Re: linux-next: manual merge of the integrity tree with the vfs tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Just cc'ing the security tree maintainer, since this will soon be in
his tree and is related to a conflict between that tree and the vfs
tree.]

On Mon, 4 Jan 2016 13:52:21 +1100 Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:
>
> Hi all,
> 
> Today's linux-next merge of the integrity tree got a conflict in:
> 
>   security/integrity/ima/ima_fs.c
> 
> between commit:
> 
>   3bc8f29b149e ("new helper: memdup_user_nul()")
> 
> from the vfs tree and commit:
> 
>   6427e6c71c8b ("ima: ima_write_policy() limit locking")
> 
> from the integrity tree.
> 
> I fixed it up (see below) and can carry the fix as necessary (no action
> is required).
> 
> -- 
> Cheers,
> Stephen Rothwell                    sfr@xxxxxxxxxxxxxxxx
> 
> diff --cc security/integrity/ima/ima_fs.c
> index a185b6f2f390,f355231997b4..000000000000
> --- a/security/integrity/ima/ima_fs.c
> +++ b/security/integrity/ima/ima_fs.c
> @@@ -277,13 -272,25 +272,20 @@@ static ssize_t ima_write_policy(struct 
>   	if (*ppos != 0)
>   		goto out;
>   
>  -	result = -ENOMEM;
>  -	data = kmalloc(datalen + 1, GFP_KERNEL);
>  -	if (!data)
>  +	data = memdup_user_nul(buf, datalen);
>  +	if (IS_ERR(data)) {
>  +		result = PTR_ERR(data);
>   		goto out;
>  -
>  -	*(data + datalen) = '\0';
>  -
>  -	result = -EFAULT;
>  -	if (copy_from_user(data, buf, datalen))
>  -		goto out_free;
>  +	}
>   
> + 	result = mutex_lock_interruptible(&ima_write_mutex);
> + 	if (result < 0)
> + 		goto out_free;
>   	result = ima_parse_add_rule(data);
> + 	mutex_unlock(&ima_write_mutex);
> + 
> + out_free:
> + 	kfree(data);
>   out:
>   	if (result < 0)
>   		valid_policy = 0;
--
To unsubscribe from this list: send the line "unsubscribe linux-next" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel]     [Linux USB Development]     [Yosemite News]     [Linux SCSI]

  Powered by Linux