ima: define ima_post_create_tmpfile() hook and add missing call - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Mimi Zohar <[email protected]>	2019-01-22 14:06:49 -0600
committer	Mimi Zohar <[email protected]>	2019-02-04 17:36:01 -0500
commit	fdb2410f7702f25f82804a261f90ad03422bd2c3 (patch)
tree	1e1389a728449aec6871e473414903bbcd3be0b9 /scripts/gdb/linux/cpus.py
parent	c8b37524d3cdbcf07426529cb83b38b1240cb54d (diff)

ima: define ima_post_create_tmpfile() hook and add missing call

If tmpfiles can be made persistent, then newly created tmpfiles need to be treated like any other new files in policy. This patch indicates which newly created tmpfiles are in policy, causing the file hash to be calculated on __fput(). Reported-by: Ignaz Forster <[email protected]> [[email protected]: Call ima_post_create_tmpfile() in vfs_tmpfile() as opposed to do_tmpfile(). This will help the case for overlayfs where copy_up is denied while overwriting a file.] Signed-off-by: Goldwyn Rodrigues <[email protected]> Signed-off-by: Mimi Zohar <[email protected]>

Diffstat (limited to 'scripts/gdb/linux/cpus.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: