Update enums with IMA states

The new states are:
 * IMA_STATE_DISABLED
 * IMA_STATE_IGNORE
 * IMA_STATE_ENFORCE
 * IMA_STATE_FIX
These states are compatible with IMA state in kernel.

Change-Id: I2886dfbf0e00b970cadb499deef9792c4abb2746
Signed-off-by: Janusz Kozerski <j.kozerski@samsung.com>

diff --git a/src/imaevm.h b/src/imaevm.h
index d773617..d1f8704 100644 (file)
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -76,6 +76,10 @@
 #define        DATA_SIZE       4096
 #define SHA1_HASH_LEN   20
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 #define __packed __attribute__((packed))
 
 enum evm_ima_xattr_type {
@@ -212,7 +216,8 @@ enum lib_retval {
 
 enum ima_state {
        IMA_STATE_DISABLED,
-       IMA_STATE_ENABLED,
+       IMA_STATE_IGNORE,
+       IMA_STATE_ENFORCE,
        IMA_STATE_FIX
 };
 
@@ -236,4 +241,9 @@ int ima_free_policy(char **policy);
 int ima_set_policy(const char **policy, const char *policy_sig);
 int ima_set_policy_file(const char *policy_path);
 
+#ifdef __cplusplus
+}
+#endif
+
+
 #endif

diff --git a/src/libimaevm.c b/src/libimaevm.c
index b9f6a47..1a4b3d9 100644 (file)
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -836,9 +836,12 @@ int ima_get_state(int *state)
                *state = IMA_STATE_DISABLED;
                return LIB_SUCCESS;
        case '1':
-               *state = IMA_STATE_ENABLED;
+               *state = IMA_STATE_IGNORE;
                return LIB_SUCCESS;
        case '2':
+               *state = IMA_STATE_ENFORCE;
+               return LIB_SUCCESS;
+       case '4':
                *state = IMA_STATE_FIX;
                return LIB_SUCCESS;
        default:
@@ -861,16 +864,19 @@ int ima_set_state(int state)
        case IMA_STATE_DISABLED:
                buff = '0';
                break;
-       case IMA_STATE_ENABLED:
+       case IMA_STATE_IGNORE:
                buff = '1';
                break;
-       case IMA_STATE_FIX:
+       case IMA_STATE_ENFORCE:
                buff = '2';
                break;
+       case IMA_STATE_FIX:
+               buff = '4';
+               break;
        default:
                log_err("Wrong IMA state\n");
                close(fd);
-               return LIB_ERROR_UNKNOWN;
+               return LIB_ERROR_INPUT_PARAM;
        }
 
        if (write(fd, &buff, sizeof(buff)) < 0) {
@@ -1253,7 +1259,7 @@ int ima_set_policy_file(const char *policy_path)
        while (counter < len) {
                ret = write(fd, &(policy_path[counter]), len - counter);
                if (ret < 0) {
-                       log_err("Error while writing to the kernel interface\n");
+                       log_err("Error while writing to the kernel interface (%s)\n", strerror(errno));
                        ret_code = LIB_ERROR_SYSCALL;
                        goto out;
                }