diff options
Diffstat (limited to 'patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch')
-rw-r--r-- | patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch b/patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch new file mode 100644 index 000000000..12b77a132 --- /dev/null +++ b/patches/ima-evm-utils-1.1/0010-evmctl-Do-not-account-.-and-.-for-directory-hash-gen.patch @@ -0,0 +1,30 @@ +From: Sascha Hauer <s.hauer@pengutronix.de> +Date: Mon, 1 Dec 2014 15:22:19 +0100 +Subject: [PATCH] evmctl: Do not account '.' and '..' for directory hash + generation + +The '.' and '..' directories are in different order depending on the +filesystem, so the calculated hash for the directories differ aswell. +This means an image generated from an ext4 host filesystem won't be +usable on the target if it uses another order for the special directories. +Ignore the entries since they do not add to the security anyway. + +Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> +--- + src/libimaevm.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/libimaevm.c b/src/libimaevm.c +index 866f74b39b41..834b738426bf 100644 +--- a/src/libimaevm.c ++++ b/src/libimaevm.c +@@ -226,6 +226,9 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx) + } + + while ((de = readdir(dir))) { ++ if (!strcmp(de->d_name, ".") || !strcmp(de->d_name, "..")) ++ continue; ++ + if (params.image_mode) { + char *name; + char buf[128] = { }; |