aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@polito.it>2011-12-19 09:57:28 -0500
committerGreg Kroah-Hartman <gregkh@suse.de>2012-01-25 20:24:41 -0500
commitffdfcb4347b7f5082e6e191175d46d74c235c2c7 (patch)
tree8b23426844bf24fd8c355c43563edec9d2daa8a1 /security/integrity
parent808f398267e920a772c1ae07781adfb0d4d1c48a (diff)
ima: fix invalid memory reference
commit 7b7e5916aa2f46e57f8bd8cb89c34620ebfda5da upstream. Don't free a valid measurement entry on TPM PCR extend failure. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_queue.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index e1a5062b1f6..55a6271bce7 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -23,6 +23,8 @@
23#include <linux/slab.h> 23#include <linux/slab.h>
24#include "ima.h" 24#include "ima.h"
25 25
26#define AUDIT_CAUSE_LEN_MAX 32
27
26LIST_HEAD(ima_measurements); /* list of all measurements */ 28LIST_HEAD(ima_measurements); /* list of all measurements */
27 29
28/* key: inode (before secure-hashing a file) */ 30/* key: inode (before secure-hashing a file) */
@@ -94,7 +96,8 @@ static int ima_pcr_extend(const u8 *hash)
94 96
95 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash); 97 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash);
96 if (result != 0) 98 if (result != 0)
97 pr_err("IMA: Error Communicating to TPM chip\n"); 99 pr_err("IMA: Error Communicating to TPM chip, result: %d\n",
100 result);
98 return result; 101 return result;
99} 102}
100 103
@@ -106,8 +109,9 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
106{ 109{
107 u8 digest[IMA_DIGEST_SIZE]; 110 u8 digest[IMA_DIGEST_SIZE];
108 const char *audit_cause = "hash_added"; 111 const char *audit_cause = "hash_added";
112 char tpm_audit_cause[AUDIT_CAUSE_LEN_MAX];
109 int audit_info = 1; 113 int audit_info = 1;
110 int result = 0; 114 int result = 0, tpmresult = 0;
111 115
112 mutex_lock(&ima_extend_list_mutex); 116 mutex_lock(&ima_extend_list_mutex);
113 if (!violation) { 117 if (!violation) {
@@ -129,9 +133,11 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
129 if (violation) /* invalidate pcr */ 133 if (violation) /* invalidate pcr */
130 memset(digest, 0xff, sizeof digest); 134 memset(digest, 0xff, sizeof digest);
131 135
132 result = ima_pcr_extend(digest); 136 tpmresult = ima_pcr_extend(digest);
133 if (result != 0) { 137 if (tpmresult != 0) {
134 audit_cause = "TPM error"; 138 snprintf(tpm_audit_cause, AUDIT_CAUSE_LEN_MAX, "TPM_error(%d)",
139 tpmresult);
140 audit_cause = tpm_audit_cause;
135 audit_info = 0; 141 audit_info = 0;
136 } 142 }
137out: 143out: