Roberto Sassu 68e3b25444 ima: Don't ignore errors from crypto_shash_update() ... commit 60386b8540 upstream. Errors returned by crypto_shash_update() are not checked in ima_calc_boot_aggregate_tfm() and thus can be overwritten at the next iteration of the loop. This patch adds a check after calling crypto_shash_update() and returns immediately if the result is not zero. Cc: stable@vger.kernel.org Fixes: 3323eec921 ("integrity: IMA as an integrity service provider") Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2020-10-29 09:57:28 +01:00
..
evm	evm: Fix possible memory leak in evm_calc_hmac_or_hash()	2020-06-22 09:31:15 +02:00
ima	ima: Don't ignore errors from crypto_shash_update()	2020-10-29 09:57:28 +01:00
platform_certs	efi: Only print errors about failing to get certs if EFI vars are found	2020-03-12 13:00:14 +01:00
Kconfig	integrity: Select CONFIG_KEYS instead of depending on it	2019-08-05 18:40:20 -04:00
Makefile	integrity: remove pointless subdir-$(CONFIG_...)	2019-10-05 15:29:49 +09:00
digsig.c	ima: Implement support for module-style appended signatures	2019-08-05 18:40:23 -04:00
digsig_asymmetric.c	Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"	2019-07-10 18:43:43 -07:00
iint.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00
integrity.h	ima: Implement support for module-style appended signatures	2019-08-05 18:40:23 -04:00
integrity_audit.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441	2019-06-05 17:37:17 +02:00