include/linux/evm.h
Source file repositories/reference/linux-study-clean/include/linux/evm.h
File Facts
- System
- Linux kernel
- Corpus path
include/linux/evm.h- Extension
.h- Size
- 2446 bytes
- Lines
- 97
- Domain
- Core OS
- Bucket
- Core Kernel Interface
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/integrity.hlinux/xattr.h
Detected Declarations
function posix_xattr_aclfunction evm_set_keyfunction evm_verifyxattrfunction evm_fix_hmacfunction evm_inode_init_securityfunction evm_revalidate_statusfunction evm_protected_xattr_if_enabledfunction evm_read_protected_xattrsfunction evm_metadata_changed
Annotated Snippet
#ifndef _LINUX_EVM_H
#define _LINUX_EVM_H
#include <linux/integrity.h>
#include <linux/xattr.h>
#ifdef CONFIG_EVM
extern int evm_set_key(void *key, size_t keylen);
extern enum integrity_status evm_verifyxattr(struct dentry *dentry,
const char *xattr_name,
void *xattr_value,
size_t xattr_value_len);
int evm_fix_hmac(struct dentry *dentry, const char *xattr_name,
const char *xattr_value, size_t xattr_value_len);
int evm_inode_init_security(struct inode *inode, struct inode *dir,
const struct qstr *qstr, struct xattr *xattrs,
int *xattr_count);
extern bool evm_revalidate_status(const char *xattr_name);
extern int evm_protected_xattr_if_enabled(const char *req_xattr_name);
extern int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
int buffer_size, char type,
bool canonical_fmt);
extern bool evm_metadata_changed(struct inode *inode,
struct inode *metadata_inode);
#ifdef CONFIG_FS_POSIX_ACL
extern int posix_xattr_acl(const char *xattrname);
#else
static inline int posix_xattr_acl(const char *xattrname)
{
return 0;
}
#endif
#else
static inline int evm_set_key(void *key, size_t keylen)
{
return -EOPNOTSUPP;
}
#ifdef CONFIG_INTEGRITY
static inline enum integrity_status evm_verifyxattr(struct dentry *dentry,
const char *xattr_name,
void *xattr_value,
size_t xattr_value_len)
{
return INTEGRITY_UNKNOWN;
}
static inline int evm_fix_hmac(struct dentry *dentry, const char *xattr_name,
const char *xattr_value, size_t xattr_value_len)
{
return -EOPNOTSUPP;
}
#endif
static inline int evm_inode_init_security(struct inode *inode, struct inode *dir,
const struct qstr *qstr,
struct xattr *xattrs,
int *xattr_count)
{
return 0;
}
static inline bool evm_revalidate_status(const char *xattr_name)
{
return false;
}
static inline int evm_protected_xattr_if_enabled(const char *req_xattr_name)
{
return false;
}
static inline int evm_read_protected_xattrs(struct dentry *dentry, u8 *buffer,
int buffer_size, char type,
bool canonical_fmt)
{
return -EOPNOTSUPP;
}
static inline bool evm_metadata_changed(struct inode *inode,
struct inode *metadata_inode)
{
return false;
}
#endif /* CONFIG_EVM */
#endif /* LINUX_EVM_H */
Annotation
- Immediate include surface: `linux/integrity.h`, `linux/xattr.h`.
- Detected declarations: `function posix_xattr_acl`, `function evm_set_key`, `function evm_verifyxattr`, `function evm_fix_hmac`, `function evm_inode_init_security`, `function evm_revalidate_status`, `function evm_protected_xattr_if_enabled`, `function evm_read_protected_xattrs`, `function evm_metadata_changed`.
- Atlas domain: Core OS / Core Kernel Interface.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.