This is a note to let you know that I've just added the patch titled
ima: fix ima_show_template_data_ascii()
to the 4.1-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
ima-fix-ima_show_template_data_ascii.patch
and it can be found in the queue-4.1 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 45b26133b97871896b8c5241d59f4ff7839db7b2 Mon Sep 17 00:00:00 2001
From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Date: Thu, 11 Jun 2015 11:54:42 -0400
Subject: ima: fix ima_show_template_data_ascii()
From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
commit 45b26133b97871896b8c5241d59f4ff7839db7b2 upstream.
This patch fixes a bug introduced in "4d7aeee ima: define new template
ima-ng and template fields d-ng and n-ng".
Changelog:
- change int to uint32 (Roberto Sassu's suggestion)
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Roberto Sassu <rsassu@xxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
security/integrity/ima/ima.h | 2 +-
security/integrity/ima/ima_fs.c | 4 ++--
security/integrity/ima/ima_template_lib.c | 3 ++-
3 files changed, 5 insertions(+), 4 deletions(-)
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -106,7 +106,7 @@ void ima_add_violation(struct file *file
const char *op, const char *cause);
int ima_init_crypto(void);
void ima_putc(struct seq_file *m, void *data, int datalen);
-void ima_print_digest(struct seq_file *m, u8 *digest, int size);
+void ima_print_digest(struct seq_file *m, u8 *digest, u32 size);
struct ima_template_desc *ima_template_desc_current(void);
int ima_init_template(void);
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -190,9 +190,9 @@ static const struct file_operations ima_
.release = seq_release,
};
-void ima_print_digest(struct seq_file *m, u8 *digest, int size)
+void ima_print_digest(struct seq_file *m, u8 *digest, u32 size)
{
- int i;
+ u32 i;
for (i = 0; i < size; i++)
seq_printf(m, "%02x", *(digest + i));
--- a/security/integrity/ima/ima_template_lib.c
+++ b/security/integrity/ima/ima_template_lib.c
@@ -70,7 +70,8 @@ static void ima_show_template_data_ascii
enum data_formats datafmt,
struct ima_field_data *field_data)
{
- u8 *buf_ptr = field_data->data, buflen = field_data->len;
+ u8 *buf_ptr = field_data->data;
+ u32 buflen = field_data->len;
switch (datafmt) {
case DATA_FMT_DIGEST_WITH_ALGO:
Patches currently in stable-queue which might be from zohar@xxxxxxxxxxxxxxxxxx are
queue-4.1/keys-fix-ca_keys-partial-key-matching.patch
queue-4.1/ima-update-builtin-policies.patch
queue-4.1/ima-extend-mask-policy-matching-support.patch
queue-4.1/ima-cleanup-ima_init_policy-a-little.patch
queue-4.1/evm-labeling-pseudo-filesystems-exception.patch
queue-4.1/ima-fix-ima_show_template_data_ascii.patch
queue-4.1/ima-add-support-for-new-euid-policy-condition.patch
queue-4.1/ima-do-not-measure-or-appraise-the-nsfs-filesystem.patch
queue-4.1/ima-skip-measurement-of-cgroupfs-files-and-update-documentation.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html