Re: [patch] security: ima_file_mmap() don't just return zero
From: Vikram Dhillon
Date: Sat Mar 06 2010 - 16:30:43 EST
On Sat, Mar 6, 2010 at 6:21 AM, Dan Carpenter <error27@xxxxxxxxx> wrote:
> It seems like we should return an error here. ÂThat's what the comment
> says we should do.
> I also removed an out of date comment. ÂIt wasn't needed and seemed likely
> to get out of date again.
> Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>
> This was found with a static checker and I have only compile tested it.
> The callers all seem to use the return code, but please review carefully.
> The code has been like this since the module was merged.
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 294b005..90d5314 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -260,18 +260,17 @@ out:
> Â* policy decision.
> Â* Return 0 on success, an error code on failure.
> - * (Based on the results of appraise_measurement().)
> Âint ima_file_mmap(struct file *file, unsigned long prot)
> - Â Â Â int rc;
> + Â Â Â int rc = 0;
> Â Â Â Âif (!file)
> Â Â Â Â Â Â Â Âreturn 0;
> Â Â Â Âif (prot & PROT_EXEC)
> Â Â Â Â Â Â Â Ârc = process_measurement(file, file->f_dentry->d_name.name,
> Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â MAY_EXEC, FILE_MMAP);
> - Â Â Â return 0;
> + Â Â Â return rc;
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at Âhttp://vger.kernel.org/majordomo-info.html
Looks good, and nice work here :)
Acked-by: Vikram Dhillon <dhillonv10@xxxxxxxxx>
There are lots of Linux users who don't care how the kernel works, but
only want to use it. That is a tribute to how good Linux is.
-- Linus Torvalds
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/