1 From 221be106d75c1b511973301542f47d6000d0b63e Mon Sep 17 00:00:00 2001
2 From: Roberto Sassu <roberto.sassu@huawei.com>
3 Date: Wed, 29 May 2019 15:30:33 +0200
4 Subject: evm: check hash algorithm passed to init_desc()
6 From: Roberto Sassu <roberto.sassu@huawei.com>
8 commit 221be106d75c1b511973301542f47d6000d0b63e upstream.
10 This patch prevents memory access beyond the evm_tfm array by checking the
11 validity of the index (hash algorithm) passed to init_desc(). The hash
12 algorithm can be arbitrarily set if the security.ima xattr type is not
15 Fixes: 5feeb61183dde ("evm: Allow non-SHA1 digital signatures")
16 Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
17 Cc: stable@vger.kernel.org
18 Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
19 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
22 security/integrity/evm/evm_crypto.c | 3 +++
23 1 file changed, 3 insertions(+)
25 --- a/security/integrity/evm/evm_crypto.c
26 +++ b/security/integrity/evm/evm_crypto.c
27 @@ -89,6 +89,9 @@ static struct shash_desc *init_desc(char
31 + if (hash_algo >= HASH_ALGO__LAST)
32 + return ERR_PTR(-EINVAL);
34 tfm = &evm_tfm[hash_algo];
35 algo = hash_algo_name[hash_algo];