ima: use ima_parse_buf() to parse template data

The binary_field_data structure definition has been removed from ima_restore_template_data(). The lengths and data pointers are directly stored into the template_data array of the ima_template_entry structure. For template data, both the number of fields and buffer end checks can be done, as these information are known (respectively from the template descriptor, and from the measurement header field). Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Roberto Sassu <roberto.sassu@huawei.com> 2017-05-16 08:53:43 -0400
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2017-06-21 14:37:12 -0400
commit: 28a8dc41279de2a8a635df51ad33d3cee7e0c0d1 (patch)
tree: cdc197ece2071f65dce35f79a139baee400e348d
parent: 47fdee60b47fc2836b256761ab60ada26788b323 (diff)
1 files changed, 13 insertions, 31 deletions
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 624e2a1d0f89..7412d0291ab9 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -277,13 +277,6 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
                                     int template_data_size,
                                     struct ima_template_entry **entry)
 {
-        struct binary_field_data {
-                u32 len;
-                u8 data[0];
-        } __packed;
-        struct binary_field_data *field_data;
-        int offset = 0;
        int ret = 0;
        int i;
@@ -293,30 +286,19 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
        if (!*entry)
                return -ENOMEM;
+        ret = ima_parse_buf(template_data, template_data + template_data_size,
+                            NULL, template_desc->num_fields,
+                            (*entry)->template_data, NULL, NULL,
+                            ENFORCE_FIELDS | ENFORCE_BUFEND, "template data");
+        if (ret < 0) {
+                kfree(*entry);
+                return ret;
+        }
        (*entry)->template_desc = template_desc;
        for (i = 0; i < template_desc->num_fields; i++) {
-                field_data = template_data + offset;
+                struct ima_field_data *field_data = &(*entry)->template_data[i];
+                u8 *data = field_data->data;
-                /* Each field of the template data is prefixed with a length. */
-                if (offset > (template_data_size - sizeof(*field_data))) {
-                        pr_err("Restoring the template field failed\n");
-                        ret = -EINVAL;
-                        break;
-                }
-                offset += sizeof(*field_data);
-                if (ima_canonical_fmt)
-                        field_data->len = le32_to_cpu(field_data->len);
-                if (offset > (template_data_size - field_data->len)) {
-                        pr_err("Restoring the template field data failed\n");
-                        ret = -EINVAL;
-                        break;
-                }
-                offset += field_data->len;
-                (*entry)->template_data[i].len = field_data->len;
-                (*entry)->template_data_len += sizeof(field_data->len);
                (*entry)->template_data[i].data =
                        kzalloc(field_data->len + 1, GFP_KERNEL);
@@ -324,8 +306,8 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
                        ret = -ENOMEM;
                        break;
                }
-                memcpy((*entry)->template_data[i].data, field_data->data,
+                memcpy((*entry)->template_data[i].data, data, field_data->len);
-                        field_data->len);
+                (*entry)->template_data_len += sizeof(field_data->len);
                (*entry)->template_data_len += field_data->len;
        }
author	Roberto Sassu <roberto.sassu@huawei.com>	2017-05-16 08:53:43 -0400
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2017-06-21 14:37:12 -0400
commit	28a8dc41279de2a8a635df51ad33d3cee7e0c0d1 (patch)
tree	cdc197ece2071f65dce35f79a139baee400e348d
parent	47fdee60b47fc2836b256761ab60ada26788b323 (diff)

diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c index 624e2a1d0f89..7412d0291ab9 100644 --- a/security/integrity/ima/ima_template.c +++ b/security/integrity/ima/ima_template.c
@@ -277,13 +277,6 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
277	int template_data_size,	277	int template_data_size,
278	struct ima_template_entry **entry)	278	struct ima_template_entry **entry)
279	{	279	{
280	struct binary_field_data {
281	u32 len;
282	u8 data[0];
283	} __packed;
284
285	struct binary_field_data *field_data;
286	int offset = 0;
287	int ret = 0;	280	int ret = 0;
288	int i;	281	int i;
289		282
@@ -293,30 +286,19 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
293	if (!*entry)	286	if (!*entry)
294	return -ENOMEM;	287	return -ENOMEM;
295		288
		289	ret = ima_parse_buf(template_data, template_data + template_data_size,
		290	NULL, template_desc->num_fields,
		291	(*entry)->template_data, NULL, NULL,
		292	ENFORCE_FIELDS \| ENFORCE_BUFEND, "template data");
		293	if (ret < 0) {
		294	kfree(*entry);
		295	return ret;
		296	}
		297
296	(*entry)->template_desc = template_desc;	298	(*entry)->template_desc = template_desc;
297	for (i = 0; i < template_desc->num_fields; i++) {	299	for (i = 0; i < template_desc->num_fields; i++) {
298	field_data = template_data + offset;	300	struct ima_field_data field_data = &(entry)->template_data[i];
299		301	u8 *data = field_data->data;
300	/* Each field of the template data is prefixed with a length. */
301	if (offset > (template_data_size - sizeof(*field_data))) {
302	pr_err("Restoring the template field failed\n");
303	ret = -EINVAL;
304	break;
305	}
306	offset += sizeof(*field_data);
307
308	if (ima_canonical_fmt)
309	field_data->len = le32_to_cpu(field_data->len);
310
311	if (offset > (template_data_size - field_data->len)) {
312	pr_err("Restoring the template field data failed\n");
313	ret = -EINVAL;
314	break;
315	}
316	offset += field_data->len;
317
318	(*entry)->template_data[i].len = field_data->len;
319	(*entry)->template_data_len += sizeof(field_data->len);
320		302
321	(*entry)->template_data[i].data =	303	(*entry)->template_data[i].data =
322	kzalloc(field_data->len + 1, GFP_KERNEL);	304	kzalloc(field_data->len + 1, GFP_KERNEL);
@@ -324,8 +306,8 @@ static int ima_restore_template_data(struct ima_template_desc *template_desc,
324	ret = -ENOMEM;	306	ret = -ENOMEM;
325	break;	307	break;
326	}	308	}
327	memcpy((*entry)->template_data[i].data, field_data->data,	309	memcpy((*entry)->template_data[i].data, data, field_data->len);
328	field_data->len);	310	(*entry)->template_data_len += sizeof(field_data->len);
329	(*entry)->template_data_len += field_data->len;	311	(*entry)->template_data_len += field_data->len;
330	}	312	}
331		313