Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp2200594iof;
        Tue, 7 Jun 2022 23:02:06 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyJOiv2YTeYgdulmwjNjWPpJzV/iO+pgv7lzc4Ch4tCM/b6Sl2kLVOauggcc2s+uCeIwAgK
X-Received: by 2002:a17:90a:cc0d:b0:1e3:1256:faa3 with SMTP id b13-20020a17090acc0d00b001e31256faa3mr51775311pju.107.1654668125849;
        Tue, 07 Jun 2022 23:02:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1654668125; cv=none;
        d=google.com; s=arc-20160816;
        b=eFqkPyIEwaKNvdURDswJiUNNq/CMA5ORzC9p/VUSPnXpQ5H4iey5n14wtSEsu2WvD9
         07X6aV6aFNYYK3Lpxqy+kD58MFTcMTMIwsQFs1h95cSEnUgpzPfhlzYcNaTl7dVz+Djs
         8RgP8lJvHedZy6Ni2/roIn4Ymqg4Cx8BoUmSTA1GFMikocS5+UQQO8AvKI4tCjUAUbOv
         wgmVRSfX4DcsF2R0lZji+ZZ6CgE+Pg5EE6yuvzS0Roog8rtCJ/Kw3ErUpIO/8gi0ZXMU
         jKzxXMmkCw9oCDOcKplWuHWEg/sFLfclCXAen5eMh5JGVzryXzzAljGBboF3Uw4hIYON
         auxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=XAP3IjTAKYXFNWSkuVva2ACrcCw0v+/vkrCc1Ld79os=;
        b=ruYWTAUI+GNsq9suu3ZR7NG8Ugbd7y5KvwpCRk+0lChuBjlVEgPmG17fVUB7oBPcI8
         gH3jWfNUXlVzdYSMPN2T0lgFGdqgMwQ5SGAy5eV/IGZoyPV9qR0vARbiOeyrZwusXJBV
         UTNQAE6RRRynB3pDsaWuWhNbb0RDbRXb2O8UlHBiO4dK/HnBQ0w4OjuIbekt/gbseL/G
         /cEhfmwITk5ZNzGUOcM0rGXDeIkJlq4+na1kLmiJLPuTklagcksTfZdbIWeEKPlzrlvl
         B74b7j8ld/XUW20h69jyZHLE1vuA4Hhp87MEFgAFhoxgf+pRc4Gygxmql7o0jo/IYNWT
         CtrQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=vIgU3Sl1;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19])
        by mx.google.com with ESMTPS id d2-20020a656b82000000b003fdac2b3964si11235132pgw.335.2022.06.07.23.02.05
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 07 Jun 2022 23:02:05 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=vIgU3Sl1;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 9B0EDF3F94;
	Tue,  7 Jun 2022 22:26:21 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1381932AbiFHBOz (ORCPT <rfc822;abrown110010@gmail.com>
        + 99 others); Tue, 7 Jun 2022 21:14:55 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35094 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1385498AbiFGWbe (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 7 Jun 2022 18:31:34 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2FA3A27B481;
        Tue,  7 Jun 2022 12:24:56 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id CBE16B8220B;
        Tue,  7 Jun 2022 19:24:54 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 42AEAC385A5;
        Tue,  7 Jun 2022 19:24:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1654629893;
        bh=mTdIDoujXMOK+HqZWo1bcLLznZ0mfsHSUpSPn8Lcwd8=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=vIgU3Sl1XyqfPvoe0kgesTJ2zlUTctwMd0IcJWYagOw/r0s7/jlIUhRZUp07BIJWd
         l+b+AA8d6jI3T34FyotoMOFsDIfaOxCJ9ZJe5+9vRZfhNmCkf2OVahRdNadEiWyRBG
         EHH6KdY3nLBI4b8QiiCoMym42APo+KKrt7Ny9ufQ=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, GUO Zihua <guozihua@huawei.com>,
        Stable@vger.kernel.org, Mimi Zohar <zohar@linux.ibm.com>
Subject: [PATCH 5.18 804/879] ima: remove the IMA_TEMPLATE Kconfig option
Date:   Tue,  7 Jun 2022 19:05:22 +0200
Message-Id: <20220607165026.196094150@linuxfoundation.org>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220607165002.659942637@linuxfoundation.org>
References: <20220607165002.659942637@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: GUO Zihua <guozihua@huawei.com>

commit 891163adf180bc369b2f11c9dfce6d2758d2a5bd upstream.

The original 'ima' measurement list template contains a hash, defined
as 20 bytes, and a null terminated pathname, limited to 255
characters.  Other measurement list templates permit both larger hashes
and longer pathnames.  When the "ima" template is configured as the
default, a new measurement list template (ima_template=) must be
specified before specifying a larger hash algorithm (ima_hash=) on the
boot command line.

To avoid this boot command line ordering issue, remove the legacy "ima"
template configuration option, allowing it to still be specified on the
boot command line.

The root cause of this issue is that during the processing of ima_hash,
we would try to check whether the hash algorithm is compatible with the
template. If the template is not set at the moment we do the check, we
check the algorithm against the configured default template. If the
default template is "ima", then we reject any hash algorithm other than
sha1 and md5.

For example, if the compiled default template is "ima", and the default
algorithm is sha1 (which is the current default). In the cmdline, we put
in "ima_hash=sha256 ima_template=ima-ng". The expected behavior would be
that ima starts with ima-ng as the template and sha256 as the hash
algorithm. However, during the processing of "ima_hash=",
"ima_template=" has not been processed yet, and hash_setup would check
the configured hash algorithm against the compiled default: ima, and
reject sha256. So at the end, the hash algorithm that is actually used
will be sha1.

With template "ima" removed from the configured default, we ensure that
the default tempalte would at least be "ima-ng" which allows for
basically any hash algorithm.

This change would not break the algorithm compatibility checks for IMA.

Fixes: 4286587dccd43 ("ima: add Kconfig default measurement list template")
Signed-off-by: GUO Zihua <guozihua@huawei.com>
Cc: <Stable@vger.kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 security/integrity/ima/Kconfig |   14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -69,10 +69,9 @@ choice
 	  hash, defined as 20 bytes, and a null terminated pathname,
 	  limited to 255 characters.  The 'ima-ng' measurement list
 	  template permits both larger hash digests and longer
-	  pathnames.
+	  pathnames. The configured default template can be replaced
+	  by specifying "ima_template=" on the boot command line.
 
-	config IMA_TEMPLATE
-		bool "ima"
 	config IMA_NG_TEMPLATE
 		bool "ima-ng (default)"
 	config IMA_SIG_TEMPLATE
@@ -82,7 +81,6 @@ endchoice
 config IMA_DEFAULT_TEMPLATE
 	string
 	depends on IMA
-	default "ima" if IMA_TEMPLATE
 	default "ima-ng" if IMA_NG_TEMPLATE
 	default "ima-sig" if IMA_SIG_TEMPLATE
 
@@ -102,19 +100,19 @@ choice
 
 	config IMA_DEFAULT_HASH_SHA256
 		bool "SHA256"
-		depends on CRYPTO_SHA256=y && !IMA_TEMPLATE
+		depends on CRYPTO_SHA256=y
 
 	config IMA_DEFAULT_HASH_SHA512
 		bool "SHA512"
-		depends on CRYPTO_SHA512=y && !IMA_TEMPLATE
+		depends on CRYPTO_SHA512=y
 
 	config IMA_DEFAULT_HASH_WP512
 		bool "WP512"
-		depends on CRYPTO_WP512=y && !IMA_TEMPLATE
+		depends on CRYPTO_WP512=y
 
 	config IMA_DEFAULT_HASH_SM3
 		bool "SM3"
-		depends on CRYPTO_SM3=y && !IMA_TEMPLATE
+		depends on CRYPTO_SM3=y
 endchoice
 
 config IMA_DEFAULT_HASH