Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp584609ybt; Fri, 19 Jun 2020 08:43:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzTyr/E0BGdZAtAB8rbNg4Z6qtvtN2gCwZl6DAWkboC0K3uaLa9lcYL7Hb2mvPYvRN6UUSC X-Received: by 2002:a17:906:4d42:: with SMTP id b2mr4127915ejv.34.1592581384817; Fri, 19 Jun 2020 08:43:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592581384; cv=none; d=google.com; s=arc-20160816; b=WKpWIKQ6O8UHz/aeVEuioe4m/CPov1jNUf+qPkLV1BHOYBNKMAtmevLmVrxb+BUEvV X7Lk7zhhpPIKq3GS6yGhZbCT9dPPt98QUlPK2pFKx8mE43gn+WA/SUG+4MpaZYmtM1us A6ip92oblQYFvsFicuw+I7iwfuxjWdkaV1e5GVndmRbM7/9aIxm8kn7IdsCc7f413dUg /yugNmcPubfQ/0FFBZPOhwVAZn6lPmcSE9aJk1hQDOqWqXoSsI2qUKZD6EtUEIL4YBH5 guR86TgbIYyL+cRTGafvvwfJNZioEE47XNZsjQFO4sbCx73p3vApLC1YPyRCq8AXbd2f /r4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=/N+ctczNQ6CVD94dGA1TowWC+UWQqIC9fvUVoDrAo1I=; b=JZ1A/iHI6JbcUows9q0q+hA92eEFJKPwbpOb5JgYDnKatNqpExm9JPtTLgQOxrjkHx NF+nfpZIVWwfRdLNLmPFwR9OceyeXlWMRvioCKW7HhzVLbeQZBVRaa53Mw2mq52aHeAV EN28jUY+rOfGt+Zzc/p237mJwDtO1cBm0Xj9CxSaPnLuCEmFWfB4fkLgTKEUskRc7vux vcd+dG9LAfZzTTM6FP79HU8R6+4cMhb5Jf7zHY4lsTnAshgMC7yXsV/tmP35UyCSq24X iBbnw/iX66hnhYGnsOIl+O+tF1RrLeFzoBRPZwwjHsSx1etoxTBm/SKAeL2+cZ9f91ll i8eg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=G4bO7GQL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id om21si4230960ejb.101.2020.06.19.08.42.42; Fri, 19 Jun 2020 08:43:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=G4bO7GQL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2393658AbgFSP24 (ORCPT + 99 others); Fri, 19 Jun 2020 11:28:56 -0400 Received: from mail.kernel.org ([198.145.29.99]:60188 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404550AbgFSP2X (ORCPT ); Fri, 19 Jun 2020 11:28:23 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B38F921924; Fri, 19 Jun 2020 15:28:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1592580503; bh=MDzcFnPU6/OGUZX8eSnSRt/nxMi9RAZ+guKmqLWOiNA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=G4bO7GQL6mL7lItICSeDqfyJYlnbcHqLn+Qy98P8bb7bOjB68GlvKx5HaUtgvpt+k Daql7FzxJZwOn9NR9w6kyTXmAa37Jn1VOK+YjHlsNeTEiDnGNojuVgVriUvxVMGNWz IrrX0XAQ9nHj99FG8in5O6F86NVW56p1/EAHw6fE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Roberto Sassu , Krzysztof Struczynski , David.Laight@aculab.com (big endian system concerns), Mimi Zohar Subject: [PATCH 5.7 273/376] ima: Fix ima digest hash table key calculation Date: Fri, 19 Jun 2020 16:33:11 +0200 Message-Id: <20200619141723.254045965@linuxfoundation.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619141710.350494719@linuxfoundation.org> References: <20200619141710.350494719@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Krzysztof Struczynski commit 1129d31b55d509f15e72dc68e4b5c3a4d7b4da8d upstream. Function hash_long() accepts unsigned long, while currently only one byte is passed from ima_hash_key(), which calculates a key for ima_htable. Given that hashing the digest does not give clear benefits compared to using the digest itself, remove hash_long() and return the modulus calculated on the first two bytes of the digest with the number of slots. Also reduce the depth of the hash table by doubling the number of slots. Cc: stable@vger.kernel.org Fixes: 3323eec921ef ("integrity: IMA as an integrity service provider") Co-developed-by: Roberto Sassu Signed-off-by: Roberto Sassu Signed-off-by: Krzysztof Struczynski Acked-by: David.Laight@aculab.com (big endian system concerns) Signed-off-by: Mimi Zohar Signed-off-by: Greg Kroah-Hartman --- security/integrity/ima/ima.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -36,7 +36,7 @@ enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = #define IMA_DIGEST_SIZE SHA1_DIGEST_SIZE #define IMA_EVENT_NAME_LEN_MAX 255 -#define IMA_HASH_BITS 9 +#define IMA_HASH_BITS 10 #define IMA_MEASURE_HTABLE_SIZE (1 << IMA_HASH_BITS) #define IMA_TEMPLATE_FIELD_ID_MAX_LEN 16 @@ -175,9 +175,10 @@ struct ima_h_table { }; extern struct ima_h_table ima_htable; -static inline unsigned long ima_hash_key(u8 *digest) +static inline unsigned int ima_hash_key(u8 *digest) { - return hash_long(*digest, IMA_HASH_BITS); + /* there is no point in taking a hash of part of a digest */ + return (digest[0] | digest[1] << 8) % IMA_MEASURE_HTABLE_SIZE; } #define __ima_hooks(hook) \