Commit 2286f47b authored by Roberto Sassu's avatar Roberto Sassu Committed by Zheng Zengkai
Browse files

ima: Use ima_show_htable_value to show violations and hash table data 



hulk inclusion
category: feature
feature: IMA Digest Lists extension
bugzilla: 46797

-------------------------------------------------

ima_show_htable_violations() and ima_show_measurements_count() both call
ima_show_htable_value() to copy the value of an atomic_long_t variable to
a buffer.

This patch modifies the definition of ima_show_htable_value(), so that this
function can be used in any file_operations structure. The atomic_long_t
variable used as source is chosen depending on the opened file in the
securityfs filesystem.

Signed-off-by: default avatarRoberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: default avatarTianxing Zhang <zhangtianxing3@huawei.com>
Reviewed-by: default avatarJason Yan <yanaijie@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent cde9df82

security/integrity/ima/ima_fs.c

+12 −26
Original line number Diff line number Diff line
@@ -47,38 +47,24 @@ __setup("ima_canonical_fmt", default_canonical_fmt_setup); 


static int valid_policy = 1;



static ssize_t ima_show_htable_value(char __user *buf, size_t count,

				     loff_t *ppos, atomic_long_t *val)

static ssize_t ima_show_htable_value(struct file *filp, char __user *buf,

				     size_t count, loff_t *ppos)

{

	atomic_long_t *val = NULL;

	char tmpbuf[32];	/* greater than largest 'long' string value */

	ssize_t len;



	if (filp->f_path.dentry == violations)

		val = &ima_htable.violations;

	else if (filp->f_path.dentry == runtime_measurements_count)

		val = &ima_htable.len;



	len = scnprintf(tmpbuf, sizeof(tmpbuf), "%li\n", atomic_long_read(val));

	return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);

}



static ssize_t ima_show_htable_violations(struct file *filp,

					  char __user *buf,

					  size_t count, loff_t *ppos)

{

	return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);

}



static const struct file_operations ima_htable_violations_ops = {

	.read = ima_show_htable_violations,

	.llseek = generic_file_llseek,

};



static ssize_t ima_show_measurements_count(struct file *filp,

					   char __user *buf,

					   size_t count, loff_t *ppos)

{

	return ima_show_htable_value(buf, count, ppos, &ima_htable.len);



}



static const struct file_operations ima_measurements_count_ops = {

	.read = ima_show_measurements_count,

static const struct file_operations ima_htable_value_ops = {

	.read = ima_show_htable_value,

	.llseek = generic_file_llseek,

};
@@ -536,13 +522,13 @@ int __init ima_fs_init(void) 
	runtime_measurements_count =

	    securityfs_create_file("runtime_measurements_count",

				   S_IRUSR | S_IRGRP, ima_dir, NULL,

				   &ima_measurements_count_ops);

				   &ima_htable_value_ops);

	if (IS_ERR(runtime_measurements_count))

		goto out;



	violations =

	    securityfs_create_file("violations", S_IRUSR | S_IRGRP,

				   ima_dir, NULL, &ima_htable_violations_ops);

				   ima_dir, NULL, &ima_htable_value_ops);

	if (IS_ERR(violations))

		goto out;