From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail-bn3nam01on0121.outbound.protection.outlook.com ([104.47.33.121]:35342
        "EHLO NAM01-BN3-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S932487AbeARVCR (ORCPT <rfc822;stable@vger.kernel.org>);
        Thu, 18 Jan 2018 16:02:17 -0500
From: Sasha Levin <Alexander.Levin@microsoft.com>
To: "stable@vger.kernel.org" <stable@vger.kernel.org>,
        "stable-commits@vger.kernel.org" <stable-commits@vger.kernel.org>
CC: Boshi Wang <wangboshi@huawei.com>,
        Mimi Zohar <zohar@linux.vnet.ibm.com>,
        Sasha Levin <Alexander.Levin@microsoft.com>
Subject: [added to the 4.1 stable tree] ima: fix hash algorithm initialization
Date: Thu, 18 Jan 2018 21:00:25 +0000
Message-ID: <20180118205908.3220-114-alexander.levin@microsoft.com>
References: <20180118205908.3220-1-alexander.levin@microsoft.com>
In-Reply-To: <20180118205908.3220-1-alexander.levin@microsoft.com>
Content-Language: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>

From: Boshi Wang <wangboshi@huawei.com>

This patch has been added to the  stable tree. If you have any
objections, please let us know.

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

[ Upstream commit ebe7c0a7be92bbd34c6ff5b55810546a0ee05bee ]

The hash_setup function always sets the hash_setup_done flag, even
when the hash algorithm is invalid.  This prevents the default hash
algorithm defined as CONFIG_IMA_DEFAULT_HASH from being used.

This patch sets hash_setup_done flag only for valid hash algorithms.

Fixes: e7a2ad7eb6f4 "ima: enable support for larger default filedata hash
	algorithms"
Signed-off-by: Boshi Wang <wangboshi@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
---
 security/integrity/ima/ima_main.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima=
_main.c
index eeee00dce729..cf837338a85e 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -52,6 +52,8 @@ static int __init hash_setup(char *str)
 			ima_hash_algo =3D HASH_ALGO_SHA1;
 		else if (strncmp(str, "md5", 3) =3D=3D 0)
 			ima_hash_algo =3D HASH_ALGO_MD5;
+		else
+			return 1;
 		goto out;
 	}
=20
@@ -61,6 +63,8 @@ static int __init hash_setup(char *str)
 			break;
 		}
 	}
+	if (i =3D=3D HASH_ALGO__LAST)
+		return 1;
 out:
 	hash_setup_done =3D 1;
 	return 1;
--=20
2.11.0