Commit b4bfec7f authored by Seth Forshee's avatar Seth Forshee Committed by Mimi Zohar
Browse files

security/integrity: Harden against malformed xattrs 



In general the handling of IMA/EVM xattrs is good, but I found
a few locations where either the xattr size or the value of the
type field in the xattr are not checked. Add a few simple checks
to these locations to prevent malformed or malicious xattrs from
causing problems.

Signed-off-by: default avatarSeth Forshee <seth.forshee@canonical.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent 5465d02a

security/integrity/digsig.c

+1 −1
Original line number Diff line number Diff line
@@ -51,7 +51,7 @@ static bool init_keyring __initdata; 
int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,

			    const char *digest, int digestlen)

{

	if (id >= INTEGRITY_KEYRING_MAX)

	if (id >= INTEGRITY_KEYRING_MAX || siglen < 2)

		return -EINVAL;



	if (!keyring[id]) {

security/integrity/evm/evm_main.c

+4 −0
Original line number Diff line number Diff line
@@ -145,6 +145,10 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry, 
	/* check value type */

	switch (xattr_data->type) {

	case EVM_XATTR_HMAC:

		if (xattr_len != sizeof(struct evm_ima_xattr_data)) {

			evm_status = INTEGRITY_FAIL;

			goto out;

		}

		rc = evm_calc_hmac(dentry, xattr_name, xattr_value,

				   xattr_value_len, calc.digest);

		if (rc)

security/integrity/ima/ima_appraise.c

+4 −1
Original line number Diff line number Diff line
@@ -130,6 +130,7 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value, 
				 int xattr_len)

{

	struct signature_v2_hdr *sig;

	enum hash_algo ret;



	if (!xattr_value || xattr_len < 2)

		/* return default hash algo */
@@ -143,7 +144,9 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value, 
		return sig->hash_algo;

		break;

	case IMA_XATTR_DIGEST_NG:

		return xattr_value->digest[0];

		ret = xattr_value->digest[0];

		if (ret < HASH_ALGO__LAST)

			return ret;

		break;

	case IMA_XATTR_DIGEST:

		/* this is for backward compatibility */