X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=kernel%2Fmodule-verify.h;h=f4e3dc7d55fd42323bf3c8e2f636d8b0eecd85b2;hb=refs%2Fremotes%2Fvserver;hp=10efab86b239916c1e4b7998c26de20c628e95cd;hpb=5fc42a6ed0ec81088c37caadb45898ae6cd0ad2c;p=linux-2.6.git

diff --git a/kernel/module-verify.h b/kernel/module-verify.h
index 10efab86b..f4e3dc7d5 100644
--- a/kernel/module-verify.h
+++ b/kernel/module-verify.h
@@ -9,7 +9,55 @@
  * 2 of the License, or (at your option) any later version.
  */
 
+#include <linux/types.h>
+#include <linux/crypto.h>
+#include <asm/module.h>
+
+#ifdef CONFIG_MODULE_VERIFY
+struct module_verify_data {
+	struct hash_desc	hash;		/* module signature digest */
+	const void		*buffer;	/* module buffer */
+	const Elf_Ehdr		*hdr;		/* ELF header */
+	const Elf_Shdr		*sections;	/* ELF section table */
+	const Elf_Sym		*symbols;	/* ELF symbol table */
+	const char		*secstrings;	/* ELF section string table */
+	const char		*strings;	/* ELF string table */
+	size_t			*secsizes;	/* section size list */
+	size_t			size;		/* module object size */
+	size_t			nsects;		/* number of sections */
+	size_t			nsyms;		/* number of symbols */
+	size_t			nstrings;	/* size of strings section */
+	size_t			signed_size;	/* count of bytes contributed to digest */
+	int			*canonlist;	/* list of canonicalised sections */
+	int			*canonmap;	/* section canonicalisation map */
+	int			sig_index;	/* module signature section index */
+	uint8_t			xcsum;		/* checksum of bytes contributed to digest */
+	uint8_t			csum;		/* checksum of bytes representing a section */
+};
+
+/*
+ * module-verify.c
+ */
+extern int module_verify(const Elf_Ehdr *hdr, size_t size);
+
+/*
+ * module-verify-elf.c
+ */
+#ifdef CONFIG_MODULE_VERIFY_ELF
+extern int module_verify_elf(struct module_verify_data *mvdata);
+#else
+#define module_verify_elf(m) (0)
+#endif
+
+/*
+ * module-verify-sig.c
+ */
 #ifdef CONFIG_MODULE_SIG
-extern int module_verify_sig(Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
-			     const char *secstrings, struct module *mod);
+extern int module_verify_signature(struct module_verify_data *mvdata);
+#else
+#define module_verify_signature(m) (0)
+#endif
+
+#else
+#define module_verify(h, s) (0)
 #endif