Skip to content

Commit

Permalink
Merge tag 'integrity-v5.8-fix' of git://git.kernel.org/pub/scm/linux/…
Browse files Browse the repository at this point in the history
…kernel/git/zohar/linux-integrity

Pull integrity fix from Mimi Zohar:
 "ima mprotect performance fix"

* tag 'integrity-v5.8-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
  ima: fix mprotect checking
  • Loading branch information
Linus Torvalds committed Jun 12, 2020
2 parents 4071b85 + 4235b1a commit 923ea16
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion security/integrity/ima/ima_main.c
Original file line number Diff line number Diff line change
Expand Up @@ -419,7 +419,8 @@ int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot)
int pcr;

/* Is mprotect making an mmap'ed file executable? */
if (!vma->vm_file || !(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC))
if (!(ima_policy_flag & IMA_APPRAISE) || !vma->vm_file ||
!(prot & PROT_EXEC) || (vma->vm_flags & VM_EXEC))
return 0;

security_task_getsecid(current, &secid);
Expand Down

0 comments on commit 923ea16

Please sign in to comment.