Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
the digest can be recalculated for the boot_aggregate measurement entry if
the 'd' template field has been requested. For the 'd' field, only SHA1 and
MD5 digests are accepted.
Given that ima_eventdigest_init() does not have the __init annotation, all
functions called should not have it. This patch removes __init from
ima_pcrread().
Cc: [email protected]
Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
Reported-by: Linus Torvalds <[email protected]>
Signed-off-by: Roberto Sassu <[email protected]>
---
security/integrity/ima/ima_crypto.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index ba5cc3264240..220b14920c37 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -786,7 +786,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
return calc_buffer_shash(buf, len, hash);
}
-static void __init ima_pcrread(u32 idx, struct tpm_digest *d)
+static void ima_pcrread(u32 idx, struct tpm_digest *d)
{
if (!ima_tpm_chip)
return;
--
2.17.1
On Sun Jun 07 20, Roberto Sassu wrote:
>Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
>ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
>the digest can be recalculated for the boot_aggregate measurement entry if
>the 'd' template field has been requested. For the 'd' field, only SHA1 and
>MD5 digests are accepted.
>
>Given that ima_eventdigest_init() does not have the __init annotation, all
>functions called should not have it. This patch removes __init from
>ima_pcrread().
>
>Cc: [email protected]
>Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
>Reported-by: Linus Torvalds <[email protected]>
>Signed-off-by: Roberto Sassu <[email protected]>
Reviewed-by: Jerry Snitselaar <[email protected]>
>---
> security/integrity/ima/ima_crypto.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
>index ba5cc3264240..220b14920c37 100644
>--- a/security/integrity/ima/ima_crypto.c
>+++ b/security/integrity/ima/ima_crypto.c
>@@ -786,7 +786,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
> return calc_buffer_shash(buf, len, hash);
> }
>
>-static void __init ima_pcrread(u32 idx, struct tpm_digest *d)
>+static void ima_pcrread(u32 idx, struct tpm_digest *d)
> {
> if (!ima_tpm_chip)
> return;
>--
>2.17.1
>
On Sun, Jun 07, 2020 at 11:00:29PM +0200, Roberto Sassu wrote:
> Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
> ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
> the digest can be recalculated for the boot_aggregate measurement entry if
> the 'd' template field has been requested. For the 'd' field, only SHA1 and
> MD5 digests are accepted.
>
> Given that ima_eventdigest_init() does not have the __init annotation, all
> functions called should not have it. This patch removes __init from
> ima_pcrread().
>
> Cc: [email protected]
> Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
> Reported-by: Linus Torvalds <[email protected]>
> Signed-off-by: Roberto Sassu <[email protected]>
> ---
> security/integrity/ima/ima_crypto.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
> index ba5cc3264240..220b14920c37 100644
> --- a/security/integrity/ima/ima_crypto.c
> +++ b/security/integrity/ima/ima_crypto.c
> @@ -786,7 +786,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
> return calc_buffer_shash(buf, len, hash);
> }
>
> -static void __init ima_pcrread(u32 idx, struct tpm_digest *d)
> +static void ima_pcrread(u32 idx, struct tpm_digest *d)
> {
> if (!ima_tpm_chip)
> return;
> --
> 2.17.1
>
Reviewed-by: Bruno Meneguele <[email protected]>
thanks Roberto.
--
bmeneg
PGP Key: http://bmeneg.com/pubkey.txt
Hi Roberto,
On Sun, 2020-06-07 at 23:00 +0200, Roberto Sassu wrote:
> Commit 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in
> ima_eventdigest_init()") added a call to ima_calc_boot_aggregate() so that
> the digest can be recalculated for the boot_aggregate measurement entry if
> the 'd' template field has been requested. For the 'd' field, only SHA1 and
> MD5 digests are accepted.
>
> Given that ima_eventdigest_init() does not have the __init annotation, all
> functions called should not have it. This patch removes __init from
> ima_pcrread().
>
> Cc: [email protected]
> Fixes: 6cc7c266e5b4 ("ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()")
> Reported-by: Linus Torvalds <[email protected]>
> Signed-off-by: Roberto Sassu <[email protected]>
Thank you for fixing this so quickly! Jerry, Bruno, thank you for the
Reviews. This patch is in Linus' tree as: 8b8c704d913b ("ima: Remove
__init annotation from ima_pcrread()".
Mimi