projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 403577f) | patch
evm: fix writing <securityfs>/evm overflow
authorMimi Zohar <zohar@linux.ibm.com>
Mon, 26 Apr 2021 22:13:45 +0000 (18:13 -0400)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 14 Jul 2021 14:56:04 +0000 (16:56 +0200)
commit912d16a2d730b98b8c9099a2d934dfc691a0a9c2
tree04b0fb3ec754f19cec056ae18b4c9d395d292693tree | snapshot
parent403577f75d5c433d056a67e61a042cb5ca86c730commit | diff
evm: fix writing <securityfs>/evm overflow

[ Upstream commit 49219d9b8785ba712575c40e48ce0f7461254626 ]

EVM_SETUP_COMPLETE is defined as 0x80000000, which is larger than INT_MAX.
The "-fno-strict-overflow" compiler option properly prevents signaling
EVM that the EVM policy setup is complete.  Define and read an unsigned
int.

Fixes: f00d79750712 ("EVM: Allow userspace to signal an RSA key has been loaded")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
security/integrity/evm/evm_secfs.c diff | blob | history
Domain: System / Kernel;