diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-04-15 11:27:20 -0400 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2013-04-17 20:20:57 -0400 |
| commit | df2c2afba4fa867616436364633c7612ccfba84b (patch) | |
| tree | 7a5c2c9656a734e69d95ce43a5663995f7878fc7 /security/integrity/ima | |
| parent | 958d2c2f4ad905e3ffa1711d19184d21d9b00cc1 (diff) | |
ima: eliminate passing d_name.name to process_measurement()
Passing a pointer to the dentry name, as a parameter to
process_measurement(), causes a race condition with rename() and
is unnecessary, as the dentry name is already accessible via the
file parameter.
In the normal case, we use the full pathname as provided by
brpm->filename, bprm->interp, or ima_d_path(). Only on ima_d_path()
failure, do we fallback to using the d_name.name, which points
either to external memory or d_iname.
Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security/integrity/ima')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 3b3b7e6bf8da..6c491a63128e 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
| @@ -189,11 +189,9 @@ static int process_measurement(struct file *file, const char *filename, | |||
| 189 | if (rc != 0) | 189 | if (rc != 0) |
| 190 | goto out_digsig; | 190 | goto out_digsig; |
| 191 | 191 | ||
| 192 | if (function != BPRM_CHECK) | 192 | pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename; |
| 193 | pathname = ima_d_path(&file->f_path, &pathbuf); | ||
| 194 | |||
| 195 | if (!pathname) | 193 | if (!pathname) |
| 196 | pathname = filename; | 194 | pathname = (const char *)file->f_dentry->d_name.name; |
| 197 | 195 | ||
| 198 | if (action & IMA_MEASURE) | 196 | if (action & IMA_MEASURE) |
| 199 | ima_store_measurement(iint, file, pathname); | 197 | ima_store_measurement(iint, file, pathname); |
| @@ -226,8 +224,7 @@ out: | |||
| 226 | int ima_file_mmap(struct file *file, unsigned long prot) | 224 | int ima_file_mmap(struct file *file, unsigned long prot) |
| 227 | { | 225 | { |
| 228 | if (file && (prot & PROT_EXEC)) | 226 | if (file && (prot & PROT_EXEC)) |
| 229 | return process_measurement(file, file->f_dentry->d_name.name, | 227 | return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK); |
| 230 | MAY_EXEC, MMAP_CHECK); | ||
| 231 | return 0; | 228 | return 0; |
| 232 | } | 229 | } |
| 233 | 230 | ||
| @@ -265,7 +262,7 @@ int ima_bprm_check(struct linux_binprm *bprm) | |||
| 265 | int ima_file_check(struct file *file, int mask) | 262 | int ima_file_check(struct file *file, int mask) |
| 266 | { | 263 | { |
| 267 | ima_rdwr_violation_check(file); | 264 | ima_rdwr_violation_check(file); |
| 268 | return process_measurement(file, file->f_dentry->d_name.name, | 265 | return process_measurement(file, NULL, |
| 269 | mask & (MAY_READ | MAY_WRITE | MAY_EXEC), | 266 | mask & (MAY_READ | MAY_WRITE | MAY_EXEC), |
| 270 | FILE_CHECK); | 267 | FILE_CHECK); |
| 271 | } | 268 | } |
| @@ -290,8 +287,7 @@ int ima_module_check(struct file *file) | |||
| 290 | #endif | 287 | #endif |
| 291 | return 0; /* We rely on module signature checking */ | 288 | return 0; /* We rely on module signature checking */ |
| 292 | } | 289 | } |
| 293 | return process_measurement(file, file->f_dentry->d_name.name, | 290 | return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK); |
| 294 | MAY_EXEC, MODULE_CHECK); | ||
| 295 | } | 291 | } |
| 296 | 292 | ||
| 297 | static int __init init_ima(void) | 293 | static int __init init_ima(void) |