review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Roberto Sassu <roberto.sassu@huawei.com>
	Fri, 14 May 2021 15:27:44 +0000 (17:27 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 14 Jul 2021 14:55:46 +0000 (16:55 +0200)
commit	53124265fca84159ac4b411f1ea43eba010f974e
tree	1fdbd3c926e6c8cf6e6c4eabe737b2a29f23dbe5	tree \| snapshot
parent	7b84c7d7e2c2a2ceb10a8ba1460c2a859c633400	commit \| diff

evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded

commit 9acc89d31f0c94c8e573ed61f3e4340bbd526d0c upstream.

EVM_ALLOW_METADATA_WRITES is an EVM initialization flag that can be set to
temporarily disable metadata verification until all xattrs/attrs necessary
to verify an EVM portable signature are copied to the file. This flag is
cleared when EVM is initialized with an HMAC key, to avoid that the HMAC is
calculated on unverified xattrs/attrs.

Currently EVM unnecessarily denies setting this flag if EVM is initialized
with a public key, which is not a concern as it cannot be used to trust
xattrs/attrs updates. This patch removes this limitation.

Fixes: ae1ba1676b88e ("EVM: Allow userland to permit modification of EVM-protected metadata")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Cc: stable@vger.kernel.org # 4.16.x
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Documentation/ABI/testing/evm		diff \| blob \| history
security/integrity/evm/evm_secfs.c		diff \| blob \| history