diff options
| author | Thomas Weißschuh <thomas.weissschuh@linutronix.de> | 2026-03-05 10:31:40 +0100 |
|---|---|---|
| committer | Sami Tolvanen <samitolvanen@google.com> | 2026-03-24 21:42:37 +0000 |
| commit | 2ae4ea2d9aaf25cb74fbc23450b1b8f0a5b7aa89 (patch) | |
| tree | ce6184d3177ad5c16fabed5b8b3270fc04756bb8 /security | |
| parent | acd87264af525dba6e9355310e8acdf066a5f6b5 (diff) | |
| download | linux-next-history-2ae4ea2d9aaf25cb74fbc23450b1b8f0a5b7aa89.tar.gz | |
module: Give MODULE_SIG_STRING a more descriptive name
The purpose of the constant it is not entirely clear from its name.
As this constant is going to be exposed in a UAPI header, give it a more
specific name for clarity. As all its users call it 'marker', use that
wording in the constant itself.
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@linutronix.de>
Reviewed-by: Petr Pavlu <petr.pavlu@suse.com>
Reviewed-by: Nicolas Schier <nsc@kernel.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/integrity/ima/ima_modsig.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/integrity/ima/ima_modsig.c b/security/integrity/ima/ima_modsig.c index 9aa92fd35a034..632c746fd81e4 100644 --- a/security/integrity/ima/ima_modsig.c +++ b/security/integrity/ima/ima_modsig.c @@ -40,7 +40,7 @@ struct modsig { int ima_read_modsig(enum ima_hooks func, const void *buf, loff_t buf_len, struct modsig **modsig) { - const size_t marker_len = strlen(MODULE_SIG_STRING); + const size_t marker_len = strlen(MODULE_SIGNATURE_MARKER); const struct module_signature *sig; struct modsig *hdr; size_t sig_len; @@ -51,7 +51,7 @@ int ima_read_modsig(enum ima_hooks func, const void *buf, loff_t buf_len, return -ENOENT; p = buf + buf_len - marker_len; - if (memcmp(p, MODULE_SIG_STRING, marker_len)) + if (memcmp(p, MODULE_SIGNATURE_MARKER, marker_len)) return -ENOENT; buf_len -= marker_len; @@ -105,7 +105,7 @@ void ima_collect_modsig(struct modsig *modsig, const void *buf, loff_t size) * Provide the file contents (minus the appended sig) so that the PKCS7 * code can calculate the file hash. */ - size -= modsig->raw_pkcs7_len + strlen(MODULE_SIG_STRING) + + size -= modsig->raw_pkcs7_len + strlen(MODULE_SIGNATURE_MARKER) + sizeof(struct module_signature); rc = pkcs7_supply_detached_data(modsig->pkcs7_msg, buf, size); if (rc) |