!57 fix reading of sigfile

From: @godvi 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee

backport-ima-evm-utils-Fix-reading-of-sigfile.patch

@@ -0,0 +1,35 @@
+From 210d1e02786302118661b6f4c9969b13112b100c Mon Sep 17 00:00:00 2001
+From: Vitaly Chikunov <vt@altlinux.org>
+Date: Sat, 12 Sep 2020 22:36:13 +0300
+Subject: [PATCH] ima-evm-utils: Fix reading of sigfile
+
+Fix reading of detached IMA signature (--sigfile). Error message:
+
+  Reading to sha1.txt.sig
+  Failed to fread 147 bytes: sha1.txt.sig
+  Failed reading: sha1.txt
+
+Reported-by: Mimi Zohar <zohar@linux.ibm.com>
+Fixes: 08a51e7460fd ("ima-evm-utils: Fix file2bin stat and fopen relations")
+
+Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
+---
+ src/evmctl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/evmctl.c b/src/evmctl.c
+index d92f2d0..4962040 100644
+--- a/src/evmctl.c
++++ b/src/evmctl.c
+@@ -235,7 +235,7 @@ static unsigned char *file2bin(const char *file, const char *ext, int *size)
+ 		fclose(fp);
+ 		return NULL;
+ 	}
+-	if (fread(data, len, 1, fp) != len) {
++	if (fread(data, len, 1, fp) != 1) {
+ 		log_err("Failed to fread %zu bytes: %s\n", len, name);
+ 		fclose(fp);
+ 		free(data);
+-- 
+2.27.0
+

fix-caps-parameter-cannot-be-parsed.patch

@@ -0,0 +1,33 @@
+From 40602a7926ec13819a5926d4ac451becb44b7d98 Mon Sep 17 00:00:00 2001
+From: shenxiangwei <shenxiangwei1@huawei.com>
+Date: Fri, 19 Aug 2022 12:05:11 +0800
+Subject: [PATCH] fix caps parameter cannot be parsed
+
+Signed-off-by: shenxiangwei <shenxiangwei1@huawei.com>
+---
+ src/evmctl.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/evmctl.c b/src/evmctl.c
+index 28f4b8d..6ef2f68 100644
+--- a/src/evmctl.c
++++ b/src/evmctl.c
+@@ -440,13 +440,13 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
+ 		} else if (!strcmp(*xattrname, XATTR_NAME_CAPS) && (hmac_flags & HMAC_FLAG_CAPS_SET)) {
+ 			if (!caps_str)
+ 				continue;
+-			err = strlen(caps_str);
++			hex2bin(xattr_value, caps_str, strlen(caps_str) >> 1);
++			err = strlen(caps_str) >> 1;
+ 			if (err >= sizeof(xattr_value)) {
+ 				log_err("caps[%u] value is too long to fit into xattr[%zu]\n",
+ 					err + 1, sizeof(xattr_value));
+ 				return -1;
+ 			}
+-			strcpy(xattr_value, caps_str);
+ 		} else {
+ 			err = lgetxattr(file, *xattrname, xattr_value, sizeof(xattr_value));
+ 			if (err < 0) {
+-- 
+2.27.0
+

ima-evm-utils.spec

@@ -1,6 +1,6 @@
 Name:         ima-evm-utils
 Version:      1.3.1
-Release:      6
+Release:      10
 Summary:      IMA/EVM control utilities
 Group:        System/Libraries
 License:      GPLv2
@@ -8,9 +8,12 @@ URL:          http://linux-ima.sourceforge.net/
 Source0:      http://sourceforge.net/projects/linux-ima/files/ima-evm-utils/%{name}-%{version}.tar.gz
 
 Patch9000:    add-save-command-and-support-IMA-digest-list.patch
+Patch9001:    fix-caps-parameter-cannot-be-parsed.patch
+Patch9002:    skip-test-error-in-docker.patch
+Patch9003:    backport-ima-evm-utils-Fix-reading-of-sigfile.patch
 
 BuildRequires: autoconf automake libtool m4 asciidoc libxslt openssl-devel
-BuildRequires: keyutils-libs-devel git ima-evm-utils vim-common
+BuildRequires: keyutils-libs-devel git vim-common
 Requires:     %{name}-libs = %{version}-%{release}
 
 %description
@@ -47,7 +50,6 @@ make %{?_smp_mflags}
 %install
 rm -rf %{buildroot}
 %make_install
-cp %{_libdir}/libimaevm.so.1* %{buildroot}/%{_libdir}
 
 %check
 make check
@@ -81,6 +83,18 @@ make check
 %doc %{_mandir}/*/*
 
 %changelog
+* Tue Jan 10 2023 shenxiangwei <shenxiangwei1@huawei.com> - 1.3.1-10
+- Fix reading of sigfile
+
+* Thu Nov 3 2022 shenxiangwei <shenxiangwei1@huawei.com> - 1.3.1-9
+- fix dependency problems
+
+* Mon Sep 26 2022 shenxiangwei <shenxiangwei1@huawei.com> - 1.3.1-8
+- Skip test error in docker
+
+* Fri Aug 19 2022 shenxiangwei <shenxiangwei1@huawei.com> - 1.3.1-7
+- Fix caps parameter cannot be parsed
+
 * Mon May 31 2021 Anakin Zhang <benjamin93@163.com> - 1.3.1-6
 - fix make check issue
 

skip-test-error-in-docker.patch

@@ -0,0 +1,57 @@
+From d3a4e24f6a2bac023f7e7c0eda403f0d8e25996d Mon Sep 17 00:00:00 2001
+From: shenxiangwei <shenxiangwei1@huawei.com>
+Date: Mon, 26 Sep 2022 19:36:25 +0800
+Subject: [PATCH] Skip test error in docker
+
+---
+ tests/ima_hash.test    |  5 +++++
+ tests/sign_verify.test | 10 ++++++++++
+ 2 files changed, 15 insertions(+)
+
+diff --git a/tests/ima_hash.test b/tests/ima_hash.test
+index 8d66e59..cd97e1d 100644
+--- a/tests/ima_hash.test
++++ b/tests/ima_hash.test
+@@ -24,6 +24,11 @@ trap _report_exit EXIT
+ set -f # disable globbing
+ 
+ check() {
++  cat /proc/fs/ext4/sda1/options | grep xattr
++  if [ `echo $?` -ne 0 ];then
++          return "$SKIP"
++  fi
++
+   local alg=$1 prefix=$2 chash=$3 hash
+   local file=$alg-hash.txt
+ 
+diff --git a/tests/sign_verify.test b/tests/sign_verify.test
+index 288e133..e1899df 100644
+--- a/tests/sign_verify.test
++++ b/tests/sign_verify.test
+@@ -130,6 +130,11 @@ check_sign() {
+   # PREFIX (signature header prefix in hex),
+   # OPTS (additional options for evmctl),
+   # FILE (working file to sign).
++  cat /proc/fs/ext4/sda1/options | grep xattr
++  if [ `echo $?` -ne 0 ];then
++          return "$SKIP"
++  fi
++
+   local "$@"
+   local KEY=${KEY%.*}.key
+   local FILE=${FILE:-$ALG.txt}
+@@ -225,6 +230,11 @@ check_verify() {
+   # ALG (hash algo),
+   # OPTS (additional options for evmctl),
+   # FILE (filename to verify).
++  cat /proc/fs/ext4/sda1/options | grep xattr
++  if [ `echo $?` -ne 0 ];then
++	  return "$SKIP"
++  fi
++
+   local "$@"
+ 
+   # shellcheck disable=SC2086
+-- 
+2.37.3.windows.1
+