diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2023-02-22 23:36:25 +0300 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2023-02-22 23:36:25 +0300 |
| commit | 67e2dcff8b21923d48f5ca835773b2f005389e69 (patch) | |
| tree | d82794c38da99b40ed452fb658a4e772e65c3e16 /security/integrity/ima/ima_api.c | |
| parent | 70756b49be4ea8bf36a664322df6e7e89895fa60 (diff) | |
| parent | 4958db3245fa655bf18251bd2a83bcc164071c39 (diff) | |
| download | linux-67e2dcff8b21923d48f5ca835773b2f005389e69.tar.xz | |
Merge tag 'integrity-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity
Pull integrity update from Mimi Zohar:
"One doc and one code cleanup, and two bug fixes"
* tag 'integrity-v6.3' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity:
ima: Introduce MMAP_CHECK_REQPROT hook
ima: Align ima_file_mmap() parameters with mmap_file LSM hook
evm: call dump_security_xattr() in all cases to remove code duplication
ima: fix ima_delete_rules() kernel-doc warning
ima: return IMA digest value only when IMA_COLLECTED flag is set
ima: fix error handling logic when file measurement failed
Diffstat (limited to 'security/integrity/ima/ima_api.c')
| -rw-r--r-- | security/integrity/ima/ima_api.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c index 9345fd66f5b8..d3662f4acadc 100644 --- a/security/integrity/ima/ima_api.c +++ b/security/integrity/ima/ima_api.c @@ -179,7 +179,8 @@ err_out: * subj=, obj=, type=, func=, mask=, fsmagic= * subj,obj, and type: are LSM specific. * func: FILE_CHECK | BPRM_CHECK | CREDS_CHECK | MMAP_CHECK | MODULE_CHECK - * | KEXEC_CMDLINE | KEY_CHECK | CRITICAL_DATA + * | KEXEC_CMDLINE | KEY_CHECK | CRITICAL_DATA | SETXATTR_CHECK + * | MMAP_CHECK_REQPROT * mask: contains the permission mask * fsmagic: hex value * @@ -292,7 +293,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint, result = ima_calc_file_hash(file, &hash.hdr); } - if (result == -ENOMEM) + if (result && result != -EBADF && result != -EINVAL) goto out; length = sizeof(hash.hdr) + hash.hdr.length; |