dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

log and reset 'errno' after failure to open non-critical files

Browse Source 
Define a log_errno_reset macro to emit the errno string at or near the
time of error, similar to the existing log_errno macro, but also reset
errno to avoid dangling or duplicate errno messages on exit.

The initial usage is for non-critical file open failures.

Suggested-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Vitaly Chikunov <vt@altlinux.org>
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2022-10-21 07:25:19 -04:00
parent 0f3b9a0b2c
commit ba2b6a97c1
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/evmctl.c
View File

@ -166,6 +166,9 @@ struct tpm_bank_info {
static char *pcrfile[MAX_PCRFILE]; static char *pcrfile[MAX_PCRFILE];
static unsigned npcrfile; static unsigned npcrfile;
#define log_errno_reset(level, fmt, args...) \
{do_log(level, fmt " (errno: %s)\n", ##args, strerror(errno)); errno = 0; }
static int bin2file(const char *file, const char *ext, const unsigned char *data, int len) static int bin2file(const char *file, const char *ext, const unsigned char *data, int len)
{ {
FILE *fp; FILE *fp;
@ -1911,8 +1914,10 @@ static int read_sysfs_pcrs(int num_banks, struct tpm_bank_info *tpm_banks)
fp = fopen(pcrs, "r"); fp = fopen(pcrs, "r");
if (!fp) if (!fp)
fp = fopen(misc_pcrs, "r"); fp = fopen(misc_pcrs, "r");
if (!fp) if (!fp) {
log_errno_reset(LOG_DEBUG, "Failed to read TPM 1.2 PCRs");
return -1; return -1;
}
result = read_one_bank(&tpm_banks[0], fp); result = read_one_bank(&tpm_banks[0], fp);
fclose(fp); fclose(fp);
@ -2055,7 +2060,6 @@ static int ima_measurement(const char *file)
int err_padded = -1; int err_padded = -1;
int err = -1; int err = -1;
errno = 0;
memset(zero, 0, MAX_DIGEST_SIZE); memset(zero, 0, MAX_DIGEST_SIZE);
pseudo_padded_banks = init_tpm_banks(&num_banks); pseudo_padded_banks = init_tpm_banks(&num_banks);
@ -2072,6 +2076,9 @@ static int ima_measurement(const char *file)
init_public_keys(imaevm_params.keyfile); init_public_keys(imaevm_params.keyfile);
else /* assume read pubkey from x509 cert */ else /* assume read pubkey from x509 cert */
init_public_keys("/etc/keys/x509_evm.der"); init_public_keys("/etc/keys/x509_evm.der");
if (errno)
log_errno_reset(LOG_DEBUG,
"Failure in initializing public keys");
/* /*
* Reading the PCRs before walking the IMA measurement list * Reading the PCRs before walking the IMA measurement list
@ -2746,6 +2753,8 @@ int main(int argc, char *argv[])
unsigned long keyid; unsigned long keyid;
char *eptr; char *eptr;
errno = 0; /* initialize global errno */
#if !(OPENSSL_VERSION_NUMBER < 0x10100000) #if !(OPENSSL_VERSION_NUMBER < 0x10100000)
OPENSSL_init_crypto( OPENSSL_init_crypto(
#ifndef DISABLE_OPENSSL_CONF #ifndef DISABLE_OPENSSL_CONF