mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-10 10:39:26 +00:00
Code Issues Releases Wiki Activity
linux-stable/security/integrity
History
Goldwyn Rodrigues 8b259b9965 ima: open a new file instance if no read permissions 
commit a408e4a86b upstream.

Open a new file instance as opposed to changing file->f_mode when
the file is not readable.  This is done to accomodate overlayfs
stacked file operations change.  The real struct file is hidden
behind the overlays struct file.  So, any file->f_mode manipulations are
not reflected on the real struct file.  Open the file again in read mode
if original file cannot be read, read and calculate the hash.

Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
Cc: stable@vger.kernel.org (linux-4.19)
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-11-13 11:08:46 -08:00
..
evm EVM: fix return value check in evm_write_xattrs() 2018-07-22 14:49:11 -04:00
ima ima: open a new file instance if no read permissions 2018-11-13 11:08:46 -08:00
digsig.c integrity/security: fix digsig.c build error with header file 2018-02-22 20:09:08 -08:00
digsig_asymmetric.c integrity: prevent deadlock during digsig verification. 2018-07-18 07:27:22 -04:00
iint.c integrity: silence warning when CONFIG_SECURITYFS is not enabled 2018-07-18 07:27:22 -04:00
integrity.h ima: Do not audit if CONFIG_INTEGRITY_AUDIT is not set 2018-07-18 07:27:22 -04:00
integrity_audit.c ima: Use audit_log_format() rather than audit_log_string() 2018-07-18 07:27:22 -04:00
Kconfig security: integrity: Remove select to deleted option PUBLIC_KEY_ALGO_RSA 2016-04-12 19:54:58 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00