security/integrity: Harden against malformed xattrs

In general the handling of IMA/EVM xattrs is good, but I found a few locations where either the xattr size or the value of the type field in the xattr are not checked. Add a few simple checks to these locations to prevent malformed or malicious xattrs from causing problems. Signed-off-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Seth Forshee <seth.forshee@canonical.com> 2016-08-01 08:19:10 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2016-11-13 22:50:11 -0500
commit: b4bfec7f4a86424b114f94f41c4e1841ec102df3 (patch)
tree: 9f4a668c3d28ef3de0743d3dda285829b38a85a3 /security/integrity/evm
parent: Doc: security: keys-trusted: drop duplicate blobauth entry (diff)
download: linux-dev-b4bfec7f4a86424b114f94f41c4e1841ec102df3.tar.xz
linux-dev-b4bfec7f4a86424b114f94f41c4e1841ec102df3.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index ba8615576d4d..e2ed498c0f5f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -145,6 +145,10 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
 	/* check value type */
 	switch (xattr_data->type) {
 	case EVM_XATTR_HMAC:
+		if (xattr_len != sizeof(struct evm_ima_xattr_data)) {
+			evm_status = INTEGRITY_FAIL;
+			goto out;
+		}
 		rc = evm_calc_hmac(dentry, xattr_name, xattr_value,
 				   xattr_value_len, calc.digest);
 		if (rc)
author	Seth Forshee <seth.forshee@canonical.com>	2016-08-01 08:19:10 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2016-11-13 22:50:11 -0500
commit	b4bfec7f4a86424b114f94f41c4e1841ec102df3 (patch)
tree	9f4a668c3d28ef3de0743d3dda285829b38a85a3 /security/integrity/evm
parent	Doc: security: keys-trusted: drop duplicate blobauth entry (diff)
download	linux-dev-b4bfec7f4a86424b114f94f41c4e1841ec102df3.tar.xz linux-dev-b4bfec7f4a86424b114f94f41c4e1841ec102df3.zip