| Message ID | 20220429112601.1421947-2-zohar@linux.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ima: support fs-verity digests and signatures | expand |
On 4/29/22 07:25, Mimi Zohar wrote: > Initially the 'd-ng' template field did not prefix the digest with either > "md5" or "sha1" hash algorithms. Prior to being upstreamed this changed, > but the comments and documentation were not updated. Fix the comments > and documentation. > > Fixes: 4d7aeee73f53 ("ima: define new template ima-ng and template fields d-ng and n-ng") > Reported-by: Eric Biggers <ebiggers@kernel.org> > Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> > --- > Documentation/security/IMA-templates.rst | 3 +-- > security/integrity/ima/ima_template_lib.c | 8 +++++--- > 2 files changed, 6 insertions(+), 5 deletions(-) > > diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst > index 1a91d92950a7..cab97f49971d 100644 > --- a/Documentation/security/IMA-templates.rst > +++ b/Documentation/security/IMA-templates.rst > @@ -66,8 +66,7 @@ descriptors by adding their identifier to the format string > calculated with the SHA1 or MD5 hash algorithm; > - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; > - 'd-ng': the digest of the event, calculated with an arbitrary hash > - algorithm (field format: [<hash algo>:]digest, where the digest > - prefix is shown only if the hash algorithm is not SHA1 or MD5); That seemed to be true for 'd' > + algorithm (field format: <hash algo>:digest); > - 'd-modsig': the digest of the event without the appended modsig; > - 'n-ng': the name of the event, without size limitations; > - 'sig': the file signature, or the EVM portable signature if the file > diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c > index 7155d17a3b75..e9d65f6fe2ae 100644 > --- a/security/integrity/ima/ima_template_lib.c > +++ b/security/integrity/ima/ima_template_lib.c > @@ -271,9 +271,11 @@ static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize, > /* > * digest formats: > * - DATA_FMT_DIGEST: digest > - * - DATA_FMT_DIGEST_WITH_ALGO: [<hash algo>] + ':' + '\0' + digest, > - * where <hash algo> is provided if the hash algorithm is not > - * SHA1 or MD5 > + * - DATA_FMT_DIGEST_WITH_ALGO: <hash algo> + ':' + '\0' + digest, > + * > + * where 'DATA_FMT_DIGEST' is the original digest format ('d') > + * with a hash size limitation of 20 bytes, > + * where <hash algo> is the hash_algo_name[] string. > */ > u8 buffer[CRYPTO_MAX_ALG_NAME + 2 + IMA_MAX_DIGEST_SIZE] = { 0 }; > enum data_formats fmt = DATA_FMT_DIGEST; Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
On Fri, 2022-04-29 at 12:44 -0400, Stefan Berger wrote: > > On 4/29/22 07:25, Mimi Zohar wrote: > > Initially the 'd-ng' template field did not prefix the digest with either > > "md5" or "sha1" hash algorithms. Prior to being upstreamed this changed, > > but the comments and documentation were not updated. Fix the comments > > and documentation. > > > > Fixes: 4d7aeee73f53 ("ima: define new template ima-ng and template fields d-ng and n-ng") > > Reported-by: Eric Biggers <ebiggers@kernel.org> > > Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> > > --- > > Documentation/security/IMA-templates.rst | 3 +-- > > security/integrity/ima/ima_template_lib.c | 8 +++++--- > > 2 files changed, 6 insertions(+), 5 deletions(-) > > > > diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst > > index 1a91d92950a7..cab97f49971d 100644 > > --- a/Documentation/security/IMA-templates.rst > > +++ b/Documentation/security/IMA-templates.rst > > @@ -66,8 +66,7 @@ descriptors by adding their identifier to the format string > > calculated with the SHA1 or MD5 hash algorithm; > > - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; > > - 'd-ng': the digest of the event, calculated with an arbitrary hash > > - algorithm (field format: [<hash algo>:]digest, where the digest > > - prefix is shown only if the hash algorithm is not SHA1 or MD5); > > That seemed to be true for 'd' And initially for d-ng before it was upstreamed. > > > + algorithm (field format: <hash algo>:digest); > > - 'd-modsig': the digest of the event without the appended modsig; > > - 'n-ng': the name of the event, without size limitations; > > - 'sig': the file signature, or the EVM portable signature if the file > > diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c > > index 7155d17a3b75..e9d65f6fe2ae 100644 > > --- a/security/integrity/ima/ima_template_lib.c > > +++ b/security/integrity/ima/ima_template_lib.c > > @@ -271,9 +271,11 @@ static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize, > > /* > > * digest formats: > > * - DATA_FMT_DIGEST: digest > > - * - DATA_FMT_DIGEST_WITH_ALGO: [<hash algo>] + ':' + '\0' + digest, > > - * where <hash algo> is provided if the hash algorithm is not > > - * SHA1 or MD5 > > + * - DATA_FMT_DIGEST_WITH_ALGO: <hash algo> + ':' + '\0' + digest, > + * > > + * where 'DATA_FMT_DIGEST' is the original digest format ('d') > > + * with a hash size limitation of 20 bytes, > > + * where <hash algo> is the hash_algo_name[] string. > > */ > > u8 buffer[CRYPTO_MAX_ALG_NAME + 2 + IMA_MAX_DIGEST_SIZE] = { 0 }; > > enum data_formats fmt = DATA_FMT_DIGEST; > > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Thank you, Stefan, for this and the other tags! Mimi
diff --git a/Documentation/security/IMA-templates.rst b/Documentation/security/IMA-templates.rst index 1a91d92950a7..cab97f49971d 100644 --- a/Documentation/security/IMA-templates.rst +++ b/Documentation/security/IMA-templates.rst @@ -66,8 +66,7 @@ descriptors by adding their identifier to the format string calculated with the SHA1 or MD5 hash algorithm; - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; - 'd-ng': the digest of the event, calculated with an arbitrary hash - algorithm (field format: [<hash algo>:]digest, where the digest - prefix is shown only if the hash algorithm is not SHA1 or MD5); + algorithm (field format: <hash algo>:digest); - 'd-modsig': the digest of the event without the appended modsig; - 'n-ng': the name of the event, without size limitations; - 'sig': the file signature, or the EVM portable signature if the file diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c index 7155d17a3b75..e9d65f6fe2ae 100644 --- a/security/integrity/ima/ima_template_lib.c +++ b/security/integrity/ima/ima_template_lib.c @@ -271,9 +271,11 @@ static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize, /* * digest formats: * - DATA_FMT_DIGEST: digest - * - DATA_FMT_DIGEST_WITH_ALGO: [<hash algo>] + ':' + '\0' + digest, - * where <hash algo> is provided if the hash algorithm is not - * SHA1 or MD5 + * - DATA_FMT_DIGEST_WITH_ALGO: <hash algo> + ':' + '\0' + digest, + * + * where 'DATA_FMT_DIGEST' is the original digest format ('d') + * with a hash size limitation of 20 bytes, + * where <hash algo> is the hash_algo_name[] string. */ u8 buffer[CRYPTO_MAX_ALG_NAME + 2 + IMA_MAX_DIGEST_SIZE] = { 0 }; enum data_formats fmt = DATA_FMT_DIGEST;
Initially the 'd-ng' template field did not prefix the digest with either "md5" or "sha1" hash algorithms. Prior to being upstreamed this changed, but the comments and documentation were not updated. Fix the comments and documentation. Fixes: 4d7aeee73f53 ("ima: define new template ima-ng and template fields d-ng and n-ng") Reported-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> --- Documentation/security/IMA-templates.rst | 3 +-- security/integrity/ima/ima_template_lib.c | 8 +++++--- 2 files changed, 6 insertions(+), 5 deletions(-)