[PATCH v3 ima-evm-utils 1/3] Reset 'errno' after failure to open or access a file

From: Mimi Zohar <zohar@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: Mimi Zohar <zohar@linux.ibm.com>,
	Eric Biggers <ebiggers@kernel.org>,
	Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH v3 ima-evm-utils 1/3] Reset 'errno' after failure to open or access a file
Date: Fri, 20 May 2022 12:11:01 -0400	[thread overview]
Message-ID: <20220520161103.373554-2-zohar@linux.ibm.com> (raw)
In-Reply-To: <20220520161103.373554-1-zohar@linux.ibm.com>

Not being able to open a file is not necessarily a problem. If
and when it occurs, an informational or error message with the
actual filename is emitted as needed.

Reset 'errno' to prevent the "errno: No such file or directory (2)"
generic message.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c    | 16 ++++++++++++++--
 src/libimaevm.c |  4 ++++
 src/utils.c     |  5 ++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index 8bdd34817408..101cd407e05d 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -181,6 +181,7 @@ static int bin2file(const char *file, const char *ext, const unsigned char *data
 	fp = fopen(name, "w");
 	if (!fp) {
 		log_err("Failed to open: %s\n", name);
+		errno = 0;
 		return -1;
 	}
 	err = fwrite(data, len, 1, fp);
@@ -206,6 +207,7 @@ static unsigned char *file2bin(const char *file, const char *ext, int *size)
 	fp = fopen(name, "r");
 	if (!fp) {
 		log_err("Failed to open: %s\n", name);
+		errno = 0;
 		return NULL;
 	}
 	if (fstat(fileno(fp), &stats) == -1) {
@@ -312,8 +314,10 @@ static int get_uuid(struct stat *st, char *uuid)
 	sprintf(path, "blkid -s UUID -o value /dev/block/%u:%u", major, minor);
 
 	fp = popen(path, "r");
-	if (!fp)
+	if (!fp) {
+		errno = 0;
 		goto err;
+	}
 
 	len = fread(_uuid, 1, sizeof(_uuid), fp);
 	pclose(fp);
@@ -370,6 +374,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
 
 			if (fd < 0) {
 				log_err("Failed to open: %s\n", file);
+				errno = 0;
 				return -1;
 			}
 			if (ioctl(fd, FS_IOC_GETVERSION, &generation)) {
@@ -1122,6 +1127,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
 
 		if (fd < 0) {
 			log_err("Failed to open %s\n", file);
+			errno = 0;
 			goto out;
 		}
 		if (ioctl(fd, FS_IOC_GETVERSION, &generation)) {
@@ -1312,6 +1318,7 @@ static int ima_fix(const char *path)
 	fd = open(path, O_RDONLY);
 	if (fd < 0) {
 		log_errno("Failed to open file: %s", path);
+		errno = 0;
 		return -1;
 	}
 
@@ -1828,8 +1835,10 @@ static int read_sysfs_pcrs(int num_banks, struct tpm_bank_info *tpm_banks)
 	int i, result;
 
 	fp = fopen(pcrs, "r");
-	if (!fp)
+	if (!fp) {
 		fp = fopen(misc_pcrs, "r");
+		errno = 0;
+	}
 	if (!fp)
 		return -1;
 
@@ -1892,6 +1901,7 @@ static int read_file_pcrs(int num_banks, struct tpm_bank_info *tpm_banks)
 		fp = fopen(path, "r");
 		if (!fp) {
 			log_err("Could not open '%s'\n", path);
+			errno = 0;
 			return -1;
 		}
 
@@ -1984,6 +1994,7 @@ static int ima_measurement(const char *file)
 	fp = fopen(file, "rb");
 	if (!fp) {
 		log_err("Failed to open measurement file: %s\n", file);
+		errno = 0;
 		return -1;
 	}
 
@@ -2229,6 +2240,7 @@ static int read_binary_bios_measurements(char *file, struct tpm_bank_info *bank)
 	fp = fopen(file, "r");
 	if (!fp) {
 		log_errno("Failed to open TPM 1.2 event log.\n");
+		errno = 0;
 		return 1;
 	}
 
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 388b726f1e3a..a4f2ec40684d 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -144,6 +144,7 @@ static int add_file_hash(const char *file, EVP_MD_CTX *ctx)
 	fp = fopen(file, "r");
 	if (!fp) {
 		log_err("Failed to open: %s\n", file);
+		errno = 0;
 		return -1;
 	}
 
@@ -258,6 +259,7 @@ EVP_PKEY *read_pub_pkey(const char *keyfile, int x509)
 	if (!fp) {
 		if (imaevm_params.verbose > LOG_INFO)
 			log_info("Failed to open keyfile: %s\n", keyfile);
+		errno = 0;
 		return NULL;
 	}
 
@@ -735,6 +737,7 @@ static int read_keyid_from_cert(uint32_t *keyid_be, const char *certfile, int tr
 
 	if (!(fp = fopen(certfile, "r"))) {
 		log_err("Cannot open %s: %s\n", certfile, strerror(errno));
+		errno = 0;
 		return -1;
 	}
 	if (!PEM_read_X509(fp, &x, NULL, NULL)) {
@@ -826,6 +829,7 @@ static EVP_PKEY *read_priv_pkey(const char *keyfile, const char *keypass)
 		fp = fopen(keyfile, "r");
 		if (!fp) {
 			log_err("Failed to open keyfile: %s\n", keyfile);
+			errno = 0;
 			return NULL;
 		}
 		pkey = PEM_read_PrivateKey(fp, NULL, NULL, (void *)keypass);
diff --git a/src/utils.c b/src/utils.c
index 294dac554392..1026d44776da 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -11,6 +11,7 @@
 #include <string.h>
 #include <sys/stat.h>
 #include <unistd.h>
+#include <errno.h>
 
 #include "utils.h"
 
@@ -26,8 +27,10 @@ static int file_exist(const char *path)
 {
 	struct stat st;
 
-	if (!access(path, R_OK) && !stat(path, &st) && S_ISREG(st.st_mode))
+	if (!access(path, R_OK) && !stat(path, &st) && S_ISREG(st.st_mode)) {
+		errno = 0;
 		return 1;
+	}
 
 	return 0;
 }
-- 
2.27.0

