提交 f06dd16a 编写于 作者: E Eric Paris 提交者: James Morris

IMA: Handle dentry_open failures

Currently IMA does not handle failures from dentry_open().  This means that we
leave a pointer set to ERR_PTR(errno) and then try to use it just a few lines
later in fput().  Oops.
Signed-off-by: NEric Paris <eparis@redhat.com>
Acked-by: NMimi Zohar <zohar@us.ibm.com>
Signed-off-by: NJames Morris <jmorris@namei.org>
上级 37bcbf13
...@@ -116,10 +116,6 @@ static int get_path_measurement(struct ima_iint_cache *iint, struct file *file, ...@@ -116,10 +116,6 @@ static int get_path_measurement(struct ima_iint_cache *iint, struct file *file,
{ {
int rc = 0; int rc = 0;
if (IS_ERR(file)) {
pr_info("%s dentry_open failed\n", filename);
return rc;
}
iint->opencount++; iint->opencount++;
iint->readcount++; iint->readcount++;
...@@ -185,6 +181,12 @@ int ima_path_check(struct path *path, int mask) ...@@ -185,6 +181,12 @@ int ima_path_check(struct path *path, int mask)
struct vfsmount *mnt = mntget(path->mnt); struct vfsmount *mnt = mntget(path->mnt);
file = dentry_open(dentry, mnt, O_RDONLY, current_cred()); file = dentry_open(dentry, mnt, O_RDONLY, current_cred());
if (IS_ERR(file)) {
pr_info("%s dentry_open failed\n", dentry->d_name.name);
rc = PTR_ERR(file);
file = NULL;
goto out;
}
rc = get_path_measurement(iint, file, dentry->d_name.name); rc = get_path_measurement(iint, file, dentry->d_name.name);
} }
out: out:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册