linux-stable/include/linux/dm-verity-loadpin.h
Matthias Kaehlcke 231af47090 dm: verity-loadpin: Use CONFIG_SECURITY_LOADPIN_VERITY for conditional compilation
The verity glue for LoadPin is only needed when CONFIG_SECURITY_LOADPIN_VERITY
is set, use this option for conditional compilation instead of the combo of
CONFIG_DM_VERITY and CONFIG_SECURITY_LOADPIN.

Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Acked-by: Mike Snitzer <snitzer@kernel.org>
Link: https://lore.kernel.org/lkml/20220627083512.v7.3.I5aca2dcc3b06de4bf53696cd21329dce8272b8aa@changeid
Signed-off-by: Kees Cook <keescook@chromium.org>
2022-07-08 10:47:07 -07:00

27 lines
599 B
C

/* SPDX-License-Identifier: GPL-2.0 */
#ifndef __LINUX_DM_VERITY_LOADPIN_H
#define __LINUX_DM_VERITY_LOADPIN_H
#include <linux/list.h>
struct block_device;
extern struct list_head dm_verity_loadpin_trusted_root_digests;
struct dm_verity_loadpin_trusted_root_digest {
struct list_head node;
unsigned int len;
u8 data[];
};
#if IS_ENABLED(CONFIG_SECURITY_LOADPIN_VERITY)
bool dm_verity_loadpin_is_bdev_trusted(struct block_device *bdev);
#else
static inline bool dm_verity_loadpin_is_bdev_trusted(struct block_device *bdev)
{
return false;
}
#endif
#endif /* __LINUX_DM_VERITY_LOADPIN_H */