dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

ima-evm-utils: mixed "ima" and other template formats not supported

Browse Source 
An IMA measurement list may not contain "ima" and other template
formats.  Fail verifying the ima_measurement test.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2020-07-06 12:44:15 -04:00
parent f49e982627
commit 663dfd5efb
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/evmctl.c
View File

@ -1830,8 +1830,9 @@ static int ima_measurement(const char *file)
{ {
struct tpm_bank_info *pseudo_banks; struct tpm_bank_info *pseudo_banks;
struct tpm_bank_info *tpm_banks; struct tpm_bank_info *tpm_banks;
int is_ima_template; int is_ima_template, cur_template_fmt;
int num_banks = 0; int num_banks = 0;
int first_record = 1;
struct template_entry entry = { .template = 0 }; struct template_entry entry = { .template = 0 };
FILE *fp; FILE *fp;
@ -1869,7 +1870,21 @@ static int ima_measurement(const char *file)
goto out; goto out;
} }
is_ima_template = strcmp(entry.name, "ima") == 0 ? 1 : 0; /*
* The "ima" template format can not be mixed with other
* template formats records.
*/
if (!first_record) {
cur_template_fmt = strcmp(entry.name, "ima") == 0 ? 1 : 0;
if ((is_ima_template && !cur_template_fmt) ||
(!is_ima_template && cur_template_fmt)) {
log_err("Mixed measurement list containing \"ima\" and other template formats not supported.\n");
goto out;
}
} else {
first_record = 0;
is_ima_template = strcmp(entry.name, "ima") == 0 ? 1 : 0;
}
/* The "ima" template data is not length prefixed. Skip it. */ /* The "ima" template data is not length prefixed. Skip it. */
if (!is_ima_template) { if (!is_ima_template) {