IMA & truncate

From: Dmitry Kasatkin
Date: Tue May 06 2014 - 09:31:54 EST

Next message: David Herrmann: "Re: Atomicity in KMS panic notifier"
Previous message: Nishanth Menon: "Re: [PATCH v2 0/2] clk: Support for Palmas clk32kg and clk32kgaudio clocks"
Next in thread: Javier González: "Re: IMA & truncate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I have discovered one IMA related issue.

IMA file hash is re-calculate if needed on file close.

It works with ftruncate(fd, length) syscall, because it operates on
"opened" file.
Recalculation is happening on file close.

truncate(path, length) syscall works with path and no file open/close
takes place.
Recalculation does not happen.
IMA denies file access later.

It looks like vfs_truncate() should possibly call IMA to recalculate the
hash.

- Dmitry

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Herrmann: "Re: Atomicity in KMS panic notifier"
Previous message: Nishanth Menon: "Re: [PATCH v2 0/2] clk: Support for Palmas clk32kg and clk32kgaudio clocks"
Next in thread: Javier González: "Re: IMA & truncate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]