Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\evm\evm_main.c Create Date:2022-07-28 19:59:57
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:vm_protect_xattr - protect the EVM extended attribute* Prevent security.evm from being modified or removed without the* necessary permissions or when the existing value is invalid.* The posix xattr acls are 'system' prefixed, which normally would not

Proto:static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name, const void *xattr_value, size_t xattr_value_len)

Type:int

Parameter:

TypeParameterName
struct dentry *dentry
const char *xattr_name
const void *xattr_value
size_txattr_value_len
317  If strcmp(xattr_name, XATTR_NAME_EVM) == 0 Then
318  If Not Check operation authority Then Return -EPERM
320  Else if Not evm_protected_xattr(xattr_name) Then
321  If Not posix_xattr_acl(xattr_name) Then Return 0
323  evm_status = vm_verify_current_integrity - verify the dentry's metadata integrity*@dentry: pointer to the affected dentry* Verify and return the dentry's metadata integrity. The exceptions are* before EVM is initialized or in 'fix' mode.
324  If evm_status == INTEGRITY_PASS || evm_status == INTEGRITY_NOXATTRS Then Return 0
327  Go to out
330  evm_status = vm_verify_current_integrity - verify the dentry's metadata integrity*@dentry: pointer to the affected dentry* Verify and return the dentry's metadata integrity. The exceptions are* before EVM is initialized or in 'fix' mode.
331  If evm_status == INTEGRITY_NOXATTRS Then
334  iint = grity_iint_find - return the iint associated with an inode
335  If iint && flags & IMA_NEW_FILE Then Return 0
339  If s_magic == TMPFS_MAGIC || s_magic == SYSFS_MAGIC Then Return 0
343  integrity_audit_msg(Metadata integrity verification , Where the name belongs to - NULL is * negative , name, "update_metadata", integrity_status_msg[evm_status], - EPERM, 0)
349  out :
350  If evm_status != INTEGRITY_PASS Then integrity_audit_msg(Metadata integrity verification , d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper, name, "appraise_metadata", integrity_status_msg[evm_status], - EPERM, 0)
355  Return If evm_status == INTEGRITY_PASS Then 0 Else -EPERM
Caller
NameDescribe
evm_inode_setxattrvm_inode_setxattr - protect the EVM extended attribute*@dentry: pointer to the affected dentry*@xattr_name: pointer to the affected extended attribute name*@xattr_value: pointer to the new extended attribute value*@xattr_value_len: pointer to the new
evm_inode_removexattrvm_inode_removexattr - protect the EVM extended attribute*@dentry: pointer to the affected dentry*@xattr_name: pointer to the affected extended attribute name* Removing 'security.evm' requires CAP_SYS_ADMIN privileges and that* the current value is valid.