[glsdk/meta-ti-glsdk.git] / recipes-kernel / linux / linux-ti33x-psp-3.2 / 3.2.2 / 0041-ima-fix-invalid-memory-reference.patch
1 From 52428cef38a83932b588b3ceff080a7411780dc9 Mon Sep 17 00:00:00 2001
2 From: Roberto Sassu <roberto.sassu@polito.it>
3 Date: Mon, 19 Dec 2011 15:57:28 +0100
4 Subject: [PATCH 041/130] ima: fix invalid memory reference
6 commit 7b7e5916aa2f46e57f8bd8cb89c34620ebfda5da upstream.
8 Don't free a valid measurement entry on TPM PCR extend failure.
10 Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
11 Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
12 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
13 ---
14 security/integrity/ima/ima_queue.c | 16 +++++++++++-----
15 1 file changed, 11 insertions(+), 5 deletions(-)
17 diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
18 index e1a5062..55a6271 100644
19 --- a/security/integrity/ima/ima_queue.c
20 +++ b/security/integrity/ima/ima_queue.c
21 @@ -23,6 +23,8 @@
22 #include <linux/slab.h>
23 #include "ima.h"
25 +#define AUDIT_CAUSE_LEN_MAX 32
26 +
27 LIST_HEAD(ima_measurements); /* list of all measurements */
29 /* key: inode (before secure-hashing a file) */
30 @@ -94,7 +96,8 @@ static int ima_pcr_extend(const u8 *hash)
32 result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash);
33 if (result != 0)
34 - pr_err("IMA: Error Communicating to TPM chip\n");
35 + pr_err("IMA: Error Communicating to TPM chip, result: %d\n",
36 + result);
37 return result;
38 }
40 @@ -106,8 +109,9 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
41 {
42 u8 digest[IMA_DIGEST_SIZE];
43 const char *audit_cause = "hash_added";
44 + char tpm_audit_cause[AUDIT_CAUSE_LEN_MAX];
45 int audit_info = 1;
46 - int result = 0;
47 + int result = 0, tpmresult = 0;
49 mutex_lock(&ima_extend_list_mutex);
50 if (!violation) {
51 @@ -129,9 +133,11 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
52 if (violation) /* invalidate pcr */
53 memset(digest, 0xff, sizeof digest);
55 - result = ima_pcr_extend(digest);
56 - if (result != 0) {
57 - audit_cause = "TPM error";
58 + tpmresult = ima_pcr_extend(digest);
59 + if (tpmresult != 0) {
60 + snprintf(tpm_audit_cause, AUDIT_CAUSE_LEN_MAX, "TPM_error(%d)",
61 + tpmresult);
62 + audit_cause = tpm_audit_cause;
63 audit_info = 0;
64 }
65 out:
66 --
67 1.7.9.4