aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorBehan Webster <behanw@converseincode.com>2014-04-04 17:18:00 -0400
committerBehan Webster <behanw@converseincode.com>2014-10-14 04:51:24 -0400
commit357aabed626fe3fc753a99ef1d652f4e2d82ba26 (patch)
tree15d0a4704557a0178f5b669bbab620c5019236ce /security/integrity
parentea0e0de69fc413aa80dbf1ec1fb9702ea1b6faca (diff)
security, crypto: LLVMLinux: Remove VLAIS from ima_crypto.c
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99 compliant equivalent. This patch allocates the appropriate amount of memory using a char array using the SHASH_DESC_ON_STACK macro. The new code can be compiled with both gcc and clang. Signed-off-by: Behan Webster <behanw@converseincode.com> Reviewed-by: Mark Charlebois <charlebm@gmail.com> Reviewed-by: Jan-Simon Möller <dl9pf@gmx.de> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Cc: tglx@linutronix.de
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_crypto.c47
1 files changed, 19 insertions, 28 deletions
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index d34e7dfc1118..78d66dae15f4 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -386,17 +386,14 @@ static int ima_calc_file_hash_tfm(struct file *file,
386 loff_t i_size, offset = 0; 386 loff_t i_size, offset = 0;
387 char *rbuf; 387 char *rbuf;
388 int rc, read = 0; 388 int rc, read = 0;
389 struct { 389 SHASH_DESC_ON_STACK(shash, tfm);
390 struct shash_desc shash;
391 char ctx[crypto_shash_descsize(tfm)];
392 } desc;
393 390
394 desc.shash.tfm = tfm; 391 shash->tfm = tfm;
395 desc.shash.flags = 0; 392 shash->flags = 0;
396 393
397 hash->length = crypto_shash_digestsize(tfm); 394 hash->length = crypto_shash_digestsize(tfm);
398 395
399 rc = crypto_shash_init(&desc.shash); 396 rc = crypto_shash_init(shash);
400 if (rc != 0) 397 if (rc != 0)
401 return rc; 398 return rc;
402 399
@@ -426,7 +423,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
426 break; 423 break;
427 offset += rbuf_len; 424 offset += rbuf_len;
428 425
429 rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len); 426 rc = crypto_shash_update(shash, rbuf, rbuf_len);
430 if (rc) 427 if (rc)
431 break; 428 break;
432 } 429 }
@@ -435,7 +432,7 @@ static int ima_calc_file_hash_tfm(struct file *file,
435 kfree(rbuf); 432 kfree(rbuf);
436out: 433out:
437 if (!rc) 434 if (!rc)
438 rc = crypto_shash_final(&desc.shash, hash->digest); 435 rc = crypto_shash_final(shash, hash->digest);
439 return rc; 436 return rc;
440} 437}
441 438
@@ -493,18 +490,15 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
493 struct ima_digest_data *hash, 490 struct ima_digest_data *hash,
494 struct crypto_shash *tfm) 491 struct crypto_shash *tfm)
495{ 492{
496 struct { 493 SHASH_DESC_ON_STACK(shash, tfm);
497 struct shash_desc shash;
498 char ctx[crypto_shash_descsize(tfm)];
499 } desc;
500 int rc, i; 494 int rc, i;
501 495
502 desc.shash.tfm = tfm; 496 shash->tfm = tfm;
503 desc.shash.flags = 0; 497 shash->flags = 0;
504 498
505 hash->length = crypto_shash_digestsize(tfm); 499 hash->length = crypto_shash_digestsize(tfm);
506 500
507 rc = crypto_shash_init(&desc.shash); 501 rc = crypto_shash_init(shash);
508 if (rc != 0) 502 if (rc != 0)
509 return rc; 503 return rc;
510 504
@@ -514,7 +508,7 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
514 u32 datalen = field_data[i].len; 508 u32 datalen = field_data[i].len;
515 509
516 if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) { 510 if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
517 rc = crypto_shash_update(&desc.shash, 511 rc = crypto_shash_update(shash,
518 (const u8 *) &field_data[i].len, 512 (const u8 *) &field_data[i].len,
519 sizeof(field_data[i].len)); 513 sizeof(field_data[i].len));
520 if (rc) 514 if (rc)
@@ -524,13 +518,13 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
524 data_to_hash = buffer; 518 data_to_hash = buffer;
525 datalen = IMA_EVENT_NAME_LEN_MAX + 1; 519 datalen = IMA_EVENT_NAME_LEN_MAX + 1;
526 } 520 }
527 rc = crypto_shash_update(&desc.shash, data_to_hash, datalen); 521 rc = crypto_shash_update(shash, data_to_hash, datalen);
528 if (rc) 522 if (rc)
529 break; 523 break;
530 } 524 }
531 525
532 if (!rc) 526 if (!rc)
533 rc = crypto_shash_final(&desc.shash, hash->digest); 527 rc = crypto_shash_final(shash, hash->digest);
534 528
535 return rc; 529 return rc;
536} 530}
@@ -571,15 +565,12 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
571{ 565{
572 u8 pcr_i[TPM_DIGEST_SIZE]; 566 u8 pcr_i[TPM_DIGEST_SIZE];
573 int rc, i; 567 int rc, i;
574 struct { 568 SHASH_DESC_ON_STACK(shash, tfm);
575 struct shash_desc shash;
576 char ctx[crypto_shash_descsize(tfm)];
577 } desc;
578 569
579 desc.shash.tfm = tfm; 570 shash->tfm = tfm;
580 desc.shash.flags = 0; 571 shash->flags = 0;
581 572
582 rc = crypto_shash_init(&desc.shash); 573 rc = crypto_shash_init(shash);
583 if (rc != 0) 574 if (rc != 0)
584 return rc; 575 return rc;
585 576
@@ -587,10 +578,10 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
587 for (i = TPM_PCR0; i < TPM_PCR8; i++) { 578 for (i = TPM_PCR0; i < TPM_PCR8; i++) {
588 ima_pcrread(i, pcr_i); 579 ima_pcrread(i, pcr_i);
589 /* now accumulate with current aggregate */ 580 /* now accumulate with current aggregate */
590 rc = crypto_shash_update(&desc.shash, pcr_i, TPM_DIGEST_SIZE); 581 rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE);
591 } 582 }
592 if (!rc) 583 if (!rc)
593 crypto_shash_final(&desc.shash, digest); 584 crypto_shash_final(shash, digest);
594 return rc; 585 return rc;
595} 586}
596 587
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-28 10:24:15 -0500