security/integrity: Harden against malformed xattrs

In general the handling of IMA/EVM xattrs is good, but I found a few locations where either the xattr size or the value of the type field in the xattr are not checked. Add a few simple checks to these locations to prevent malformed or malicious xattrs from causing problems. Signed-off-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Seth Forshee <seth.forshee@canonical.com> 2016-08-01 08:19:10 -0500
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2016-11-13 22:50:11 -0500
commit: b4bfec7f4a86424b114f94f41c4e1841ec102df3 (patch)
tree: 9f4a668c3d28ef3de0743d3dda285829b38a85a3 /security/integrity/ima/ima_appraise.c
parent: 5465d02a4970990d8ec692c7539af5fdde95e613 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index a705598ced5f..1fd9539a969d 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -130,6 +130,7 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value,
 				 int xattr_len)
 {
 	struct signature_v2_hdr *sig;
+	enum hash_algo ret;
 
 	if (!xattr_value || xattr_len < 2)
 		/* return default hash algo */
@@ -143,7 +144,9 @@ enum hash_algo ima_get_hash_algo(struct evm_ima_xattr_data *xattr_value,
 		return sig->hash_algo;
 		break;
 	case IMA_XATTR_DIGEST_NG:
-		return xattr_value->digest[0];
+		ret = xattr_value->digest[0];
+		if (ret < HASH_ALGO__LAST)
+			return ret;
 		break;
 	case IMA_XATTR_DIGEST:
 		/* this is for backward compatibility */
author	Seth Forshee <seth.forshee@canonical.com>	2016-08-01 08:19:10 -0500
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2016-11-13 22:50:11 -0500
commit	b4bfec7f4a86424b114f94f41c4e1841ec102df3 (patch)
tree	9f4a668c3d28ef3de0743d3dda285829b38a85a3 /security/integrity/ima/ima_appraise.c
parent	5465d02a4970990d8ec692c7539af5fdde95e613 (diff)