[linux.git] / fs / verity / init.c

// SPDX-License-Identifier: GPL-2.0
/*
 * fs-verity module initialization and logging
 *
 * Copyright 2019 Google LLC
 */

#include "fsverity_private.h"

#include <linux/ratelimit.h>

#ifdef CONFIG_SYSCTL
static struct ctl_table_header *fsverity_sysctl_header;

static struct ctl_table fsverity_sysctl_table[] = {
#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
	{
		.procname       = "require_signatures",
		.data           = &fsverity_require_signatures,
		.maxlen         = sizeof(int),
		.mode           = 0644,
		.proc_handler   = proc_dointvec_minmax,
		.extra1         = SYSCTL_ZERO,
		.extra2         = SYSCTL_ONE,
	},
#endif
};

static void __init fsverity_init_sysctl(void)
{
	fsverity_sysctl_header = register_sysctl("fs/verity",
						 fsverity_sysctl_table);
	if (!fsverity_sysctl_header)
		panic("fsverity sysctl registration failed");
}
#else /* CONFIG_SYSCTL */
static inline void fsverity_init_sysctl(void)
{
}
#endif /* !CONFIG_SYSCTL */

void fsverity_msg(const struct inode *inode, const char *level,
		  const char *fmt, ...)
{
	static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
				      DEFAULT_RATELIMIT_BURST);
	struct va_format vaf;
	va_list args;

	if (!__ratelimit(&rs))
		return;

	va_start(args, fmt);
	vaf.fmt = fmt;
	vaf.va = &args;
	if (inode)
		printk("%sfs-verity (%s, inode %lu): %pV\n",
		       level, inode->i_sb->s_id, inode->i_ino, &vaf);
	else
		printk("%sfs-verity: %pV\n", level, &vaf);
	va_end(args);
}

static int __init fsverity_init(void)
{
	fsverity_check_hash_algs();
	fsverity_init_info_cache();
	fsverity_init_workqueue();
	fsverity_init_sysctl();
	fsverity_init_signature();
	fsverity_init_bpf();
	return 0;
}
late_initcall(fsverity_init)
Commit	Line	Data
671e67b4 EB	1	// SPDX-License-Identifier: GPL-2.0
671e67b4 EB	2	/*
7bf765dd	3	* fs-verity module initialization and logging
671e67b4 EB	4	*
	5	* Copyright 2019 Google LLC
	6	*/
	7
	8	#include "fsverity_private.h"
	9
	10	#include <linux/ratelimit.h>
	11
456ae5fe EB	12	#ifdef CONFIG_SYSCTL
	13	static struct ctl_table_header *fsverity_sysctl_header;
	14
	15	static struct ctl_table fsverity_sysctl_table[] = {
	16	#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
	17	{
	18	.procname = "require_signatures",
	19	.data = &fsverity_require_signatures,
	20	.maxlen = sizeof(int),
	21	.mode = 0644,
	22	.proc_handler = proc_dointvec_minmax,
	23	.extra1 = SYSCTL_ZERO,
	24	.extra2 = SYSCTL_ONE,
	25	},
	26	#endif
456ae5fe EB	27	};
	28
	29	static void __init fsverity_init_sysctl(void)
	30	{
	31	fsverity_sysctl_header = register_sysctl("fs/verity",
	32	fsverity_sysctl_table);
	33	if (!fsverity_sysctl_header)
	34	panic("fsverity sysctl registration failed");
	35	}
	36	#else /* CONFIG_SYSCTL */
	37	static inline void fsverity_init_sysctl(void)
	38	{
	39	}
	40	#endif /* !CONFIG_SYSCTL */
	41
671e67b4 EB	42	void fsverity_msg(const struct inode inode, const char level,
	43	const char *fmt, ...)
	44	{
	45	static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
	46	DEFAULT_RATELIMIT_BURST);
	47	struct va_format vaf;
	48	va_list args;
	49
	50	if (!__ratelimit(&rs))
	51	return;
	52
	53	va_start(args, fmt);
	54	vaf.fmt = fmt;
	55	vaf.va = &args;
	56	if (inode)
	57	printk("%sfs-verity (%s, inode %lu): %pV\n",
	58	level, inode->i_sb->s_id, inode->i_ino, &vaf);
	59	else
	60	printk("%sfs-verity: %pV\n", level, &vaf);
	61	va_end(args);
	62	}
	63
	64	static int __init fsverity_init(void)
	65	{
	66	fsverity_check_hash_algs();
e77000cc EB	67	fsverity_init_info_cache();
e77000cc EB	68	fsverity_init_workqueue();
456ae5fe	69	fsverity_init_sysctl();
e77000cc	70	fsverity_init_signature();
67814c00	71	fsverity_init_bpf();
671e67b4 EB	72	return 0;
	73	}
	74	late_initcall(fsverity_init)