Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / 2960e6cb5f7c662b8edb6b0d2edc72095b4f5672^! / .
commit2960e6cb5f7c662b8edb6b0d2edc72095b4f5672[log] [tgz]
authorDmitry Kasatkin <dmitry.kasatkin@nokia.com>Fri May 06 11:34:13 2011 +0300
committerMimi Zohar <zohar@linux.vnet.ibm.com>Mon Jul 18 12:29:47 2011 -0400
tree84e8c3378312243087089a669e4209f43d531b37
parentd46eb3699502ba221e81e88e6c6594e2a7818532 [diff]
evm: additional parameter to pass integrity cache entry 'iint'

Additional iint parameter allows to skip lookup in the cache.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

diff --git a/include/linux/evm.h b/include/linux/evm.h
index 7c10761..6d4e89b 100644
--- a/include/linux/evm.h
+++ b/include/linux/evm.h

@@ -11,11 +11,14 @@
 #include <linux/integrity.h>
 #include <linux/xattr.h>
 
+struct integrity_iint_cache;
+
 #ifdef CONFIG_EVM
 extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
 					     const char *xattr_name,
 					     void *xattr_value,
-					     size_t xattr_value_len);
+					     size_t xattr_value_len,
+					     struct integrity_iint_cache *iint);
 extern void evm_inode_post_setattr(struct dentry *dentry, int ia_valid);
 extern int evm_inode_setxattr(struct dentry *dentry, const char *name,
 			      const void *value, size_t size);
@@ -34,7 +37,8 @@
 static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
 						    const char *xattr_name,
 						    void *xattr_value,
-						    size_t xattr_value_len)
+						    size_t xattr_value_len,
+					struct integrity_iint_cache *iint)
 {
 	return INTEGRITY_UNKNOWN;
 }

diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index b65adb5..0fa8261 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c

@@ -127,21 +127,19 @@
  */
 enum integrity_status evm_verifyxattr(struct dentry *dentry,
 				      const char *xattr_name,
-				      void *xattr_value, size_t xattr_value_len)
+				      void *xattr_value, size_t xattr_value_len,
+				      struct integrity_iint_cache *iint)
 {
-	struct inode *inode = dentry->d_inode;
-	struct integrity_iint_cache *iint;
-	enum integrity_status status;
-
 	if (!evm_initialized || !evm_protected_xattr(xattr_name))
 		return INTEGRITY_UNKNOWN;
 
-	iint = integrity_iint_find(inode);
-	if (!iint)
-		return INTEGRITY_UNKNOWN;
-	status = evm_verify_hmac(dentry, xattr_name, xattr_value,
+	if (!iint) {
+		iint = integrity_iint_find(dentry->d_inode);
+		if (!iint)
+			return INTEGRITY_UNKNOWN;
+	}
+	return evm_verify_hmac(dentry, xattr_name, xattr_value,
 				 xattr_value_len, iint);
-	return status;
 }
 EXPORT_SYMBOL_GPL(evm_verifyxattr);