leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9a8d289fbc
linux/security/integrity/ima
History
Mimi Zohar 9a8d289fbc ima: fix ima_alloc_atfm() 
The patch 3bcced39ea: "ima: use ahash API for file hash
calculation" from Feb 26, 2014, leads to the following static checker
warning:

security/integrity/ima/ima_crypto.c:204 ima_alloc_atfm()
         error: buffer overflow 'hash_algo_name' 17 <= 17

Unlike shash tfm memory, which is allocated on initialization, the
ahash tfm memory allocation is deferred until needed.

This patch fixes the case where ima_ahash_tfm has not yet been
allocated and the file's signature/hash xattr contains an invalid hash
algorithm.  Although we can not verify the xattr, we still need to
measure the file.  Use the default IMA hash algorithm.

Changelog:
- set valid algo before testing tfm - based on Dmitry's comment

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
2014-09-02 17:03:35 -04:00
..
ima_api.c ima: audit log files opened with O_DIRECT flag 2014-06-03 14:21:50 -05:00
ima_appraise.c ima: add support for measuring and appraising firmware 2014-07-25 11:47:46 -07:00
ima_crypto.c ima: fix ima_alloc_atfm() 2014-09-02 17:03:35 -04:00
ima_fs.c integrity: fix checkpatch errors 2014-03-07 12:15:45 -05:00
ima_init.c security: integrity: Use a more current logging style 2014-03-07 12:15:21 -05:00
ima_main.c ima: add support for measuring and appraising firmware 2014-07-25 11:47:46 -07:00
ima_policy.c ima: add support for measuring and appraising firmware 2014-07-25 11:47:46 -07:00
ima_queue.c integrity: fix checkpatch errors 2014-03-07 12:15:45 -05:00
ima_template_lib.c ima: reduce memory usage when a template containing the n field is used 2014-03-07 11:32:30 -05:00
ima_template_lib.h ima: extend the measurement list to include the file signature 2013-10-31 20:19:35 -04:00
ima_template.c integrity: fix checkpatch errors 2014-03-07 12:15:45 -05:00
ima.h ima: add support for measuring and appraising firmware 2014-07-25 11:47:46 -07:00
Kconfig ima: define '.ima' as a builtin 'trusted' keyring 2014-07-17 09:35:17 -04:00
Makefile ima: define template fields library and new helpers 2013-10-25 17:17:05 -04:00