Commit b7a7cb07 authored by Roberto Sassu's avatar Roberto Sassu Committed by Yongqiang Liu
Browse files

ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() 

stable inclusion
from stable-v4.19.129
commit fcb067cb457e2326c6d759e346f5f5dfef351d50
category: bugfix
bugzilla: 89622, https://gitee.com/openeuler/kernel/issues/I5047U


CVE: NA

-----------------------------------------------------------------

[ Upstream commit 6cc7c266 ]

If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.

This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.

Cc: stable@vger.kernel.org # 3.13.x
Fixes: 3ce1217d ("ima: define template fields library and new helpers")
Reported-by: default avatarTakashi Iwai <tiwai@suse.de>
Signed-off-by: default avatarRoberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>

Conflicts:
	security/integrity/ima/ima_crypto.c

Signed-off-by: default avatarWang Weiyang <wangweiyang2@huawei.com>
Reviewed-by: default avatarXiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: default avatarYongqiang Liu <liuyongqiang13@huawei.com>
parent 192b51c2
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment