Merge branch 'next-ima-appraisal' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next

As requested by Mimi, this adds the IMA Appraisal feature.
author: James Morris <james.l.morris@oracle.com> 2012-09-12 13:16:37 +1000
committer: James Morris <james.l.morris@oracle.com> 2012-09-12 13:16:37 +1000
commit: 9ddf6aa8cbc07764c7fe33cfdb8644ca5e828252 (patch)
tree: d0796f172c096147e1a7c0337279bf7dca6f13f2 /include/linux
parent: b25b09ecf98bf6a32f3732281c2db13be6aeb14c (diff)
parent: 8606404fa555c2ee691376fcc640ab89fe752035 (diff)
3 files changed, 34 insertions, 3 deletions
diff --git a/include/linux/ima.h b/include/linux/ima.h
index 6ac8e50c6cf5..2c7223d7e73b 100644
--- a/include/linux/ima.h
+++ b/include/linux/ima.h
@@ -39,5 +39,32 @@ static inline int ima_file_mmap(struct file *file, unsigned long prot)
 {
 	return 0;
 }
+
 #endif /* CONFIG_IMA_H */
+
+#ifdef CONFIG_IMA_APPRAISE
+extern void ima_inode_post_setattr(struct dentry *dentry);
+extern int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
+		       const void *xattr_value, size_t xattr_value_len);
+extern int ima_inode_removexattr(struct dentry *dentry, const char *xattr_name);
+#else
+static inline void ima_inode_post_setattr(struct dentry *dentry)
+{
+	return;
+}
+
+static inline int ima_inode_setxattr(struct dentry *dentry,
+				     const char *xattr_name,
+				     const void *xattr_value,
+				     size_t xattr_value_len)
+{
+	return 0;
+}
+
+static inline int ima_inode_removexattr(struct dentry *dentry,
+					const char *xattr_name)
+{
+	return 0;
+}
+#endif /* CONFIG_IMA_APPRAISE_H */
 #endif /* _LINUX_IMA_H */
diff --git a/include/linux/integrity.h b/include/linux/integrity.h
index a0c41256cb92..66c5fe9550a5 100644
--- a/include/linux/integrity.h
+++ b/include/linux/integrity.h
@@ -22,13 +22,14 @@ enum integrity_status {
 
 /* List of EVM protected security xattrs */
 #ifdef CONFIG_INTEGRITY
-extern int integrity_inode_alloc(struct inode *inode);
+extern struct integrity_iint_cache *integrity_inode_get(struct inode *inode);
 extern void integrity_inode_free(struct inode *inode);
 
 #else
-static inline int integrity_inode_alloc(struct inode *inode)
+static inline struct integrity_iint_cache *
+				integrity_inode_get(struct inode *inode)
 {
-	return 0;
+	return NULL;
 }
 
 static inline void integrity_inode_free(struct inode *inode)
diff --git a/include/linux/xattr.h b/include/linux/xattr.h
index e5d122031542..77a3e686d566 100644
--- a/include/linux/xattr.h
+++ b/include/linux/xattr.h
@@ -33,6 +33,9 @@
 #define XATTR_EVM_SUFFIX "evm"
 #define XATTR_NAME_EVM XATTR_SECURITY_PREFIX XATTR_EVM_SUFFIX
 
+#define XATTR_IMA_SUFFIX "ima"
+#define XATTR_NAME_IMA XATTR_SECURITY_PREFIX XATTR_IMA_SUFFIX
+
 #define XATTR_SELINUX_SUFFIX "selinux"
 #define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX
author	James Morris <james.l.morris@oracle.com>	2012-09-12 13:16:37 +1000
committer	James Morris <james.l.morris@oracle.com>	2012-09-12 13:16:37 +1000
commit	9ddf6aa8cbc07764c7fe33cfdb8644ca5e828252 (patch)
tree	d0796f172c096147e1a7c0337279bf7dca6f13f2 /include/linux
parent	b25b09ecf98bf6a32f3732281c2db13be6aeb14c (diff)
parent	8606404fa555c2ee691376fcc640ab89fe752035 (diff)