[3.16.y-ckt stable] Patch "ima: fix ima_show_template_data_ascii()" has been added to staging queue

Luis Henriques luis.henriques at canonical.com
Mon Jul 13 09:21:31 UTC 2015 

This is a note to let you know that I have just added a patch titled

    ima: fix ima_show_template_data_ascii()

to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree 
which can be found at:

    http://kernel.ubuntu.com/git/ubuntu/linux.git/log/?h=linux-3.16.y-queue

This patch is scheduled to be released in version 3.16.7-ckt15.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.16.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 9f152597b18492f3de66ee68d49448e34cbed8b8 Mon Sep 17 00:00:00 2001
From: Mimi Zohar <zohar at linux.vnet.ibm.com>
Date: Thu, 11 Jun 2015 11:54:42 -0400
Subject: ima: fix ima_show_template_data_ascii()

commit 45b26133b97871896b8c5241d59f4ff7839db7b2 upstream.

This patch fixes a bug introduced in "4d7aeee ima: define new template
ima-ng and template fields d-ng and n-ng".

Changelog:
- change int to uint32 (Roberto Sassu's suggestion)

Signed-off-by: Mimi Zohar <zohar at linux.vnet.ibm.com>
Signed-off-by: Roberto Sassu <rsassu at suse.de>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 security/integrity/ima/ima.h              | 2 +-
 security/integrity/ima/ima_fs.c           | 4 ++--
 security/integrity/ima/ima_template_lib.c | 3 ++-
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index f79fa8be203c..5cb7de9046fa 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -106,7 +106,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename,
 		       const char *op, const char *cause);
 int ima_init_crypto(void);
 void ima_putc(struct seq_file *m, void *data, int datalen);
-void ima_print_digest(struct seq_file *m, u8 *digest, int size);
+void ima_print_digest(struct seq_file *m, u8 *digest, u32 size);
 struct ima_template_desc *ima_template_desc_current(void);
 int ima_init_template(void);

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index da92fcc08d15..d30afe461070 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -186,9 +186,9 @@ static const struct file_operations ima_measurements_ops = {
 	.release = seq_release,
 };

-void ima_print_digest(struct seq_file *m, u8 *digest, int size)
+void ima_print_digest(struct seq_file *m, u8 *digest, u32 size)
 {
-	int i;
+	u32 i;

 	for (i = 0; i < size; i++)
 		seq_printf(m, "%02x", *(digest + i));
diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c
index 1506f0248572..1eb173ddefd6 100644
--- a/security/integrity/ima/ima_template_lib.c
+++ b/security/integrity/ima/ima_template_lib.c
@@ -70,7 +70,8 @@ static void ima_show_template_data_ascii(struct seq_file *m,
 					 enum data_formats datafmt,
 					 struct ima_field_data *field_data)
 {
-	u8 *buf_ptr = field_data->data, buflen = field_data->len;
+	u8 *buf_ptr = field_data->data;
+	u32 buflen = field_data->len;

 	switch (datafmt) {
 	case DATA_FMT_DIGEST_WITH_ALGO:

More information about the kernel-team mailing list