diff options
| author | Matt Bobrowski <mattbobrowski@google.com> | 2023-01-04 06:41:44 +0300 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.ibm.com> | 2023-01-18 21:17:00 +0300 |
| commit | 6dc387d52eb67f45d68caa263704fa4e39ef8e76 (patch) | |
| tree | c78337ecff8bce07c9fe4837287db92d00f8e858 /security/integrity/ima/ima_main.c | |
| parent | 5dc4c995db9eb45f6373a956eb1f69460e69e6d4 (diff) | |
| download | linux-6dc387d52eb67f45d68caa263704fa4e39ef8e76.tar.xz | |
ima: fix error handling logic when file measurement failed
Restore the error handling logic so that when file measurement fails,
the respective iint entry is not left with the digest data being
populated with zeroes.
Fixes: 54f03916fb89 ("ima: permit fsverity's file digests in the IMA measurement list")
Cc: stable@vger.kernel.org # 5.19
Signed-off-by: Matt Bobrowski <mattbobrowski@google.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_main.c')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 377300973e6c..b1ae0f2751f1 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -337,7 +337,7 @@ static int process_measurement(struct file *file, const struct cred *cred, hash_algo = ima_get_hash_algo(xattr_value, xattr_len); rc = ima_collect_measurement(iint, file, buf, size, hash_algo, modsig); - if (rc == -ENOMEM) + if (rc != 0 && rc != -EBADF && rc != -EINVAL) goto out_locked; if (!pathbuf) /* ima_rdwr_violation possibly pre-fetched */ |