函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\evm\evm_main.c Create Date:2022-07-27 22:08:16
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:vm_verify_hmac - calculate and compare the HMAC with the EVM xattr* Compute the HMAC on the dentry's protected set of extended attributes* and compare it against the stored security

函数原型:static enum integrity_status evm_verify_hmac(struct dentry *dentry, const char *xattr_name, char *xattr_value, size_t xattr_value_len, struct integrity_iint_cache *iint)

返回类型:enum integrity_status

参数:

类型参数名称
struct dentry *dentry
const char *xattr_name
char *xattr_value
size_txattr_value_len
struct integrity_iint_cache *iint
134  struct evm_ima_xattr_data * xattr_data = NULL
136  evm_status等于INTEGRITY_PASS
141  如果iintevm_status恒等于INTEGRITY_PASSevm_status恒等于INTEGRITY_PASS_IMMUTABLE的值则返回:evm_status
148  rc等于vfs_getxattr_alloc(dentry, XATTR_NAME_EVM, (char * * ) & xattr_data, 0, GFP_NOFS)
150  如果rc小于等于0则
151  evm_status等于INTEGRITY_FAIL
152  如果rc恒等于负ENODATA
153  rc等于evm_find_protected_xattrs(dentry)
154  如果rc大于0则evm_status等于INTEGRITY_NOLABEL
156  否则如果rc恒等于0则evm_status等于INTEGRITY_NOXATTRS
158  否则如果rc恒等于负EOPNOTSUPP
159  evm_status等于INTEGRITY_UNKNOWN
161  转到:out
164  xattr_len等于rc
168  :type恒等于EVM_XATTR_HMAC
169  如果xattr_len不等于sizeof(structevm_xattr)则
170  evm_status等于INTEGRITY_FAIL
171  转到:out
174  algo等于HASH_ALGO_SHA1
175  rc等于evm_calc_hmac(dentry, xattr_name, xattr_value, xattr_value_len, & digest)
177  如果rc退出
179  rc等于rypto_memneq - Compare two areas of memory without leaking* timing information.*@a: One area of memory*@b: Another area of memory*@size: The size of the area.* Returns 0 when data is equal, 1 otherwise.
181  如果rcrc等于负EINVAL
183  退出
184  :type恒等于EVM_IMA_XATTR_DIGSIG
185  :type恒等于EVM_XATTR_PORTABLE_DIGSIG
186  hdr等于xattr_data
187  algo等于Digest algorithm [enum hash_algo]
188  rc等于evm_calc_hash(dentry, xattr_name, xattr_value, xattr_value_len, type, & digest)
190  如果rc退出
192  rc等于integrity_digsig_verify(INTEGRITY_KEYRING_EVM, (constchar * )xattr_data, xattr_len, digest, length)
195  如果非rc
196  inode等于d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
198  如果type恒等于EVM_XATTR_PORTABLE_DIGSIG
202  否则如果非IS_RDONLY(inode)且非s_readonly_remount且非IS_IMMUTABLE(inode)则
210  退出
211  默认
212  rc等于负EINVAL
213  退出
216  如果rcevm_status等于如果rc恒等于负ENODATAINTEGRITY_NOXATTRS否则INTEGRITY_FAIL
219  out :
220  如果iintevm_status等于evm_status
222  释放内存
223  返回:evm_status
调用者
名称描述
evm_verifyxattrvm_verifyxattr - verify the integrity of the requested xattr*@dentry: object of the verify xattr*@xattr_name: requested xattr*@xattr_value: requested xattr value*@xattr_value_len: requested xattr value length* Calculate the HMAC for the given dentry and
evm_verify_current_integrityvm_verify_current_integrity - verify the dentry's metadata integrity*@dentry: pointer to the affected dentry* Verify and return the dentry's metadata integrity. The exceptions are* before EVM is initialized or in 'fix' mode.