函数逻辑报告

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_appraise.c Create Date:2022-07-27 22:06:48
Last Modify:2020-03-12 14:18:49 Copyright©Brick
首页 函数Tree
注解内核,赢得工具下载SCCTEnglish

函数名称:ma_appraise_measurement - appraise file measurement* Call evm_verifyxattr() to verify the integrity of 'security.ima'.* Assuming success, compare the xattr hash with the collected measurement.* Return 0 on success, error code otherwise

函数原型:int ima_appraise_measurement(enum ima_hooks func, struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, const struct modsig *modsig)

返回类型:int

参数:

类型参数名称
enum ima_hooksfunc
struct integrity_iint_cache *iint
struct file *file
const unsigned char *filename
struct evm_ima_xattr_data *xattr_value
intxattr_len
const struct modsig *modsig
353  op[]等于"appraise_data"
354  cause等于"unknown"
355  dentry等于file_dentry(file)
356  inode等于d_backing_inode - Get upper or lower inode we should be using*@upper: The upper layer* This is the helper that should be used to get at the inode that will be used* if this dentry were to be opened as a file. The inode may be on the upper
357  status等于INTEGRITY_UNKNOWN
358  rc等于xattr_len
359  try_modsig等于flags按位与IMA_MODSIG_ALLOWEDmodsig
362  如果非i_opflags按位与IOP_XATTR的值且非try_modsig则返回:INTEGRITY_UNKNOWN
366  如果rc小于等于0且非try_modsig
367  如果rcrc不等于负ENODATA则转到:out
370  cause等于如果flags按位与IMA_DIGSIG_REQUIRED则"IMA-signature-required"否则"missing-hash"
372  status等于INTEGRITY_NOLABEL
373  如果f_mode按位与FMODE_CREATEDflags或等于IMA_NEW_FILE
375  如果flags按位与IMA_NEW_FILE且非flags按位与IMA_DIGSIG_REQUIRED的值或i_size恒等于0的值则status等于INTEGRITY_PASS
379  转到:out
382  status等于vm_verifyxattr - verify the integrity of the requested xattr*@dentry: object of the verify xattr*@xattr_name: requested xattr*@xattr_value: requested xattr value*@xattr_value_len: requested xattr value length* Calculate the HMAC for the given dentry and
384  :status恒等于INTEGRITY_PASS
385  :status恒等于INTEGRITY_PASS_IMMUTABLE
386  :status恒等于INTEGRITY_UNKNOWN
387  退出
388  :status恒等于INTEGRITY_NOXATTRS
390  如果try_modsig退出
393  :status恒等于INTEGRITY_NOLABEL
394  cause等于"missing-HMAC"
395  转到:out
396  :status恒等于INTEGRITY_FAIL
397  cause等于"invalid-HMAC"
398  转到:out
399  默认
400  WARN_ONCE(true, "Unexpected integrity status %d\n", status)
403  如果xattr_valuerc等于xattr_verify - verify xattr digest or signature* Verify whether the hash or signature matches the file contents.* Return 0 on success, error code otherwise.
411  如果try_modsig且非xattr_valuetype恒等于IMA_XATTR_DIGEST_NGrc恒等于负ENOKEY的值则rc等于modsig_verify - verify modsig signature* Verify whether the signature matches the file contents.* Return 0 on success, error code otherwise.
416  out :
423  如果s_iflags按位与SB_I_IMA_UNVERIFIABLE_SIGNATUREs_iflags按位与SB_I_UNTRUSTED_MOUNTERflags按位与IMA_FAIL_UNVERIFIABLE_SIGS的值则
426  status等于INTEGRITY_FAIL
427  cause等于"unverifiable-signature"
428  integrity_audit_msg(Data integrity verification , inode, filename, op, cause, rc, 0)
430  否则如果status不等于INTEGRITY_PASS
432  如果ima_appraise按位与IMA_APPRAISE_FIX且非try_modsig且非xattr_valuetype不等于EVM_IMA_XATTR_DIGSIG的值则
435  如果非ima_fix_xattr(dentry, iint)则status等于INTEGRITY_PASS
440  如果i_size恒等于0且flags按位与IMA_NEW_FILExattr_valuetype恒等于EVM_IMA_XATTR_DIGSIG
442  status等于INTEGRITY_PASS
445  integrity_audit_msg(Data integrity verification , inode, filename, op, cause, rc, 0)
447  否则
448  ima_cache_flags(iint, func)
451  ima_set_cache_status(iint, func, status)
452  返回:status
调用者
名称描述
process_measurement