[mirror_ubuntu-eoan-kernel.git] / include / linux / ima.h

/*
 * Copyright (C) 2008 IBM Corporation
 * Author: Mimi Zohar <zohar@us.ibm.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, version 2 of the License.
 */

#ifndef _LINUX_IMA_H
#define _LINUX_IMA_H

#include <linux/fs.h>
#include <linux/security.h>
#include <linux/kexec.h>
struct linux_binprm;

#ifdef CONFIG_IMA
extern int ima_bprm_check(struct linux_binprm *bprm);
extern int ima_file_check(struct file *file, int mask);
extern void ima_file_free(struct file *file);
extern int ima_file_mmap(struct file *file, unsigned long prot);
extern int ima_load_data(enum kernel_load_data_id id);
extern int ima_read_file(struct file *file, enum kernel_read_file_id id);
extern int ima_post_read_file(struct file *file, void *buf, loff_t size,
			      enum kernel_read_file_id id);
extern void ima_post_path_mknod(struct dentry *dentry);

#ifdef CONFIG_IMA_KEXEC
extern void ima_add_kexec_buffer(struct kimage *image);
#endif

#if defined(CONFIG_X86) && defined(CONFIG_EFI)
extern bool arch_ima_get_secureboot(void);
extern const char * const *arch_get_ima_policy(void);
#else
static inline bool arch_ima_get_secureboot(void)
{
	return false;
}

static inline const char * const *arch_get_ima_policy(void)
{
	return NULL;
}
#endif

#else
static inline int ima_bprm_check(struct linux_binprm *bprm)
{
	return 0;
}

static inline int ima_file_check(struct file *file, int mask)
{
	return 0;
}

static inline void ima_file_free(struct file *file)
{
	return;
}

static inline int ima_file_mmap(struct file *file, unsigned long prot)
{
	return 0;
}

static inline int ima_load_data(enum kernel_load_data_id id)
{
	return 0;
}

static inline int ima_read_file(struct file *file, enum kernel_read_file_id id)
{
	return 0;
}

static inline int ima_post_read_file(struct file *file, void *buf, loff_t size,
				     enum kernel_read_file_id id)
{
	return 0;
}

static inline void ima_post_path_mknod(struct dentry *dentry)
{
	return;
}

#endif /* CONFIG_IMA */

#ifndef CONFIG_IMA_KEXEC
struct kimage;

static inline void ima_add_kexec_buffer(struct kimage *image)
{}
#endif

#ifdef CONFIG_IMA_APPRAISE
extern bool is_ima_appraise_enabled(void);
extern void ima_inode_post_setattr(struct dentry *dentry);
extern int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
		       const void *xattr_value, size_t xattr_value_len);
extern int ima_inode_removexattr(struct dentry *dentry, const char *xattr_name);
#else
static inline bool is_ima_appraise_enabled(void)
{
	return 0;
}

static inline void ima_inode_post_setattr(struct dentry *dentry)
{
	return;
}

static inline int ima_inode_setxattr(struct dentry *dentry,
				     const char *xattr_name,
				     const void *xattr_value,
				     size_t xattr_value_len)
{
	return 0;
}

static inline int ima_inode_removexattr(struct dentry *dentry,
					const char *xattr_name)
{
	return 0;
}
#endif /* CONFIG_IMA_APPRAISE */
#endif /* _LINUX_IMA_H */
Commit	Line	Data
6146f0d5 MZ	1	/*
	2	* Copyright (C) 2008 IBM Corporation
	3	* Author: Mimi Zohar <zohar@us.ibm.com>
	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation, version 2 of the License.
	8	*/
	9
6146f0d5 MZ	10	#ifndef _LINUX_IMA_H
	11	#define _LINUX_IMA_H
	12
ed850a52	13	#include <linux/fs.h>
16c267aa	14	#include <linux/security.h>
7b8589cc	15	#include <linux/kexec.h>
ed850a52 MZ	16	struct linux_binprm;
ed850a52 MZ	17
3323eec9 MZ	18	#ifdef CONFIG_IMA
3323eec9 MZ	19	extern int ima_bprm_check(struct linux_binprm *bprm);
6035a27b	20	extern int ima_file_check(struct file *file, int mask);
3323eec9 MZ	21	extern void ima_file_free(struct file *file);
3323eec9 MZ	22	extern int ima_file_mmap(struct file *file, unsigned long prot);
16c267aa	23	extern int ima_load_data(enum kernel_load_data_id id);
39eeb4fb	24	extern int ima_read_file(struct file *file, enum kernel_read_file_id id);
cf222217 MZ	25	extern int ima_post_read_file(struct file file, void buf, loff_t size,
cf222217 MZ	26	enum kernel_read_file_id id);
05d1a717	27	extern void ima_post_path_mknod(struct dentry *dentry);
3323eec9	28
7b8589cc MZ	29	#ifdef CONFIG_IMA_KEXEC
	30	extern void ima_add_kexec_buffer(struct kimage *image);
	31	#endif
	32
399574c6	33	#if defined(CONFIG_X86) && defined(CONFIG_EFI)
0914ade2	34	extern bool arch_ima_get_secureboot(void);
d958083a	35	extern const char * const *arch_get_ima_policy(void);
0914ade2 NJ	36	#else
	37	static inline bool arch_ima_get_secureboot(void)
	38	{
	39	return false;
	40	}
0914ade2	41
61917062 NJ	42	static inline const char * const *arch_get_ima_policy(void)
	43	{
	44	return NULL;
	45	}
d958083a	46	#endif
61917062	47
3323eec9	48	#else
6146f0d5 MZ	49	static inline int ima_bprm_check(struct linux_binprm *bprm)
	50	{
	51	return 0;
	52	}
	53
6035a27b	54	static inline int ima_file_check(struct file *file, int mask)
6146f0d5 MZ	55	{
	56	return 0;
	57	}
	58
	59	static inline void ima_file_free(struct file *file)
	60	{
	61	return;
	62	}
	63
	64	static inline int ima_file_mmap(struct file *file, unsigned long prot)
	65	{
	66	return 0;
	67	}
9957a504	68
16c267aa MZ	69	static inline int ima_load_data(enum kernel_load_data_id id)
	70	{
	71	return 0;
	72	}
	73
39eeb4fb MZ	74	static inline int ima_read_file(struct file *file, enum kernel_read_file_id id)
	75	{
	76	return 0;
	77	}
	78
cf222217 MZ	79	static inline int ima_post_read_file(struct file file, void buf, loff_t size,
	80	enum kernel_read_file_id id)
	81	{
	82	return 0;
	83	}
	84
05d1a717 MZ	85	static inline void ima_post_path_mknod(struct dentry *dentry)
	86	{
	87	return;
	88	}
	89
e05a4f4f	90	#endif /* CONFIG_IMA */
9957a504	91
7b8589cc MZ	92	#ifndef CONFIG_IMA_KEXEC
	93	struct kimage;
	94
	95	static inline void ima_add_kexec_buffer(struct kimage *image)
	96	{}
	97	#endif
	98
9957a504	99	#ifdef CONFIG_IMA_APPRAISE
6f6723e2	100	extern bool is_ima_appraise_enabled(void);
9957a504	101	extern void ima_inode_post_setattr(struct dentry *dentry);
42c63330 MZ	102	extern int ima_inode_setxattr(struct dentry dentry, const char xattr_name,
	103	const void *xattr_value, size_t xattr_value_len);
	104	extern int ima_inode_removexattr(struct dentry dentry, const char xattr_name);
9957a504	105	#else
6f6723e2 MZ	106	static inline bool is_ima_appraise_enabled(void)
	107	{
	108	return 0;
	109	}
	110
9957a504 MZ	111	static inline void ima_inode_post_setattr(struct dentry *dentry)
	112	{
	113	return;
	114	}
42c63330 MZ	115
	116	static inline int ima_inode_setxattr(struct dentry *dentry,
	117	const char *xattr_name,
	118	const void *xattr_value,
	119	size_t xattr_value_len)
	120	{
	121	return 0;
	122	}
	123
	124	static inline int ima_inode_removexattr(struct dentry *dentry,
	125	const char *xattr_name)
	126	{
	127	return 0;
	128	}
e05a4f4f	129	#endif /* CONFIG_IMA_APPRAISE */
6146f0d5	130	#endif /* _LINUX_IMA_H */