Function report

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source Code:security\integrity\ima\ima_main.c Create Date:2022-07-28 19:58:18
Last Modify:2020-03-12 14:18:49 Copyright©Brick
home page Tree
Annotation kernel can get tool activityDownload SCCTChinese

Name:process_buffer_measurement - Measure the buffer to ima log

Proto:void process_buffer_measurement(const void *buf, int size, const char *eventname, enum ima_hooks func, int pcr)

Type:void

Parameter:

TypeParameterName
const void *buf
intsize
const char *eventname
enum ima_hooksfunc
intpcr
642  ret = 0
643  struct ima_template_entry * entry = NULL
644  struct integrity_iint_cache iint = {}
645  struct ima_event_data event_data = {iint = & iint, filename = eventname, buf = buf, buf_len = size}
649  struct ima_template_desc * template = NULL
650  struct{struct ima_digest_data hdr;char digest[64];}hash = {}
654  violation = 0
655  action = 0
658  If Not current content of the policy Then Return
668  If func Then
669  security_task_getsecid(current process, & secid)
670  action = LIM API function definitions
672  If Not (action & action cache flags ) Then Return
676  If Not pcr Then pcr = CONFIG_IMA_MEASURE_PCR_IDX
679  If Not template Then
680  template = lookup_template_desc("ima-buf")
681  ret = template_desc_init_fields(fmt, & (fields), & (num_fields))
684  If ret < 0 Then
685  pr_err("template %s init failed, result: %d\n", (strlen - Find the length of a string*@s: The string to be sized ? name : fmt), ret)
688  Return
692  ima_hash = hdr
693  algo = ima_hash_algo
694  length = hash_digest_size[ima_hash_algo]
696  ret = ima_calc_buffer_hash(buf, size, ima_hash)
697  If ret < 0 Then Go to out
700  ret = ima_alloc_init_template( & event_data, & entry, template)
701  If ret < 0 Then Go to out
704  ret = ma_store_template - store ima template measurements* Calculate the hash of a template entry, add the template entry* to an ordered list of measurement entries maintained inside the kernel,* and also update the aggregate integrity value (maintained inside
706  If ret < 0 Then ima_free_template_entry(entry)
709  out :
710  Return
Caller
NameDescribe
ima_kexec_cmdlinema_kexec_cmdline - measure kexec cmdline boot args*@buf: pointer to buffer*@size: size of buffer* Buffers can only be measured, not appraised.
ima_check_blacklistma_check_blacklist - determine if the binary is blacklisted.* Add the hash of the blacklisted binary to the measurement list, based* on policy.* Returns -EPERM if the hash is blacklisted.