summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-01-07 16:37:36 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2013-01-07 16:37:36 +0100
commit7991b03d653865e4de7e6c056f85c004f542dbbe (patch)
tree8c96f4f81f2b1d660d89b9a503afd0aa813f4110
parentsignals: set_current_blocked() can use __set_current_blocked() (diff)
parentMerge branch 'for-Linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zoh... (diff)
downloadlinux-7991b03d653865e4de7e6c056f85c004f542dbbe.tar.xz
linux-7991b03d653865e4de7e6c056f85c004f542dbbe.zip
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull integrity subsystem regression fix from James Morris: "Commit fdf90729e578 "ima: support new kernel module syscall" by error modified init_module() to return INTEGRITY_UNKNOWN (which is 4) to user space if the kernel was built with CONFIG_IMA_APPRAISE=y. As a result, user space can no longer load kernel modules using init_module(). This commit fixes this regression." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall
-rw-r--r--security/integrity/ima/ima.h1
-rw-r--r--security/integrity/ima/ima_main.c12
-rw-r--r--security/integrity/ima/ima_policy.c3
3 files changed, 11 insertions, 5 deletions
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 3b2adb794f15..079a85dc37b2 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -139,6 +139,7 @@ void ima_delete_rules(void);
/* Appraise integrity measurements */
#define IMA_APPRAISE_ENFORCE 0x01
#define IMA_APPRAISE_FIX 0x02
+#define IMA_APPRAISE_MODULES 0x04
#ifdef CONFIG_IMA_APPRAISE
int ima_appraise_measurement(struct integrity_iint_cache *iint,
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 45de18e9a6f2..dba965de90d3 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -291,11 +291,15 @@ EXPORT_SYMBOL_GPL(ima_file_check);
*/
int ima_module_check(struct file *file)
{
- int rc;
+ int rc = 0;
- if (!file)
- rc = INTEGRITY_UNKNOWN;
- else
+ if (!file) {
+ if (ima_appraise & IMA_APPRAISE_MODULES) {
+#ifndef CONFIG_MODULE_SIG_FORCE
+ rc = -EACCES; /* INTEGRITY_UNKNOWN */
+#endif
+ }
+ } else
rc = process_measurement(file, file->f_dentry->d_name.name,
MAY_EXEC, MODULE_CHECK);
return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index af7d182d5a46..479fca940bb5 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -523,7 +523,8 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
}
if (!result && (entry->action == UNKNOWN))
result = -EINVAL;
-
+ else if (entry->func == MODULE_CHECK)
+ ima_appraise |= IMA_APPRAISE_MODULES;
audit_log_format(ab, "res=%d", !result);
audit_log_end(ab);
return result;