IMA: don't propagate opened through the entire thing

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

just check ->f_mode in ima_appraise_measurement()

Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Al Viro 7 years ago 6035a27b 73a09dd9

+16 -17

6 changed files

expand all

namei.c

nfsd

vfs.c

include

linux

ima.h

security

integrity

ima

ima.h

ima_appraise.c

ima_main.c

+1 -2

fs/namei.c

··· 3400 3400 if (error) 3401 3401 goto out; 3402 3402 opened: 3403 - error = ima_file_check(file, op->acc_mode, 3404 - file->f_mode & FMODE_CREATED ? FILE_CREATED : 0); 3403 + error = ima_file_check(file, op->acc_mode); 3405 3404 if (!error && will_truncate) 3406 3405 error = handle_truncate(file); 3407 3406 out:

+1 -1

fs/nfsd/vfs.c

··· 763 763 goto out_nfserr; 764 764 } 765 765 766 - host_err = ima_file_check(file, may_flags, 0); 766 + host_err = ima_file_check(file, may_flags); 767 767 if (host_err) { 768 768 fput(file); 769 769 goto out_nfserr;

+2 -2

include/linux/ima.h

··· 16 16 17 17 #ifdef CONFIG_IMA 18 18 extern int ima_bprm_check(struct linux_binprm *bprm); 19 - extern int ima_file_check(struct file *file, int mask, int opened); 19 + extern int ima_file_check(struct file *file, int mask); 20 20 extern void ima_file_free(struct file *file); 21 21 extern int ima_file_mmap(struct file *file, unsigned long prot); 22 22 extern int ima_read_file(struct file *file, enum kernel_read_file_id id); ··· 34 34 return 0; 35 35 } 36 36 37 - static inline int ima_file_check(struct file *file, int mask, int opened) 37 + static inline int ima_file_check(struct file *file, int mask) 38 38 { 39 39 return 0; 40 40 }

+2 -2

security/integrity/ima/ima.h

··· 238 238 struct integrity_iint_cache *iint, 239 239 struct file *file, const unsigned char *filename, 240 240 struct evm_ima_xattr_data *xattr_value, 241 - int xattr_len, int opened); 241 + int xattr_len); 242 242 int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func); 243 243 void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file); 244 244 enum integrity_status ima_get_cache_status(struct integrity_iint_cache *iint, ··· 254 254 struct file *file, 255 255 const unsigned char *filename, 256 256 struct evm_ima_xattr_data *xattr_value, 257 - int xattr_len, int opened) 257 + int xattr_len) 258 258 { 259 259 return INTEGRITY_UNKNOWN; 260 260 }

+2 -2

security/integrity/ima/ima_appraise.c

··· 212 212 struct integrity_iint_cache *iint, 213 213 struct file *file, const unsigned char *filename, 214 214 struct evm_ima_xattr_data *xattr_value, 215 - int xattr_len, int opened) 215 + int xattr_len) 216 216 { 217 217 static const char op[] = "appraise_data"; 218 218 const char *cause = "unknown"; ··· 231 231 cause = iint->flags & IMA_DIGSIG_REQUIRED ? 232 232 "IMA-signature-required" : "missing-hash"; 233 233 status = INTEGRITY_NOLABEL; 234 - if (opened & FILE_CREATED) 234 + if (file->f_mode & FMODE_CREATED) 235 235 iint->flags |= IMA_NEW_FILE; 236 236 if ((iint->flags & IMA_NEW_FILE) && 237 237 (!(iint->flags & IMA_DIGSIG_REQUIRED) ||

+8 -8

security/integrity/ima/ima_main.c

··· 168 168 169 169 static int process_measurement(struct file *file, const struct cred *cred, 170 170 u32 secid, char *buf, loff_t size, int mask, 171 - enum ima_hooks func, int opened) 171 + enum ima_hooks func) 172 172 { 173 173 struct inode *inode = file_inode(file); 174 174 struct integrity_iint_cache *iint = NULL; ··· 294 294 if (rc == 0 && (action & IMA_APPRAISE_SUBMASK)) { 295 295 inode_lock(inode); 296 296 rc = ima_appraise_measurement(func, iint, file, pathname, 297 - xattr_value, xattr_len, opened); 297 + xattr_value, xattr_len); 298 298 inode_unlock(inode); 299 299 } 300 300 if (action & IMA_AUDIT) ··· 338 338 if (file && (prot & PROT_EXEC)) { 339 339 security_task_getsecid(current, &secid); 340 340 return process_measurement(file, current_cred(), secid, NULL, 341 - 0, MAY_EXEC, MMAP_CHECK, 0); 341 + 0, MAY_EXEC, MMAP_CHECK); 342 342 } 343 343 344 344 return 0; ··· 364 364 365 365 security_task_getsecid(current, &secid); 366 366 ret = process_measurement(bprm->file, current_cred(), secid, NULL, 0, 367 - MAY_EXEC, BPRM_CHECK, 0); 367 + MAY_EXEC, BPRM_CHECK); 368 368 if (ret) 369 369 return ret; 370 370 371 371 security_cred_getsecid(bprm->cred, &secid); 372 372 return process_measurement(bprm->file, bprm->cred, secid, NULL, 0, 373 - MAY_EXEC, CREDS_CHECK, 0); 373 + MAY_EXEC, CREDS_CHECK); 374 374 } 375 375 376 376 /** ··· 383 383 * On success return 0. On integrity appraisal error, assuming the file 384 384 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. 385 385 */ 386 - int ima_file_check(struct file *file, int mask, int opened) 386 + int ima_file_check(struct file *file, int mask) 387 387 { 388 388 u32 secid; 389 389 390 390 security_task_getsecid(current, &secid); 391 391 return process_measurement(file, current_cred(), secid, NULL, 0, 392 392 mask & (MAY_READ | MAY_WRITE | MAY_EXEC | 393 - MAY_APPEND), FILE_CHECK, opened); 393 + MAY_APPEND), FILE_CHECK); 394 394 } 395 395 EXPORT_SYMBOL_GPL(ima_file_check); 396 396 ··· 493 493 func = read_idmap[read_id] ?: FILE_CHECK; 494 494 security_task_getsecid(current, &secid); 495 495 return process_measurement(file, current_cred(), secid, buf, size, 496 - MAY_READ, func, 0); 496 + MAY_READ, func); 497 497 } 498 498 499 499 static int __init init_ima(void)