IMA: reject unknown hash algorithms in ima_get_hash_algo - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	THOBY Simon <[email protected]>	2021-08-22 08:55:26 +0000
committer	Mimi Zohar <[email protected]>	2021-08-23 18:22:00 -0400
commit	cb181da161963eddc9de0000de6ab2c7942be219 (patch)
tree	cf41ca44b1e7b216b75f9ffdc0c13fe776d144e6 /Documentation/filesystems/caching/backend-api.rst
parent	d07eeeb8745973389e1d772b3b654f5860441589 (diff)

IMA: reject unknown hash algorithms in ima_get_hash_algo

The new function validate_hash_algo() assumed that ima_get_hash_algo() always return a valid 'enum hash_algo', but it returned the user-supplied value present in the digital signature without any bounds checks. Update ima_get_hash_algo() to always return a valid hash algorithm, defaulting on 'ima_hash_algo' when the user-supplied value inside the xattr is invalid. Signed-off-by: THOBY Simon <[email protected]> Reported-by: [email protected] Fixes: 50f742dd9147 ("IMA: block writes of the security.ima xattr with unsupported algorithms") Reviewed-by: Lakshmi Ramasubramanian <[email protected]> Signed-off-by: Mimi Zohar <[email protected]>

Diffstat (limited to 'Documentation/filesystems/caching/backend-api.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: