protect against 'cutting & pasting' security.evm xattr, include inode* specific info.* (Additional directory/file metadata needs to be added for more complete* protection.)

245

If type == EVM_XATTR_PORTABLE_DIGSIG && Not ima_present Then Return -EPERM

247

out :

248

kfree(xattr_value)

249

250

Return error

**Caller**
Name	Describe
evm_calc_hmac
evm_calc_hash

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion