Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into next

author: James Morris <james.l.morris@oracle.com> 2016-11-23 01:52:11 +0300
committer: James Morris <james.l.morris@oracle.com> 2016-11-23 01:52:11 +0300
commit: b075361e91684f8b9d4a85ad2e6f62f94d6698e3 (patch)
tree: 6f0c9717988ff9f9ad4878d00ae27c123091391e /security/integrity/evm/evm_main.c
parent: 636e4625adb5a53ee7f6b019fa2e68f36cf96d93 (diff)
parent: b4bfec7f4a86424b114f94f41c4e1841ec102df3 (diff)
download: linux-b075361e91684f8b9d4a85ad2e6f62f94d6698e3.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index ba8615576d4d..e2ed498c0f5f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -145,6 +145,10 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
 	/* check value type */
 	switch (xattr_data->type) {
 	case EVM_XATTR_HMAC:
+		if (xattr_len != sizeof(struct evm_ima_xattr_data)) {
+			evm_status = INTEGRITY_FAIL;
+			goto out;
+		}
 		rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
 				   xattr_value_len, calc.digest);
 		if (rc)
author	James Morris <james.l.morris@oracle.com>	2016-11-23 01:52:11 +0300
committer	James Morris <james.l.morris@oracle.com>	2016-11-23 01:52:11 +0300
commit	b075361e91684f8b9d4a85ad2e6f62f94d6698e3 (patch)
tree	6f0c9717988ff9f9ad4878d00ae27c123091391e /security/integrity/evm/evm_main.c
parent	636e4625adb5a53ee7f6b019fa2e68f36cf96d93 (diff)
parent	b4bfec7f4a86424b114f94f41c4e1841ec102df3 (diff)
download	linux-b075361e91684f8b9d4a85ad2e6f62f94d6698e3.tar.xz