| Message ID | 20220705000047.1718-1-luhuaxin1@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ima: Fix a potential integer overflow in ima_appraise_measurement | expand |
Dear HuaxinLu, Thank you for the patch. Am 05.07.22 um 02:00 schrieb luhuaxin1@huawei.com: > From: HuaxinLu <luhuaxin1@huawei.com> If these are two names, can you please add a space? git config --global user.name "…" git commit --amend --author="… <…>" -s > When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be > negative, which may cause the integer overflow problem. > > Signed-off-by: HuaxinLu <luhuaxin1@huawei.com> Ditto. Kind regards, Paul > --- > security/integrity/ima/ima_appraise.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c > index 3fb378017f9d..956fb0f4c006 100644 > --- a/security/integrity/ima/ima_appraise.c > +++ b/security/integrity/ima/ima_appraise.c > @@ -412,7 +412,8 @@ int ima_appraise_measurement(enum ima_hooks func, > goto out; > } > > - status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, rc, iint); > + status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, > + rc < 0 ? 0 : rc, iint); > switch (status) { > case INTEGRITY_PASS: > case INTEGRITY_PASS_IMMUTABLE:
On 2022/7/5 14:11, Paul Menzel wrote: > Dear HuaxinLu, > > > Thank you for the patch. > > Am 05.07.22 um 02:00 schrieb luhuaxin1@huawei.com: >> From: HuaxinLu <luhuaxin1@huawei.com> > > If these are two names, can you please add a space? > > git config --global user.name "…" > git commit --amend --author="… <…>" -s > >> When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be >> negative, which may cause the integer overflow problem. >> >> Signed-off-by: HuaxinLu <luhuaxin1@huawei.com> > > Ditto. > > > Kind regards, > > Paul > Fixed in v2 patch, thanks.
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c index 3fb378017f9d..956fb0f4c006 100644 --- a/security/integrity/ima/ima_appraise.c +++ b/security/integrity/ima/ima_appraise.c @@ -412,7 +412,8 @@ int ima_appraise_measurement(enum ima_hooks func, goto out; } - status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, rc, iint); + status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, + rc < 0 ? 0 : rc, iint); switch (status) { case INTEGRITY_PASS: case INTEGRITY_PASS_IMMUTABLE: