From: Mimi Zohar [mailto:zohar@linux.ibm.com] Sent: Friday, August 21, 2020 10:15 PM Hi Roberto,
On Thu, 2020-06-18 at 18:01 +0200, Roberto Sassu wrote:
Granting metadata write is safe if the HMAC key is not loaded, as it won't let an attacker obtain a valid HMAC from corrupted xattrs.
evm_write_key()
however does not allow it if any key is loaded, including a public key, which should not be a problem.
Why is the existing hebavior a problem? What is the problem being solved?
Hi Mimi
currently it is not possible to set EVM_ALLOW_METADATA_WRITES when only a public key is loaded and the HMAC key is not. The patch removes this limitation.
This patch allows setting EVM_ALLOW_METADATA_WRITES if the
EVM_INIT_HMAC
flag is not set.
Cc: stable@vger.kernel.org # 4.16.x Fixes: ae1ba1676b88e ("EVM: Allow userland to permit modification of
EVM-protected metadata")
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com
security/integrity/evm/evm_secfs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/evm/evm_secfs.c
b/security/integrity/evm/evm_secfs.c
index cfc3075769bb..92fe26ace797 100644 --- a/security/integrity/evm/evm_secfs.c +++ b/security/integrity/evm/evm_secfs.c @@ -84,7 +84,7 @@ static ssize_t evm_write_key(struct file *file, const
char __user *buf,
* keys are loaded. */if ((i & EVM_ALLOW_METADATA_WRITES) &&
((evm_initialized & EVM_KEY_MASK) != 0) &&
((evm_initialized & EVM_INIT_HMAC) != 0) && !(evm_initialized & EVM_ALLOW_METADATA_WRITES))Documentation/ABI/testing/evm needs to be updated as well.
Ok.
Thanks
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Li Peng, Li Jian, Shi Yanli
thanks,
Mimi