dm-ima.h 2.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. /* SPDX-License-Identifier: GPL-2.0-only */
  2. /*
  3. * Copyright (C) 2021 Microsoft Corporation
  4. *
  5. * Author: Tushar Sugandhi <tusharsu@linux.microsoft.com>
  6. *
  7. * Header file for device mapper IMA measurements.
  8. */
  9. #ifndef DM_IMA_H
  10. #define DM_IMA_H
  11. #define DM_IMA_MEASUREMENT_BUF_LEN 4096
  12. #define DM_IMA_DEVICE_BUF_LEN 1024
  13. #define DM_IMA_TARGET_METADATA_BUF_LEN 128
  14. #define DM_IMA_TARGET_DATA_BUF_LEN 2048
  15. #define DM_IMA_DEVICE_CAPACITY_BUF_LEN 128
  16. #define DM_IMA_TABLE_HASH_ALG "sha256"
  17. #define __dm_ima_stringify(s) #s
  18. #define __dm_ima_str(s) __dm_ima_stringify(s)
  19. #define DM_IMA_VERSION_STR "dm_version=" \
  20. __dm_ima_str(DM_VERSION_MAJOR) "." \
  21. __dm_ima_str(DM_VERSION_MINOR) "." \
  22. __dm_ima_str(DM_VERSION_PATCHLEVEL) ";"
  23. #ifdef CONFIG_IMA
  24. struct dm_ima_device_table_metadata {
  25. /*
  26. * Contains data specific to the device which is common across
  27. * all the targets in the table (e.g. name, uuid, major, minor, etc).
  28. * The values are stored in comma separated list of key1=val1,key2=val2;
  29. * pairs delimited by a semicolon at the end of the list.
  30. */
  31. char *device_metadata;
  32. unsigned int device_metadata_len;
  33. unsigned int num_targets;
  34. /*
  35. * Contains the sha256 hashes of the IMA measurements of the target
  36. * attributes' key-value pairs from the active/inactive tables.
  37. */
  38. char *hash;
  39. unsigned int hash_len;
  40. };
  41. /*
  42. * This structure contains device metadata, and table hash for
  43. * active and inactive tables for ima measurements.
  44. */
  45. struct dm_ima_measurements {
  46. struct dm_ima_device_table_metadata active_table;
  47. struct dm_ima_device_table_metadata inactive_table;
  48. unsigned int dm_version_str_len;
  49. };
  50. void dm_ima_reset_data(struct mapped_device *md);
  51. void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_flags);
  52. void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap);
  53. void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all);
  54. void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map);
  55. void dm_ima_measure_on_device_rename(struct mapped_device *md);
  56. #else
  57. static inline void dm_ima_reset_data(struct mapped_device *md) {}
  58. static inline void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_flags) {}
  59. static inline void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap) {}
  60. static inline void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all) {}
  61. static inline void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map) {}
  62. static inline void dm_ima_measure_on_device_rename(struct mapped_device *md) {}
  63. #endif /* CONFIG_IMA */
  64. #endif /* DM_IMA_H */