ima: do not include field length in template digest calc for ima template

To maintain compatibility with userspace tools, the field length must not be included in the template digest calculation for the 'ima' template. Fixes commit: a71dc65 ima: switch to new template management mechanism Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Roberto Sassu <roberto.sassu@polito.it> 2013-11-08 19:21:39 +0100
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2013-11-25 13:26:28 +0100
commit: b6f8f16f41d92861621b043389ef49de1c52d613 (patch)
tree: 4aa54f988efc980c6f5ec7845fda7761fa667c16 /security/integrity/ima/ima_api.c
parent: Revert "KEYS: verify a certificate is signed by a 'trusted' key" (diff)
download: linux-b6f8f16f41d92861621b043389ef49de1c52d613.tar.xz
linux-b6f8f16f41d92861621b043389ef49de1c52d613.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 0e7540863fc2..80374842fe0b 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -94,6 +94,7 @@ int ima_store_template(struct ima_template_entry *entry,
 		/* this function uses default algo */
 		hash.hdr.algo = HASH_ALGO_SHA1;
 		result = ima_calc_field_array_hash(&entry->template_data[0],
+						   entry->template_desc,
 						   num_fields, &hash.hdr);
 		if (result < 0) {
 			integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode,
author	Roberto Sassu <roberto.sassu@polito.it>	2013-11-08 19:21:39 +0100
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2013-11-25 13:26:28 +0100
commit	b6f8f16f41d92861621b043389ef49de1c52d613 (patch)
tree	4aa54f988efc980c6f5ec7845fda7761fa667c16 /security/integrity/ima/ima_api.c
parent	Revert "KEYS: verify a certificate is signed by a 'trusted' key" (diff)
download	linux-b6f8f16f41d92861621b043389ef49de1c52d613.tar.xz linux-b6f8f16f41d92861621b043389ef49de1c52d613.zip