aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/ima_main.c')
-rw-r--r--security/integrity/ima/ima_main.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index d743c9a0a4b4..cd00ba39e8e0 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -175,12 +175,12 @@ static int process_measurement(struct file *file, const char *filename,
175 if (!action) { 175 if (!action) {
176 if (iint->flags & IMA_APPRAISED) 176 if (iint->flags & IMA_APPRAISED)
177 rc = iint->ima_status; 177 rc = iint->ima_status;
178 goto out; 178 goto out_digsig;
179 } 179 }
180 180
181 rc = ima_collect_measurement(iint, file); 181 rc = ima_collect_measurement(iint, file);
182 if (rc != 0) 182 if (rc != 0)
183 goto out; 183 goto out_digsig;
184 184
185 if (function != BPRM_CHECK) 185 if (function != BPRM_CHECK)
186 pathname = ima_d_path(&file->f_path, &pathbuf); 186 pathname = ima_d_path(&file->f_path, &pathbuf);
@@ -195,6 +195,9 @@ static int process_measurement(struct file *file, const char *filename,
195 if (action & IMA_AUDIT) 195 if (action & IMA_AUDIT)
196 ima_audit_measurement(iint, pathname); 196 ima_audit_measurement(iint, pathname);
197 kfree(pathbuf); 197 kfree(pathbuf);
198out_digsig:
199 if ((mask & MAY_WRITE) && (iint->flags & IMA_DIGSIG))
200 rc = -EACCES;
198out: 201out:
199 mutex_unlock(&inode->i_mutex); 202 mutex_unlock(&inode->i_mutex);
200 if ((rc && must_appraise) && (ima_appraise & IMA_APPRAISE_ENFORCE)) 203 if ((rc && must_appraise) && (ima_appraise & IMA_APPRAISE_ENFORCE))
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-16 23:56:41 -0500