git.baikalelectronics.ru Git - kernel.git/commit

author	Mimi Zohar <zohar@linux.vnet.ibm.com>
	Tue, 17 Jan 2017 11:45:41 +0000 (06:45 -0500)
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>
	Fri, 27 Jan 2017 19:16:02 +0000 (14:16 -0500)
commit	22d7c98fc6961c619c29f6c66ecae57f705a0492
tree	7ab298e6fac6256585436cd3f78b8b1fa36daa02	tree \| snapshot
parent	b190259c9aba342a6f4ba038e45f05f91f9e2442	commit \| diff

ima: fix ima_d_path() possible race with rename

On failure to return a pathname from ima_d_path(), a pointer to
dname is returned, which is subsequently used in the IMA measurement
list, the IMA audit records, and other audit logging. Saving the
pointer to dname for later use has the potential to race with rename.

Intead of returning a pointer to dname on failure, this patch returns
a pointer to a copy of the filename.

Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org

security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_api.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history