int ima_verify_signature(const char *file, unsigned char *sig, int siglen);
//IMA EVM API
+
enum lib_retval {
LIB_SUCCESS,
LIB_ERROR_UNKNOWN,
EVM_STATE_FIX
};
+enum file_state {
+ FILE_STATE_OK,
+ FILE_STATE_TAMPERED,
+ FILE_STATE_UNKNOWN
+};
+
int ima_get_state(int *state);
int ima_set_state(int state);
int evm_get_state(int *state);
int ima_get_xattr(const char *path, char **hash);
int evm_set_xattr(const char *path, const char *evm);
int evm_get_xattr(const char *path, char **hash);
+int get_file_state(const char *path, int *state);
int ima_get_policy(char*** policy);
int ima_free_policy(char **policy);
}
return ret_code;
}
+
+#define IMA_MEASURE_PATH "/sys/kernel/security/ima/ascii_runtime_measurements"
+#define IMA_TAMPERED_STATE 0x0001
+
+ int get_file_state(const char *path, int *state)
+{
+ char line[256];
+ FILE *fp;
+ char *fileState = NULL;
+ char *token = NULL;
+ int found = 0;
+ *state = FILE_STATE_UNKNOWN;
+
+ if (!path || !state) {
+ log_err("Error input param\n");
+ return LIB_ERROR_INPUT_PARAM;
+ }
+
+ fp = fopen(path, "r");
+ if (NULL == fp) {
+ if (errno != EACCES && errno != EPERM) {
+ *state = FILE_STATE_UNKNOWN;
+ goto out;
+ }
+ fp = fopen(IMA_MEASURE_PATH, "r");
+ if (NULL == fp) {
+ log_err("Unable to open file\n");
+ return LIB_ERROR_SYSCALL;
+ }
+ while (fgets(line, sizeof line, fp) != NULL) {
+ token = strtok(line, " ");
+ while ((token = strtok(NULL, " "))) {
+ if (!strcmp(path, token)) {
+ found = 1;
+ break;
+ }
+ }
+ if (found) {
+ token = strtok(NULL, " ");
+ while (NULL != token) {
+ fileState = token;
+ token = strtok(NULL, " ");
+ }
+ if (atoi(fileState) & IMA_TAMPERED_STATE) {
+ *state = FILE_STATE_TAMPERED;
+ goto out;
+ }
+ }
+ }
+ }
+ else
+ *state = FILE_STATE_OK;
+
+out:
+ if (fp)
+ fclose(fp);
+ return LIB_SUCCESS;
+}