tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ima: eliminate passing d_name.name to process_measurement()

Passing a pointer to the dentry name, as a parameter to
process_measurement(), causes a race condition with rename() and
is unnecessary, as the dentry name is already accessible via the
file parameter.

In the normal case, we use the full pathname as provided by
brpm->filename, bprm->interp, or ima_d_path(). Only on ima_d_path()
failure, do we fallback to using the d_name.name, which points
either to external memory or d_iname.

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>

authored by

Mimi Zohar and committed by
James Morris df2c2afb 958d2c2f

+5 -9
+5 -9
security/integrity/ima/ima_main.c
··· 189 189 if (rc != 0) 190 190 goto out_digsig; 191 191 192 - if (function != BPRM_CHECK) 193 - pathname = ima_d_path(&file->f_path, &pathbuf); 194 - 192 + pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename; 195 193 if (!pathname) 196 - pathname = filename; 194 + pathname = (const char *)file->f_dentry->d_name.name; 197 195 198 196 if (action & IMA_MEASURE) 199 197 ima_store_measurement(iint, file, pathname); ··· 224 226 int ima_file_mmap(struct file *file, unsigned long prot) 225 227 { 226 228 if (file && (prot & PROT_EXEC)) 227 - return process_measurement(file, file->f_dentry->d_name.name, 228 - MAY_EXEC, MMAP_CHECK); 229 + return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK); 229 230 return 0; 230 231 } 231 232 ··· 262 265 int ima_file_check(struct file *file, int mask) 263 266 { 264 267 ima_rdwr_violation_check(file); 265 - return process_measurement(file, file->f_dentry->d_name.name, 268 + return process_measurement(file, NULL, 266 269 mask & (MAY_READ | MAY_WRITE | MAY_EXEC), 267 270 FILE_CHECK); 268 271 } ··· 287 290 #endif 288 291 return 0; /* We rely on module signature checking */ 289 292 } 290 - return process_measurement(file, file->f_dentry->d_name.name, 291 - MAY_EXEC, MODULE_CHECK); 293 + return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK); 292 294 } 293 295 294 296 static int __init init_ima(void)