summaryrefslogtreecommitdiff
path: root/crypto/aead.c
diff options
context:
space:
mode:
authorDmitry Kasatkin <dmitry.kasatkin@nokia.com>2011-05-06 11:34:14 +0300
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-07-18 12:29:48 -0400
commit6d38ca01c0c2d6c2e46ec1984db9ada6bad6ca26 (patch)
tree6084a84cd87d18c261d62dc816d48335ce602447 /crypto/aead.c
parent2960e6cb5f7c662b8edb6b0d2edc72095b4f5672 (diff)
evm: evm_verify_hmac must not return INTEGRITY_UNKNOWN
If EVM is not supported or enabled, evm_verify_hmac() returns INTEGRITY_UNKNOWN, which ima_appraise_measurement() ignores and sets the appraisal status based solely on the security.ima verification. evm_verify_hmac() also returns INTEGRITY_UNKNOWN for other failures, such as temporary failures like -ENOMEM, resulting in possible attack vectors. This patch changes the default return code for temporary/unexpected failures, like -ENOMEM, from INTEGRITY_UNKNOWN to INTEGRITY_FAIL, making evm_verify_hmac() fail safe. As a result, failures need to be re-evaluated in order to catch both temporary errors, such as the -ENOMEM, as well as errors that have been resolved in fix mode. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'crypto/aead.c')
0 files changed, 0 insertions, 0 deletions