evm: check hash algorithm passed to init_desc() - drm-misc - Kernel DRM miscellaneous fixes and cross-tree changes

diff options

author	Roberto Sassu <roberto.sassu@huawei.com>	2019-05-29 15:30:33 +0200
committer	Mimi Zohar <zohar@linux.ibm.com>	2019-05-29 23:18:25 -0400
commit	221be106d75c1b511973301542f47d6000d0b63e (patch)
tree	18f8246e67943de8fc8f5d9ebe2fcb927b8ed391 /security/security.c
parent	f40019475bbbe9b455e7fd4385fcf13896c492ca (diff)

evm: check hash algorithm passed to init_desc()

This patch prevents memory access beyond the evm_tfm array by checking the validity of the index (hash algorithm) passed to init_desc(). The hash algorithm can be arbitrarily set if the security.ima xattr type is not EVM_XATTR_HMAC. Fixes: 5feeb61183dde ("evm: Allow non-SHA1 digital signatures") Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Cc: stable@vger.kernel.org Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

Diffstat (limited to 'security/security.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: