Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security layer updates from James Morris: "In terms of changes, there's general maintenance to the Smack, SELinux, and integrity code. The IMA code adds a new kconfig option, IMA_APPRAISE_SIGNED_INIT, which allows IMA appraisal to require signatures. Support for reading keys from rootfs before init is call is also added" * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (23 commits) selinux: Remove security_ops extern security: smack: fix out-of-bounds access in smk_parse_smack() VFS: refactor vfs_read() ima: require signature based appraisal integrity: provide a hook to load keys when rootfs is ready ima: load x509 certificate from the kernel integrity: provide a function to load x509 certificate from the kernel integrity: define a new function integrity_read_file() Security: smack: replace kzalloc with kmem_cache for inode_smack Smack: Lock mode for the floor and hat labels ima: added support for new kernel cmdline parameter ima_template_fmt ima: allocate field pointers array on demand in template_desc_init_fields() ima: don't allocate a copy of template_fmt in template_desc_init_fields() ima: display template format in meas. list if template name length is zero ima: added error messages to template-related functions ima: use atomic bit operations to protect policy update interface ima: ignore empty and with whitespaces policy lines ima: no need to allocate entry for comment ima: report policy load status ima: use path names cache ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2014-12-14 23:36:37 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2014-12-14 23:36:37 -0500
commit: 67e2c3883828b39548cee2091b36656787775d95 (patch)
tree: 975a0f546a604beda30d4ede34f8e9cca9a88b71 /fs/read_write.c
parent: 6ae840e7cc4be0be3aa40d9f67c35c75cfc67d83 (diff)
parent: b2d1965dcea148100ffc4e7199470bf5fad13871 (diff)
1 files changed, 18 insertions, 6 deletions
diff --git a/fs/read_write.c b/fs/read_write.c
index 7d9318c3d43c..c0805c93b6fa 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -412,6 +412,23 @@ ssize_t new_sync_read(struct file *filp, char __user *buf, size_t len, loff_t *p
 EXPORT_SYMBOL(new_sync_read);
+ssize_t __vfs_read(struct file *file, char __user *buf, size_t count,
+                   loff_t *pos)
+{
+        ssize_t ret;
+        if (file->f_op->read)
+                ret = file->f_op->read(file, buf, count, pos);
+        else if (file->f_op->aio_read)
+                ret = do_sync_read(file, buf, count, pos);
+        else if (file->f_op->read_iter)
+                ret = new_sync_read(file, buf, count, pos);
+        else
+                ret = -EINVAL;
+        return ret;
+}
 ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos)
 {
        ssize_t ret;
@@ -426,12 +443,7 @@ ssize_t vfs_read(struct file *file, char __user *buf, size_t count, loff_t *pos)
        ret = rw_verify_area(READ, file, pos, count);
        if (ret >= 0) {
                count = ret;
-                if (file->f_op->read)
+                ret = __vfs_read(file, buf, count, pos);
-                        ret = file->f_op->read(file, buf, count, pos);
-                else if (file->f_op->aio_read)
-                        ret = do_sync_read(file, buf, count, pos);
-                else
-                        ret = new_sync_read(file, buf, count, pos);
                if (ret > 0) {
                        fsnotify_access(file);
                        add_rchar(current, ret);
author	Linus Torvalds <torvalds@linux-foundation.org>	2014-12-14 23:36:37 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2014-12-14 23:36:37 -0500
commit	67e2c3883828b39548cee2091b36656787775d95 (patch)
tree	975a0f546a604beda30d4ede34f8e9cca9a88b71 /fs/read_write.c
parent	6ae840e7cc4be0be3aa40d9f67c35c75cfc67d83 (diff)
parent	b2d1965dcea148100ffc4e7199470bf5fad13871 (diff)