git.baikalelectronics.ru Git - kernel.git/commit

author	Roberto Sassu <roberto.sassu@huawei.com>
	Fri, 14 May 2021 15:27:44 +0000 (17:27 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 14 Jul 2021 14:53:08 +0000 (16:53 +0200)
commit	4aa65d6f7a57e20386f583dc6879a0cb510d1305
tree	b2029ff9ebd4533b462f674e1e125d25adf5af0d	tree \| snapshot
parent	c60e174bd62190b030a3e6e2d51750449607cdf1	commit \| diff

evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded

commit 9acc89d31f0c94c8e573ed61f3e4340bbd526d0c upstream.

EVM_ALLOW_METADATA_WRITES is an EVM initialization flag that can be set to
temporarily disable metadata verification until all xattrs/attrs necessary
to verify an EVM portable signature are copied to the file. This flag is
cleared when EVM is initialized with an HMAC key, to avoid that the HMAC is
calculated on unverified xattrs/attrs.

Currently EVM unnecessarily denies setting this flag if EVM is initialized
with a public key, which is not a concern as it cannot be used to trust
xattrs/attrs updates. This patch removes this limitation.

Fixes: b7cd705c5248c ("EVM: Allow userland to permit modification of EVM-protected metadata")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Cc: stable@vger.kernel.org # 4.16.x
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Documentation/ABI/testing/evm		diff \| blob \| history
security/integrity/evm/evm_secfs.c		diff \| blob \| history