mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-10-04 08:08:54 +00:00
IMA: open new file for read
When creating a new file, ima_path_check() assumed the new file was being opened for write. Call ima_path_check() with the appropriate acc_mode so that the read/write counters are incremented correctly. Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
ee18d64c1f
commit
6c1488fd58
1 changed files with 4 additions and 2 deletions
|
@ -1533,9 +1533,11 @@ int may_open(struct path *path, int acc_mode, int flag)
|
||||||
if (error)
|
if (error)
|
||||||
return error;
|
return error;
|
||||||
|
|
||||||
error = ima_path_check(path,
|
error = ima_path_check(path, acc_mode ?
|
||||||
acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC),
|
acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) :
|
||||||
|
ACC_MODE(flag) & (MAY_READ | MAY_WRITE),
|
||||||
IMA_COUNT_UPDATE);
|
IMA_COUNT_UPDATE);
|
||||||
|
|
||||||
if (error)
|
if (error)
|
||||||
return error;
|
return error;
|
||||||
/*
|
/*
|
||||||
|
|
Loading…
Reference in a new issue