LoadPin: Require file with verity root digests to have a header - wireguard-linux

diff options

author	Matthias Kaehlcke <mka@chromium.org>	2022-09-06 18:18:12 -0700
committer	Kees Cook <keescook@chromium.org>	2022-09-07 16:37:27 -0700
commit	6e42aec7c75947e0d6b38400628f171364eb8231 (patch)
tree	447a9e122ce9d58599900258a3e31ba1850d932d /lib/zstd/zstd_common_module.c
parent	dm: verity-loadpin: Only trust verity targets with enforcement (diff)
download	wireguard-linux-6e42aec7c75947e0d6b38400628f171364eb8231.tar.xz wireguard-linux-6e42aec7c75947e0d6b38400628f171364eb8231.zip

LoadPin: Require file with verity root digests to have a header

LoadPin expects the file with trusted verity root digests to be an ASCII file with one digest (hex value) per line. A pinned root could contain files that meet these format requirements, even though the hex values don't represent trusted root digests. Add a new requirement to the file format which consists in the first line containing a fixed string. This prevents attackers from feeding files with an otherwise valid format to LoadPin. Suggested-by: Sarthak Kukreti <sarthakkukreti@chromium.org> Signed-off-by: Matthias Kaehlcke <mka@chromium.org> Signed-off-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20220906181725.1.I3f51d1bb0014e5a5951be4ad3c5ad7c7ca1dfc32@changeid

Diffstat (limited to 'lib/zstd/zstd_common_module.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: