> From: Mimi Zohar [mailto:zohar@xxxxxxxxxxxxx] > Sent: Friday, August 21, 2020 10:15 PM > Hi Roberto, > > On Thu, 2020-06-18 at 18:01 +0200, Roberto Sassu wrote: > > Granting metadata write is safe if the HMAC key is not loaded, as it won't > > let an attacker obtain a valid HMAC from corrupted xattrs. > evm_write_key() > > however does not allow it if any key is loaded, including a public key, > > which should not be a problem. > > > > Why is the existing hebavior a problem? What is the problem being > solved? Hi Mimi currently it is not possible to set EVM_ALLOW_METADATA_WRITES when only a public key is loaded and the HMAC key is not. The patch removes this limitation. > > This patch allows setting EVM_ALLOW_METADATA_WRITES if the > EVM_INIT_HMAC > > flag is not set. > > > > Cc: stable@xxxxxxxxxxxxxxx # 4.16.x > > Fixes: ae1ba1676b88e ("EVM: Allow userland to permit modification of > EVM-protected metadata") > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > --- > > security/integrity/evm/evm_secfs.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/security/integrity/evm/evm_secfs.c > b/security/integrity/evm/evm_secfs.c > > index cfc3075769bb..92fe26ace797 100644 > > --- a/security/integrity/evm/evm_secfs.c > > +++ b/security/integrity/evm/evm_secfs.c > > @@ -84,7 +84,7 @@ static ssize_t evm_write_key(struct file *file, const > char __user *buf, > > * keys are loaded. > > */ > > if ((i & EVM_ALLOW_METADATA_WRITES) && > > - ((evm_initialized & EVM_KEY_MASK) != 0) && > > + ((evm_initialized & EVM_INIT_HMAC) != 0) && > > !(evm_initialized & EVM_ALLOW_METADATA_WRITES)) > > return -EPERM; > > > > > Documentation/ABI/testing/evm needs to be updated as well. Ok. Thanks Roberto HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Li Jian, Shi Yanli > thanks, > > Mimi > >
