mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-21 01:51:18 +00:00
Code Issues Releases Wiki Activity
linux-stable/security
History
Krzysztof Struczynski 0698eacdfc ima: Fix ima digest hash table key calculation 
commit 1129d31b55 upstream.

Function hash_long() accepts unsigned long, while currently only one byte
is passed from ima_hash_key(), which calculates a key for ima_htable.

Given that hashing the digest does not give clear benefits compared to
using the digest itself, remove hash_long() and return the modulus
calculated on the first two bytes of the digest with the number of slots.
Also reduce the depth of the hash table by doubling the number of slots.

Cc: stable@vger.kernel.org
Fixes: 3323eec921 ("integrity: IMA as an integrity service provider")
Co-developed-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Acked-by: David.Laight@aculab.com (big endian system concerns)
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-06-22 09:31:14 +02:00
..
apparmor apparmor: Fix aa_label refcnt leak in policy_update 2020-05-27 17:46:42 +02:00
integrity ima: Fix ima digest hash table key calculation 2020-06-22 09:31:14 +02:00
keys mm: add kvfree_sensitive() for freeing sensitive data objects 2020-06-17 16:40:23 +02:00
loadpin proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
lockdown lockdown: Allow unprivileged users to see lockdown status 2020-06-22 09:30:53 +02:00
safesetid LSM: SafeSetID: Stop releasing uninitialized ruleset 2019-09-17 11:27:05 -07:00
selinux selinux: fix error return code in policydb_read() 2020-06-22 09:31:01 +02:00
smack Smack: slab-out-of-bounds in vsscanf 2020-06-17 16:40:36 +02:00
tomoyo tomoyo: Use atomic_t for statistics counter 2020-02-05 21:22:41 +00:00
yama proc/sysctl: add shared variables for range check 2019-07-18 17:08:07 -07:00
commoncap.c exec: Always set cap_ambient in cap_bprm_set_creds 2020-06-03 08:21:23 +02:00
device_cgroup.c docs: cgroup-v1: add it to the admin-guide book 2019-07-15 11:03:02 -03:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00
Kconfig.hardening meminit fix 2019-07-28 12:33:15 -07:00
lsm_audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
Makefile security: Add a static lockdown policy LSM 2019-08-19 21:54:15 -07:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00