Patch "ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()" has been added to the 3.13-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()

to the 3.13-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ima-change-the-default-hash-algorithm-to-sha1-in-ima_eventdigest_ng_init.patch
and it can be found in the queue-3.13 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From c502c78ba7fb5b9cef71e2bd70f12c38ef26e5ab Mon Sep 17 00:00:00 2001
From: Roberto Sassu <roberto.sassu@xxxxxxxxx>
Date: Fri, 8 Nov 2013 19:21:35 +0100
Subject: ima: change the default hash algorithm to SHA1 in ima_eventdigest_ng_init()

From: Roberto Sassu <roberto.sassu@xxxxxxxxx>

commit c502c78ba7fb5b9cef71e2bd70f12c38ef26e5ab upstream.

Replace HASH_ALGO__LAST with HASH_ALGO_SHA1 as the initial value of
the hash algorithm so that the prefix 'sha1:' is added to violation
digests.

Fix commit:
  4d7aeee ima: define new template ima-ng and template fields d-ng and n-ng

Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxx>
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 security/integrity/ima/ima_template_lib.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/security/integrity/ima/ima_template_lib.c
+++ b/security/integrity/ima/ima_template_lib.c
@@ -255,7 +255,7 @@ int ima_eventdigest_ng_init(struct integ
 			    struct evm_ima_xattr_data *xattr_value,
 			    int xattr_len, struct ima_field_data *field_data)
 {
-	u8 *cur_digest = NULL, hash_algo = HASH_ALGO__LAST;
+	u8 *cur_digest = NULL, hash_algo = HASH_ALGO_SHA1;
 	u32 cur_digestsize = 0;
 
 	/* If iint is NULL, we are recording a violation. */


Patches currently in stable-queue which might be from roberto.sassu@xxxxxxxxx are

queue-3.13/ima-change-the-default-hash-algorithm-to-sha1-in-ima_eventdigest_ng_init.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]