summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJanusz Kozerski <j.kozerski@samsung.com>2014-10-06 15:14:26 +0200
committerJanusz Kozerski <j.kozerski@samsung.com>2014-10-09 16:30:46 +0200
commitd85dfd821c7a34da03634b81127b5dfc081912f9 (patch)
tree5461da14fb8d78c5bc924fa98a347ee11442c016
parent39af0d8021d406df98bf1ed2c1fdab4b2cb0240b (diff)
downloadima-evm-utils-d85dfd821c7a34da03634b81127b5dfc081912f9.tar.gz
ima-evm-utils-d85dfd821c7a34da03634b81127b5dfc081912f9.tar.bz2
ima-evm-utils-d85dfd821c7a34da03634b81127b5dfc081912f9.zip
Refactor evm_set/get_state(). Update EVM state enums.HEADtizensandbox/jkozerski/experimental
Change-Id: I47863e813fde5adecaac506bcd3e7cbb21258410 Signed-off-by: Janusz Kozerski <j.kozerski@samsung.com>
Diffstat
-rw-r--r--src/imaevm.h10
-rw-r--r--src/libimaevm.c49
2 files changed, 24 insertions, 35 deletions
diff --git a/src/imaevm.h b/src/imaevm.h
index 542d1dc..ffba367 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -230,11 +230,11 @@ enum ima_state {
};
enum evm_state {
- EVM_STATE_DISABLED, /* EVM is turned off - no actions are done */
- EVM_STATE_ENABLED, /* EVM is check security.* xattrs integrity. On error access
- * denied is returned when attempt to open. If security.evm was
- * correct on open it is updated on close */
- EVM_STATE_FIX /* No integrity check - Hash of file is updated on file close */
+ EVM_STATE_DISABLED = 0x00, /* EVM is turned off - no actions are done */
+ EVM_STATE_ENABLED = 0x01, /* EVM is check security.* xattrs integrity. On error access
+ * denied is returned when attempt to open. If security.evm was
+ * correct on open it is updated on close */
+ EVM_STATE_FIX = 0x02 /* No integrity check - Hash of file is updated on file close */
};
enum file_state {
diff --git a/src/libimaevm.c b/src/libimaevm.c
index f95819d..abe1f22 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -876,7 +876,8 @@ int ima_set_state(int state)
int evm_get_state(int *state)
{
int fd;
- char buff;
+ char buff[4];
+ int tmp_state;
if (!state) {
log_err("Error input param\n");
@@ -896,26 +897,28 @@ int evm_get_state(int *state)
}
close(fd);
+ buff[3] = '\0';
- switch (buff) {
- case '0':
- *state = EVM_STATE_DISABLED;
- return LIB_SUCCESS;
- case '1':
- *state = EVM_STATE_ENABLED;
- return LIB_SUCCESS;
- case '2':
- *state = EVM_STATE_FIX;
+ tmp_state = atoi(buff);
+
+ if (tmp_state == EVM_STATE_DISABLED ||
+ tmp_state == EVM_STATE_ENABLED ||
+ tmp_state == EVM_STATE_FIX) {
+ *state = tmp_state;
return LIB_SUCCESS;
- default:
- log_err("Unknown EVM state\n");
- return LIB_ERROR_UNKNOWN;
}
+ return LIB_ERROR_UNKNOWN;
}
int evm_set_state(int state)
{
- char buff;
+ char buff[4] = {'\0',};
+
+ if (state != EVM_STATE_DISABLED &&
+ state != EVM_STATE_ENABLED &&
+ state != EVM_STATE_FIX)
+ return LIB_ERROR_INPUT_PARAM;
+
int fd = open(EVM_STATE_PATH, O_RDWR);
if (fd < 0) {
@@ -923,23 +926,9 @@ int evm_set_state(int state)
return LIB_ERROR_SYSCALL;
}
- switch (state) {
- case EVM_STATE_DISABLED:
- buff = '0';
- break;
- case EVM_STATE_ENABLED:
- buff = '1';
- break;
- case EVM_STATE_FIX:
- buff = '2';
- break;
- default:
- log_err("Wrong EVM state\n");
- close(fd);
- return LIB_ERROR_UNKNOWN;
- }
+ snprintf(buff, 3, "%d", state);
- if (write(fd, &buff, sizeof(buff)) < 0) {
+ if (write(fd, buff, sizeof(buff)) < 0) {
log_err("Unable to write file\n");
close(fd);
return LIB_ERROR_SYSCALL;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 10:15:26 +0000