From 9bc24ee556e554cf75a07ffc1ff26c6773992cda Mon Sep 17 00:00:00 2001
From: Dmitry Kasatkin <d.kasatkin@samsung.com>
Date: Tue, 24 Jun 2014 15:40:58 +0300
Subject: [PATCH] Use defined xattr types

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
---
 src/evmctl.c | 12 ++++++++----
 src/imaevm.h |  7 +++++++
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index 4d542d3..3644b41 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -626,7 +626,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
 static int sign_evm(const char *file, const char *key)
 {
 	unsigned char hash[20];
-	unsigned char sig[1024] = "\x03";
+	unsigned char sig[1024];
 	int len, err;
 
 	len = calc_evm_hash(file, hash);
@@ -638,6 +638,7 @@ static int sign_evm(const char *file, const char *key)
 		return len;
 
 	if (xattr) {
+		sig[0] = EVM_IMA_XATTR_DIGSIG;
 		err = lsetxattr(file, "security.evm", sig, len + 1, 0);
 		if (err < 0) {
 			log_err("setxattr failed: %s\n", file);
@@ -650,9 +651,10 @@ static int sign_evm(const char *file, const char *key)
 
 static int hash_ima(const char *file)
 {
-	unsigned char hash[65] = "\x01"; /* MAX hash size + 1 */
+	unsigned char hash[65]; /* MAX hash size + 1 */
 	int len, err;
 
+	hash[0] = IMA_XATTR_DIGEST;
 	len = ima_calc_hash(file, hash + 1);
 	if (len <= 1)
 		return len;
@@ -690,7 +692,7 @@ static int cmd_hash_ima(struct command *cmd)
 static int sign_ima(const char *file, const char *key)
 {
 	unsigned char hash[64];
-	unsigned char sig[1024] = "\x03";
+	unsigned char sig[1024];
 	int len, err;
 
 	len = ima_calc_hash(file, hash);
@@ -703,6 +705,7 @@ static int sign_ima(const char *file, const char *key)
 
 	/* add header */
 	len++;
+	sig[0] = EVM_IMA_XATTR_DIGSIG;
 
 	if (sigfile)
 		bin2file(file, "sig", sig, len);
@@ -1151,7 +1154,7 @@ out:
 static int hmac_evm(const char *file, const char *key)
 {
 	unsigned char hash[20];
-	unsigned char sig[1024] = "\x02";
+	unsigned char sig[1024];
 	int len, err;
 
 	len = calc_evm_hmac(file, key, hash);
@@ -1163,6 +1166,7 @@ static int hmac_evm(const char *file, const char *key)
 	memcpy(sig + 1, hash, len);
 
 	if (xattr) {
+		sig[0] = EVM_XATTR_HMAC;
 		err = lsetxattr(file, "security.evm", sig, len + 1, 0);
 		if (err < 0) {
 			log_err("setxattr failed: %s\n", file);
diff --git a/src/imaevm.h b/src/imaevm.h
index 7dc2651..7e784ec 100644
--- a/src/imaevm.h
+++ b/src/imaevm.h
@@ -84,6 +84,13 @@
 
 #define __packed __attribute__((packed))
 
+enum evm_ima_xattr_type {
+	IMA_XATTR_DIGEST = 0x01,
+	EVM_XATTR_HMAC,
+	EVM_IMA_XATTR_DIGSIG,
+	IMA_XATTR_DIGEST_NG,
+};
+
 struct h_misc {
 	unsigned long ino;
 	uint32_t generation;