ima: on soft reboot, restore the measurement list

ima-y := ima_fs.o ima_queue.o ima_init.o ima_main.o ima_crypto.o ima_api.o \

	 ima_policy.o ima_template.o ima_template_lib.o

ima-$(CONFIG_IMA_APPRAISE) += ima_appraise.o

ima-$(CONFIG_HAVE_IMA_KEXEC) += ima_kexec.o

obj-$(CONFIG_IMA_BLACKLIST_KEYRING) += ima_mok.o

#include "../integrity.h"

#ifdef CONFIG_HAVE_IMA_KEXEC

#include <asm/ima.h>

#endif

enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_BINARY_NO_FIELD_LEN,

		     IMA_SHOW_BINARY_OLD_STRING_FMT, IMA_SHOW_ASCII };

enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 };

};

extern struct list_head ima_measurements;	/* list of all measurements */

/* Some details preceding the binary serialized measurement list */

struct ima_kexec_hdr {

	u16 version;

	u16 _reserved0;

	u32 _reserved1;

	u64 buffer_size;

	u64 count;

};

#ifdef CONFIG_HAVE_IMA_KEXEC

void ima_load_kexec_buffer(void);

#else

static inline void ima_load_kexec_buffer(void) {}

#endif /* CONFIG_HAVE_IMA_KEXEC */

/* Internal IMA function definitions */

int ima_init(void);

int ima_fs_init(void);

void ima_putc(struct seq_file *m, void *data, int datalen);

void ima_print_digest(struct seq_file *m, u8 *digest, u32 size);

struct ima_template_desc *ima_template_desc_current(void);

int ima_restore_measurement_entry(struct ima_template_entry *entry);

int ima_restore_measurement_list(loff_t bufsize, void *buf);

int ima_init_template(void);

/*

	if (rc != 0)

		return rc;

	ima_load_kexec_buffer();

	rc = ima_add_boot_aggregate();	/* boot aggregate must be first entry */

	if (rc != 0)

		return rc;

/*

 * Copyright (C) 2016 IBM Corporation

 *

 * Authors:

 * Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>

 * Mimi Zohar <zohar@linux.vnet.ibm.com>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 2 of the License, or

 * (at your option) any later version.

 */

#include "ima.h"

/*

 * Restore the measurement list from the previous kernel.

 */

void ima_load_kexec_buffer(void)

{

	void *kexec_buffer = NULL;

	size_t kexec_buffer_size = 0;

	int rc;

	rc = ima_get_kexec_buffer(&kexec_buffer, &kexec_buffer_size);

	switch (rc) {

	case 0:

		rc = ima_restore_measurement_list(kexec_buffer_size,

						  kexec_buffer);

		if (rc != 0)

			pr_err("Failed to restore the measurement list: %d\n",

				rc);

		ima_free_kexec_buffer();

		break;

	case -ENOTSUPP:

		pr_debug("Restoring the measurement list not supported\n");

		break;

	case -ENOENT:

		pr_debug("No measurement list to restore\n");

		break;

	default:

		pr_debug("Error restoring the measurement list: %d\n", rc);

	}

}

			    op, audit_cause, result, audit_info);

	return result;

}

int ima_restore_measurement_entry(struct ima_template_entry *entry)

{

	int result = 0;

	mutex_lock(&ima_extend_list_mutex);

	result = ima_add_digest_entry(entry);

	mutex_unlock(&ima_extend_list_mutex);

	return result;

}