[PATCH] evm: Correct inode_init_security hooks behaviors
Mimi Zohar
zohar at linux.ibm.com
Thu Oct 20 19:51:38 UTC 2022
On Thu, 2022-10-20 at 15:55 +0200, Nicolas Bouchinet wrote:
> From: Nicolas Bouchinet <nicolas.bouchinet at ssi.gouv.fr>
>
> Fixes a NULL pointer dereference occuring in the
> `evm_protected_xattr_common` function of the EVM LSM. The bug is
> triggered if a `inode_init_security` hook returns 0 without initializing
> the given `struct xattr` fields (which is the case of BPF) and if no
> other LSM overrides thoses fields after. This also leads to memory
> leaks.
>
> Adds a `call_int_hook_xattr` macro that fetches and feed the
> `new_xattrs` array with every called hook xattr values.
>
> Adds a `evm_init_hmacs` function which init the EVM hmac using every
> entry of the array contrary to `evm_init_hmac`.
Only EVM portable digital signatures include all of the protected
xattrs. Refer to commit 8c7a703ec978 ("evm: Verify portable
signatures against all protected xattrs").
>
> Fixes the `evm_inode_init_security` function to use `evm_init_hmacs`.
Won't this break existing EVM hmac usage?
--
thanks,
Mimi
More information about the Linux-security-module-archive
mailing list