1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * fs-verity module initialization and logging |
4 | * |
5 | * Copyright 2019 Google LLC |
6 | */ |
7 | |
8 | #include "fsverity_private.h" |
9 | |
10 | #include <linux/ratelimit.h> |
11 | |
12 | #ifdef CONFIG_SYSCTL |
13 | static struct ctl_table_header *; |
14 | |
15 | static struct ctl_table fsverity_sysctl_table[] = { |
16 | #ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES |
17 | { |
18 | .procname = "require_signatures" , |
19 | .data = &fsverity_require_signatures, |
20 | .maxlen = sizeof(int), |
21 | .mode = 0644, |
22 | .proc_handler = proc_dointvec_minmax, |
23 | .extra1 = SYSCTL_ZERO, |
24 | .extra2 = SYSCTL_ONE, |
25 | }, |
26 | #endif |
27 | { } |
28 | }; |
29 | |
30 | static void __init fsverity_init_sysctl(void) |
31 | { |
32 | fsverity_sysctl_header = register_sysctl("fs/verity" , |
33 | fsverity_sysctl_table); |
34 | if (!fsverity_sysctl_header) |
35 | panic(fmt: "fsverity sysctl registration failed" ); |
36 | } |
37 | #else /* CONFIG_SYSCTL */ |
38 | static inline void fsverity_init_sysctl(void) |
39 | { |
40 | } |
41 | #endif /* !CONFIG_SYSCTL */ |
42 | |
43 | void fsverity_msg(const struct inode *inode, const char *level, |
44 | const char *fmt, ...) |
45 | { |
46 | static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, |
47 | DEFAULT_RATELIMIT_BURST); |
48 | struct va_format vaf; |
49 | va_list args; |
50 | |
51 | if (!__ratelimit(&rs)) |
52 | return; |
53 | |
54 | va_start(args, fmt); |
55 | vaf.fmt = fmt; |
56 | vaf.va = &args; |
57 | if (inode) |
58 | printk("%sfs-verity (%s, inode %lu): %pV\n" , |
59 | level, inode->i_sb->s_id, inode->i_ino, &vaf); |
60 | else |
61 | printk("%sfs-verity: %pV\n" , level, &vaf); |
62 | va_end(args); |
63 | } |
64 | |
65 | static int __init fsverity_init(void) |
66 | { |
67 | fsverity_check_hash_algs(); |
68 | fsverity_init_info_cache(); |
69 | fsverity_init_workqueue(); |
70 | fsverity_init_sysctl(); |
71 | fsverity_init_signature(); |
72 | return 0; |
73 | } |
74 | late_initcall(fsverity_init) |
75 | |