From 23b5741932ca44856762fa24cc7e01307ab8af1f Mon Sep 17 00:00:00 2001 From: Roberto Sassu Date: Sat, 11 Apr 2015 17:09:50 +0200 Subject: ima: wrap event related data to the new ima_event_data structure All event related data has been wrapped into the new 'ima_event_data' structure. The main benefit of this patch is that a new information can be made available to template fields initialization functions by simply adding a new field to the new structure instead of modifying the definition of those functions. Changelog: - v2: - f_dentry replaced with f_path.dentry (Roberto Sassu) - removed declaration of temporary variables in template field functions when possible (suggested by Dmitry Kasatkin) Signed-off-by: Roberto Sassu Signed-off-by: Mimi Zohar --- security/integrity/ima/ima.h | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'security/integrity/ima/ima.h') diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 8ee997dff139..e13ae5466bf2 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -52,6 +52,15 @@ extern int ima_used_chip; extern int ima_hash_algo; extern int ima_appraise; +/* IMA event related data */ +struct ima_event_data { + struct integrity_iint_cache *iint; + struct file *file; + const unsigned char *filename; + struct evm_ima_xattr_data *xattr_value; + int xattr_len; +}; + /* IMA template field data definition */ struct ima_field_data { u8 *data; @@ -61,12 +70,10 @@ struct ima_field_data { /* IMA template field definition */ struct ima_template_field { const char field_id[IMA_TEMPLATE_FIELD_ID_MAX_LEN]; - int (*field_init) (struct integrity_iint_cache *iint, struct file *file, - const unsigned char *filename, - struct evm_ima_xattr_data *xattr_value, - int xattr_len, struct ima_field_data *field_data); - void (*field_show) (struct seq_file *m, enum ima_show_type show, - struct ima_field_data *field_data); + int (*field_init)(struct ima_event_data *event_data, + struct ima_field_data *field_data); + void (*field_show)(struct seq_file *m, enum ima_show_type show, + struct ima_field_data *field_data); }; /* IMA template descriptor definition */ @@ -140,10 +147,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, int xattr_len); void ima_audit_measurement(struct integrity_iint_cache *iint, const unsigned char *filename); -int ima_alloc_init_template(struct integrity_iint_cache *iint, - struct file *file, const unsigned char *filename, - struct evm_ima_xattr_data *xattr_value, - int xattr_len, struct ima_template_entry **entry); +int ima_alloc_init_template(struct ima_event_data *event_data, + struct ima_template_entry **entry); int ima_store_template(struct ima_template_entry *entry, int violation, struct inode *inode, const unsigned char *filename); void ima_free_template_entry(struct ima_template_entry *entry); -- cgit v1.2.3