Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bb543e39 authored by Thiago Jung Bauermann's avatar Thiago Jung Bauermann Committed by Mimi Zohar
Browse files

integrity: Small code improvements 



These changes are too small to warrant their own patches:

The keyid and sig_size members of struct signature_v2_hdr are in BE format,
so use a type that makes this assumption explicit. Also, use beXX_to_cpu
instead of __beXX_to_cpu to read them.

Change integrity_kernel_read to take a void * buffer instead of char *
buffer, so that callers don't have to use a cast if they provide a buffer
that isn't a char *.

Add missing #endif comment in ima.h pointing out which macro it refers to.

Add missing fall through comment in ima_appraise.c.

Constify mask_tokens and func_tokens arrays.

Signed-off-by: default avatarThiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent e4586c79

security/integrity/digsig_asymmetric.c

+2 −2
Original line number Diff line number Diff line
@@ -92,13 +92,13 @@ int asymmetric_verify(struct key *keyring, const char *sig, 


	siglen -= sizeof(*hdr);



	if (siglen != __be16_to_cpu(hdr->sig_size))

	if (siglen != be16_to_cpu(hdr->sig_size))

		return -EBADMSG;



	if (hdr->hash_algo >= HASH_ALGO__LAST)

		return -ENOPKG;



	key = request_asymmetric_key(keyring, __be32_to_cpu(hdr->keyid));

	key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));

	if (IS_ERR(key))

		return PTR_ERR(key);

security/integrity/iint.c

+1 −1
Original line number Diff line number Diff line
@@ -182,7 +182,7 @@ security_initcall(integrity_iintcache_init); 
 *

 */

int integrity_kernel_read(struct file *file, loff_t offset,

			  char *addr, unsigned long count)

			  void *addr, unsigned long count)

{

	mm_segment_t old_fs;

	char __user *buf = (char __user *)addr;

security/integrity/ima/ima.h

+1 −1
Original line number Diff line number Diff line
@@ -284,7 +284,7 @@ static inline int ima_read_xattr(struct dentry *dentry, 
	return 0;

}



#endif

#endif /* CONFIG_IMA_APPRAISE */



/* LSM based policy rules require audit */

#ifdef CONFIG_IMA_LSM_RULES

security/integrity/ima/ima_appraise.c

+1 −0
Original line number Diff line number Diff line
@@ -240,6 +240,7 @@ int ima_appraise_measurement(enum ima_hooks func, 
	case IMA_XATTR_DIGEST_NG:

		/* first byte contains algorithm id */

		hash_start = 1;

		/* fall through */

	case IMA_XATTR_DIGEST:

		if (iint->flags & IMA_DIGSIG_REQUIRED) {

			cause = "IMA-signature-required";

security/integrity/ima/ima_policy.c

+2 −2
Original line number Diff line number Diff line
@@ -965,7 +965,7 @@ enum { 
	mask_exec = 0, mask_write, mask_read, mask_append

};



static char *mask_tokens[] = {

static const char *const mask_tokens[] = {

	"MAY_EXEC",

	"MAY_WRITE",

	"MAY_READ",
@@ -979,7 +979,7 @@ enum { 
	func_policy

};



static char *func_tokens[] = {

static const char *const func_tokens[] = {

	"FILE_CHECK",

	"MMAP_CHECK",

	"BPRM_CHECK",