mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
37a3741d27
This reverts commit e9ed1eb8f6.
Eric has requested that this patch be taken through the libcrypto-next
tree, instead.
Signed-off-by: John Johansen <john.johansen@canonical.com>
62 lines
1.3 KiB
C
62 lines
1.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* AppArmor security module
|
|
*
|
|
* This file contains AppArmor policy loading interface function definitions.
|
|
*
|
|
* Copyright 2013 Canonical Ltd.
|
|
*
|
|
* Fns to provide a checksum of policy that has been loaded this can be
|
|
* compared to userspace policy compiles to check loaded policy is what
|
|
* it should be.
|
|
*/
|
|
|
|
#include <crypto/sha2.h>
|
|
|
|
#include "include/apparmor.h"
|
|
#include "include/crypto.h"
|
|
|
|
unsigned int aa_hash_size(void)
|
|
{
|
|
return SHA256_DIGEST_SIZE;
|
|
}
|
|
|
|
char *aa_calc_hash(void *data, size_t len)
|
|
{
|
|
char *hash;
|
|
|
|
hash = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
|
|
if (!hash)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
sha256(data, len, hash);
|
|
return hash;
|
|
}
|
|
|
|
int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start,
|
|
size_t len)
|
|
{
|
|
struct sha256_ctx sctx;
|
|
__le32 le32_version = cpu_to_le32(version);
|
|
|
|
if (!aa_g_hash_policy)
|
|
return 0;
|
|
|
|
profile->hash = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
|
|
if (!profile->hash)
|
|
return -ENOMEM;
|
|
|
|
sha256_init(&sctx);
|
|
sha256_update(&sctx, (u8 *)&le32_version, 4);
|
|
sha256_update(&sctx, (u8 *)start, len);
|
|
sha256_final(&sctx, profile->hash);
|
|
return 0;
|
|
}
|
|
|
|
static int __init init_profile_hash(void)
|
|
{
|
|
if (apparmor_initialized)
|
|
aa_info_message("AppArmor sha256 policy hashing enabled");
|
|
return 0;
|
|
}
|
|
late_initcall(init_profile_hash);
|