dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 14:43:37 +02:00
Code Releases Activity

ima-evm-utils: similarly add sanity check for file parameter of TPM 1.2 PCRs

Browse Source 
Parameter expects to be a copy of /sys/class/tpm/tpm0/device/pcrs (i.e.
regular file, not a directory, block or character device, socket, ...)

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Petr Vorel <pvorel@suse.cz>
This commit is contained in:
Mimi Zohar 2020-07-17 17:52:41 -04:00
parent aa636ee486
commit 9b5a1e7b1d
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/evmctl.c
View File

@ -1379,14 +1379,26 @@ static char *misc_pcrs = "/sys/class/misc/tpm0/device/pcrs";
/* Read all of the TPM 1.2 PCRs */ /* Read all of the TPM 1.2 PCRs */
static int tpm_pcr_read(struct tpm_bank_info *tpm_banks, int len) static int tpm_pcr_read(struct tpm_bank_info *tpm_banks, int len)
{ {
struct stat s;
FILE *fp = NULL; FILE *fp = NULL;
char *p, pcr_str[8], buf[70]; /* length of the TPM string */ char *p, pcr_str[8], buf[70]; /* length of the TPM string */
int result = -1; int result = -1;
int i = 0; int i = 0;
/* Use the provided TPM 1.2 pcrs file */ /* Use the provided TPM 1.2 pcrs file */
if (pcrfile) if (pcrfile) {
if (stat(pcrfile, &s) == -1) {
errno = 0;
return 1;
}
if (!S_ISREG(s.st_mode)) {
log_info("TPM 1.2 PCR file: not a regular file or link to regular file\n");
return 1;
}
fp = fopen(pcrfile, "r"); fp = fopen(pcrfile, "r");
}
if (!fp) if (!fp)
fp = fopen(pcrs, "r"); fp = fopen(pcrs, "r");