+ ima-define-a-canonical-binary_runtime_measurements-list-format-v3.patch added to -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Tue, 06 Sep 2016 13:30:05 -0700

The patch titled
     Subject: ima-define-a-canonical-binary_runtime_measurements-list-format-v3
has been added to the -mm tree.  Its filename is
     ima-define-a-canonical-binary_runtime_measurements-list-format-v3.patch

This patch should soon appear at
    http://ozlabs.org/~akpm/mmots/broken-out/ima-define-a-canonical-binary_runtime_measurements-list-format-v3.patch
and later at
    http://ozlabs.org/~akpm/mmotm/broken-out/ima-define-a-canonical-binary_runtime_measurements-list-format-v3.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/SubmitChecklist when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Subject: ima-define-a-canonical-binary_runtime_measurements-list-format-v3

Changelog v3:
- restore PCR value properly

Link: http://lkml.kernel.org/r/1473170584-15094-9-git-send-email-zohar@xxxxxxxxxxxxxxxxxx
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 security/integrity/ima/ima_template.c     |    4 ++--
 security/integrity/ima/ima_template_lib.c |    1 +
 2 files changed, 3 insertions(+), 2 deletions(-)

diff -puN security/integrity/ima/ima_template.c~ima-define-a-canonical-binary_runtime_measurements-list-format-v3 security/integrity/ima/ima_template.c

--- a/security/integrity/ima/ima_template.c~ima-define-a-canonical-binary_runtime_measurements-list-format-v3
+++ a/security/integrity/ima/ima_template.c
@@ -462,8 +462,8 @@ int ima_restore_measurement_list(loff_t
 			break;
 
 		memcpy(entry->digest, hdr_v1->digest, TPM_DIGEST_SIZE);
-		if (ima_canonical_fmt)
-			entry->pcr = le32_to_cpu(hdr_v1->pcr);
+		entry->pcr =
+		    !ima_canonical_fmt ? hdr_v1->pcr : le32_to_cpu(hdr_v1->pcr);
 		ret = ima_restore_measurement_entry(entry);
 		if (ret < 0)
 			break;
diff -puN security/integrity/ima/ima_template_lib.c~ima-define-a-canonical-binary_runtime_measurements-list-format-v3 security/integrity/ima/ima_template_lib.c
--- a/security/integrity/ima/ima_template_lib.c~ima-define-a-canonical-binary_runtime_measurements-list-format-v3
+++ a/security/integrity/ima/ima_template_lib.c
@@ -105,6 +105,7 @@ static void ima_show_template_data_binar
 
 	if (show != IMA_SHOW_BINARY_NO_FIELD_LEN) {
 		u32 field_len = !ima_canonical_fmt ? len : cpu_to_le32(len);
+
 		ima_putc(m, &field_len, sizeof(field_len));
 	}
 
_

Patches currently in -mm which might be from zohar@xxxxxxxxxxxxxxxxxx are

ima-on-soft-reboot-restore-the-measurement-list.patch
ima-permit-duplicate-measurement-list-entries.patch
ima-maintain-memory-size-needed-for-serializing-the-measurement-list.patch
ima-maintain-memory-size-needed-for-serializing-the-measurement-list-v3.patch
ima-serialize-the-binary_runtime_measurements.patch
ima-store-the-builtin-custom-template-definitions-in-a-list.patch
ima-store-the-builtin-custom-template-definitions-in-a-list-v3.patch
ima-support-restoring-multiple-template-formats.patch
ima-support-restoring-multiple-template-formats-v3.patch
ima-define-a-canonical-binary_runtime_measurements-list-format.patch
ima-define-a-canonical-binary_runtime_measurements-list-format-v3.patch

--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






