| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250313173339.3815589-4-nstange@suse.de>
Date: Thu, 13 Mar 2025 18:33:35 +0100
From: Nicolai Stange <nstange@...e.de>
To: Mimi Zohar <zohar@...ux.ibm.com>,
Roberto Sassu <roberto.sassu@...wei.com>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>
Cc: Eric Snowberg <eric.snowberg@...cle.com>,
linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org,
Nicolai Stange <nstange@...e.de>
Subject: [RFC PATCH v1 3/7] ima: move INVALID_PCR() to ima.h
Make the INVALID_PCR() #define available to other compilation units
by moving it from ima_policy.c to ima.h and renaming it to
IMA_INVALID_PCR() in the course.
Signed-off-by: Nicolai Stange <nstange@...e.de>
---
security/integrity/ima/ima.h | 4 ++++
security/integrity/ima/ima_policy.c | 5 +----
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index a4f284bd846c..1158a7b8bf6b 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -198,6 +198,10 @@ struct ima_iint_cache {
struct ima_digest_data *ima_hash;
};
+#define IMA_INVALID_PCR(a) (((a) < 0) || \
+ (a) >= (sizeof_field(struct ima_iint_cache, measured_pcrs) * 8))
+
+
extern struct lsm_blob_sizes ima_blob_sizes;
static inline struct ima_iint_cache *
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 128fab897930..d9e4210ea814 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -48,9 +48,6 @@
#define HASH 0x0100
#define DONT_HASH 0x0200
-#define INVALID_PCR(a) (((a) < 0) || \
- (a) >= (sizeof_field(struct ima_iint_cache, measured_pcrs) * 8))
-
int ima_policy_flag;
static int temp_ima_appraise;
static int build_ima_appraise __ro_after_init;
@@ -1855,7 +1852,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
ima_log_string(ab, "pcr", args[0].from);
result = kstrtoint(args[0].from, 10, &entry->pcr);
- if (result || INVALID_PCR(entry->pcr))
+ if (result || IMA_INVALID_PCR(entry->pcr))
result = -EINVAL;
else
entry->flags |= IMA_PCR;
--
2.47.1
Powered by blists - more mailing lists