From patchwork Wed Jul 28 13:21:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: THOBY Simon X-Patchwork-Id: 12405613 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-13.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 47285C4338F for ; Wed, 28 Jul 2021 13:21:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 31D0860FED for ; Wed, 28 Jul 2021 13:21:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236216AbhG1NV2 (ORCPT ); Wed, 28 Jul 2021 09:21:28 -0400 Received: from mail-eopbgr00120.outbound.protection.outlook.com ([40.107.0.120]:63047 "EHLO EUR02-AM5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S235942AbhG1NV1 (ORCPT ); Wed, 28 Jul 2021 09:21:27 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c/RxW1Q0MhOG+lnkmM+fRClanYUl6AaXi7JsKr2wFeAkROBflRDqTSm1y8z++lO+c/VBcMnMBljrZQAA0ZeL12vbv5OmMQ/p7UHRzDked8Qh/j4VsQkgcDA5cPFluKNOS/qOip4QZW4FWOjCf+AYSjUXPi1uH3h6gOJ0BnIr8KaaPRxHLEJ3TC29g+errWjG4qk+DC7CeZynleCFRETADoS8mgx/uhVawHk0r3h8KTCiDsr1UzRdjHc4RqDqd/MmiLDu5PeI7/71AGBmW17K3Ap93XlfTBVNE7XzuGe6SegegUHhuFJCE0YaejjsFML0F0iSVJj4vAB1+Ya/H/Rtjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LTE2TJ+xJv3P4eJXcMv9JINq/CSiCyK2DzoWI+/ID1w=; b=Em+yxFLmFmtvuAE9082dcTPWaLRltGsReUjH+DShlALUcy3GR3sKEkQXohp/zixR2EWcYr/9HpfVtdNEMz70VJisl9kMLJSskpwa8jxWG1oYZzjDQ+8XH/iVuB0HpXcbd1b6IJkMuSp34/h3L+v4IQ6Tg+r2/1HxBala3ki3XlMefSeVynkpjq2co6Lnm4Zs5UJxF/lxa6+fn3PUdVAnDGMC8omts9pKLuYXbxKSq0bZsK8Yw8iC9r4heNDNXWuduZeKHJI346JHYHddPSBtG0QNkkcepl4qGTFBLw2rMLE69KeqPwAEEBbNchhWQW6QahR29N/Dyx4nEa772Okwkw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=viveris.fr; dmarc=pass action=none header.from=viveris.fr; dkim=pass header.d=viveris.fr; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=viverislicensing.onmicrosoft.com; s=selector2-viverislicensing-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LTE2TJ+xJv3P4eJXcMv9JINq/CSiCyK2DzoWI+/ID1w=; b=MFYnPn6/lrhQH+GFueAdGxpahT9AlD0pbhufyYUsk4fA7xDIhk6kiDKN/a9BKoajVkxH135rVwiH4ZSG4XCXWOke6chWszlwLpt+VNLJ3xs8qpyV28w5fNSboMWtP/ZNwLDmlB9cxoq9DcrwyPI250F6RSLTA5ecz2TXboeU5PY= Received: from AM4PR0902MB1748.eurprd09.prod.outlook.com (2603:10a6:200:96::21) by AM0PR09MB3361.eurprd09.prod.outlook.com (2603:10a6:208:170::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.28; Wed, 28 Jul 2021 13:21:23 +0000 Received: from AM4PR0902MB1748.eurprd09.prod.outlook.com ([fe80::84a0:780d:1c5c:4432]) by AM4PR0902MB1748.eurprd09.prod.outlook.com ([fe80::84a0:780d:1c5c:4432%9]) with mapi id 15.20.4352.031; Wed, 28 Jul 2021 13:21:23 +0000 From: THOBY Simon To: "zohar@linux.ibm.com" , "dmitry.kasatkin@gmail.com" , "linux-integrity@vger.kernel.org" , BARVAUX Didier CC: THOBY Simon Subject: [PATCH v5 1/5] IMA: remove the dependency on CRYPTO_MD5 Thread-Topic: [PATCH v5 1/5] IMA: remove the dependency on CRYPTO_MD5 Thread-Index: AQHXg7N2fvLqxpXErU+wQ9o8XUFZPw== Date: Wed, 28 Jul 2021 13:21:23 +0000 Message-ID: <20210728132112.258606-2-simon.thoby@viveris.fr> References: <20210728132112.258606-1-simon.thoby@viveris.fr> In-Reply-To: <20210728132112.258606-1-simon.thoby@viveris.fr> Accept-Language: fr-FR, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: linux.ibm.com; dkim=none (message not signed) header.d=none;linux.ibm.com; dmarc=none action=none header.from=viveris.fr; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f49b6913-2a1d-4211-5337-08d951ca98bf x-ms-traffictypediagnostic: AM0PR09MB3361: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:538; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ru+B8fRkAnSdJneZWnf8JWcL4bPQUelxRYcdOa+wPmak6JWWzYLwxqKIJgv756hkLiDoShAOorf4w3MmGmKfGQjyyAeRCu1z6WnN564MEkpxXbmm3ix3hlsvb3OiYBQhYiXWRbnNN4N/MpFd6ZtfrWJC2MdicgKYu9Dl/4cT/p3XtdrEfrXvZfYvfZxprfEBBzlcF4UOulEortoI/pv4i3O/B+skolUp/QAV+DTMxeMKuQe8PUMMY9RVdGswT7kchMrcnXNrYaDb7tma+q3mq2B57AxBN3IciEkb7q0mPZw2A0UOSnU7QtKmWpQlLJm21tP4u1IThwNJwyvqzfNx1ufbPKA7cYniN3cf9KKl+wMAnnjRa5dRymi6NkXadC917yE99IrcppMnUCi4krWAJBiUGqInLy/DzwsuzbR88/pms9gsCqNYko+xjJE9BYToqCcmQZrLpCfrzgAJ+GfWA/Pl+Ei7qus809TV1hdiSaW+o18SaJg5Oscdmi3dcMCkWPYcpJAXo9h5YUCHuEdxkozUu2L7kHWwjoBCKKMGVbMKwZKZpwv6n1K9uG9IPNFJ8inldEkUHyP9jE6mTSJQD1iqyzuEgXArq35HA4siu61kLK15RkT+gp/3DX0Mh26o4D77RIeXCzFk9b/iEG5bVC9BjIr/eOck7jlx+50FacyG/D5X19TU1pRMX4yc9P0b/ONOHtsDurPDpBQJuWoTHA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM4PR0902MB1748.eurprd09.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(39840400004)(396003)(136003)(346002)(376002)(8676002)(6512007)(8936002)(6486002)(110136005)(76116006)(186003)(71200400001)(66446008)(26005)(91956017)(83380400001)(6506007)(64756008)(478600001)(66946007)(66476007)(66556008)(38100700002)(316002)(122000001)(86362001)(1076003)(4326008)(2906002)(5660300002)(6636002)(107886003)(38070700005)(36756003)(2616005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?h2sOTBua+hEkgqiuAeLPN5J?= =?iso-8859-1?q?BXZv3S2mz9dgawrCJ3M1+7eQdYL1fNkzq+LRJKRdMO6AKV+UdpxGfe1jxWx3?= =?iso-8859-1?q?tTcXAJLJdeBqcXwgvXMzAw+T6JZ76ZZg/H7N0uODzCQfzFaKC4k5DPCnQyBN?= =?iso-8859-1?q?VXMT1O5/2BZEGg1s675ywrUZBLHzwzdwfwbeMMxcxBqZm/WZv9N1UN++VNoW?= =?iso-8859-1?q?/1zjZdpSkPCW7zLKEW044kxlPfcLT5IqTWNaJTrbYOKvY67UhbQMg72ycpry?= =?iso-8859-1?q?WfjSlh7eZcGe99RVCMOz5hmDO2Cg04dyM8W+ve0RBKH9na/RiVyjv7G1tY75?= =?iso-8859-1?q?bFGnSGEuS0gFbXgr1gAWoabS4NqYpYumU8+T0nip/lFaonvQlHhrdUtcA/e/?= =?iso-8859-1?q?SK9S99JRsuMG2oE1nwUjVCv+HGgOQDgn27cLVXeqlFetxaGEhXGi4DwKhM+G?= =?iso-8859-1?q?9JwsK7Dt4o/HAcFBoViI+g+DQaalPARg4xUEVZhovzcUXI4VrGm08FoxFMDH?= =?iso-8859-1?q?t2V1hz3W0ArXt/ctw6HyJzaPZoaZvvSnRoHwqv8ep9HBPvwiTxJ14cqfjgOy?= =?iso-8859-1?q?at/eebk9Y96i6vSPMp6YiU/LKxAQTm4WMsml6EU++ctw9zHEjry/gv6I1nN6?= =?iso-8859-1?q?lAJr1EfvcAvUPl7IwBATtANL6u8DQu6CJVkaVFIcciwjoeUYtlM9M7jU4r+m?= =?iso-8859-1?q?9OF+4EUDp2uaeOMvL7dHWoENg30vISJJ79r/I0NCUidSJwQRl61m3OSTLrPE?= =?iso-8859-1?q?tUjifuIftqQrjcVLNUUq0z0C5ZD595l0XVvxdKbF6USkrBWE+slazzsVHzBU?= =?iso-8859-1?q?/xX8cMMLQbxYrwalVAItuHjM9iWfG+GJEPxF4FYCLfCHYnOROfJ1+srEVjqG?= =?iso-8859-1?q?kGCHksjdDwuttp/jQLL2fdjLeQae4qXgcs0gufO8GllIJHlkkUV65p8Wr6Tz?= =?iso-8859-1?q?Rp3i6G5yU5HNIGoHsJ36lPdDf/jlQA/26H7sgpBOdMqGhXhr5DyDXj4sOl9N?= =?iso-8859-1?q?uksxUDsztzINVmS63DVmHH4qNQalaH+PKWrv/AXG+XtHdnPDM77IKbqYP+TD?= =?iso-8859-1?q?AsyHkldoPatMGGH1eGwqdUNeRmIH/czZB4j8R7btFlYUNlpD9keJW5/CA1Jd?= =?iso-8859-1?q?4LFz+XkS7CXj5yi7WcG7CKaeh1V2ScC1M1k+VboZbit8kIfzfhZcICnqIgEe?= =?iso-8859-1?q?hI8XM16hRBn0PdAGHEDKVD4kEVBK3CgXw1jigzG9rVHqo0uJuCOoswNjD/VM?= =?iso-8859-1?q?+al614P2K7yw4KV7r9G36Ev0ncUoympI8NGyArU/2U9634dSsbpEiArRUTI+?= =?iso-8859-1?q?EvvVVjtuS1loRt5neoG2YGyG53+Z+opduIS9sp3ojXHyKo3PA/eA8ntTm901?= =?iso-8859-1?q?uj9FkjYObBa+Uy0AsS0U2Pg=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: viveris.fr X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AM4PR0902MB1748.eurprd09.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f49b6913-2a1d-4211-5337-08d951ca98bf X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2021 13:21:23.5995 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 34bab81c-945c-43f1-ad13-592b97e11b40 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BABbB9Xc1V7hd10fdnmcz8vkG96uzeqngOmCDm6FgnppZxPDqRUgyl0P8/zFGiNKqU9Yjc77LaPGzLL0HGK6Rw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR09MB3361 Precedence: bulk List-ID: X-Mailing-List: linux-integrity@vger.kernel.org Remove the CRYPTO_MD5 dependency for IMA, as it is not necessary and it hinders the efficiency of a patchset that limit the digests allowed for the security.ima xattr. Signed-off-by: Simon Thoby --- security/integrity/ima/Kconfig | 1 - security/integrity/ima/ima_main.c | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index d0ceada99243..f3a9cc201c8c 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -6,7 +6,6 @@ config IMA select SECURITYFS select CRYPTO select CRYPTO_HMAC - select CRYPTO_MD5 select CRYPTO_SHA1 select CRYPTO_HASH_INFO select TCG_TPM if HAS_IOMEM && !UML diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 287b90509006..7f2310f29789 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -53,7 +53,7 @@ static int __init hash_setup(char *str) if (strcmp(template_desc->name, IMA_TEMPLATE_IMA_NAME) == 0) { if (strncmp(str, "sha1", 4) == 0) { ima_hash_algo = HASH_ALGO_SHA1; - } else if (strncmp(str, "md5", 3) == 0) { + } else if (IS_ENABLED(CONFIG_CRYPTO_MD5) && strncmp(str, "md5", 3) == 0) { ima_hash_algo = HASH_ALGO_MD5; } else { pr_err("invalid hash algorithm \"%s\" for template \"%s\"",