On Sat, 2018-12-15 at 12:07 +0100, Ignaz Forster wrote:
> Mimi Zohar schrieb am 14.12.2018 um 20:01 Uhr:
> > On Fri, 2018-12-14 at 19:11 +0100, Ignaz Forster wrote:
> >> Hello,
> >>
> >> persisting files opened with O_TMPFILE doesn't seem to work on IMA as
> >> expected: The IMA xattr won't be written. This makes it impossible to
> >> access the file later.
> >> The following example application, based on the O_TMPFILE example from
> >> man 2 open
> >> will demonstrate this:
> >>
> >>
> >> #include <fcntl.h>
> >> #include <unistd.h>
> >> #include <linux/limits.h>
> >> #include <stdio.h>
> >>
> >> int main(int argc, char *argv[]) {
> >> char path[PATH_MAX];
> >> int fd = open("/tmp", __O_TMPFILE | O_RDWR, S_IRUSR | S_IWUSR);
> >> write(fd, "test", 4);
> >> snprintf(path, PATH_MAX, "/proc/self/fd/%d", fd);
> >> linkat(AT_FDCWD, path, AT_FDCWD, "/tmp/tmpfile_persisted.txt",
> >> AT_SYMLINK_FOLLOW);
> >> }
> >>
> >>
> >> (/tmp should not be a tmpfs of course; change to paths to a supported
> >> file system if necessary.)
[ snip ]
There is indeed a missing call to ima_file_check() in do_tmpfile(),
but it requires FMODE_CREATED to be set. Al, is there a reason that
FMODE_CREATED is not set?
Mimi
