[linux-block.git] / include / linux / integrity.h

/* SPDX-License-Identifier: GPL-2.0-only */
/*
 * Copyright (C) 2009 IBM Corporation
 * Author: Mimi Zohar <zohar@us.ibm.com>
 */

#ifndef _LINUX_INTEGRITY_H
#define _LINUX_INTEGRITY_H

#include <linux/fs.h>
#include <linux/iversion.h>

enum integrity_status {
	INTEGRITY_PASS = 0,
	INTEGRITY_PASS_IMMUTABLE,
	INTEGRITY_FAIL,
	INTEGRITY_FAIL_IMMUTABLE,
	INTEGRITY_NOLABEL,
	INTEGRITY_NOXATTRS,
	INTEGRITY_UNKNOWN,
};

#ifdef CONFIG_INTEGRITY
extern void __init integrity_load_keys(void);

#else
static inline void integrity_load_keys(void)
{
}
#endif /* CONFIG_INTEGRITY */

/* An inode's attributes for detection of changes */
struct integrity_inode_attributes {
	u64 version;		/* track inode changes */
	unsigned long ino;
	dev_t dev;
};

/*
 * On stacked filesystems the i_version alone is not enough to detect file data
 * or metadata change. Additional metadata is required.
 */
static inline void
integrity_inode_attrs_store(struct integrity_inode_attributes *attrs,
			    u64 i_version, const struct inode *inode)
{
	attrs->version = i_version;
	attrs->dev = inode->i_sb->s_dev;
	attrs->ino = inode->i_ino;
}

/*
 * On stacked filesystems detect whether the inode or its content has changed.
 */
static inline bool
integrity_inode_attrs_changed(const struct integrity_inode_attributes *attrs,
			      const struct inode *inode)
{
	return (inode->i_sb->s_dev != attrs->dev ||
		inode->i_ino != attrs->ino ||
		!inode_eq_iversion(inode, attrs->version));
}


#endif /* _LINUX_INTEGRITY_H */
Commit	Line	Data
b886d83c	1	/* SPDX-License-Identifier: GPL-2.0-only */
f381c272 MZ	2	/*
	3	* Copyright (C) 2009 IBM Corporation
	4	* Author: Mimi Zohar <zohar@us.ibm.com>
f381c272 MZ	5	*/
	6
	7	#ifndef _LINUX_INTEGRITY_H
	8	#define _LINUX_INTEGRITY_H
	9
	10	#include <linux/fs.h>
309e2b77	11	#include <linux/iversion.h>
f381c272	12
66dbc325 MZ	13	enum integrity_status {
66dbc325 MZ	14	INTEGRITY_PASS = 0,
50b97748	15	INTEGRITY_PASS_IMMUTABLE,
66dbc325	16	INTEGRITY_FAIL,
cdef685b	17	INTEGRITY_FAIL_IMMUTABLE,
66dbc325	18	INTEGRITY_NOLABEL,
566be59a	19	INTEGRITY_NOXATTRS,
66dbc325 MZ	20	INTEGRITY_UNKNOWN,
	21	};
	22
f381c272	23	#ifdef CONFIG_INTEGRITY
c9cd2ce2	24	extern void __init integrity_load_keys(void);
f381c272 MZ	25
f381c272 MZ	26	#else
c9cd2ce2 DK	27	static inline void integrity_load_keys(void)
	28	{
	29	}
e05a4f4f	30	#endif /* CONFIG_INTEGRITY */
c9cd2ce2	31
309e2b77 SB	32	/* An inode's attributes for detection of changes */
	33	struct integrity_inode_attributes {
	34	u64 version; /* track inode changes */
	35	unsigned long ino;
	36	dev_t dev;
	37	};
	38
	39	/*
	40	* On stacked filesystems the i_version alone is not enough to detect file data
	41	* or metadata change. Additional metadata is required.
	42	*/
	43	static inline void
	44	integrity_inode_attrs_store(struct integrity_inode_attributes *attrs,
	45	u64 i_version, const struct inode *inode)
	46	{
	47	attrs->version = i_version;
	48	attrs->dev = inode->i_sb->s_dev;
	49	attrs->ino = inode->i_ino;
	50	}
	51
	52	/*
	53	* On stacked filesystems detect whether the inode or its content has changed.
	54	*/
	55	static inline bool
	56	integrity_inode_attrs_changed(const struct integrity_inode_attributes *attrs,
	57	const struct inode *inode)
	58	{
	59	return (inode->i_sb->s_dev != attrs->dev \|\|
	60	inode->i_ino != attrs->ino \|\|
	61	!inode_eq_iversion(inode, attrs->version));
	62	}
	63
	64
f381c272	65	#endif /* _LINUX_INTEGRITY_H */