diff for duplicates of <20190611062817.18412-9-bauerman@linux.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 272b73f..7a1a623 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -46,7 +46,8 @@ index 18bbe753421a..5d4772f39757 100644 + break; + } + clear_bit(IMA_DIGSIG, &iint->atomic_flags); -+ if (xattr_len - sizeof(xattr_value->type) - hash_start >+ iint->ima_hash->length) ++ if (xattr_len - sizeof(xattr_value->type) - hash_start >= ++ iint->ima_hash->length) + /* + * xattr length may be longer. md5 hash in previous + * version occupied 20 bytes in xattr, instead of 16 @@ -70,12 +71,12 @@ index 18bbe753421a..5d4772f39757 100644 + xattr_len, + iint->ima_hash->digest, + iint->ima_hash->length); -+ if (rc = -EOPNOTSUPP) { ++ if (rc == -EOPNOTSUPP) { + *status = INTEGRITY_UNKNOWN; + break; + } + if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -+ func = KEXEC_KERNEL_CHECK) ++ func == KEXEC_KERNEL_CHECK) + rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, + (const char *)xattr_value, + xattr_len, @@ -125,7 +126,8 @@ index 18bbe753421a..5d4772f39757 100644 - break; - } - clear_bit(IMA_DIGSIG, &iint->atomic_flags); -- if (xattr_len - sizeof(xattr_value->type) - hash_start >- iint->ima_hash->length) +- if (xattr_len - sizeof(xattr_value->type) - hash_start >= +- iint->ima_hash->length) - /* xattr length may be longer. md5 hash in previous - version occupied 20 bytes in xattr, instead of 16 - */ @@ -148,12 +150,12 @@ index 18bbe753421a..5d4772f39757 100644 - xattr_len, - iint->ima_hash->digest, - iint->ima_hash->length); -- if (rc = -EOPNOTSUPP) { +- if (rc == -EOPNOTSUPP) { - status = INTEGRITY_UNKNOWN; - break; - } - if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -- func = KEXEC_KERNEL_CHECK) +- func == KEXEC_KERNEL_CHECK) - rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, - (const char *)xattr_value, - xattr_len, diff --git a/a/content_digest b/N1/content_digest index 19ae710..4ecf1f4 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,7 +1,7 @@ "ref\020190611062817.18412-1-bauerman@linux.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" "Subject\0[PATCH v11 08/13] ima: Factor xattr_verify() out of ima_appraise_measurement()\0" - "Date\0Tue, 11 Jun 2019 06:28:12 +0000\0" + "Date\0Tue, 11 Jun 2019 03:28:12 -0300\0" "To\0linux-integrity@vger.kernel.org\0" "Cc\0linux-security-module@vger.kernel.org" keyrings@vger.kernel.org @@ -72,7 +72,8 @@ "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >+\t\t\t\tiint->ima_hash->length)\n" + "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "+\t\t\t\tiint->ima_hash->length)\n" "+\t\t\t/*\n" "+\t\t\t * xattr length may be longer. md5 hash in previous\n" "+\t\t\t * version occupied 20 bytes in xattr, instead of 16\n" @@ -96,12 +97,12 @@ "+\t\t\t\t\t xattr_len,\n" "+\t\t\t\t\t iint->ima_hash->digest,\n" "+\t\t\t\t\t iint->ima_hash->length);\n" - "+\t\tif (rc = -EOPNOTSUPP) {\n" + "+\t\tif (rc == -EOPNOTSUPP) {\n" "+\t\t\t*status = INTEGRITY_UNKNOWN;\n" "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "+\t\t func = KEXEC_KERNEL_CHECK)\n" + "+\t\t func == KEXEC_KERNEL_CHECK)\n" "+\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "+\t\t\t\t\t\t (const char *)xattr_value,\n" "+\t\t\t\t\t\t xattr_len,\n" @@ -151,7 +152,8 @@ "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >-\t\t\t\tiint->ima_hash->length)\n" + "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "-\t\t\t\tiint->ima_hash->length)\n" "-\t\t\t/* xattr length may be longer. md5 hash in previous\n" "-\t\t\t version occupied 20 bytes in xattr, instead of 16\n" "-\t\t\t */\n" @@ -174,12 +176,12 @@ "-\t\t\t\t\t xattr_len,\n" "-\t\t\t\t\t iint->ima_hash->digest,\n" "-\t\t\t\t\t iint->ima_hash->length);\n" - "-\t\tif (rc = -EOPNOTSUPP) {\n" + "-\t\tif (rc == -EOPNOTSUPP) {\n" "-\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "-\t\t func = KEXEC_KERNEL_CHECK)\n" + "-\t\t func == KEXEC_KERNEL_CHECK)\n" "-\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "-\t\t\t\t\t\t (const char *)xattr_value,\n" "-\t\t\t\t\t\t xattr_len,\n" @@ -204,4 +206,4 @@ " out:\n" " \t/*" -b212094001f5d00e8977d673641bd350ee6bd5ce3318b268490fcd237d22f90d +0a5cf85d80304b2a79ddbd0d63bf14a04a13f361d81c11082ee279be0e8643e0
diff --git a/a/1.txt b/N2/1.txt index 272b73f..7a1a623 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -46,7 +46,8 @@ index 18bbe753421a..5d4772f39757 100644 + break; + } + clear_bit(IMA_DIGSIG, &iint->atomic_flags); -+ if (xattr_len - sizeof(xattr_value->type) - hash_start >+ iint->ima_hash->length) ++ if (xattr_len - sizeof(xattr_value->type) - hash_start >= ++ iint->ima_hash->length) + /* + * xattr length may be longer. md5 hash in previous + * version occupied 20 bytes in xattr, instead of 16 @@ -70,12 +71,12 @@ index 18bbe753421a..5d4772f39757 100644 + xattr_len, + iint->ima_hash->digest, + iint->ima_hash->length); -+ if (rc = -EOPNOTSUPP) { ++ if (rc == -EOPNOTSUPP) { + *status = INTEGRITY_UNKNOWN; + break; + } + if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -+ func = KEXEC_KERNEL_CHECK) ++ func == KEXEC_KERNEL_CHECK) + rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, + (const char *)xattr_value, + xattr_len, @@ -125,7 +126,8 @@ index 18bbe753421a..5d4772f39757 100644 - break; - } - clear_bit(IMA_DIGSIG, &iint->atomic_flags); -- if (xattr_len - sizeof(xattr_value->type) - hash_start >- iint->ima_hash->length) +- if (xattr_len - sizeof(xattr_value->type) - hash_start >= +- iint->ima_hash->length) - /* xattr length may be longer. md5 hash in previous - version occupied 20 bytes in xattr, instead of 16 - */ @@ -148,12 +150,12 @@ index 18bbe753421a..5d4772f39757 100644 - xattr_len, - iint->ima_hash->digest, - iint->ima_hash->length); -- if (rc = -EOPNOTSUPP) { +- if (rc == -EOPNOTSUPP) { - status = INTEGRITY_UNKNOWN; - break; - } - if (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc && -- func = KEXEC_KERNEL_CHECK) +- func == KEXEC_KERNEL_CHECK) - rc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM, - (const char *)xattr_value, - xattr_len, diff --git a/a/content_digest b/N2/content_digest index 19ae710..deb01bc 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,27 +1,27 @@ "ref\020190611062817.18412-1-bauerman@linux.ibm.com\0" "From\0Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" "Subject\0[PATCH v11 08/13] ima: Factor xattr_verify() out of ima_appraise_measurement()\0" - "Date\0Tue, 11 Jun 2019 06:28:12 +0000\0" + "Date\0Tue, 11 Jun 2019 03:28:12 -0300\0" "To\0linux-integrity@vger.kernel.org\0" - "Cc\0linux-security-module@vger.kernel.org" - keyrings@vger.kernel.org - linux-crypto@vger.kernel.org - linuxppc-dev@lists.ozlabs.org + "Cc\0Herbert Xu <herbert@gondor.apana.org.au>" linux-doc@vger.kernel.org + Dmitry Kasatkin <dmitry.kasatkin@gmail.com> + David S. Miller <davem@davemloft.net> + Jonathan Corbet <corbet@lwn.net> linux-kernel@vger.kernel.org Mimi Zohar <zohar@linux.ibm.com> - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> James Morris <jmorris@namei.org> - Serge E. Hallyn <serge@hallyn.com> David Howells <dhowells@redhat.com> - David Woodhouse <dwmw2@infradead.org> - Jessica Yu <jeyu@kernel.org> - Herbert Xu <herbert@gondor.apana.org.au> - David S. Miller <davem@davemloft.net> - Jonathan Corbet <corbet@lwn.net> AKASHI Takahiro <takahiro.akashi@linaro.org> - " Thiago Jung Bauermann <bauerman@linux.ibm.com>\0" + linux-security-module@vger.kernel.org + keyrings@vger.kernel.org + linux-crypto@vger.kernel.org + Jessica Yu <jeyu@kernel.org> + linuxppc-dev@lists.ozlabs.org + David Woodhouse <dwmw2@infradead.org> + Thiago Jung Bauermann <bauerman@linux.ibm.com> + " Serge E. Hallyn <serge@hallyn.com>\0" "\00:1\0" "b\0" "Verify xattr signature in a separate function so that the logic in\n" @@ -72,7 +72,8 @@ "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >+\t\t\t\tiint->ima_hash->length)\n" + "+\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "+\t\t\t\tiint->ima_hash->length)\n" "+\t\t\t/*\n" "+\t\t\t * xattr length may be longer. md5 hash in previous\n" "+\t\t\t * version occupied 20 bytes in xattr, instead of 16\n" @@ -96,12 +97,12 @@ "+\t\t\t\t\t xattr_len,\n" "+\t\t\t\t\t iint->ima_hash->digest,\n" "+\t\t\t\t\t iint->ima_hash->length);\n" - "+\t\tif (rc = -EOPNOTSUPP) {\n" + "+\t\tif (rc == -EOPNOTSUPP) {\n" "+\t\t\t*status = INTEGRITY_UNKNOWN;\n" "+\t\t\tbreak;\n" "+\t\t}\n" "+\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "+\t\t func = KEXEC_KERNEL_CHECK)\n" + "+\t\t func == KEXEC_KERNEL_CHECK)\n" "+\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "+\t\t\t\t\t\t (const char *)xattr_value,\n" "+\t\t\t\t\t\t xattr_len,\n" @@ -151,7 +152,8 @@ "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tclear_bit(IMA_DIGSIG, &iint->atomic_flags);\n" - "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >-\t\t\t\tiint->ima_hash->length)\n" + "-\t\tif (xattr_len - sizeof(xattr_value->type) - hash_start >=\n" + "-\t\t\t\tiint->ima_hash->length)\n" "-\t\t\t/* xattr length may be longer. md5 hash in previous\n" "-\t\t\t version occupied 20 bytes in xattr, instead of 16\n" "-\t\t\t */\n" @@ -174,12 +176,12 @@ "-\t\t\t\t\t xattr_len,\n" "-\t\t\t\t\t iint->ima_hash->digest,\n" "-\t\t\t\t\t iint->ima_hash->length);\n" - "-\t\tif (rc = -EOPNOTSUPP) {\n" + "-\t\tif (rc == -EOPNOTSUPP) {\n" "-\t\t\tstatus = INTEGRITY_UNKNOWN;\n" "-\t\t\tbreak;\n" "-\t\t}\n" "-\t\tif (IS_ENABLED(CONFIG_INTEGRITY_PLATFORM_KEYRING) && rc &&\n" - "-\t\t func = KEXEC_KERNEL_CHECK)\n" + "-\t\t func == KEXEC_KERNEL_CHECK)\n" "-\t\t\trc = integrity_digsig_verify(INTEGRITY_KEYRING_PLATFORM,\n" "-\t\t\t\t\t\t (const char *)xattr_value,\n" "-\t\t\t\t\t\t xattr_len,\n" @@ -204,4 +206,4 @@ " out:\n" " \t/*" -b212094001f5d00e8977d673641bd350ee6bd5ce3318b268490fcd237d22f90d +85a63dd711185139ca3e8360887f0db68f16ade451ef027d7bf65d28fe9555c4
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.