lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <E1HVg4A-0002vq-00@gondolin.me.apana.org.au>
Date:	Mon, 26 Mar 2007 13:40:18 +1000
From:	Herbert Xu <herbert@...dor.apana.org.au>
To:	zohar@...ux.vnet.ibm.com (Mimi Zohar)
Cc:	linux-kernel@...r.kernel.org, safford@...son.ibm.com,
	serue@...ux.vnet.ibm.com, kjhall@...ux.vnet.ibm.com,
	zohar@...ibm.com
Subject: Re: [RFC][Patch 3/6] integrity: EVM as an integrity service provider

Mimi Zohar <zohar@...ux.vnet.ibm.com> wrote:
>
> +int update_file_hash(struct dentry *dentry, struct file *f,
> +                    struct hash_desc *desc)
> +{

...

> +       while (offset < i_size) {
> +               rbuf_len = kernel_read(file, offset, rbuf, PAGE_SIZE);
> +               if (rbuf_len <= 0)
> +                       break;
> +               offset += rbuf_len;
> +               sg[0].page = virt_to_page(rbuf);
> +               sg[0].offset = ((long)rbuf & ~PAGE_MASK);
> +               sg[0].length = rbuf_len;
> +
> +               crypto_hash_update(desc, sg, rbuf_len);

You should check for errors here and on all calls to crypto_hash_*
that return errors.

> +int evm_calc_hash(struct dentry *dentry, struct file *file, char *digest,
> +                 int xattr_type)
> +{
> +       struct crypto_hash *tfm;
> +       struct hash_desc desc;
> +       int error = 0;
> +
> +       if (!dentry && !file)
> +               return -ENOENT;
> +
> +       tfm = crypto_alloc_hash(evm_hash, 0, CRYPTO_ALG_ASYNC);
> +       if (!tfm) {

That should be !IS_ERR(tfm).

> +static int __init init_evm(void)
> +{
> +       int error;
> +
> +       if (strncmp(evm_hash, "sha1", 4) == 0) {
> +               evm_hash_type = EVM_TYPE_SHA1;
> +               hash_digest_size = SHA1_DIGEST_SIZE;
> +               hash_str_size = SHA1_STR_SIZE;

This looks suspect.  Can you guarantee that only md5/sha1 are used?
If not you should be getting these from the tfm.  If yes then you
shouldn't allow arbitrary strings to be used.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ