diff options
| author | Roberto Sassu <roberto.sassu@huawei.com> | 2020-06-03 18:08:21 +0300 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.ibm.com> | 2020-06-04 00:20:43 +0300 |
| commit | 6cc7c266e5b47d3cd2b5bb7fd3aac4e6bb2dd1d2 (patch) | |
| tree | b9eed46e6e7e0620802d75853502beffbef05fc8 /security/integrity/ima/ima_init.c | |
| parent | 067a436b1b0aafa593344fddd711a755a58afb3b (diff) | |
| download | linux-6cc7c266e5b47d3cd2b5bb7fd3aac4e6bb2dd1d2.tar.xz | |
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
If the template field 'd' is chosen and the digest to be added to the
measurement entry was not calculated with SHA1 or MD5, it is
recalculated with SHA1, by using the passed file descriptor. However, this
cannot be done for boot_aggregate, because there is no file descriptor.
This patch adds a call to ima_calc_boot_aggregate() in
ima_eventdigest_init(), so that the digest can be recalculated also for the
boot_aggregate entry.
Cc: stable@vger.kernel.org # 3.13.x
Fixes: 3ce1217d6cd5d ("ima: define template fields library and new helpers")
Reported-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_init.c')
| -rw-r--r-- | security/integrity/ima/ima_init.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c index fc1e1002b48d..4902fe7bd570 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -19,7 +19,7 @@ #include "ima.h" /* name for boot aggregate entry */ -static const char boot_aggregate_name[] = "boot_aggregate"; +const char boot_aggregate_name[] = "boot_aggregate"; struct tpm_chip *ima_tpm_chip; /* Add the boot aggregate to the IMA measurement list and extend |