--- /dev/null
+From cb181da161963eddc9de0000de6ab2c7942be219 Mon Sep 17 00:00:00 2001
+From: THOBY Simon <Simon.THOBY@viveris.fr>
+Date: Sun, 22 Aug 2021 08:55:26 +0000
+Subject: IMA: reject unknown hash algorithms in ima_get_hash_algo
+
+From: THOBY Simon <Simon.THOBY@viveris.fr>
+
+commit cb181da161963eddc9de0000de6ab2c7942be219 upstream.
+
+The new function validate_hash_algo() assumed that ima_get_hash_algo()
+always return a valid 'enum hash_algo', but it returned the
+user-supplied value present in the digital signature without
+any bounds checks.
+
+Update ima_get_hash_algo() to always return a valid hash algorithm,
+defaulting on 'ima_hash_algo' when the user-supplied value inside
+the xattr is invalid.
+
+Signed-off-by: THOBY Simon <Simon.THOBY@viveris.fr>
+Reported-by: syzbot+e8bafe7b82c739eaf153@syzkaller.appspotmail.com
+Fixes: 50f742dd9147 ("IMA: block writes of the security.ima xattr with unsupported algorithms")
+Reviewed-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
+Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ security/integrity/ima/ima_appraise.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/security/integrity/ima/ima_appraise.c
++++ b/security/integrity/ima/ima_appraise.c
+@@ -184,7 +184,8 @@ enum hash_algo ima_get_hash_algo(const s
+ switch (xattr_value->type) {
+ case EVM_IMA_XATTR_DIGSIG:
+ sig = (typeof(sig))xattr_value;
+- if (sig->version != 2 || xattr_len <= sizeof(*sig))
++ if (sig->version != 2 || xattr_len <= sizeof(*sig)
++ || sig->hash_algo >= HASH_ALGO__LAST)
+ return ima_hash_algo;
+ return sig->hash_algo;
+ break;
projects / thirdparty / kernel / stable-queue.git / commitdiff
