[GIT] Security subsystem: IMA bugfix

From: James Morris
Date: Fri Oct 05 2012 - 08:42:55 EST

Next message: Borislav Petkov: "Re: [RFC] perf: perf_event_attr anon unions and static initializerissue"
Previous message: Linus Walleij: "Re: [PATCH][GPIO] Add IRQ edge setter to gpiolib"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

PLease pull this bugfix for the Integrity code.

The following changes since commit ecefbd94b834fa32559d854646d777c56749ef1c:
Linus Torvalds (1):
Merge tag 'kvm-3.7-1' of git://git.kernel.org/pub/scm/virt/kvm/kvm

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git for-linus

Dmitry Kasatkin (1):
ima: fix bug in argument order

security/integrity/ima/ima.h | 6 +++---
security/integrity/ima/ima_appraise.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)

commit d26e1936227b538a1691b978566ef269aef10853
Author: Dmitry Kasatkin <dmitry.kasatkin@xxxxxxxxx>
Date: Thu Sep 27 18:26:53 2012 +0300

ima: fix bug in argument order

mask argument goes first, then func, like ima_must_measure
and ima_get_action. ima_inode_post_setattr() assumes that.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@xxxxxxxxx>
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Signed-off-by: James Morris <james.l.morris@xxxxxxxxxx>

diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 8180add..6ee8826 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -143,7 +143,7 @@ void ima_delete_rules(void);
#ifdef CONFIG_IMA_APPRAISE
int ima_appraise_measurement(struct integrity_iint_cache *iint,
struct file *file, const unsigned char *filename);
-int ima_must_appraise(struct inode *inode, enum ima_hooks func, int mask);
+int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func);
void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file);

#else
@@ -154,8 +154,8 @@ static inline int ima_appraise_measurement(struct integrity_iint_cache *iint,
return INTEGRITY_UNKNOWN;
}

-static inline int ima_must_appraise(struct inode *inode,
- enum ima_hooks func, int mask)
+static inline int ima_must_appraise(struct inode *inode, int mask,
+ enum ima_hooks func)
{
return 0;
}
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 0aa43bd..bdc8ba1 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -34,7 +34,7 @@ __setup("ima_appraise=", default_appraise_setup);
*
* Return 1 to appraise
*/
-int ima_must_appraise(struct inode *inode, enum ima_hooks func, int mask)
+int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func)
{
if (!ima_appraise)
return 0;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Borislav Petkov: "Re: [RFC] perf: perf_event_attr anon unions and static initializerissue"
Previous message: Linus Walleij: "Re: [PATCH][GPIO] Add IRQ edge setter to gpiolib"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]