git.baikalelectronics.ru Git - kernel.git/commit

author	Roberto Sassu <roberto.sassu@huawei.com>
	Wed, 3 Jun 2020 15:08:21 +0000 (17:08 +0200)
committer	Mimi Zohar <zohar@linux.ibm.com>
	Wed, 3 Jun 2020 21:20:43 +0000 (17:20 -0400)
commit	f57beda53698ecf680772a91e5151f3c33b3a31d
tree	b9eed46e6e7e0620802d75853502beffbef05fc8	tree \| snapshot
parent	80d6f0a260e41d5f7cf59cd3995ea95384c6eef0	commit \| diff

ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()

If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.

This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.

Cc: stable@vger.kernel.org # 3.13.x
Fixes: 344dad1ec14ff ("ima: define template fields library and new helpers")
Reported-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_crypto.c		diff \| blob \| history
security/integrity/ima/ima_init.c		diff \| blob \| history
security/integrity/ima/ima_template_lib.c		diff \| blob \| history