Skip to content

Commit

Permalink
ima: eliminate passing d_name.name to process_measurement()
Browse files Browse the repository at this point in the history 
Passing a pointer to the dentry name, as a parameter to
process_measurement(), causes a race condition with rename() and
is unnecessary, as the dentry name is already accessible via the
file parameter.

In the normal case, we use the full pathname as provided by
brpm->filename, bprm->interp, or ima_d_path().  Only on ima_d_path()
failure, do we fallback to using the d_name.name, which points
either to external memory or d_iname.

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
  • Loading branch information
Mimi Zohar authored and James Morris committed Apr 18, 2013
1 parent 958d2c2 commit df2c2af
Showing 1 changed file with 5 additions and 9 deletions.
14 changes: 5 additions & 9 deletions security/integrity/ima/ima_main.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,11 +189,9 @@ static int process_measurement(struct file *file, const char *filename,
if (rc != 0)
goto out_digsig;

if (function != BPRM_CHECK)
pathname = ima_d_path(&file->f_path, &pathbuf);

pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename;
if (!pathname)
pathname = filename;
pathname = (const char *)file->f_dentry->d_name.name;

if (action & IMA_MEASURE)
ima_store_measurement(iint, file, pathname);
Expand Down Expand Up @@ -226,8 +224,7 @@ static int process_measurement(struct file *file, const char *filename,
int ima_file_mmap(struct file *file, unsigned long prot)
{
if (file && (prot & PROT_EXEC))
return process_measurement(file, file->f_dentry->d_name.name,
MAY_EXEC, MMAP_CHECK);
return process_measurement(file, NULL, MAY_EXEC, MMAP_CHECK);
return 0;
}

Expand Down Expand Up @@ -265,7 +262,7 @@ int ima_bprm_check(struct linux_binprm *bprm)
int ima_file_check(struct file *file, int mask)
{
ima_rdwr_violation_check(file);
return process_measurement(file, file->f_dentry->d_name.name,
return process_measurement(file, NULL,
mask & (MAY_READ | MAY_WRITE | MAY_EXEC),
FILE_CHECK);
}
Expand All @@ -290,8 +287,7 @@ int ima_module_check(struct file *file)
#endif
return 0; /* We rely on module signature checking */
}
return process_measurement(file, file->f_dentry->d_name.name,
MAY_EXEC, MODULE_CHECK);
return process_measurement(file, NULL, MAY_EXEC, MODULE_CHECK);
}

static int __init init_ima(void)
Expand Down

0 comments on commit df2c2af

Please sign in to comment.