| ima.c (91e8fa254dbd0890c34286acdc12e96412305840) | ima.c (e6dcf7bbf37c9ae72b0bc3a09d5f91dd1f5c19e1) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0 2 3/* 4 * Copyright 2020 Google LLC. 5 */ 6 7#include "vmlinux.h" 8#include <errno.h> --- 6 unchanged lines hidden (view full) --- 15 __uint(type, BPF_MAP_TYPE_RINGBUF); 16 __uint(max_entries, 1 << 12); 17} ringbuf SEC(".maps"); 18 19char _license[] SEC("license") = "GPL"; 20 21bool use_ima_file_hash; 22bool enable_bprm_creds_for_exec; | 1// SPDX-License-Identifier: GPL-2.0 2 3/* 4 * Copyright 2020 Google LLC. 5 */ 6 7#include "vmlinux.h" 8#include <errno.h> --- 6 unchanged lines hidden (view full) --- 15 __uint(type, BPF_MAP_TYPE_RINGBUF); 16 __uint(max_entries, 1 << 12); 17} ringbuf SEC(".maps"); 18 19char _license[] SEC("license") = "GPL"; 20 21bool use_ima_file_hash; 22bool enable_bprm_creds_for_exec; |
| 23bool enable_kernel_read_file; |
|
| 23 24static void ima_test_common(struct file *file) 25{ 26 u64 ima_hash = 0; 27 u64 *sample; 28 int ret; 29 u32 pid; 30 --- 29 unchanged lines hidden (view full) --- 60int BPF_PROG(bprm_creds_for_exec, struct linux_binprm *bprm) 61{ 62 if (!enable_bprm_creds_for_exec) 63 return 0; 64 65 ima_test_common(bprm->file); 66 return 0; 67} | 24 25static void ima_test_common(struct file *file) 26{ 27 u64 ima_hash = 0; 28 u64 *sample; 29 int ret; 30 u32 pid; 31 --- 29 unchanged lines hidden (view full) --- 61int BPF_PROG(bprm_creds_for_exec, struct linux_binprm *bprm) 62{ 63 if (!enable_bprm_creds_for_exec) 64 return 0; 65 66 ima_test_common(bprm->file); 67 return 0; 68} |
| 69 70SEC("lsm.s/kernel_read_file") 71int BPF_PROG(kernel_read_file, struct file *file, enum kernel_read_file_id id, 72 bool contents) 73{ 74 if (!enable_kernel_read_file) 75 return 0; 76 77 if (!contents) 78 return 0; 79 80 if (id != READING_POLICY) 81 return 0; 82 83 ima_test_common(file); 84 return 0; 85} |
|