summaryrefslogtreecommitdiffstats
path: root/security/integrity/evm
diff options
context:
space:
mode:
authorDmitry Kasatkin <d.kasatkin@samsung.com>2013-10-10 09:12:03 +0200
committerMimi Zohar <zohar@linux.vnet.ibm.com>2013-10-25 23:16:59 +0200
commitb1aaab22e263d0cca1effe319b7d2bf895444219 (patch)
treea46f2285bd884e784d967e4132f71cd2f09565da /security/integrity/evm
parentima: read and use signature hash algorithm (diff)
downloadlinux-b1aaab22e263d0cca1effe319b7d2bf895444219.tar.xz
linux-b1aaab22e263d0cca1effe319b7d2bf895444219.zip
ima: pass full xattr with the signature
For possibility to use xattr type for new signature formats, pass full xattr to the signature verification function. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/evm')
-rw-r--r--security/integrity/evm/evm_main.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index af9b6852f4e1..336b3ddfe63f 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -123,7 +123,7 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
goto out;
}
- xattr_len = rc - 1;
+ xattr_len = rc;
/* check value type */
switch (xattr_data->type) {
@@ -143,7 +143,7 @@ static enum integrity_status evm_verify_hmac(struct dentry *dentry,
if (rc)
break;
rc = integrity_digsig_verify(INTEGRITY_KEYRING_EVM,
- xattr_data->digest, xattr_len,
+ (const char *)xattr_data, xattr_len,
calc.digest, sizeof(calc.digest));
if (!rc) {
/* we probably want to replace rsa with hmac here */