1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3  * Copyright (C) 2021 Microsoft Corporation
4  *
5  * Author: Tushar Sugandhi <tusharsu@linux.microsoft.com>
6  *
7  * Header file for device mapper IMA measurements.
8  */
9 
10 #ifndef DM_IMA_H
11 #define DM_IMA_H
12 
13 #define DM_IMA_MEASUREMENT_BUF_LEN	4096
14 #define DM_IMA_DEVICE_BUF_LEN		1024
15 #define DM_IMA_TARGET_METADATA_BUF_LEN	128
16 #define DM_IMA_TARGET_DATA_BUF_LEN	2048
17 #define DM_IMA_DEVICE_CAPACITY_BUF_LEN	128
18 #define DM_IMA_TABLE_HASH_ALG		"sha256"
19 
20 #define __dm_ima_stringify(s) #s
21 #define __dm_ima_str(s) __dm_ima_stringify(s)
22 
23 #define DM_IMA_VERSION_STR "dm_version="	\
24 	__dm_ima_str(DM_VERSION_MAJOR) "."	\
25 	__dm_ima_str(DM_VERSION_MINOR) "."	\
26 	__dm_ima_str(DM_VERSION_PATCHLEVEL) ";"
27 
28 #ifdef CONFIG_IMA
29 
30 struct dm_ima_device_table_metadata {
31 	/*
32 	 * Contains data specific to the device which is common across
33 	 * all the targets in the table (e.g. name, uuid, major, minor, etc).
34 	 * The values are stored in comma separated list of key1=val1,key2=val2;
35 	 * pairs delimited by a semicolon at the end of the list.
36 	 */
37 	char *device_metadata;
38 	unsigned int device_metadata_len;
39 	unsigned int num_targets;
40 
41 	/*
42 	 * Contains the sha256 hashes of the IMA measurements of the target
43 	 * attributes' key-value pairs from the active/inactive tables.
44 	 */
45 	char *hash;
46 	unsigned int hash_len;
47 };
48 
49 /*
50  * This structure contains device metadata, and table hash for
51  * active and inactive tables for ima measurements.
52  */
53 struct dm_ima_measurements {
54 	struct dm_ima_device_table_metadata active_table;
55 	struct dm_ima_device_table_metadata inactive_table;
56 	unsigned int dm_version_str_len;
57 };
58 
59 void dm_ima_reset_data(struct mapped_device *md);
60 void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_flags);
61 void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap);
62 void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all);
63 void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map);
64 void dm_ima_measure_on_device_rename(struct mapped_device *md);
65 
66 #else
67 
dm_ima_reset_data(struct mapped_device * md)68 static inline void dm_ima_reset_data(struct mapped_device *md) {}
dm_ima_measure_on_table_load(struct dm_table * table,unsigned int status_flags)69 static inline void dm_ima_measure_on_table_load(struct dm_table *table, unsigned int status_flags) {}
dm_ima_measure_on_device_resume(struct mapped_device * md,bool swap)70 static inline void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap) {}
dm_ima_measure_on_device_remove(struct mapped_device * md,bool remove_all)71 static inline void dm_ima_measure_on_device_remove(struct mapped_device *md, bool remove_all) {}
dm_ima_measure_on_table_clear(struct mapped_device * md,bool new_map)72 static inline void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map) {}
dm_ima_measure_on_device_rename(struct mapped_device * md)73 static inline void dm_ima_measure_on_device_rename(struct mapped_device *md) {}
74 
75 #endif /* CONFIG_IMA */
76 
77 #endif /* DM_IMA_H */
78