aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2009-09-02 11:40:32 -0400
committerJames Morris <jmorris@namei.org>2009-09-02 22:06:12 -0400
commit6c1488fd581a447ec87c4b59f0d33f95f0aa441b (patch)
treeae7229de1dc5582413e76f45ffdc04ae941e1daa
parentee18d64c1f632043a02e6f5ba5e045bb26a5465f (diff)
IMA: open new file for read
When creating a new file, ima_path_check() assumed the new file was being opened for write. Call ima_path_check() with the appropriate acc_mode so that the read/write counters are incremented correctly. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--fs/namei.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/fs/namei.c b/fs/namei.c
index f3c5b278895a..ee01308a01d1 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1533,9 +1533,11 @@ int may_open(struct path *path, int acc_mode, int flag)
1533 if (error) 1533 if (error)
1534 return error; 1534 return error;
1535 1535
1536 error = ima_path_check(path, 1536 error = ima_path_check(path, acc_mode ?
1537 acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC), 1537 acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) :
1538 ACC_MODE(flag) & (MAY_READ | MAY_WRITE),
1538 IMA_COUNT_UPDATE); 1539 IMA_COUNT_UPDATE);
1540
1539 if (error) 1541 if (error)
1540 return error; 1542 return error;
1541 /* 1543 /*