Skip to content

main: only read uuid from KeylimeConfig #486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ansasaki merged 1 commit into from
Dec 9, 2022
Merged

main: only read uuid from KeylimeConfig #486

ansasaki merged 1 commit into from
Dec 9, 2022

Conversation

@THS-on
Copy link
Member

@THS-on THS-on commented Dec 7, 2022

The main function also had a local variable called uuid. This variable
contained either the provided uuid or when "hash_ek" was set the sha256 hash
of the EK. We never updated the KeylimeConfig struct which caused a mismatch
between uuids used in the program. Instead we now mutate the KeylimeConfig
when "hash_ek" is set to the correct value.

@kkaarreell kkaarreell mentioned this pull request Dec 8, 2022
Closed
aplanas
aplanas reviewed Dec 8, 2022
View reviewed changes
@kkaarreell
Copy link
Contributor

kkaarreell commented Dec 8, 2022

I have tried to implement reproducer for this issue in keylime-tests but my test scenario is failing even with this fix.
RedHat-SP-Security/keylime-tests#272

@THS-on
Copy link
Member Author

THS-on commented Dec 9, 2022

The issue was with the reproducer and not the fix, if I see that correctly.

@kkaarreell
Copy link
Contributor

kkaarreell commented Dec 9, 2022

I have tried to implement reproducer for this issue in keylime-tests but my test scenario is failing even with this fix. RedHat-SP-Security/keylime-tests#272

Yes, false alarm. I am sorry for that

@THS-on @ansasaki
main: only read uuid from KeylimeConfig
8d4ee27 
The main function also had a local variable called uuid. This variable
contained either the provided uuid or when "hash_ek" was set the sha256 hash
of the EK. We never updated the KeylimeConfig struct which caused a mismatch
between uuids used in the program. Instead we now mutate the KeylimeConfig
when "hash_ek" is set to the correct value.

Signed-off-by: Thore Sommer <mail@thson.de>
@ansasaki ansasaki merged commit e80c67a into keylime:master Dec 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aplanas aplanas aplanas approved these changes

@ansasaki ansasaki ansasaki approved these changes

@lukehinds lukehinds Awaiting requested review from lukehinds

@puiterwijk puiterwijk Awaiting requested review from puiterwijk

Assignees

@puiterwijk puiterwijk

@lukehinds lukehinds

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@THS-on @kkaarreell @aplanas @ansasaki @puiterwijk @lukehinds