huawei-mrd-kernel/include/chipset_common/security/root_scan.h

/*
 * Copyright (c) Huawei Technologies Co., Ltd. 2016-2018. All rights reserved.
 * Description: the hw_kernel_stp_proc.c for proc file create and destroy
 * Author: likun <quentin.lee@huawei.com>
 * Create: 2016-7-18
 */

#ifndef _ROOT_SCAN_H_
#define _ROOT_SCAN_H_


#define D_RSOPID_MASK_NONE 0            /* check none items */
#define D_RSOPID_KCODE     (1 << 0)     /* check integrity of kernel code */
#define D_RSOPID_SYS_CALL  (1 << 1)     /* check system call table */
#define D_RSOPID_SE_HOOKS  (1 << 2)     /* check seLinux hooks */
#define D_RSOPID_SE_STATUS (1 << 3)     /* check seLinux enforce status */
#define D_RSOPID_RRPOCS    (1 << 4)     /* check root processes */
#define D_RSOPID_SETID     (1 << 5)     /* check setid */

#ifdef CONFIG_HW_ROOT_SCAN
int rscan_trigger(void);
#else
static inline int rscan_trigger(void)
{
	return 0;
}
#endif

/*
 * root_scan_pause - for kernel space pause root-scan
 * Description: pause root scan for kernel hot fix.
 * support kcode, syscall, sehooks, selinux status scan pause.
 * reserved is reserved parameters for external module
 * @result, after calling the pause fuction, root scan will be suspended
 *    until using resume function
 * @return:
 *     Overall root status, return 0 if pause root success.
 *     Otherwise if device has rooted, return an interger that each
 *     of its bit corresponds to its bitmasks
 */

#ifdef CONFIG_HW_ROOT_SCAN
int root_scan_pause(unsigned int op_mask, void *reserved);
#else
static inline int root_scan_pause(unsigned int op_mask, void *reserved)
{
	return 0;
}
#endif

/*
 * root_scan_resume - for kernel space resume root scan
 * Description: pause and resume should be pairing
 * reserved is reserved parameters for external module
 * @result, after using the interfase, root scan will init scan,and resume.
 * @error_code, 0:success, others:error
 * kcode resume error     1 << 0
 * sys_call error         1 << 1
 * se_hook error          1 << 2
 * se_status error        1 << 3
 */

#ifdef CONFIG_HW_ROOT_SCAN
int root_scan_resume(unsigned int op_mask, void *reserved);
#else
static inline int root_scan_resume(unsigned int op_mask, void *reserved)
{
	return 0;
}
#endif

#endif
feat: initial commit of huawei open source code 2024-01-30 13:14:49 +00:00			`/*`
			`* Copyright (c) Huawei Technologies Co., Ltd. 2016-2018. All rights reserved.`
			`* Description: the hw_kernel_stp_proc.c for proc file create and destroy`
			`* Author: likun <quentin.lee@huawei.com>`
			`* Create: 2016-7-18`
			`*/`

			`#ifndef _ROOT_SCAN_H_`
			`#define _ROOT_SCAN_H_`


			`#define D_RSOPID_MASK_NONE 0 /* check none items */`
			`#define D_RSOPID_KCODE (1 << 0) /* check integrity of kernel code */`
			`#define D_RSOPID_SYS_CALL (1 << 1) /* check system call table */`
			`#define D_RSOPID_SE_HOOKS (1 << 2) /* check seLinux hooks */`
			`#define D_RSOPID_SE_STATUS (1 << 3) /* check seLinux enforce status */`
			`#define D_RSOPID_RRPOCS (1 << 4) /* check root processes */`
			`#define D_RSOPID_SETID (1 << 5) /* check setid */`

			`#ifdef CONFIG_HW_ROOT_SCAN`
			`int rscan_trigger(void);`
			`#else`
			`static inline int rscan_trigger(void)`
			`{`
			`return 0;`
			`}`
			`#endif`

			`/*`
			`* root_scan_pause - for kernel space pause root-scan`
			`* Description: pause root scan for kernel hot fix.`
			`* support kcode, syscall, sehooks, selinux status scan pause.`
			`* reserved is reserved parameters for external module`
			`* @result, after calling the pause fuction, root scan will be suspended`
			`* until using resume function`
			`* @return:`
			`* Overall root status, return 0 if pause root success.`
			`* Otherwise if device has rooted, return an interger that each`
			`* of its bit corresponds to its bitmasks`
			`*/`

			`#ifdef CONFIG_HW_ROOT_SCAN`
			`int root_scan_pause(unsigned int op_mask, void *reserved);`
			`#else`
			`static inline int root_scan_pause(unsigned int op_mask, void *reserved)`
			`{`
			`return 0;`
			`}`
			`#endif`

			`/*`
			`* root_scan_resume - for kernel space resume root scan`
			`* Description: pause and resume should be pairing`
			`* reserved is reserved parameters for external module`
			`* @result, after using the interfase, root scan will init scan,and resume.`
			`* @error_code, 0:success, others:error`
			`* kcode resume error 1 << 0`
			`* sys_call error 1 << 1`
			`* se_hook error 1 << 2`
			`* se_status error 1 << 3`
			`*/`

			`#ifdef CONFIG_HW_ROOT_SCAN`
			`int root_scan_resume(unsigned int op_mask, void *reserved);`
			`#else`
			`static inline int root_scan_resume(unsigned int op_mask, void *reserved)`
			`{`
			`return 0;`
			`}`
			`#endif`

			`#endif`