Re: [PATCH] IMA: Fix error in comment

From: Jarkko Sakkinen
Date: Tue Mar 30 2021 - 22:55:19 EST


On Tue, Mar 30, 2021 at 08:08:45AM +0200, Ricardo Ribalda wrote:
> ima_file_mprotect does not return EACCES but EPERM.
>
> Signed-off-by: Ricardo Ribalda <ribalda@xxxxxxxxxxxx>


Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>

/Jarkko

> ---
> security/integrity/ima/ima_main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 9ef748ea829f..716ea29cf897 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -409,7 +409,7 @@ int ima_file_mmap(struct file *file, unsigned long prot)
> * this point. Eliminate this integrity gap by denying the mprotect
> * PROT_EXECUTE change, if an mmap appraise policy rule exists.
> *
> - * On mprotect change success, return 0. On failure, return -EACESS.
> + * On mprotect change success, return 0. On failure, return -EPERM.
> */
> int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
> {
> --
> 2.31.0.291.g576ba9dcdaf-goog
>
>