* [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking
@ 2020-07-07 3:35 Tianjia Zhang
2020-07-07 3:35 ` [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Tianjia Zhang @ 2020-07-07 3:35 UTC (permalink / raw)
To: zohar, vt, linux-kernel; +Cc: tianjia.zhang
Even if imaevm_get_hash_algo() returns an error value of -1, it is
forced to be converted to uint8_t type here, resulting in this error
not being checked by the if condition. This patch fixes this error.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
src/libimaevm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index e6947d7..a9419ee 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -922,7 +922,7 @@ static int sign_hash_v2(const char *algo, const unsigned char *hash,
hdr->version = (uint8_t) DIGSIG_VERSION_2;
hdr->hash_algo = imaevm_get_hash_algo(algo);
- if (hdr->hash_algo == -1) {
+ if (hdr->hash_algo == (uint8_t)-1) {
log_err("sign_hash_v2: hash algo is unknown: %s\n", algo);
return -1;
}
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable
2020-07-07 3:35 [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Tianjia Zhang
@ 2020-07-07 3:35 ` Tianjia Zhang
2020-07-08 16:28 ` Mimi Zohar
2020-07-07 3:35 ` [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm Tianjia Zhang
2020-07-08 14:01 ` [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Mimi Zohar
2 siblings, 1 reply; 6+ messages in thread
From: Tianjia Zhang @ 2020-07-07 3:35 UTC (permalink / raw)
To: zohar, vt, linux-kernel; +Cc: tianjia.zhang
Use enum type instead of hard-coded numbers to improve code readability.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
src/libimaevm.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index a9419ee..8f2ebcf 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -579,7 +579,7 @@ static int get_hash_algo_from_sig(unsigned char *sig)
{
uint8_t hashalgo;
- if (sig[0] == 1) {
+ if (sig[0] == DIGSIG_VERSION_1) {
hashalgo = ((struct signature_hdr *)sig)->hash;
if (hashalgo >= DIGEST_ALGO_MAX)
@@ -593,7 +593,7 @@ static int get_hash_algo_from_sig(unsigned char *sig)
default:
return -1;
}
- } else if (sig[0] == 2) {
+ } else if (sig[0] == DIGSIG_VERSION_2) {
hashalgo = ((struct signature_v2_hdr *)sig)->hash_algo;
if (hashalgo >= PKEY_HASH__LAST)
return -1;
@@ -625,7 +625,7 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
unsigned char hash[MAX_DIGEST_SIZE];
int hashlen, sig_hash_algo;
- if (sig[0] != 0x03) {
+ if (sig[0] != EVM_IMA_XATTR_DIGSIG) {
log_err("xattr ima has no signature\n");
return -1;
}
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm
2020-07-07 3:35 [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Tianjia Zhang
2020-07-07 3:35 ` [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
@ 2020-07-07 3:35 ` Tianjia Zhang
2020-07-08 16:37 ` Mimi Zohar
2020-07-08 14:01 ` [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Mimi Zohar
2 siblings, 1 reply; 6+ messages in thread
From: Tianjia Zhang @ 2020-07-07 3:35 UTC (permalink / raw)
To: zohar, vt, linux-kernel; +Cc: tianjia.zhang
imaevm sign and verify support sm3 hash algorithm.
Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
---
src/libimaevm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 8f2ebcf..9c61e64 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -71,6 +71,7 @@ static const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
[PKEY_HASH_SHA384] = "sha384",
[PKEY_HASH_SHA512] = "sha512",
[PKEY_HASH_SHA224] = "sha224",
+ [PKEY_HASH_SM3_256] = "sm3",
[PKEY_HASH_STREEBOG_256] = "md_gost12_256",
[PKEY_HASH_STREEBOG_512] = "md_gost12_512",
};
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking
2020-07-07 3:35 [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Tianjia Zhang
2020-07-07 3:35 ` [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
2020-07-07 3:35 ` [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm Tianjia Zhang
@ 2020-07-08 14:01 ` Mimi Zohar
2 siblings, 0 replies; 6+ messages in thread
From: Mimi Zohar @ 2020-07-08 14:01 UTC (permalink / raw)
To: Tianjia Zhang, vt, linux-kernel
On Tue, 2020-07-07 at 11:35 +0800, Tianjia Zhang wrote:
> Even if imaevm_get_hash_algo() returns an error value of -1, it is
> forced to be converted to uint8_t type here, resulting in this error
> not being checked by the if condition. This patch fixes this error.
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Thanks! This patch is now queued in the next branch.
Mimi
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable
2020-07-07 3:35 ` [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
@ 2020-07-08 16:28 ` Mimi Zohar
0 siblings, 0 replies; 6+ messages in thread
From: Mimi Zohar @ 2020-07-08 16:28 UTC (permalink / raw)
To: Tianjia Zhang, vt, linux-kernel
On Tue, 2020-07-07 at 11:35 +0800, Tianjia Zhang wrote:
> @@ -625,7 +625,7 @@ int ima_verify_signature(const char *file, unsigned char *sig, int siglen,
> unsigned char hash[MAX_DIGEST_SIZE];
> int hashlen, sig_hash_algo;
>
> - if (sig[0] != 0x03) {
> + if (sig[0] != EVM_IMA_XATTR_DIGSIG) {
> log_err("xattr ima has no signature\n");
> return -1;
> }
This last hunk didn't apply properly. The error message now includes
the filename. I've fixed this patch. In the future, please post
patches against the next-testing branch.
thanks,
Mimi
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm
2020-07-07 3:35 ` [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm Tianjia Zhang
@ 2020-07-08 16:37 ` Mimi Zohar
0 siblings, 0 replies; 6+ messages in thread
From: Mimi Zohar @ 2020-07-08 16:37 UTC (permalink / raw)
To: Tianjia Zhang, vt, linux-kernel
On Tue, 2020-07-07 at 11:35 +0800, Tianjia Zhang wrote:
> imaevm sign and verify support sm3 hash algorithm.
>
> Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
The patch description is a bit off. The crypto support already
exists. Please update the patch description appropriately.
Mimi
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-07-08 16:37 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-07 3:35 [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Tianjia Zhang
2020-07-07 3:35 ` [PATCH ima-evm-utils 2/3] ima-evm-utils: beautify the code to make it more readable Tianjia Zhang
2020-07-08 16:28 ` Mimi Zohar
2020-07-07 3:35 ` [PATCH ima-evm-utils 3/3] ima-evm-utils: ima_sign supports sm3 algorithm Tianjia Zhang
2020-07-08 16:37 ` Mimi Zohar
2020-07-08 14:01 ` [PATCH ima-evm-utils 1/3] ima-evm-utils: Fix mismatched type checking Mimi Zohar
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).