mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/security/integrity
History
Dmitry Kasatkin 0f34a0060a ima: check ima_policy_flag in the ima_file_free() hook 
This patch completes the switching to the 'ima_policy_flag' variable
in the checks at the beginning of IMA functions, starting with the
commit a756024e.

Checking 'iint_initialized' is completely unnecessary, because
S_IMA flag is unset if iint was not allocated. At the same time
the integrity cache is allocated with SLAB_PANIC and the kernel will
panic if the allocation fails during kernel initialization. So on
a running system iint_initialized is always true and can be removed.

Changes in v3:
* not limiting test to IMA_APPRAISE (spotted by Roberto Sassu)

Changes in v2:
* 'iint_initialized' removal patch merged to this patch (requested
   by Mimi)

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Acked-by: Roberto Sassu <roberto.sassu@polito.it>
 		2014-10-07 14:32:52 -04:00
..
evm integrity: base integrity subsystem kconfig options on integrity 2014-09-09 10:28:56 -04:00
ima ima: check ima_policy_flag in the ima_file_free() hook 2014-10-07 14:32:52 -04:00
Kconfig integrity: base integrity subsystem kconfig options on integrity 2014-09-09 10:28:56 -04:00
Makefile integrity: make integrity files as 'integrity' module 2014-09-09 10:28:58 -04:00
digsig.c ima: define '.ima' as a builtin 'trusted' keyring 2014-07-17 09:35:17 -04:00
digsig_asymmetric.c integrity: do zero padding of the key id 2014-10-06 17:33:27 +01:00
iint.c ima: check ima_policy_flag in the ima_file_free() hook 2014-10-07 14:32:52 -04:00
integrity.h ima: check ima_policy_flag in the ima_file_free() hook 2014-10-07 14:32:52 -04:00
integrity_audit.c Merge git://git.infradead.org/users/eparis/audit 2014-04-12 12:38:53 -07:00