Re: [patch] security: ima_file_mmap() don't just return zero

From: Vikram Dhillon
Date: Sat Mar 06 2010 - 16:30:43 EST

Next message: Rafael J. Wysocki: "[Q] How to tell we're using the KMS (during suspend/resume) outside the graphics driver"
Previous message: Linus Torvalds: "Re: Please pull logfs tree"
In reply to: Dan Carpenter: "[patch] security: ima_file_mmap() don't just return zero"
Next in thread: Vikram Dhillon: "Re: [patch] security: ima_file_mmap() don't just return zero"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Mar 6, 2010 at 6:21 AM, Dan Carpenter <error27@xxxxxxxxx> wrote:
> It seems like we should return an error here. ÂThat's what the comment
> says we should do.
>
> I also removed an out of date comment. ÂIt wasn't needed and seemed likely
> to get out of date again.
>
> Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>
> ---
> This was found with a static checker and I have only compile tested it.
> The callers all seem to use the return code, but please review carefully.
> The code has been like this since the module was merged.
>
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 294b005..90d5314 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -260,18 +260,17 @@ out:
> Â* policy decision.
> Â*
> Â* Return 0 on success, an error code on failure.
> - * (Based on the results of appraise_measurement().)
> Â*/
> Âint ima_file_mmap(struct file *file, unsigned long prot)
> Â{
> - Â Â Â int rc;
> + Â Â Â int rc = 0;
>
> Â Â Â Âif (!file)
> Â Â Â Â Â Â Â Âreturn 0;
> Â Â Â Âif (prot & PROT_EXEC)
> Â Â Â Â Â Â Â Ârc = process_measurement(file, file->f_dentry->d_name.name,
> Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â MAY_EXEC, FILE_MMAP);
> - Â Â Â return 0;
> + Â Â Â return rc;
> Â}
>
> Â/**
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at Âhttp://vger.kernel.org/majordomo-info.html
>

Looks good, and nice work here :)

Acked-by: Vikram Dhillon <dhillonv10@xxxxxxxxx>

--
Regards,
Vikram Dhillon

~~~
There are lots of Linux users who don't care how the kernel works, but
only want to use it. That is a tribute to how good Linux is.
-- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "[Q] How to tell we're using the KMS (during suspend/resume) outside the graphics driver"
Previous message: Linus Torvalds: "Re: Please pull logfs tree"
In reply to: Dan Carpenter: "[patch] security: ima_file_mmap() don't just return zero"
Next in thread: Vikram Dhillon: "Re: [patch] security: ima_file_mmap() don't just return zero"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]