162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * fs-verity module initialization and logging 462306a36Sopenharmony_ci * 562306a36Sopenharmony_ci * Copyright 2019 Google LLC 662306a36Sopenharmony_ci */ 762306a36Sopenharmony_ci 862306a36Sopenharmony_ci#include "fsverity_private.h" 962306a36Sopenharmony_ci 1062306a36Sopenharmony_ci#include <linux/ratelimit.h> 1162306a36Sopenharmony_ci 1262306a36Sopenharmony_ci#ifdef CONFIG_SYSCTL 1362306a36Sopenharmony_cistatic struct ctl_table_header *fsverity_sysctl_header; 1462306a36Sopenharmony_ci 1562306a36Sopenharmony_cistatic struct ctl_table fsverity_sysctl_table[] = { 1662306a36Sopenharmony_ci#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES 1762306a36Sopenharmony_ci { 1862306a36Sopenharmony_ci .procname = "require_signatures", 1962306a36Sopenharmony_ci .data = &fsverity_require_signatures, 2062306a36Sopenharmony_ci .maxlen = sizeof(int), 2162306a36Sopenharmony_ci .mode = 0644, 2262306a36Sopenharmony_ci .proc_handler = proc_dointvec_minmax, 2362306a36Sopenharmony_ci .extra1 = SYSCTL_ZERO, 2462306a36Sopenharmony_ci .extra2 = SYSCTL_ONE, 2562306a36Sopenharmony_ci }, 2662306a36Sopenharmony_ci#endif 2762306a36Sopenharmony_ci { } 2862306a36Sopenharmony_ci}; 2962306a36Sopenharmony_ci 3062306a36Sopenharmony_cistatic void __init fsverity_init_sysctl(void) 3162306a36Sopenharmony_ci{ 3262306a36Sopenharmony_ci fsverity_sysctl_header = register_sysctl("fs/verity", 3362306a36Sopenharmony_ci fsverity_sysctl_table); 3462306a36Sopenharmony_ci if (!fsverity_sysctl_header) 3562306a36Sopenharmony_ci panic("fsverity sysctl registration failed"); 3662306a36Sopenharmony_ci} 3762306a36Sopenharmony_ci#else /* CONFIG_SYSCTL */ 3862306a36Sopenharmony_cistatic inline void fsverity_init_sysctl(void) 3962306a36Sopenharmony_ci{ 4062306a36Sopenharmony_ci} 4162306a36Sopenharmony_ci#endif /* !CONFIG_SYSCTL */ 4262306a36Sopenharmony_ci 4362306a36Sopenharmony_civoid fsverity_msg(const struct inode *inode, const char *level, 4462306a36Sopenharmony_ci const char *fmt, ...) 4562306a36Sopenharmony_ci{ 4662306a36Sopenharmony_ci static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, 4762306a36Sopenharmony_ci DEFAULT_RATELIMIT_BURST); 4862306a36Sopenharmony_ci struct va_format vaf; 4962306a36Sopenharmony_ci va_list args; 5062306a36Sopenharmony_ci 5162306a36Sopenharmony_ci if (!__ratelimit(&rs)) 5262306a36Sopenharmony_ci return; 5362306a36Sopenharmony_ci 5462306a36Sopenharmony_ci va_start(args, fmt); 5562306a36Sopenharmony_ci vaf.fmt = fmt; 5662306a36Sopenharmony_ci vaf.va = &args; 5762306a36Sopenharmony_ci if (inode) 5862306a36Sopenharmony_ci printk("%sfs-verity (%s, inode %lu): %pV\n", 5962306a36Sopenharmony_ci level, inode->i_sb->s_id, inode->i_ino, &vaf); 6062306a36Sopenharmony_ci else 6162306a36Sopenharmony_ci printk("%sfs-verity: %pV\n", level, &vaf); 6262306a36Sopenharmony_ci va_end(args); 6362306a36Sopenharmony_ci} 6462306a36Sopenharmony_ci 6562306a36Sopenharmony_cistatic int __init fsverity_init(void) 6662306a36Sopenharmony_ci{ 6762306a36Sopenharmony_ci fsverity_check_hash_algs(); 6862306a36Sopenharmony_ci fsverity_init_info_cache(); 6962306a36Sopenharmony_ci fsverity_init_workqueue(); 7062306a36Sopenharmony_ci fsverity_init_sysctl(); 7162306a36Sopenharmony_ci fsverity_init_signature(); 7262306a36Sopenharmony_ci return 0; 7362306a36Sopenharmony_ci} 7462306a36Sopenharmony_cilate_initcall(fsverity_init) 75