[PATCH 1/4] evm: check hash algorithm passed to init_desc()

From: Roberto Sassu
Date: Thu May 16 2019 - 12:19:33 EST

Next message: Roberto Sassu: "[PATCH 2/4] evm: reset status in evm_inode_post_setattr()"
Previous message: Parth Shah: "Re: [RFCv2 2/6] sched: Introduce switch to enable TurboSched mode"
Next in thread: Roberto Sassu: "[PATCH 2/4] evm: reset status in evm_inode_post_setattr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch prevents memory access beyond the evm_tfm array by checking the
validity of the index (hash algorithm) passed to init_desc(). The hash
algorithm can be arbitrarily set if the security.ima xattr type is not
EVM_XATTR_HMAC.

Fixes: 5feeb61183dde ("evm: Allow non-SHA1 digital signatures")
Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
---
security/integrity/evm/evm_crypto.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index e11564eb645b..82a38e801ee4 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -89,6 +89,9 @@ static struct shash_desc *init_desc(char type, uint8_t hash_algo)
tfm = &hmac_tfm;
algo = evm_hmac;
} else {
+ if (hash_algo >= HASH_ALGO__LAST)
+ return ERR_PTR(-EINVAL);
+
tfm = &evm_tfm[hash_algo];
algo = hash_algo_name[hash_algo];
}
--
2.17.1

Next message: Roberto Sassu: "[PATCH 2/4] evm: reset status in evm_inode_post_setattr()"
Previous message: Parth Shah: "Re: [RFCv2 2/6] sched: Introduce switch to enable TurboSched mode"
Next in thread: Roberto Sassu: "[PATCH 2/4] evm: reset status in evm_inode_post_setattr()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]