summaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_main.c
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2013-04-15 11:27:20 -0400
committerJames Morris <james.l.morris@oracle.com>2013-04-17 17:20:57 -0700
commitdf2c2afba4fa867616436364633c7612ccfba84b (patch)
tree7a5c2c9656a734e69d95ce43a5663995f7878fc7 /security/integrity/ima/ima_main.c
parent958d2c2f4ad905e3ffa1711d19184d21d9b00cc1 (diff)
downloadlwn-df2c2afba4fa867616436364633c7612ccfba84b.tar.gz
lwn-df2c2afba4fa867616436364633c7612ccfba84b.zip
ima: eliminate passing d_name.name to process_measurement()
Passing a pointer to the dentry name, as a parameter to process_measurement(), causes a race condition with rename() and is unnecessary, as the dentry name is already accessible via the file parameter. In the normal case, we use the full pathname as provided by brpm->filename, bprm->interp, or ima_d_path(). Only on ima_d_path() failure, do we fallback to using the d_name.name, which points either to external memory or d_iname. Reported-by: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'security/integrity/ima/ima_main.c')
-rw-r--r--security/integrity/ima/ima_main.c14
1 files changed, 5 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 3b3b7e6bf8da..6c491a63128e 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -189,11 +189,9 @@ static int process_measurement(struct file *file, const char *filename,
if (rc != 0)
goto out_digsig;
- if (function != BPRM_CHECK)
- pathname = ima_d_path(&file->f_path, &pathbuf);
-
+ pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename;
if (!pathname)
- pathname = filename;
+ pathname = (const char *)file->f_dentry->d_name.name;
if (action & IMA_MEASURE)
ima_store_measurement(iint, file, pathname);
@@ -226,8 +224,7 @@ out:
int ima_file_mmap(struct file *file, unsigned long prot)
{
if (file && (prot & PROT_EXEC))
- return process_measurement(file, file->f_dentry->d_name.name,
- MAY_EXEC, MMAP_CHECK);
+ return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK);
return 0;
}
@@ -265,7 +262,7 @@ int ima_bprm_check(struct linux_binprm *bprm)
int ima_file_check(struct file *file, int mask)
{
ima_rdwr_violation_check(file);
- return process_measurement(file, file->f_dentry->d_name.name,
+ return process_measurement(file, NULL,
mask & (MAY_READ | MAY_WRITE | MAY_EXEC),
FILE_CHECK);
}
@@ -290,8 +287,7 @@ int ima_module_check(struct file *file)
#endif
return 0; /* We rely on module signature checking */
}
- return process_measurement(file, file->f_dentry->d_name.name,
- MAY_EXEC, MODULE_CHECK);
+ return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK);
}
static int __init init_ima(void)