diff for duplicates of <20171018005331.2688-18-bauerman@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 81b8c63..f44431f 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -16,9 +16,9 @@ index eb58af06566f..b082138461b3 100644 static inline bool is_ima_sig(const struct evm_ima_xattr_data *xattr_value) { -- return xattr_value && xattr_value->type = EVM_IMA_XATTR_DIGSIG; -+ return xattr_value && (xattr_value->type = EVM_IMA_XATTR_DIGSIG || -+ xattr_value->type = IMA_MODSIG); +- return xattr_value && xattr_value->type == EVM_IMA_XATTR_DIGSIG; ++ return xattr_value && (xattr_value->type == EVM_IMA_XATTR_DIGSIG || ++ xattr_value->type == IMA_MODSIG); } /* @@ -187,7 +187,7 @@ index 58e147049e98..108690741c1a 100644 + */ + if (inode->i_opflags & IOP_XATTR && *xattr_len_ != 0 && + *xattr_len_ != -ENODATA) { -+ const char *modsig_cause = rc = -EOPNOTSUPP ? ++ const char *modsig_cause = rc == -EOPNOTSUPP ? + "unknown" : "invalid-signature"; + + /* First, log that the modsig verification failed. */ @@ -205,7 +205,7 @@ index 58e147049e98..108690741c1a 100644 + /* Unexpected error reading xattr. */ + status = INTEGRITY_UNKNOWN; + } else { -+ if (rc = -EOPNOTSUPP) ++ if (rc == -EOPNOTSUPP) + status = INTEGRITY_UNKNOWN; + else { + cause = "invalid-signature"; @@ -223,7 +223,7 @@ index 8e96450e27f5..6a2d960fbd92 100644 @@ -243,8 +243,9 @@ static int process_measurement(struct file *file, char *buf, loff_t size, pathname = ima_d_path(&file->f_path, &pathbuf, filename); - if (rc = 0 && (action & IMA_APPRAISE_SUBMASK)) + if (rc == 0 && (action & IMA_APPRAISE_SUBMASK)) - rc = ima_appraise_measurement(func, iint, file, pathname, - xattr_value, xattr_len, opened); + rc = ima_appraise_measurement(func, iint, file, buf, size, diff --git a/a/content_digest b/N1/content_digest index 8b0afd7..9def6ff 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,7 +1,7 @@ "ref\020171018005331.2688-1-bauerman@linux.vnet.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" "Subject\0[PATCH v5 17/18] ima: Implement support for module-style appended signatures\0" - "Date\0Wed, 18 Oct 2017 00:53:30 +0000\0" + "Date\0Tue, 17 Oct 2017 22:53:30 -0200\0" "To\0linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" keyrings@vger.kernel.org @@ -41,9 +41,9 @@ " \n" " static inline bool is_ima_sig(const struct evm_ima_xattr_data *xattr_value)\n" " {\n" - "-\treturn xattr_value && xattr_value->type = EVM_IMA_XATTR_DIGSIG;\n" - "+\treturn xattr_value && (xattr_value->type = EVM_IMA_XATTR_DIGSIG ||\n" - "+\t\t\t xattr_value->type = IMA_MODSIG);\n" + "-\treturn xattr_value && xattr_value->type == EVM_IMA_XATTR_DIGSIG;\n" + "+\treturn xattr_value && (xattr_value->type == EVM_IMA_XATTR_DIGSIG ||\n" + "+\t\t\t xattr_value->type == IMA_MODSIG);\n" " }\n" " \n" " /*\n" @@ -212,7 +212,7 @@ "+\t\t */\n" "+\t\tif (inode->i_opflags & IOP_XATTR && *xattr_len_ != 0 &&\n" "+\t\t *xattr_len_ != -ENODATA) {\n" - "+\t\t\tconst char *modsig_cause = rc = -EOPNOTSUPP ?\n" + "+\t\t\tconst char *modsig_cause = rc == -EOPNOTSUPP ?\n" "+\t\t\t\t\"unknown\" : \"invalid-signature\";\n" "+\n" "+\t\t\t/* First, log that the modsig verification failed. */\n" @@ -230,7 +230,7 @@ "+\t\t\t/* Unexpected error reading xattr. */\n" "+\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "+\t\t} else {\n" - "+\t\t\tif (rc = -EOPNOTSUPP)\n" + "+\t\t\tif (rc == -EOPNOTSUPP)\n" "+\t\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "+\t\t\telse {\n" "+\t\t\t\tcause = \"invalid-signature\";\n" @@ -248,7 +248,7 @@ "@@ -243,8 +243,9 @@ static int process_measurement(struct file *file, char *buf, loff_t size,\n" " \t\tpathname = ima_d_path(&file->f_path, &pathbuf, filename);\n" " \n" - " \tif (rc = 0 && (action & IMA_APPRAISE_SUBMASK))\n" + " \tif (rc == 0 && (action & IMA_APPRAISE_SUBMASK))\n" "-\t\trc = ima_appraise_measurement(func, iint, file, pathname,\n" "-\t\t\t\t\t xattr_value, xattr_len, opened);\n" "+\t\trc = ima_appraise_measurement(func, iint, file, buf, size,\n" @@ -267,4 +267,4 @@ " \tif (pathbuf)\n" " \t\t__putname(pathbuf);" -f066245a9a0821d3aea7775096cb1370401a0379d9eeb890df0ac51066daf664 +f9c3507883bd1ea436e296bee5a9225000542731547e9b2ac3b6836f2da4f740
diff --git a/a/1.txt b/N2/1.txt index 81b8c63..de5de8f 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -16,9 +16,9 @@ index eb58af06566f..b082138461b3 100644 static inline bool is_ima_sig(const struct evm_ima_xattr_data *xattr_value) { -- return xattr_value && xattr_value->type = EVM_IMA_XATTR_DIGSIG; -+ return xattr_value && (xattr_value->type = EVM_IMA_XATTR_DIGSIG || -+ xattr_value->type = IMA_MODSIG); +- return xattr_value && xattr_value->type == EVM_IMA_XATTR_DIGSIG; ++ return xattr_value && (xattr_value->type == EVM_IMA_XATTR_DIGSIG || ++ xattr_value->type == IMA_MODSIG); } /* @@ -187,7 +187,7 @@ index 58e147049e98..108690741c1a 100644 + */ + if (inode->i_opflags & IOP_XATTR && *xattr_len_ != 0 && + *xattr_len_ != -ENODATA) { -+ const char *modsig_cause = rc = -EOPNOTSUPP ? ++ const char *modsig_cause = rc == -EOPNOTSUPP ? + "unknown" : "invalid-signature"; + + /* First, log that the modsig verification failed. */ @@ -205,7 +205,7 @@ index 58e147049e98..108690741c1a 100644 + /* Unexpected error reading xattr. */ + status = INTEGRITY_UNKNOWN; + } else { -+ if (rc = -EOPNOTSUPP) ++ if (rc == -EOPNOTSUPP) + status = INTEGRITY_UNKNOWN; + else { + cause = "invalid-signature"; @@ -223,7 +223,7 @@ index 8e96450e27f5..6a2d960fbd92 100644 @@ -243,8 +243,9 @@ static int process_measurement(struct file *file, char *buf, loff_t size, pathname = ima_d_path(&file->f_path, &pathbuf, filename); - if (rc = 0 && (action & IMA_APPRAISE_SUBMASK)) + if (rc == 0 && (action & IMA_APPRAISE_SUBMASK)) - rc = ima_appraise_measurement(func, iint, file, pathname, - xattr_value, xattr_len, opened); + rc = ima_appraise_measurement(func, iint, file, buf, size, @@ -241,3 +241,8 @@ index 8e96450e27f5..6a2d960fbd92 100644 out_free: if (pathbuf) __putname(pathbuf); + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 8b0afd7..6ed5ed7 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,26 +1,8 @@ "ref\020171018005331.2688-1-bauerman@linux.vnet.ibm.com\0" - "From\0Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" + "From\0bauerman@linux.vnet.ibm.com (Thiago Jung Bauermann)\0" "Subject\0[PATCH v5 17/18] ima: Implement support for module-style appended signatures\0" - "Date\0Wed, 18 Oct 2017 00:53:30 +0000\0" - "To\0linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org - linux-kernel@vger.kernel.org - Mimi Zohar <zohar@linux.vnet.ibm.com> - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@redhat.com> - Rusty Russell <rusty@rustcorp.com.au> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - AKASHI - Takahiro <takahiro.akashi@linaro.org> - " Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>\0" + "Date\0Tue, 17 Oct 2017 22:53:30 -0200\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "This patch actually implements the appraise_type=modsig option, allowing\n" @@ -41,9 +23,9 @@ " \n" " static inline bool is_ima_sig(const struct evm_ima_xattr_data *xattr_value)\n" " {\n" - "-\treturn xattr_value && xattr_value->type = EVM_IMA_XATTR_DIGSIG;\n" - "+\treturn xattr_value && (xattr_value->type = EVM_IMA_XATTR_DIGSIG ||\n" - "+\t\t\t xattr_value->type = IMA_MODSIG);\n" + "-\treturn xattr_value && xattr_value->type == EVM_IMA_XATTR_DIGSIG;\n" + "+\treturn xattr_value && (xattr_value->type == EVM_IMA_XATTR_DIGSIG ||\n" + "+\t\t\t xattr_value->type == IMA_MODSIG);\n" " }\n" " \n" " /*\n" @@ -212,7 +194,7 @@ "+\t\t */\n" "+\t\tif (inode->i_opflags & IOP_XATTR && *xattr_len_ != 0 &&\n" "+\t\t *xattr_len_ != -ENODATA) {\n" - "+\t\t\tconst char *modsig_cause = rc = -EOPNOTSUPP ?\n" + "+\t\t\tconst char *modsig_cause = rc == -EOPNOTSUPP ?\n" "+\t\t\t\t\"unknown\" : \"invalid-signature\";\n" "+\n" "+\t\t\t/* First, log that the modsig verification failed. */\n" @@ -230,7 +212,7 @@ "+\t\t\t/* Unexpected error reading xattr. */\n" "+\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "+\t\t} else {\n" - "+\t\t\tif (rc = -EOPNOTSUPP)\n" + "+\t\t\tif (rc == -EOPNOTSUPP)\n" "+\t\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "+\t\t\telse {\n" "+\t\t\t\tcause = \"invalid-signature\";\n" @@ -248,7 +230,7 @@ "@@ -243,8 +243,9 @@ static int process_measurement(struct file *file, char *buf, loff_t size,\n" " \t\tpathname = ima_d_path(&file->f_path, &pathbuf, filename);\n" " \n" - " \tif (rc = 0 && (action & IMA_APPRAISE_SUBMASK))\n" + " \tif (rc == 0 && (action & IMA_APPRAISE_SUBMASK))\n" "-\t\trc = ima_appraise_measurement(func, iint, file, pathname,\n" "-\t\t\t\t\t xattr_value, xattr_len, opened);\n" "+\t\trc = ima_appraise_measurement(func, iint, file, buf, size,\n" @@ -265,6 +247,11 @@ "+\tima_free_xattr_data(xattr_value);\n" " out_free:\n" " \tif (pathbuf)\n" - " \t\t__putname(pathbuf);" + " \t\t__putname(pathbuf);\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -f066245a9a0821d3aea7775096cb1370401a0379d9eeb890df0ac51066daf664 +77d941d14e12b796829fc325354feb428f9c6b0f5addfbf944c96a9b196573b0
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.