| /security/ipe/ |
| A D | digest.c | 27 u8 *digest = NULL; in ipe_digest_parse() local
51 digest = kzalloc(info->digest_len, GFP_KERNEL); in ipe_digest_parse()
52 if (!digest) { in ipe_digest_parse()
57 rc = hex2bin(digest, raw_digest, info->digest_len); in ipe_digest_parse()
64 info->digest = digest; in ipe_digest_parse()
69 kfree(digest); in ipe_digest_parse()
84 const struct digest_info *digest) in ipe_digest_eval() argument
87 (!strcmp(expected->alg, digest->alg)) && in ipe_digest_eval()
88 (!memcmp(expected->digest, digest->digest, expected->digest_len)); in ipe_digest_eval()
101 kfree(info->digest); in ipe_digest_free()
[all …]
|
| A D | hooks.c | 241 const struct dm_verity_digest *digest = NULL; in ipe_bdev_setintegrity() local
260 digest = value; in ipe_bdev_setintegrity()
266 info->digest = kmemdup(digest->digest, digest->digest_len, GFP_KERNEL); in ipe_bdev_setintegrity()
267 if (!info->digest) in ipe_bdev_setintegrity()
270 info->alg = kstrdup(digest->alg, GFP_KERNEL); in ipe_bdev_setintegrity()
274 info->digest_len = digest->digest_len; in ipe_bdev_setintegrity()
|
| A D | digest.h | 16 const u8 *digest; member
24 const struct digest_info *digest);
|
| A D | audit.c | 185 u8 digest[SHA256_DIGEST_SIZE]; in audit_policy() local
187 sha256(p->pkcs7, p->pkcs7len, digest); in audit_policy()
192 audit_log_n_hex(ab, digest, sizeof(digest)); in audit_policy()
|
| A D | eval.c | 202 u8 digest[FS_VERITY_MAX_DIGEST_SIZE]; in evaluate_fsv_digest() local
208 digest, in evaluate_fsv_digest()
214 info.digest = digest; in evaluate_fsv_digest()
|
| A D | Kconfig | 77 bool "Enable support for fs-verity based on file digest"
82 enabled and its digest matches the supplied digest value in the
|
| A D | Makefile | 18 digest.o \
|
| /security/integrity/ima/ |
| A D | ima_modsig.c | 24 const u8 *digest; member
115 rc = pkcs7_get_digest(modsig->pkcs7_msg, &modsig->digest, in ima_collect_modsig()
126 const u8 **digest, u32 *digest_size) in ima_get_modsig_digest() argument
129 *digest = modsig->digest; in ima_get_modsig_digest()
|
| A D | ima_queue.c | 65 rc = memcmp(qe->entry->digests[ima_hash_algo_idx].digest, in ima_lookup_digest_entry()
118 key = ima_hash_key(entry->digests[ima_hash_algo_idx].digest); in ima_add_digest_entry()
170 u8 *digest = entry->digests[ima_hash_algo_idx].digest; in ima_add_template_entry() local
191 if (ima_lookup_digest_entry(digest, entry->pcr)) { in ima_add_template_entry()
286 memset(digests[i].digest, 0xff, digest_size); in ima_init_digests()
|
| A D | ima_appraise.c | 253 enum hash_algo algo, const u8 *digest, in calc_file_id_hash() argument
263 memcpy(file_id.hash, digest, hash_digest_size[algo]); in calc_file_id_hash()
313 iint->ima_hash->digest, in xattr_verify()
343 iint->ima_hash->digest, in xattr_verify()
354 iint->ima_hash->digest, in xattr_verify()
382 iint->ima_hash->digest, in xattr_verify()
393 xattr_len, hash.digest, in xattr_verify()
451 const u8 *digest = NULL; in ima_check_blacklist() local
459 ima_get_modsig_digest(modsig, &hash_algo, &digest, &digestsize); in ima_check_blacklist()
461 rc = is_binary_blacklisted(digest, digestsize); in ima_check_blacklist()
[all …]
|
| A D | ima_crypto.c | 427 ahash_request_set_crypt(req, NULL, hash->digest, 0); in ima_calc_file_hash_atfm()
498 rc = crypto_shash_final(shash, hash->digest); in ima_calc_file_hash_tfm()
645 memcpy(entry->digests[i].digest, in ima_calc_field_array_hash()
646 entry->digests[ima_sha1_idx].digest, in ima_calc_field_array_hash()
690 ahash_request_set_crypt(req, NULL, hash->digest, 0); in calc_buffer_ahash_atfm()
741 rc = crypto_shash_final(shash, hash->digest); in calc_buffer_shash_tfm()
798 struct tpm_digest d = { .alg_id = alg_id, .digest = {0} }; in ima_calc_boot_aggregate_tfm()
816 rc = crypto_shash_update(shash, d.digest, in ima_calc_boot_aggregate_tfm()
830 rc = crypto_shash_update(shash, d.digest, in ima_calc_boot_aggregate_tfm()
835 crypto_shash_final(shash, digest); in ima_calc_boot_aggregate_tfm()
[all …]
|
| A D | ima.h | 276 void ima_print_digest(struct seq_file *m, u8 *digest, u32 size);
307 static inline unsigned int ima_hash_key(u8 *digest) in ima_hash_key() argument
310 return (digest[0] | digest[1] << 8) % IMA_MEASURE_HTABLE_SIZE; in ima_hash_key()
400 bool buf_hash, u8 *digest, size_t digest_len);
516 const u8 **digest, u32 *digest_size);
533 enum hash_algo *algo, const u8 **digest, in ima_get_modsig_digest() argument
|
| A D | ima_template_lib.c | 289 static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize, in ima_eventdigest_init_common() argument
321 if (digest) { in ima_eventdigest_init_common()
322 memcpy(buffer + offset, digest, digestsize); in ima_eventdigest_init_common()
361 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_init()
379 cur_digest = hash_hdr->digest; in ima_eventdigest_init()
397 cur_digest = hash_hdr->digest; in ima_eventdigest_init()
417 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ng_init()
441 cur_digest = event_data->iint->ima_hash->digest; in ima_eventdigest_ngv2_init()
|
| A D | ima_main.c | 687 memcpy(buf, iint->ima_hash->digest, copied_size); in __ima_inode_hash()
1013 bool buf_hash, u8 *digest, size_t digest_len) in process_buffer_measurement() argument
1033 if (digest && digest_len < digest_hash_len) in process_buffer_measurement()
1036 if (!ima_policy_flag && !digest) in process_buffer_measurement()
1058 if (!(action & IMA_MEASURE) && !digest) in process_buffer_measurement()
1076 memcpy(digest_hash, hash_hdr->digest, digest_hash_len); in process_buffer_measurement()
1089 if (digest) in process_buffer_measurement()
1090 memcpy(digest, iint.ima_hash->digest, digest_hash_len); in process_buffer_measurement()
1160 bool hash, u8 *digest, size_t digest_len) in ima_measure_critical_data() argument
1167 event_label, hash, digest, in ima_measure_critical_data()
|
| A D | ima_api.c | 215 digest_len = fsverity_get_digest(inode, hash->digest, NULL, &alg); in ima_get_verity_digest()
283 memset(&hash.digest, 0, sizeof(hash.digest)); in ima_collect_measurement()
408 hex_byte_pack(hash + (i * 2), iint->ima_hash->digest[i]); in ima_audit_measurement()
|
| A D | ima_fs.c | 163 ima_putc(m, e->digests[algo_idx].digest, hash_digest_size[algo]); in ima_measurements_show()
217 void ima_print_digest(struct seq_file *m, u8 *digest, u32 size) in ima_print_digest() argument
222 seq_printf(m, "%02x", *(digest + i)); in ima_print_digest()
255 ima_print_digest(m, e->digests[algo_idx].digest, hash_digest_size[algo]); in ima_ascii_measurements_show()
|
| /security/integrity/ |
| A D | integrity.h | 46 u8 digest[SHA1_DIGEST_SIZE]; member
68 u8 digest[]; member
70 static_assert(offsetof(struct ima_digest_data, digest) == sizeof(struct ima_digest_data_hdr),
79 u8 digest[HASH_MAX_DIGESTSIZE]; member
131 const char *digest, int digestlen);
142 const char *digest, int digestlen) in integrity_digsig_verify() argument
|
| A D | digsig.c | 62 const char *digest, int digestlen) in integrity_digsig_verify() argument
76 return digsig_verify(keyring, sig + 1, siglen - 1, digest, in integrity_digsig_verify()
80 return asymmetric_verify(keyring, sig, siglen, digest, in integrity_digsig_verify()
|
| /security/keys/encrypted-keys/ |
| A D | encrypted.h | 40 static inline void dump_hmac(const char *str, const u8 *digest, in dump_hmac() argument
45 print_hex_dump(KERN_ERR, "hmac: ", DUMP_PREFIX_NONE, 32, 1, digest, in dump_hmac()
62 static inline void dump_hmac(const char *str, const u8 *digest, in dump_hmac() argument
|
| A D | encrypted.c | 332 static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, in calc_hmac() argument
347 err = crypto_shash_tfm_digest(tfm, buf, buflen, digest); in calc_hmac()
498 u8 *digest; in datablob_hmac_append() local
505 digest = epayload->format + epayload->datablob_len; in datablob_hmac_append()
506 ret = calc_hmac(digest, derived_key, sizeof derived_key, in datablob_hmac_append()
509 dump_hmac(NULL, digest, HASH_SIZE); in datablob_hmac_append()
521 u8 digest[HASH_SIZE]; in datablob_hmac_verify() local
537 ret = calc_hmac(digest, derived_key, sizeof derived_key, p, len); in datablob_hmac_verify()
540 ret = crypto_memneq(digest, epayload->format + epayload->datablob_len, in datablob_hmac_verify()
541 sizeof(digest)); in datablob_hmac_verify()
[all …]
|
| /security/integrity/evm/ |
| A D | evm_main.c | 186 struct evm_digest digest; in evm_verify_hmac() local
232 digest.hdr.algo = HASH_ALGO_SHA1; in evm_verify_hmac()
234 xattr_value_len, &digest, iint); in evm_verify_hmac()
237 rc = crypto_memneq(xattr_data->data, digest.digest, in evm_verify_hmac()
253 digest.hdr.algo = hdr->hash_algo; in evm_verify_hmac()
255 xattr_value_len, xattr_data->type, &digest, in evm_verify_hmac()
261 digest.digest, digest.hdr.length); in evm_verify_hmac()
290 pr_debug("digest: (%d) [%*phN]\n", digest.hdr.length, digest.hdr.length, in evm_verify_hmac()
291 digest.digest); in evm_verify_hmac()
1053 rc = evm_init_hmac(inode, xattrs, xattr_data->digest); in evm_inode_init_security()
|
| A D | evm_crypto.c | 143 char type, char *digest) in hmac_add_misc() argument
176 crypto_shash_final(desc, digest); in hmac_add_misc()
297 hmac_add_misc(desc, inode, type, data->digest); in evm_calc_hmac_or_hash()
|
| A D | evm.h | 66 char digest[IMA_MAX_DIGEST_SIZE]; member
|
| /security/loadpin/ |
| A D | Kconfig | 32 considered trusted if its root digest is found in the list
43 This is followed by the verity digests, with one digest per
|
| /security/keys/trusted-keys/ |
| A D | trusted_tpm1.c | 52 unsigned char *digest) in TSS_sha1() argument
63 ret = crypto_shash_digest(&sdesc->shash, data, datalen, digest); in TSS_sha1()
68 static int TSS_rawhmac(unsigned char *digest, const unsigned char *key, in TSS_rawhmac() argument
106 ret = crypto_shash_final(&sdesc->shash, digest); in TSS_rawhmac()
115 int TSS_authhmac(unsigned char *digest, const unsigned char *key, in TSS_authhmac() argument
158 ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE, in TSS_authhmac()
|