Re: [PATCH] IMA: Fix error in comment

From: Jarkko Sakkinen
Date: Tue Mar 30 2021 - 22:55:19 EST

Next message: Jarkko Sakkinen: "Re: [PATCH v3 1/3] keys: cleanup build time module signing keys"
Previous message: Matthew Wilcox: "Re: BUG_ON(!mapping_empty(&inode->i_data))"
In reply to: Ricardo Ribalda: "[PATCH] IMA: Fix error in comment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 30, 2021 at 08:08:45AM +0200, Ricardo Ribalda wrote:
> ima_file_mprotect does not return EACCES but EPERM.
>
> Signed-off-by: Ricardo Ribalda <ribalda@xxxxxxxxxxxx>

Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>

/Jarkko

> ---
> security/integrity/ima/ima_main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 9ef748ea829f..716ea29cf897 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -409,7 +409,7 @@ int ima_file_mmap(struct file *file, unsigned long prot)
> * this point. Eliminate this integrity gap by denying the mprotect
> * PROT_EXECUTE change, if an mmap appraise policy rule exists.
> *
> - * On mprotect change success, return 0. On failure, return -EACESS.
> + * On mprotect change success, return 0. On failure, return -EPERM.
> */
> int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
> {
> --
> 2.31.0.291.g576ba9dcdaf-goog
>
>

Next message: Jarkko Sakkinen: "Re: [PATCH v3 1/3] keys: cleanup build time module signing keys"
Previous message: Matthew Wilcox: "Re: BUG_ON(!mapping_empty(&inode->i_data))"
In reply to: Ricardo Ribalda: "[PATCH] IMA: Fix error in comment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]