Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next

6 files changed, 14 insertions, 12 deletions

diff --git a/Documentation/security/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt
index 324ddf5223b3..b20a993a32af 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -32,8 +32,6 @@ Usage:
                      (40 ascii zeros)
        blobauth=     ascii hex auth for sealed data default 0x00...
                      (40 ascii zeros)
-       blobauth=     ascii hex auth for sealed data default 0x00...
-                     (40 ascii zeros)
        pcrinfo=      ascii hex of PCR_INFO or PCR_INFO_LONG (no default)
        pcrlock=      pcr number to be extended to "lock" blob
        migratable=   0|1 indicating permission to reseal to new PCR values,
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index 4304372b323f..106e855e2d9d 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -51,7 +51,7 @@ static bool init_keyring __initdata;
 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
                             const char *digest, int digestlen)
 {
-        if (id >= INTEGRITY_KEYRING_MAX)
+        if (id >= INTEGRITY_KEYRING_MAX || siglen < 2)
                 return -EINVAL;
 
         if (!keyring[id]) {
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index ba8615576d4d..e2ed498c0f5f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -145,6 +145,10 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
         /* check value type */
         switch (xattr_data->type) {
         case EVM_XATTR_HMAC:
+                if (xattr_len != sizeof(struct evm_ima_xattr_data)) {
+                        evm_status = INTEGRITY_FAIL;
+                        goto out;
+                }
                 rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
                                    xattr_value_len, calc.digest);
                 if (rc)
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 389325ac6067..1fd9539a969d 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -130,6 +130,7 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value,
                                  int xattr_len)
 {
         struct signature_v2_hdr *sig;
+        enum hash_algo ret;
 
         if (!xattr_value || xattr_len < 2)
                 /* return default hash algo */
@@ -143,7 +144,9 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value,
                 return sig->hash_algo;
                 break;
         case IMA_XATTR_DIGEST_NG:
-                return xattr_value->digest[0];
+                ret = xattr_value->digest[0];
+                if (ret < HASH_ALGO__LAST)
+                        return ret;
                 break;
         case IMA_XATTR_DIGEST:
                 /* this is for backward compatibility */
@@ -384,14 +387,10 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
         result = ima_protect_xattr(dentry, xattr_name, xattr_value,
                                    xattr_value_len);
         if (result == 1) {
-                bool digsig;
-
                 if (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST))
                         return -EINVAL;
-                digsig = (xvalue->type == EVM_IMA_XATTR_DIGSIG);
-                if (!digsig && (ima_appraise & IMA_APPRAISE_ENFORCE))
-                        return -EPERM;
-                ima_reset_appraise_flags(d_backing_inode(dentry), digsig);
+                ima_reset_appraise_flags(d_backing_inode(dentry),
+                         (xvalue->type == EVM_IMA_XATTR_DIGSIG) ? 1 : 0);
                 result = 0;
         }
         return result;
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index c07a3844ea0a..3df46906492d 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -401,7 +401,7 @@ static int ima_release_policy(struct inode *inode, struct file *file)
         const char *cause = valid_policy ? "completed" : "failed";
 
         if ((file->f_flags & O_ACCMODE) == O_RDONLY)
-                return 0;
+                return seq_release(inode, file);
 
         if (valid_policy && ima_check_policy() < 0) {
                 cause = "failed";
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 32912bd54ead..2ac1f41db5c0 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -115,7 +115,8 @@ int __init ima_init(void)
                 ima_used_chip = 1;
 
         if (!ima_used_chip)
-                pr_info("No TPM chip found, activating TPM-bypass!\n");
+                pr_info("No TPM chip found, activating TPM-bypass! (rc=%d)\n",
+                        rc);
 
         rc = integrity_init_keyring(INTEGRITY_KEYRING_IMA);
         if (rc)