]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c57c603) | patch
ima: Use ima_hash_algo for collision detection in the measurement list
authorRoberto Sassu <roberto.sassu@huawei.com>
Wed, 25 Mar 2020 10:54:24 +0000 (11:54 +0100)
committerMimi Zohar <zohar@linux.ibm.com>
Mon, 20 Apr 2020 02:03:39 +0000 (22:03 -0400)
commita7c33fb19b9999f6a691cc55a789f9ecc1bf3e45
treec4cd48197855b2fea5f3c1e0ee86edf6a759d84ctree | snapshot
parentc57c6036602c310c9a613009c5da3320b79e7d67commit | diff
ima: Use ima_hash_algo for collision detection in the measurement list

Before calculating a digest for each PCR bank, collisions were detected
with a SHA1 digest. This patch includes ima_hash_algo among the algorithms
used to calculate the template digest and checks collisions on that digest.

The position in the measurement entry array of the template digest
calculated with the IMA default hash algorithm is stored in the
ima_hash_algo_idx global variable and is determined at IMA initialization
time.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
security/integrity/ima/ima.h diff | blob | history
security/integrity/ima/ima_crypto.c diff | blob | history
security/integrity/ima/ima_queue.c diff | blob | history
Linux Kernel Source Tree.