lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

IMA: open new file for read

Browse Source 
When creating a new file, ima_path_check() assumed the new file
was being opened for write. Call ima_path_check() with the
appropriate acc_mode so that the read/write counters are
incremented correctly.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Mimi Zohar
2009-09-02 11:40:32 -04:00
committed by James Morris
parent ee18d64c1f
commit 6c1488fd58
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
fs/namei.c
View File

@@ -1533,9 +1533,11 @@ int may_open(struct path *path, int acc_mode, int flag)
if (error) if (error)
return error; return error;
error = ima_path_check(path, error = ima_path_check(path, acc_mode ?
acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC), acc_mode & (MAY_READ | MAY_WRITE | MAY_EXEC) :
ACC_MODE(flag) & (MAY_READ | MAY_WRITE),
IMA_COUNT_UPDATE); IMA_COUNT_UPDATE);
if (error) if (error)
return error; return error;
/* /*