From patchwork Thu Mar 8 23:08:36 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tycho Andersen X-Patchwork-Id: 10269357 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 078DD6016D for ; Thu, 8 Mar 2018 23:09:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F235F298AC for ; Thu, 8 Mar 2018 23:09:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E6BE929AAA; Thu, 8 Mar 2018 23:09:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 037BF298AC for ; Thu, 8 Mar 2018 23:09:50 +0000 (UTC) Received: (qmail 19981 invoked by uid 550); 8 Mar 2018 23:09:49 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 19938 invoked from network); 8 Mar 2018 23:09:48 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho-ws.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=OmEZEDaS6hpyR5iA9/rKKJIhauokv+9y1XDmRE6gT94=; b=yzPkTp1pouMSdums23dbLO/IeTPzI452u3V7Bq/zz+YlMan7aBxGPSIAkwnLUFZmcd 6UQgnjvJPUGNI/ntUPlT8/P3HX419Uvq/LefOzuqhbRw5fsS6MgQymv26+cqtfw/75OI gRo5QlFv4UwpOHjehSUJimxFg9q9nzdtlc2Sp9RpDRpwe+bSmUz9FgpNUnGBnCT6zdKk g2ahqX2dcj5AZVRZ0//VGFU3erpCp0IrKIpIUNivl/jP5gFuyeI0Z4QomWfcvnNZQws5 V5DkdanyRaI5ckRh7A4QoA5Mu2nyPZ8dEePtgWsM227SsLfsVVPbXRAEEPyFbjyxYCny xs1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=OmEZEDaS6hpyR5iA9/rKKJIhauokv+9y1XDmRE6gT94=; b=JCsgdlfGymCeHTIIm4jK1TUcTlo0xPqnBybxlhiDB3A8Lt+8EneZ4bmnA8pIBWOQFJ RDf7+M9KZe57bHyCd51s2YFCoLlzoeJU5olm0o2tjsnYo4t8n+udd625TCndeG6dEdLz 9gl6ePIYFgZDhRgwiIP6ks86c44i1kNTXsa67c5NLIhI0aZ1HpLn3I40kyX/V4S0iBEc a/46G64XoLZxFxYeREXkHfThuqfDNtK7onc5oppu0Bfl6OyhfBmDVL6ojwV4NqrpmzAm DJzXKcE/dYdCjrd+pFpfar0NqrWZpgtpW7/F5PzPeiENHj7oaPPdTjKc9aDTkZtIrf1A Sj/Q== X-Gm-Message-State: AElRT7HwA4xXb65sZDGlOLJW39fHRo2tj6wuVtrR74FDaPYmLDBPFB3A u1BBpLyOSL3wZiNRRbTfj69kEA== X-Google-Smtp-Source: AG47ELs0/pCKPH8sxylhkwer1t/Oaov6nvPNVKJe8Wq55awCmiFolXf1etp7sTTS9N4g7t3nm9rpiQ== X-Received: by 10.107.17.201 with SMTP id 70mr8839869ior.99.1520550576041; Thu, 08 Mar 2018 15:09:36 -0800 (PST) From: Tycho Andersen To: Mimi Zohar , Dmitry Kasatkin Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Tycho Andersen Subject: [PATCH v3] ima: drop vla in ima_audit_measurement() Date: Thu, 8 Mar 2018 16:08:36 -0700 Message-Id: <20180308230836.24329-1-tycho@tycho.ws> X-Mailer: git-send-email 2.14.1 X-Virus-Scanned: ClamAV using ClamSMTP In keeping with the directive to get rid of VLAs [1], let's drop the VLA from ima_audit_measurement(). We need to adjust the return type of ima_audit_measurement, because now this function can fail if an allocation fails. [1]: https://lkml.org/lkml/2018/3/7/621 v2: just use audit_log_format instead of doing a second allocation v3: ignore failures in ima_audit_measurement() Signed-off-by: Tycho Andersen --- security/integrity/ima/ima_api.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 08fe405338e1..2aab9170ef68 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -308,14 +308,17 @@ void ima_audit_measurement(struct integrity_iint_cache *iint, const unsigned char *filename) { struct audit_buffer *ab; - char hash[(iint->ima_hash->length * 2) + 1]; + char *hash; const char *algo_name = hash_algo_name[iint->ima_hash->algo]; - char algo_hash[sizeof(hash) + strlen(algo_name) + 2]; int i; if (iint->flags & IMA_AUDITED) return; + hash = kzalloc((iint->ima_hash->length * 2) + 1, GFP_KERNEL); + if (!hash) + return; + for (i = 0; i < iint->ima_hash->length; i++) hex_byte_pack(hash + (i * 2), iint->ima_hash->digest[i]); hash[i * 2] = '\0'; @@ -323,18 +326,19 @@ void ima_audit_measurement(struct integrity_iint_cache *iint, ab = audit_log_start(current->audit_context, GFP_KERNEL, AUDIT_INTEGRITY_RULE); if (!ab) - return; + goto out; audit_log_format(ab, "file="); audit_log_untrustedstring(ab, filename); - audit_log_format(ab, " hash="); - snprintf(algo_hash, sizeof(algo_hash), "%s:%s", algo_name, hash); - audit_log_untrustedstring(ab, algo_hash); + audit_log_format(ab, " hash=\"%s:%s\"", algo_name, hash); audit_log_task_info(ab, current); audit_log_end(ab); iint->flags |= IMA_AUDITED; +out: + kfree(hash); + return; } /*