Refactor evm_set/get_state(). Update EVM state enums.

Change-Id: I47863e813fde5adecaac506bcd3e7cbb21258410
Signed-off-by: Janusz Kozerski <j.kozerski@samsung.com>

diff --git a/src/imaevm.h b/src/imaevm.h
index 542d1dc..ffba367 100644 (file)
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -230,11 +230,11 @@ enum ima_state {
 };
 
 enum evm_state {
-       EVM_STATE_DISABLED, /* EVM is turned off - no actions are done */
-       EVM_STATE_ENABLED,  /* EVM is check security.* xattrs integrity. On error access
-                            * denied is returned when attempt to open. If security.evm was
-                            *  correct on open it is updated on close */
-       EVM_STATE_FIX       /* No integrity check - Hash of file is updated on file close */
+       EVM_STATE_DISABLED = 0x00, /* EVM is turned off - no actions are done */
+       EVM_STATE_ENABLED  = 0x01, /* EVM is check security.* xattrs integrity. On error access
+                                   * denied is returned when attempt to open. If security.evm was
+                                   *  correct on open it is updated on close */
+       EVM_STATE_FIX      = 0x02  /* No integrity check - Hash of file is updated on file close */
 };
 
 enum file_state {

diff --git a/src/libimaevm.c b/src/libimaevm.c
index f95819d..abe1f22 100644 (file)
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -876,7 +876,8 @@ int ima_set_state(int state)
 int evm_get_state(int *state)
 {
        int fd;
-       char buff;
+       char buff[4];
+       int tmp_state;
 
        if (!state) {
                log_err("Error input param\n");
@@ -896,26 +897,28 @@ int evm_get_state(int *state)
        }
 
        close(fd);
+       buff[3] = '\0';
 
-       switch (buff) {
-       case '0':
-               *state = EVM_STATE_DISABLED;
-               return LIB_SUCCESS;
-       case '1':
-               *state = EVM_STATE_ENABLED;
-               return LIB_SUCCESS;
-       case '2':
-               *state = EVM_STATE_FIX;
+       tmp_state = atoi(buff);
+
+       if (tmp_state == EVM_STATE_DISABLED ||
+           tmp_state == EVM_STATE_ENABLED  ||
+           tmp_state == EVM_STATE_FIX) {
+               *state = tmp_state;
                return LIB_SUCCESS;
-       default:
-               log_err("Unknown EVM state\n");
-               return LIB_ERROR_UNKNOWN;
        }
+       return LIB_ERROR_UNKNOWN;
 }
 
 int evm_set_state(int state)
 {
-       char buff;
+       char buff[4] = {'\0',};
+
+       if (state != EVM_STATE_DISABLED &&
+           state != EVM_STATE_ENABLED  &&
+           state != EVM_STATE_FIX)
+               return LIB_ERROR_INPUT_PARAM;
+
 
        int fd = open(EVM_STATE_PATH, O_RDWR);
        if (fd < 0) {
@@ -923,23 +926,9 @@ int evm_set_state(int state)
                return LIB_ERROR_SYSCALL;
        }
 
-       switch (state) {
-       case EVM_STATE_DISABLED:
-               buff = '0';
-               break;
-       case EVM_STATE_ENABLED:
-               buff = '1';
-               break;
-       case EVM_STATE_FIX:
-               buff = '2';
-               break;
-       default:
-               log_err("Wrong EVM state\n");
-               close(fd);
-               return LIB_ERROR_UNKNOWN;
-       }
+       snprintf(buff, 3, "%d", state);
 
-       if (write(fd, &buff, sizeof(buff)) < 0) {
+       if (write(fd, buff, sizeof(buff)) < 0) {
                log_err("Unable to write file\n");
                close(fd);
                return LIB_ERROR_SYSCALL;