| 1 | // SPDX-License-Identifier: GPL-2.0 |
|---|
| 2 | /* |
|---|
| 3 | * fs-verity module initialization and logging |
|---|
| 4 | * |
|---|
| 5 | * Copyright 2019 Google LLC |
|---|
| 6 | */ |
|---|
| 7 | |
|---|
| 8 | #include "fsverity_private.h" |
|---|
| 9 | |
|---|
| 10 | #include <linux/ratelimit.h> |
|---|
| 11 | |
|---|
| 12 | #ifdef CONFIG_SYSCTL |
|---|
| 13 | static struct ctl_table_header *; |
|---|
| 14 | |
|---|
| 15 | static struct ctl_table fsverity_sysctl_table[] = { |
|---|
| 16 | #ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES |
|---|
| 17 | { |
|---|
| 18 | .procname = "require_signatures" , |
|---|
| 19 | .data = &fsverity_require_signatures, |
|---|
| 20 | .maxlen = sizeof(int), |
|---|
| 21 | .mode = 0644, |
|---|
| 22 | .proc_handler = proc_dointvec_minmax, |
|---|
| 23 | .extra1 = SYSCTL_ZERO, |
|---|
| 24 | .extra2 = SYSCTL_ONE, |
|---|
| 25 | }, |
|---|
| 26 | #endif |
|---|
| 27 | { } |
|---|
| 28 | }; |
|---|
| 29 | |
|---|
| 30 | static void __init fsverity_init_sysctl(void) |
|---|
| 31 | { |
|---|
| 32 | fsverity_sysctl_header = register_sysctl("fs/verity" , |
|---|
| 33 | fsverity_sysctl_table); |
|---|
| 34 | if (!fsverity_sysctl_header) |
|---|
| 35 | panic(fmt: "fsverity sysctl registration failed" ); |
|---|
| 36 | } |
|---|
| 37 | #else /* CONFIG_SYSCTL */ |
|---|
| 38 | static inline void fsverity_init_sysctl(void) |
|---|
| 39 | { |
|---|
| 40 | } |
|---|
| 41 | #endif /* !CONFIG_SYSCTL */ |
|---|
| 42 | |
|---|
| 43 | void fsverity_msg(const struct inode *inode, const char *level, |
|---|
| 44 | const char *fmt, ...) |
|---|
| 45 | { |
|---|
| 46 | static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, |
|---|
| 47 | DEFAULT_RATELIMIT_BURST); |
|---|
| 48 | struct va_format vaf; |
|---|
| 49 | va_list args; |
|---|
| 50 | |
|---|
| 51 | if (!__ratelimit(&rs)) |
|---|
| 52 | return; |
|---|
| 53 | |
|---|
| 54 | va_start(args, fmt); |
|---|
| 55 | vaf.fmt = fmt; |
|---|
| 56 | vaf.va = &args; |
|---|
| 57 | if (inode) |
|---|
| 58 | printk("%sfs-verity (%s, inode %lu): %pV\n" , |
|---|
| 59 | level, inode->i_sb->s_id, inode->i_ino, &vaf); |
|---|
| 60 | else |
|---|
| 61 | printk("%sfs-verity: %pV\n" , level, &vaf); |
|---|
| 62 | va_end(args); |
|---|
| 63 | } |
|---|
| 64 | |
|---|
| 65 | static int __init fsverity_init(void) |
|---|
| 66 | { |
|---|
| 67 | fsverity_check_hash_algs(); |
|---|
| 68 | fsverity_init_info_cache(); |
|---|
| 69 | fsverity_init_workqueue(); |
|---|
| 70 | fsverity_init_sysctl(); |
|---|
| 71 | fsverity_init_signature(); |
|---|
| 72 | return 0; |
|---|
| 73 | } |
|---|
| 74 | late_initcall(fsverity_init) |
|---|
| 75 | |
|---|
