diff options
| author | Dmitry Kasatkin <d.kasatkin@samsung.com> | 2013-04-25 10:44:04 +0300 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-10-25 17:17:00 -0400 |
| commit | a35c3fb6490cc1d3446e4781693408100113c4fb (patch) | |
| tree | 03234f8b7ebaf3cb98bf77f999b8a5284d4dadbc /security/integrity/integrity.h | |
| parent | b1aaab22e263d0cca1effe319b7d2bf895444219 (diff) | |
| download | talos-op-linux-a35c3fb6490cc1d3446e4781693408100113c4fb.tar.gz talos-op-linux-a35c3fb6490cc1d3446e4781693408100113c4fb.zip | |
ima: use dynamically allocated hash storage
For each inode in the IMA policy, an iint is allocated. To support
larger hash digests, the iint digest size changed from 20 bytes to
the maximum supported hash digest size. Instead of allocating the
maximum size, which most likely is not needed, this patch dynamically
allocates the needed hash storage.
Changelog:
- fix krealloc bug
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity/integrity.h')
| -rw-r--r-- | security/integrity/integrity.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h index aead6b2b5488..5429ca59125b 100644 --- a/security/integrity/integrity.h +++ b/security/integrity/integrity.h @@ -67,7 +67,7 @@ struct ima_digest_data { u8 algo; u8 length; u8 type; - u8 digest[IMA_MAX_DIGEST_SIZE]; + u8 digest[0]; } __packed; /* @@ -93,7 +93,7 @@ struct integrity_iint_cache { enum integrity_status ima_bprm_status:4; enum integrity_status ima_module_status:4; enum integrity_status evm_status:4; - struct ima_digest_data ima_hash; + struct ima_digest_data *ima_hash; }; /* rbtree tree calls to lookup, insert, delete |
