mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-29 23:53:32 +00:00
231af47090
The verity glue for LoadPin is only needed when CONFIG_SECURITY_LOADPIN_VERITY is set, use this option for conditional compilation instead of the combo of CONFIG_DM_VERITY and CONFIG_SECURITY_LOADPIN. Signed-off-by: Matthias Kaehlcke <mka@chromium.org> Acked-by: Mike Snitzer <snitzer@kernel.org> Link: https://lore.kernel.org/lkml/20220627083512.v7.3.I5aca2dcc3b06de4bf53696cd21329dce8272b8aa@changeid Signed-off-by: Kees Cook <keescook@chromium.org>
27 lines
599 B
C
27 lines
599 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
|
|
#ifndef __LINUX_DM_VERITY_LOADPIN_H
|
|
#define __LINUX_DM_VERITY_LOADPIN_H
|
|
|
|
#include <linux/list.h>
|
|
|
|
struct block_device;
|
|
|
|
extern struct list_head dm_verity_loadpin_trusted_root_digests;
|
|
|
|
struct dm_verity_loadpin_trusted_root_digest {
|
|
struct list_head node;
|
|
unsigned int len;
|
|
u8 data[];
|
|
};
|
|
|
|
#if IS_ENABLED(CONFIG_SECURITY_LOADPIN_VERITY)
|
|
bool dm_verity_loadpin_is_bdev_trusted(struct block_device *bdev);
|
|
#else
|
|
static inline bool dm_verity_loadpin_is_bdev_trusted(struct block_device *bdev)
|
|
{
|
|
return false;
|
|
}
|
|
#endif
|
|
|
|
#endif /* __LINUX_DM_VERITY_LOADPIN_H */
|