Re: [RFC][Patch 3/6] integrity: EVM as an integrity service provider
From: Herbert Xu
Date: Sun Mar 25 2007 - 23:40:49 EST
Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>
> +int update_file_hash(struct dentry *dentry, struct file *f,
> + struct hash_desc *desc)
> +{
...
> + while (offset < i_size) {
> + rbuf_len = kernel_read(file, offset, rbuf, PAGE_SIZE);
> + if (rbuf_len <= 0)
> + break;
> + offset += rbuf_len;
> + sg[0].page = virt_to_page(rbuf);
> + sg[0].offset = ((long)rbuf & ~PAGE_MASK);
> + sg[0].length = rbuf_len;
> +
> + crypto_hash_update(desc, sg, rbuf_len);
You should check for errors here and on all calls to crypto_hash_*
that return errors.
> +int evm_calc_hash(struct dentry *dentry, struct file *file, char *digest,
> + int xattr_type)
> +{
> + struct crypto_hash *tfm;
> + struct hash_desc desc;
> + int error = 0;
> +
> + if (!dentry && !file)
> + return -ENOENT;
> +
> + tfm = crypto_alloc_hash(evm_hash, 0, CRYPTO_ALG_ASYNC);
> + if (!tfm) {
That should be !IS_ERR(tfm).
> +static int __init init_evm(void)
> +{
> + int error;
> +
> + if (strncmp(evm_hash, "sha1", 4) == 0) {
> + evm_hash_type = EVM_TYPE_SHA1;
> + hash_digest_size = SHA1_DIGEST_SIZE;
> + hash_str_size = SHA1_STR_SIZE;
This looks suspect. Can you guarantee that only md5/sha1 are used?
If not you should be getting these from the tfm. If yes then you
shouldn't allow arbitrary strings to be used.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/