| Message ID | 20210303032824.124112-1-lihuafei1@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | ima: Fix the error code for restoring the PCR value | expand |
ping. :-) On 2021/3/3 11:28, Li Huafei wrote: > In ima_restore_measurement_list(), hdr[HDR_PCR].data is pointing to a > buffer of type u8, which contains the dumped 32-bit pcr value. > Currently, only the least significant byte is used to restore the pcr > value. We should convert hdr[HDR_PCR].data to a pointer of type u32 > before fetching the value to restore the correct pcr value. > > Fixes: 47fdee60b47f ("ima: use ima_parse_buf() to parse measurements headers") > Signed-off-by: Li Huafei <lihuafei1@huawei.com> > --- > security/integrity/ima/ima_template.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c > index e22e510ae92d..4e081e650047 100644 > --- a/security/integrity/ima/ima_template.c > +++ b/security/integrity/ima/ima_template.c > @@ -494,8 +494,8 @@ int ima_restore_measurement_list(loff_t size, void *buf) > } > } > > - entry->pcr = !ima_canonical_fmt ? *(hdr[HDR_PCR].data) : > - le32_to_cpu(*(hdr[HDR_PCR].data)); > + entry->pcr = !ima_canonical_fmt ? *(u32 *)(hdr[HDR_PCR].data) : > + le32_to_cpu(*(u32 *)(hdr[HDR_PCR].data)); > ret = ima_restore_measurement_entry(entry); > if (ret < 0) > break; >
> From: lihuafei > Sent: Tuesday, March 23, 2021 2:41 PM > ping. :-) > > On 2021/3/3 11:28, Li Huafei wrote: > > In ima_restore_measurement_list(), hdr[HDR_PCR].data is pointing to a > > buffer of type u8, which contains the dumped 32-bit pcr value. > > Currently, only the least significant byte is used to restore the pcr > > value. We should convert hdr[HDR_PCR].data to a pointer of type u32 > > before fetching the value to restore the correct pcr value. > > > > Fixes: 47fdee60b47f ("ima: use ima_parse_buf() to parse measurements > headers") > > Signed-off-by: Li Huafei <lihuafei1@huawei.com> Hi Li Huafei yes, correct. Thanks for the patch. Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> Roberto HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Li Jian, Shi Yanli > > --- > > security/integrity/ima/ima_template.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/security/integrity/ima/ima_template.c > b/security/integrity/ima/ima_template.c > > index e22e510ae92d..4e081e650047 100644 > > --- a/security/integrity/ima/ima_template.c > > +++ b/security/integrity/ima/ima_template.c > > @@ -494,8 +494,8 @@ int ima_restore_measurement_list(loff_t size, void > *buf) > > } > > } > > > > - entry->pcr = !ima_canonical_fmt ? *(hdr[HDR_PCR].data) : > > - le32_to_cpu(*(hdr[HDR_PCR].data)); > > + entry->pcr = !ima_canonical_fmt ? *(u32 > *)(hdr[HDR_PCR].data) : > > + le32_to_cpu(*(u32 *)(hdr[HDR_PCR].data)); > > ret = ima_restore_measurement_entry(entry); > > if (ret < 0) > > break; > >
On Wed, 2021-03-24 at 09:00 +0000, Roberto Sassu wrote: > > From: lihuafei > > Sent: Tuesday, March 23, 2021 2:41 PM > > ping. :-) > > > > On 2021/3/3 11:28, Li Huafei wrote: > > > In ima_restore_measurement_list(), hdr[HDR_PCR].data is pointing to a > > > buffer of type u8, which contains the dumped 32-bit pcr value. > > > Currently, only the least significant byte is used to restore the pcr > > > value. We should convert hdr[HDR_PCR].data to a pointer of type u32 > > > before fetching the value to restore the correct pcr value. > > > > > > Fixes: 47fdee60b47f ("ima: use ima_parse_buf() to parse measurements > > headers") > > > Signed-off-by: Li Huafei <lihuafei1@huawei.com> > > Hi Li Huafei > > yes, correct. Thanks for the patch. > > Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com> The patch set is now queued in next-integrity-testing. thanks, Mimi
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c index e22e510ae92d..4e081e650047 100644 --- a/security/integrity/ima/ima_template.c +++ b/security/integrity/ima/ima_template.c @@ -494,8 +494,8 @@ int ima_restore_measurement_list(loff_t size, void *buf) } } - entry->pcr = !ima_canonical_fmt ? *(hdr[HDR_PCR].data) : - le32_to_cpu(*(hdr[HDR_PCR].data)); + entry->pcr = !ima_canonical_fmt ? *(u32 *)(hdr[HDR_PCR].data) : + le32_to_cpu(*(u32 *)(hdr[HDR_PCR].data)); ret = ima_restore_measurement_entry(entry); if (ret < 0) break;
In ima_restore_measurement_list(), hdr[HDR_PCR].data is pointing to a buffer of type u8, which contains the dumped 32-bit pcr value. Currently, only the least significant byte is used to restore the pcr value. We should convert hdr[HDR_PCR].data to a pointer of type u32 before fetching the value to restore the correct pcr value. Fixes: 47fdee60b47f ("ima: use ima_parse_buf() to parse measurements headers") Signed-off-by: Li Huafei <lihuafei1@huawei.com> --- security/integrity/ima/ima_template.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)