Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_appraise.c Create Date:2022-07-28 19:59:23
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:ima_cache_flags

Proto:static void ima_cache_flags(struct integrity_iint_cache *iint, enum ima_hooks func)

Type:void

Parameter:

TypeParameterName
struct integrity_iint_cache *iint
enum ima_hooksfunc
131  Case func == MMAP_CHECK
132  flags |= IMA_MMAP_APPRAISED | IMA_APPRAISED
133  Break
134  Case func == BPRM_CHECK
135  flags |= IMA_BPRM_APPRAISED | IMA_APPRAISED
136  Break
137  Case func == CREDS_CHECK
138  flags |= IMA_CREDS_APPRAISED | IMA_APPRAISED
139  Break
140  Case func == FILE_CHECK
141  Case func == POST_SETATTR
142  flags |= IMA_FILE_APPRAISED | IMA_APPRAISED
143  Break
144  Case func == MODULE_CHECK...MAX_CHECK - 1
145  Default
146  flags |= IMA_READ_APPRAISED | IMA_APPRAISED
147  Break
Caller
NameDescribe
ima_appraise_measurementma_appraise_measurement - appraise file measurement* Call evm_verifyxattr() to verify the integrity of 'security.ima'.* Assuming success, compare the xattr hash with the collected measurement.* Return 0 on success, error code otherwise