On Fri, May 8, 2009 at 1:35 PM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: > On Wed, 2009-04-29 at 14:18 -0700, Andrew Morton wrote: >> On Tue, 28 Apr 2009 14:32:14 -0400 >> Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote: >> > Index: security-testing-2.6/mm/shmem.c >> > =================================================================== >> > --- security-testing-2.6.orig/mm/shmem.c >> > +++ security-testing-2.6/mm/shmem.c >> > @@ -2680,7 +2680,7 @@ int shmem_zero_setup(struct vm_area_stru >> > if (IS_ERR(file)) >> > return PTR_ERR(file); >> > >> > - ima_shm_check(file); >> > + ima_opencount_get(file); >> > if (vma->vm_file) >> > fput(vma->vm_file); >> > vma->vm_file = file; >> >> Maybe do the IMA operations in (or under) shmem_file_setup() and >> hugetlb_file_setup()? > > Again, that would hide the real issue of not having done integrity > (permission) checking. Where are we doing integrity or permission checks on hugetlb or shm files? Andrew's right, another example of this problem would be drivers/gpu/drm/drm_gem.c::drm_get_object_alloc() (at least in linux-next) which uses shmem_file_setup(). If we aren't doing integrity checks on shmem already, why do we care about kernel vs. non-kernel users? moving the ima_opencount_get() from newseg down a layer into *_file_setup() would, I think, have taken care of the drm case as well..... -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
