diff for duplicates of <20190418035120.2354-9-bauerman@linux.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 53e185d..913b797 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -45,7 +45,8 @@ index ea8fa29f07d3..b3837e26bb27 100644 + break; + } + clear_bit(IMA_DIGSIG, &iint->atomic_flags); -+ if (xattr_len - sizeof(xattr_value->type) - hash_start >+ iint->ima_hash->length) ++ if (xattr_len - sizeof(xattr_value->type) - hash_start >= ++ iint->ima_hash->length) + /* + * xattr length may be longer. md5 hash in previous + * version occupied 20 bytes in xattr, instead of 16 @@ -69,12 +70,12 @@ index ea8fa29f07d3..b3837e26bb27 100644 + xattr_len, + iint->ima_hash->digest, + iint->ima_hash->length); -+ if (rc = -EOPNOTSUPP) { ++ if (rc == -EOPNOTSUPP) { + *status = INTEGRITY_UNKNOWN; + break; + } + if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -+ func = KEXEC_KERNEL_CHECK) ++ func == KEXEC_KERNEL_CHECK) + rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, + (const char *)xattr_value, + xattr_len, @@ -124,7 +125,8 @@ index ea8fa29f07d3..b3837e26bb27 100644 - break; - } - clear_bit(IMA_DIGSIG, &iint->atomic_flags); -- if (xattr_len - sizeof(xattr_value->type) - hash_start >- iint->ima_hash->length) +- if (xattr_len - sizeof(xattr_value->type) - hash_start >= +- iint->ima_hash->length) - /* xattr length may be longer. md5 hash in previous - version occupied 20 bytes in xattr, instead of 16 - */ @@ -147,12 +149,12 @@ index ea8fa29f07d3..b3837e26bb27 100644 - xattr_len, - iint->ima_hash->digest, - iint->ima_hash->length); -- if (rc = -EOPNOTSUPP) { +- if (rc == -EOPNOTSUPP) { - status = INTEGRITY_UNKNOWN; - break; - } - if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -- func = KEXEC_KERNEL_CHECK) +- func == KEXEC_KERNEL_CHECK) - rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, - (const char *)xattr_value, - xattr_len, diff --git a/a/content_digest b/N1/content_digest index e2aec0b..72e6cbb 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,7 +1,7 @@ "ref\020190418035120.2354-1-bauerman@linux.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" "Subject\0[PATCH v10 08/12] ima: Factor xattr_verify() out of ima_appraise_measurement()\0" - "Date\0Thu, 18 Apr 2019 03:51:16 +0000\0" + "Date\0Thu, 18 Apr 2019 00:51:16 -0300\0" "To\0linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" keyrings@vger.kernel.org @@ -71,7 +71,8 @@ "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >+\t\t\t\tiint->ima_hash->length)\n" + "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "+\t\t\t\tiint->ima_hash->length)\n" "+\t\t\t/*\n" "+\t\t\t * xattr length may be longer. md5 hash in previous\n" "+\t\t\t * version occupied 20 bytes in xattr, instead of 16\n" @@ -95,12 +96,12 @@ "+\t\t\t\t\t xattr_len,\n" "+\t\t\t\t\t iint->ima_hash->digest,\n" "+\t\t\t\t\t iint->ima_hash->length);\n" - "+\t\tif (rc = -EOPNOTSUPP) {\n" + "+\t\tif (rc == -EOPNOTSUPP) {\n" "+\t\t\t*status = INTEGRITY_UNKNOWN;\n" "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "+\t\t func = KEXEC_KERNEL_CHECK)\n" + "+\t\t func == KEXEC_KERNEL_CHECK)\n" "+\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "+\t\t\t\t\t\t (const char *)xattr_value,\n" "+\t\t\t\t\t\t xattr_len,\n" @@ -150,7 +151,8 @@ "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >-\t\t\t\tiint->ima_hash->length)\n" + "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "-\t\t\t\tiint->ima_hash->length)\n" "-\t\t\t/* xattr length may be longer. md5 hash in previous\n" "-\t\t\t version occupied 20 bytes in xattr, instead of 16\n" "-\t\t\t */\n" @@ -173,12 +175,12 @@ "-\t\t\t\t\t xattr_len,\n" "-\t\t\t\t\t iint->ima_hash->digest,\n" "-\t\t\t\t\t iint->ima_hash->length);\n" - "-\t\tif (rc = -EOPNOTSUPP) {\n" + "-\t\tif (rc == -EOPNOTSUPP) {\n" "-\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "-\t\t func = KEXEC_KERNEL_CHECK)\n" + "-\t\t func == KEXEC_KERNEL_CHECK)\n" "-\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "-\t\t\t\t\t\t (const char *)xattr_value,\n" "-\t\t\t\t\t\t xattr_len,\n" @@ -203,4 +205,4 @@ " out:\n" " \t/*" -5d0da18d4fe580036b120499263fe9865ea50300c8c2abdbcd08967ceae7b73e +80c60a0e78e7047c3a4bb0bb671b442a7e6ad0c1f7e88d58821092c8298c472f
diff --git a/a/1.txt b/N2/1.txt index 53e185d..913b797 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -45,7 +45,8 @@ index ea8fa29f07d3..b3837e26bb27 100644 + break; + } + clear_bit(IMA_DIGSIG, &iint->atomic_flags); -+ if (xattr_len - sizeof(xattr_value->type) - hash_start >+ iint->ima_hash->length) ++ if (xattr_len - sizeof(xattr_value->type) - hash_start >= ++ iint->ima_hash->length) + /* + * xattr length may be longer. md5 hash in previous + * version occupied 20 bytes in xattr, instead of 16 @@ -69,12 +70,12 @@ index ea8fa29f07d3..b3837e26bb27 100644 + xattr_len, + iint->ima_hash->digest, + iint->ima_hash->length); -+ if (rc = -EOPNOTSUPP) { ++ if (rc == -EOPNOTSUPP) { + *status = INTEGRITY_UNKNOWN; + break; + } + if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -+ func = KEXEC_KERNEL_CHECK) ++ func == KEXEC_KERNEL_CHECK) + rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, + (const char *)xattr_value, + xattr_len, @@ -124,7 +125,8 @@ index ea8fa29f07d3..b3837e26bb27 100644 - break; - } - clear_bit(IMA_DIGSIG, &iint->atomic_flags); -- if (xattr_len - sizeof(xattr_value->type) - hash_start >- iint->ima_hash->length) +- if (xattr_len - sizeof(xattr_value->type) - hash_start >= +- iint->ima_hash->length) - /* xattr length may be longer. md5 hash in previous - version occupied 20 bytes in xattr, instead of 16 - */ @@ -147,12 +149,12 @@ index ea8fa29f07d3..b3837e26bb27 100644 - xattr_len, - iint->ima_hash->digest, - iint->ima_hash->length); -- if (rc = -EOPNOTSUPP) { +- if (rc == -EOPNOTSUPP) { - status = INTEGRITY_UNKNOWN; - break; - } - if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -- func = KEXEC_KERNEL_CHECK) +- func == KEXEC_KERNEL_CHECK) - rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, - (const char *)xattr_value, - xattr_len, diff --git a/a/content_digest b/N2/content_digest index e2aec0b..a1ec6ce 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,27 +1,27 @@ "ref\020190418035120.2354-1-bauerman@linux.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" "Subject\0[PATCH v10 08/12] ima: Factor xattr_verify() out of ima_appraise_measurement()\0" - "Date\0Thu, 18 Apr 2019 03:51:16 +0000\0" + "Date\0Thu, 18 Apr 2019 00:51:16 -0300\0" "To\0linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org + "Cc\0Herbert Xu <herbert@gondor.apana.org.au>" linux-doc@vger.kernel.org + Dmitry Kasatkin <dmitry.kasatkin@gmail.com> + David S. Miller <davem@davemloft.net> + Jonathan Corbet <corbet@lwn.net> linux-kernel@vger.kernel.org Mimi Zohar <zohar@linux.ibm.com> - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> James Morris <jmorris@namei.org> - Serge E. Hallyn <serge@hallyn.com> David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@kernel.org> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - Jonathan Corbet <corbet@lwn.net> AKASHI Takahiro <takahiro.akashi@linaro.org> - " Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" + linux-security-module@vger.kernel.org + keyrings@vger.kernel.org + linux-crypto@vger.kernel.org + Jessica Yu <jeyu@kernel.org> + linuxppc-dev@lists.ozlabs.org + David Woodhouse <dwmw2@infradead.org> + Thiago Jung Bauermann <bauerman@linux.ibm.com> + " Serge E. Hallyn <serge@hallyn.com>\0" "\00:1\0" "b\0" "Verify xattr signature in a separate function so that the logic in\n" @@ -71,7 +71,8 @@ "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >+\t\t\t\tiint->ima_hash->length)\n" + "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "+\t\t\t\tiint->ima_hash->length)\n" "+\t\t\t/*\n" "+\t\t\t * xattr length may be longer. md5 hash in previous\n" "+\t\t\t * version occupied 20 bytes in xattr, instead of 16\n" @@ -95,12 +96,12 @@ "+\t\t\t\t\t xattr_len,\n" "+\t\t\t\t\t iint->ima_hash->digest,\n" "+\t\t\t\t\t iint->ima_hash->length);\n" - "+\t\tif (rc = -EOPNOTSUPP) {\n" + "+\t\tif (rc == -EOPNOTSUPP) {\n" "+\t\t\t*status = INTEGRITY_UNKNOWN;\n" "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "+\t\t func = KEXEC_KERNEL_CHECK)\n" + "+\t\t func == KEXEC_KERNEL_CHECK)\n" "+\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "+\t\t\t\t\t\t (const char *)xattr_value,\n" "+\t\t\t\t\t\t xattr_len,\n" @@ -150,7 +151,8 @@ "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >-\t\t\t\tiint->ima_hash->length)\n" + "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "-\t\t\t\tiint->ima_hash->length)\n" "-\t\t\t/* xattr length may be longer. md5 hash in previous\n" "-\t\t\t version occupied 20 bytes in xattr, instead of 16\n" "-\t\t\t */\n" @@ -173,12 +175,12 @@ "-\t\t\t\t\t xattr_len,\n" "-\t\t\t\t\t iint->ima_hash->digest,\n" "-\t\t\t\t\t iint->ima_hash->length);\n" - "-\t\tif (rc = -EOPNOTSUPP) {\n" + "-\t\tif (rc == -EOPNOTSUPP) {\n" "-\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "-\t\t func = KEXEC_KERNEL_CHECK)\n" + "-\t\t func == KEXEC_KERNEL_CHECK)\n" "-\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "-\t\t\t\t\t\t (const char *)xattr_value,\n" "-\t\t\t\t\t\t xattr_len,\n" @@ -203,4 +205,4 @@ " out:\n" " \t/*" -5d0da18d4fe580036b120499263fe9865ea50300c8c2abdbcd08967ceae7b73e +5d344d3b580d2f158c6ac2d49676c7b4caa246f1d85eb6456232e861efaee56c
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.