diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2013-04-30 16:27:51 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2013-04-30 16:27:51 -0700 |
| commit | 2e1deaad1e48453cea782854ab87df3f78c121c2 (patch) | |
| tree | da0fe592dcc9ef6b0c4cd104a67af3c1d9e4c5d5 /security/integrity/ima/ima_main.c | |
| parent | 50528fabeb25f9883e2845f5147f5e00a1c57cf7 (diff) | |
| parent | b7ae9f064bec903bd4a9f257a35da4d1e9bbcc99 (diff) | |
| download | olio-linux-3.10-2e1deaad1e48453cea782854ab87df3f78c121c2.tar.xz olio-linux-3.10-2e1deaad1e48453cea782854ab87df3f78c121c2.zip | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem update from James Morris:
"Just some minor updates across the subsystem"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
ima: eliminate passing d_name.name to process_measurement()
TPM: Retry SaveState command in suspend path
tpm/tpm_i2c_infineon: Add small comment about return value of __i2c_transfer
tpm/tpm_i2c_infineon.c: Add OF attributes type and name to the of_device_id table entries
tpm_i2c_stm_st33: Remove duplicate inclusion of header files
tpm: Add support for new Infineon I2C TPM (SLB 9645 TT 1.2 I2C)
char/tpm: Convert struct i2c_msg initialization to C99 format
drivers/char/tpm/tpm_ppi: use strlcpy instead of strncpy
tpm/tpm_i2c_stm_st33: formatting and white space changes
Smack: include magic.h in smackfs.c
selinux: make security_sb_clone_mnt_opts return an error on context mismatch
seccomp: allow BPF_XOR based ALU instructions.
Fix NULL pointer dereference in smack_inode_unlink() and smack_inode_rmdir()
Smack: add support for modification of existing rules
smack: SMACK_MAGIC to include/uapi/linux/magic.h
Smack: add missing support for transmute bit in smack_str_from_perm()
Smack: prevent revoke-subject from failing when unseen label is written to it
tomoyo: use DEFINE_SRCU() to define tomoyo_ss
tomoyo: use DEFINE_SRCU() to define tomoyo_ss
Diffstat (limited to 'security/integrity/ima/ima_main.c')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 3b3b7e6bf8d..6c491a63128 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -189,11 +189,9 @@ static int process_measurement(struct file *file, const char *filename, if (rc != 0) goto out_digsig; - if (function != BPRM_CHECK) - pathname = ima_d_path(&file->f_path, &pathbuf); - + pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename; if (!pathname) - pathname = filename; + pathname = (const char *)file->f_dentry->d_name.name; if (action & IMA_MEASURE) ima_store_measurement(iint, file, pathname); @@ -226,8 +224,7 @@ out: int ima_file_mmap(struct file *file, unsigned long prot) { if (file && (prot & PROT_EXEC)) - return process_measurement(file, file->f_dentry->d_name.name, - MAY_EXEC, MMAP_CHECK); + return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK); return 0; } @@ -265,7 +262,7 @@ int ima_bprm_check(struct linux_binprm *bprm) int ima_file_check(struct file *file, int mask) { ima_rdwr_violation_check(file); - return process_measurement(file, file->f_dentry->d_name.name, + return process_measurement(file, NULL, mask & (MAY_READ | MAY_WRITE | MAY_EXEC), FILE_CHECK); } @@ -290,8 +287,7 @@ int ima_module_check(struct file *file) #endif return 0; /* We rely on module signature checking */ } - return process_measurement(file, file->f_dentry->d_name.name, - MAY_EXEC, MODULE_CHECK); + return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK); } static int __init init_ima(void) |