summaryrefslogtreecommitdiff
path: root/security/integrity/evm
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/evm')
-rw-r--r--security/integrity/evm/evm_secfs.c27
1 files changed, 24 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
index feba03bbedae..e44380f0cb45 100644
--- a/security/integrity/evm/evm_secfs.c
+++ b/security/integrity/evm/evm_secfs.c
@@ -19,7 +19,9 @@
#include <linux/module.h>
#include "evm.h"
+static struct dentry *evm_dir;
static struct dentry *evm_init_tpm;
+static struct dentry *evm_symlink;
/**
* evm_read_key - read() for <securityfs>/evm
@@ -111,9 +113,28 @@ int __init evm_init_secfs(void)
{
int error = 0;
- evm_init_tpm = securityfs_create_file("evm", S_IRUSR | S_IRGRP,
- NULL, NULL, &evm_key_ops);
- if (!evm_init_tpm || IS_ERR(evm_init_tpm))
+ evm_dir = securityfs_create_dir("evm", integrity_dir);
+ if (!evm_dir || IS_ERR(evm_dir))
+ return -EFAULT;
+
+ evm_init_tpm = securityfs_create_file("evm", 0660,
+ evm_dir, NULL, &evm_key_ops);
+ if (!evm_init_tpm || IS_ERR(evm_init_tpm)) {
+ error = -EFAULT;
+ goto out;
+ }
+
+ evm_symlink = securityfs_create_symlink("evm", NULL,
+ "integrity/evm/evm", NULL);
+ if (!evm_symlink || IS_ERR(evm_symlink)) {
error = -EFAULT;
+ goto out;
+ }
+
+ return 0;
+out:
+ securityfs_remove(evm_symlink);
+ securityfs_remove(evm_init_tpm);
+ securityfs_remove(evm_dir);
return error;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 14:32:29 +0000