From: Mimi Zohar <zohar@linux.ibm.com>
To: Roberto Sassu <roberto.sassu@huaweicloud.com>,
Daniel Hodges <git@danielhodges.dev>
Cc: roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com,
eric.snowberg@oracle.com, paul@paul-moore.com, jmorris@namei.org,
serge@hallyn.com, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 v2] evm: check return values of crypto_shash functions
Date: Mon, 09 Mar 2026 11:03:38 -0400 [thread overview]
Message-ID: <c1d570271884159e6c14617fa7dcd39bc2103e45.camel@linux.ibm.com> (raw)
In-Reply-To: <6ce273a26b396232f3ee64a980575562e766c501.camel@huaweicloud.com>
On Thu, 2026-02-19 at 10:26 +0100, Roberto Sassu wrote:
> On Thu, 2026-02-05 at 21:42 -0500, Daniel Hodges wrote:
> > The crypto_shash_update() and crypto_shash_final() functions can fail
> > and return error codes, but their return values were not being checked
> > in several places in security/integrity/evm/evm_crypto.c:
> >
> > - hmac_add_misc() ignored returns from crypto_shash_update() and
> > crypto_shash_final()
> > - evm_calc_hmac_or_hash() ignored returns from crypto_shash_update()
> > - evm_init_hmac() ignored returns from crypto_shash_update()
> >
> > If these hash operations fail silently, the resulting HMAC could be
> > invalid or incomplete, which could weaken the integrity verification
> > security that EVM provides.
> >
> > This patch converts hmac_add_misc() from void to int return type and
> > adds proper error checking and propagation for all crypto_shash_*
> > function calls. All callers are updated to handle the new return values.
> > Additionally, error messages are logged when cryptographic operations
> > fail to provide visibility into the failure rather than silently
> > returning error codes.
> >
> > Fixes: 66dbc325afce ("evm: re-release")
> > Signed-off-by: Daniel Hodges <git@danielhodges.dev>
>
> After fixing the minor issue below:
>
> Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
Thanks Daniel, Roberto. Daniel there are a couple of places where the line
length is greater than 80. To see them, add "--max-line-length=80" to
scripts/checkpatch.pl. I'd appreciate your fixing them. Otherwise, the patch
looks good.
Thanks,
Mimi
prev parent reply other threads:[~2026-03-09 15:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <aYNprpzxppKE0Gf2@fb.com>
2026-02-06 2:42 ` [PATCH v2 v2] evm: check return values of crypto_shash functions Daniel Hodges
2026-02-19 9:26 ` Roberto Sassu
2026-02-19 12:36 ` Roberto Sassu
2026-02-19 15:01 ` Daniel Hodges
2026-02-20 9:06 ` Roberto Sassu
2026-03-09 15:03 ` Mimi Zohar [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c1d570271884159e6c14617fa7dcd39bc2103e45.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=eric.snowberg@oracle.com \
--cc=git@danielhodges.dev \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=roberto.sassu@huaweicloud.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox