From 807711b4cee1986351e67b1c5602bbf1facacc42 Mon Sep 17 00:00:00 2001
From: Marc Kleine-Budde <mkl@pengutronix.de>
Date: Tue, 9 Jun 2015 13:24:05 +0200
Subject: ima-evm-utils: add support to read inode number from extended
 attribute

Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
---
 .../0001-HACK-don-t-generate-man-page.patch        |  19 ----
 ...1-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch |  40 +++++++
 .../0002-HACK-don-t-generate-man-page.patch        |  19 ++++
 ...-inode-number-from-user.image-inode-numbe.patch | 116 +++++++++++++++++++++
 patches/ima-evm-utils-0.9/series                   |   6 +-
 5 files changed, 179 insertions(+), 21 deletions(-)
 delete mode 100644 patches/ima-evm-utils-0.9/0001-HACK-don-t-generate-man-page.patch
 create mode 100644 patches/ima-evm-utils-0.9/0001-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
 create mode 100644 patches/ima-evm-utils-0.9/0002-HACK-don-t-generate-man-page.patch
 create mode 100644 patches/ima-evm-utils-0.9/0003-evmctl-read-inode-number-from-user.image-inode-numbe.patch

diff --git a/patches/ima-evm-utils-0.9/0001-HACK-don-t-generate-man-page.patch b/patches/ima-evm-utils-0.9/0001-HACK-don-t-generate-man-page.patch
deleted file mode 100644
index bb44e8d6c..000000000
--- a/patches/ima-evm-utils-0.9/0001-HACK-don-t-generate-man-page.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-From: Michael Olbrich <m.olbrich@pengutronix.de>
-Date: Wed, 3 Jun 2015 16:08:51 +0200
-Subject: [PATCH] HACK: don't generate man page
-
-Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
----
- Makefile.am | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index 06ebf59ea4aa..e527f34f1faa 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -1,5 +1,4 @@
- SUBDIRS = src
--dist_man_MANS = evmctl.1
- 
- doc_DATA =  examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
- EXTRA_DIST = autogen.sh $(doc_DATA)
diff --git a/patches/ima-evm-utils-0.9/0001-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch b/patches/ima-evm-utils-0.9/0001-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
new file mode 100644
index 000000000..cb09b8d78
--- /dev/null
+++ b/patches/ima-evm-utils-0.9/0001-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
@@ -0,0 +1,40 @@
+From: Marc Kleine-Budde <mkl@pengutronix.de>
+Date: Wed, 27 May 2015 10:41:27 +0200
+Subject: [PATCH] Makefile.am: rename INCLUDES -> AM_CPPFLAGS
+
+This patch fixes the following warning during autoreconf:
+
+| src/Makefile.am:19: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
+
+Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
+---
+ src/Makefile.am | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/Makefile.am b/src/Makefile.am
+index deb18fb09dc7..9f547283d535 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -1,7 +1,7 @@
+ lib_LTLIBRARIES = libimaevm.la
+ 
+ libimaevm_la_SOURCES = libimaevm.c
+-libimaevm_la_CPPFLAGS = $(OPENSSL_CFLAGS)
++libimaevm_la_CPPFLAGS = $(OPENSSL_CFLAGS) $(AM_CPPFLAGS)
+ # current[:revision[:age]]
+ # result: [current-age].age.revision
+ libimaevm_la_LDFLAGS = -version-info 0:0:0
+@@ -12,11 +12,11 @@ include_HEADERS = imaevm.h
+ bin_PROGRAMS = evmctl
+ 
+ evmctl_SOURCES = evmctl.c
+-evmctl_CPPFLAGS = $(OPENSSL_CFLAGS)
++evmctl_CPPFLAGS = $(OPENSSL_CFLAGS) $(AM_CPPFLAGS)
+ evmctl_LDFLAGS = $(LDFLAGS_READLINE)
+ evmctl_LDADD =  $(OPENSSL_LIBS) -lkeyutils libimaevm.la
+ 
+-INCLUDES = -I$(top_srcdir) -include config.h
++AM_CPPFLAGS = -I$(top_srcdir) -include config.h
+ 
+ DISTCLEANFILES = @DISTCLEANFILES@
+ 
diff --git a/patches/ima-evm-utils-0.9/0002-HACK-don-t-generate-man-page.patch b/patches/ima-evm-utils-0.9/0002-HACK-don-t-generate-man-page.patch
new file mode 100644
index 000000000..bb44e8d6c
--- /dev/null
+++ b/patches/ima-evm-utils-0.9/0002-HACK-don-t-generate-man-page.patch
@@ -0,0 +1,19 @@
+From: Michael Olbrich <m.olbrich@pengutronix.de>
+Date: Wed, 3 Jun 2015 16:08:51 +0200
+Subject: [PATCH] HACK: don't generate man page
+
+Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
+---
+ Makefile.am | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index 06ebf59ea4aa..e527f34f1faa 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -1,5 +1,4 @@
+ SUBDIRS = src
+-dist_man_MANS = evmctl.1
+ 
+ doc_DATA =  examples/ima-genkey-self.sh examples/ima-genkey.sh examples/ima-gen-local-ca.sh
+ EXTRA_DIST = autogen.sh $(doc_DATA)
diff --git a/patches/ima-evm-utils-0.9/0003-evmctl-read-inode-number-from-user.image-inode-numbe.patch b/patches/ima-evm-utils-0.9/0003-evmctl-read-inode-number-from-user.image-inode-numbe.patch
new file mode 100644
index 000000000..fd8d54d11
--- /dev/null
+++ b/patches/ima-evm-utils-0.9/0003-evmctl-read-inode-number-from-user.image-inode-numbe.patch
@@ -0,0 +1,116 @@
+From: Sascha Hauer <s.hauer@pengutronix.de>
+Date: Mon, 1 Dec 2014 15:23:21 +0100
+Subject: [PATCH] evmctl: read inode number from user.image-inode-number xattr
+
+mkfs.ubifs puts the inode numbers it uses during image generation
+in the extended attribute user.image-inode-number. Read the inode
+numbers back from this attribute in evmctl.
+
+Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
+---
+ src/evmctl.c    | 14 +++++++++++---
+ src/libimaevm.c | 20 ++++++++++++++++++++
+ 2 files changed, 31 insertions(+), 3 deletions(-)
+
+diff --git a/src/evmctl.c b/src/evmctl.c
+index 109b82ae102e..049b2e5ecf40 100644
+--- a/src/evmctl.c
++++ b/src/evmctl.c
+@@ -312,6 +312,8 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ 	char uuid[16];
+ 	struct h_misc_64 hmac_misc;
+ 	int hmac_size;
++	char buf[128] = {};
++	ino_t ino;
+ 
+ 	if (lstat(file, &st)) {
+ 		log_err("Failed to stat: %s\n", file);
+@@ -368,13 +370,19 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ 		}
+ 	}
+ 
++	err = lgetxattr(file, "user.image-inode-number", buf, sizeof(buf) - 1);
++	if (err > 0)
++		ino = strtoull(buf, NULL, 10);
++	else
++		ino = st.st_ino;
++
+ 	memset(&hmac_misc, 0, sizeof(hmac_misc));
+ 
+ 	if (msize == 0) {
+ 		struct h_misc *hmac = (struct h_misc *)&hmac_misc;
+ 
+ 		hmac_size = sizeof(*hmac);
+-		hmac->ino = st.st_ino;
++		hmac->ino = ino;
+ 		hmac->generation = generation;
+ 		hmac->uid = st.st_uid;
+ 		hmac->gid = st.st_gid;
+@@ -383,7 +391,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ 		struct h_misc_64 *hmac = (struct h_misc_64 *)&hmac_misc;
+ 
+ 		hmac_size = sizeof(*hmac);
+-		hmac->ino = st.st_ino;
++		hmac->ino = ino;
+ 		hmac->generation = generation;
+ 		hmac->uid = st.st_uid;
+ 		hmac->gid = st.st_gid;
+@@ -392,7 +400,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ 		struct h_misc_32 *hmac = (struct h_misc_32 *)&hmac_misc;
+ 
+ 		hmac_size = sizeof(*hmac);
+-		hmac->ino = st.st_ino;
++		hmac->ino = ino;
+ 		hmac->generation = generation;
+ 		hmac->uid = st.st_uid;
+ 		hmac->gid = st.st_gid;
+diff --git a/src/libimaevm.c b/src/libimaevm.c
+index 2ce819fb486b..f86f57db4b8c 100644
+--- a/src/libimaevm.c
++++ b/src/libimaevm.c
+@@ -40,6 +40,7 @@
+ 
+ /* should we use logger instead for library? */
+ #define USE_FPRINTF
++#define _GNU_SOURCE
+ 
+ #include <sys/types.h>
+ #include <sys/param.h>
+@@ -49,6 +50,7 @@
+ #include <dirent.h>
+ #include <string.h>
+ #include <stdio.h>
++#include <attr/xattr.h>
+ 
+ #include <openssl/pem.h>
+ #include <openssl/evp.h>
+@@ -219,11 +221,29 @@ static int add_dir_hash(const char *file, EVP_MD_CTX *ctx)
+ 	}
+ 
+ 	while ((de = readdir(dir))) {
++		char *name;
++		char buf[128] = {};
++
+ 		ino = de->d_ino;
+ 		off = de->d_off;
+ 		type = de->d_type;
+ 		log_debug("entry: %s, ino: %llu, type: %u, off: %llu, reclen: %hu\n",
+ 			  de->d_name, ino, type, off, de->d_reclen);
++
++		err = asprintf(&name, "%s/%s", file, de->d_name);
++		if (err == -1) {
++			log_err("failed to allocate mem\n");
++			return err;
++		}
++
++		err = lgetxattr(name, "user.image-inode-number", buf, sizeof(buf) - 1);
++		if (err > 0)
++			ino = strtoull(buf, NULL, 10);
++		else
++			ino = de->d_ino;
++
++		free(name);
++
+ 		err = EVP_DigestUpdate(ctx, de->d_name, strlen(de->d_name));
+ 		/*err |= EVP_DigestUpdate(ctx, &off, sizeof(off));*/
+ 		err |= EVP_DigestUpdate(ctx, &ino, sizeof(ino));
diff --git a/patches/ima-evm-utils-0.9/series b/patches/ima-evm-utils-0.9/series
index b57e76bcb..0271dc320 100644
--- a/patches/ima-evm-utils-0.9/series
+++ b/patches/ima-evm-utils-0.9/series
@@ -1,4 +1,6 @@
 # generated by git-ptx-patches
 #tag:base --start-number 1
-0001-HACK-don-t-generate-man-page.patch
-# 53f7d925720044f5251df422ec79d1c0  - git-ptx-patches magic
+0001-Makefile.am-rename-INCLUDES-AM_CPPFLAGS.patch
+0002-HACK-don-t-generate-man-page.patch
+0003-evmctl-read-inode-number-from-user.image-inode-numbe.patch
+# 2807af62c49fb547a2e674cb55644293  - git-ptx-patches magic
-- 
cgit v1.2.3