EVM: turn evm_config_xattrnames into a list

#define EVM_INIT_MASK (EVM_INIT_HMAC | EVM_INIT_X509 | EVM_SETUP_COMPLETE | \

		       EVM_ALLOW_METADATA_WRITES)

struct xattr_list {

	struct list_head list;

	char *name;

};

extern int evm_initialized;

#define EVM_ATTR_FSUUID		0x0001

extern struct crypto_shash *hash_tfm;

/* List of EVM protected security xattrs */

extern char *evm_config_xattrnames[];

extern struct list_head evm_config_xattrnames;

int evm_init_key(void);

int evm_update_evmxattr(struct dentry *dentry,

				char type, char *digest)

{

	struct inode *inode = d_backing_inode(dentry);

	struct xattr_list *xattr;

	struct shash_desc *desc;

	char **xattrname;

	size_t xattr_size = 0;

	char *xattr_value = NULL;

	int error;

		return PTR_ERR(desc);

	error = -ENODATA;

	for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {

	list_for_each_entry(xattr, &evm_config_xattrnames, list) {

		bool is_ima = false;

		if (strcmp(*xattrname, XATTR_NAME_IMA) == 0)

		if (strcmp(xattr->name, XATTR_NAME_IMA) == 0)

			is_ima = true;

		if ((req_xattr_name && req_xattr_value)

		    && !strcmp(*xattrname, req_xattr_name)) {

		    && !strcmp(xattr->name, req_xattr_name)) {

			error = 0;

			crypto_shash_update(desc, (const u8 *)req_xattr_value,

					     req_xattr_value_len);

				ima_present = true;

			continue;

		}

		size = vfs_getxattr_alloc(dentry, *xattrname,

		size = vfs_getxattr_alloc(dentry, xattr->name,

					  &xattr_value, xattr_size, GFP_NOFS);

		if (size == -ENOMEM) {

			error = -ENOMEM;

};

int evm_hmac_attrs;

char *evm_config_xattrnames[] = {

static struct xattr_list evm_config_default_xattrnames[] __ro_after_init = {

#ifdef CONFIG_SECURITY_SELINUX

	XATTR_NAME_SELINUX,

	{.name = XATTR_NAME_SELINUX},

#endif

#ifdef CONFIG_SECURITY_SMACK

	XATTR_NAME_SMACK,

	{.name = XATTR_NAME_SMACK},

#ifdef CONFIG_EVM_EXTRA_SMACK_XATTRS

	XATTR_NAME_SMACKEXEC,

	XATTR_NAME_SMACKTRANSMUTE,

	XATTR_NAME_SMACKMMAP,

	{.name = XATTR_NAME_SMACKEXEC},

	{.name = XATTR_NAME_SMACKTRANSMUTE},

	{.name = XATTR_NAME_SMACKMMAP},

#endif

#endif

#ifdef CONFIG_SECURITY_APPARMOR

	XATTR_NAME_APPARMOR,

	{.name = XATTR_NAME_APPARMOR},

#endif

#ifdef CONFIG_IMA_APPRAISE

	XATTR_NAME_IMA,

	{.name = XATTR_NAME_IMA},

#endif

	XATTR_NAME_CAPS,

	NULL

	{.name = XATTR_NAME_CAPS},

};

LIST_HEAD(evm_config_xattrnames);

static int evm_fixmode;

static int __init evm_set_fixmode(char *str)

{

static void __init evm_init_config(void)

{

	int i, xattrs;

	xattrs = ARRAY_SIZE(evm_config_default_xattrnames);

	pr_info("Initialising EVM extended attributes:\n");

	for (i = 0; i < xattrs; i++) {

		pr_info("%s\n", evm_config_default_xattrnames[i].name);

		list_add_tail(&evm_config_default_xattrnames[i].list,

			      &evm_config_xattrnames);

	}

#ifdef CONFIG_EVM_ATTR_FSUUID

	evm_hmac_attrs |= EVM_ATTR_FSUUID;

#endif

static int evm_find_protected_xattrs(struct dentry *dentry)

{

	struct inode *inode = d_backing_inode(dentry);

	char **xattr;

	struct xattr_list *xattr;

	int error;

	int count = 0;

	if (!(inode->i_opflags & IOP_XATTR))

		return -EOPNOTSUPP;

	for (xattr = evm_config_xattrnames; *xattr != NULL; xattr++) {

		error = __vfs_getxattr(dentry, inode, *xattr, NULL, 0);

	list_for_each_entry(xattr, &evm_config_xattrnames, list) {

		error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0);

		if (error < 0) {

			if (error == -ENODATA)

				continue;

static int evm_protected_xattr(const char *req_xattr_name)

{

	char **xattrname;

	int namelen;

	int found = 0;

	struct xattr_list *xattr;

	namelen = strlen(req_xattr_name);

	for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++) {

		if ((strlen(*xattrname) == namelen)

		    && (strncmp(req_xattr_name, *xattrname, namelen) == 0)) {

	list_for_each_entry(xattr, &evm_config_xattrnames, list) {

		if ((strlen(xattr->name) == namelen)

		    && (strncmp(req_xattr_name, xattr->name, namelen) == 0)) {

			found = 1;

			break;

		}

		if (strncmp(req_xattr_name,

			    *xattrname + XATTR_SECURITY_PREFIX_LEN,

			    xattr->name + XATTR_SECURITY_PREFIX_LEN,

			    strlen(req_xattr_name)) == 0) {

			found = 1;

			break;

		}

	}

	return found;

}

static int __init init_evm(void)

{

	int error;

	struct list_head *pos, *q;

	struct xattr_list *xattr;

	evm_init_config();

	error = integrity_init_keyring(INTEGRITY_KEYRING_EVM);

	if (error)

		return error;

		goto error;

	error = evm_init_secfs();

	if (error < 0) {

		pr_info("Error registering secfs\n");

		return error;

		goto error;

	}

	return 0;

error:

	if (error != 0) {

		if (!list_empty(&evm_config_xattrnames)) {

			list_for_each_safe(pos, q, &evm_config_xattrnames) {

				xattr = list_entry(pos, struct xattr_list,

						   list);

				list_del(pos);

			}

		}

	}

/*

 * evm_display_config - list the EVM protected security extended attributes

 */

static int __init evm_display_config(void)

{

	char **xattrname;

	for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++)

		pr_info("%s\n", *xattrname);

	return 0;

	return error;

}

pure_initcall(evm_display_config);

late_initcall(init_evm);

MODULE_DESCRIPTION("Extended Verification Module");