On 5/5/20 10:30 AM, Mimi Zohar wrote:
Files can be mmap'ed read/write and later changed to execute to circumvent IMA's mmap appraise policy rules. Due to locking issues (mmap semaphore would be taken prior to i_mutex), files can not be measured or appraised at this point. Eliminate this integrity gap, by denying the mprotect PROT_EXECUTE change, if an mmap appraise policy rule exists. On mprotect change success, return 0. On failure, return -EACESS. Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> --- Changelog v1: - Reverse tests to remove code indentation. (Lakshmi Ramasubramanian) - General code cleanup, including adding comments. include/linux/ima.h | 7 ++++++ security/integrity/ima/ima_main.c | 51 +++++++++++++++++++++++++++++++++++++++ security/security.c | 7 +++++- 3 files changed, 64 insertions(+), 1 deletion(-)
Reviewed-by: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
