summaryrefslogtreecommitdiff
path: root/security/integrity
diff options
context:
space:
mode:
authorTHOBY Simon <Simon.THOBY@viveris.fr>2021-08-22 08:55:26 +0000
committerMimi Zohar <zohar@linux.ibm.com>2021-08-23 18:22:00 -0400
commitcb181da161963eddc9de0000de6ab2c7942be219 (patch)
treecf41ca44b1e7b216b75f9ffdc0c13fe776d144e6 /security/integrity
parentd07eeeb8745973389e1d772b3b654f5860441589 (diff)
downloadlwn-cb181da161963eddc9de0000de6ab2c7942be219.tar.gz
lwn-cb181da161963eddc9de0000de6ab2c7942be219.zip
IMA: reject unknown hash algorithms in ima_get_hash_algo
The new function validate_hash_algo() assumed that ima_get_hash_algo() always return a valid 'enum hash_algo', but it returned the user-supplied value present in the digital signature without any bounds checks. Update ima_get_hash_algo() to always return a valid hash algorithm, defaulting on 'ima_hash_algo' when the user-supplied value inside the xattr is invalid. Signed-off-by: THOBY Simon <Simon.THOBY@viveris.fr> Reported-by: syzbot+e8bafe7b82c739eaf153@syzkaller.appspotmail.com Fixes: 50f742dd9147 ("IMA: block writes of the security.ima xattr with unsupported algorithms") Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_appraise.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 8f1eb7ef041e..dbba51583e7c 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -185,7 +185,8 @@ enum hash_algo ima_get_hash_algo(const struct evm_ima_xattr_data *xattr_value,
switch (xattr_value->type) {
case EVM_IMA_XATTR_DIGSIG:
sig = (typeof(sig))xattr_value;
- if (sig->version != 2 || xattr_len <= sizeof(*sig))
+ if (sig->version != 2 || xattr_len <= sizeof(*sig)
+ || sig->hash_algo >= HASH_ALGO__LAST)
return ima_hash_algo;
return sig->hash_algo;
break;