dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-11-04 06:40:49 +01:00
Code Releases Activity

ima-evm-utils: Fix ima_verify return value on multiple files

Browse Source 
If any tested file results in failure produce failure exit code.
Previously exit code affected only by the last file tested.

Fixes: "Allow multiple files in ima_verify"
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Vitaly Chikunov
2019-07-27 06:18:59 +03:00
committed by Mimi Zohar
parent bd8b503206
commit 2b491be5e2
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/evmctl.c
View File

@@ -887,7 +887,7 @@ static int verify_ima(const char *file)
static int cmd_verify_ima(struct command *cmd) static int cmd_verify_ima(struct command *cmd)
{ {
char *file = g_argv[optind++]; char *file = g_argv[optind++];
int err; int err, fails = 0;
if (imaevm_params.keyfile) /* Support multiple public keys */ if (imaevm_params.keyfile) /* Support multiple public keys */
init_public_keys(imaevm_params.keyfile); init_public_keys(imaevm_params.keyfile);
@@ -903,10 +903,12 @@ static int cmd_verify_ima(struct command *cmd)
do { do {
err = verify_ima(file); err = verify_ima(file);
if (err)
fails++;
if (!err && imaevm_params.verbose >= LOG_INFO) if (!err && imaevm_params.verbose >= LOG_INFO)
log_info("%s: verification is OK\n", file); log_info("%s: verification is OK\n", file);
} while ((file = g_argv[optind++])); } while ((file = g_argv[optind++]));
return err; return fails > 0;
} }
static int cmd_convert(struct command *cmd) static int cmd_convert(struct command *cmd)