summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.ibm.com>2019-01-22 21:06:49 +0100
committerMimi Zohar <zohar@linux.ibm.com>2019-02-04 23:36:01 +0100
commitfdb2410f7702f25f82804a261f90ad03422bd2c3 (patch)
tree1e1389a728449aec6871e473414903bbcd3be0b9 /fs
parentevm: remove set but not used variable 'xattr' (diff)
downloadlinux-fdb2410f7702f25f82804a261f90ad03422bd2c3.tar.xz
linux-fdb2410f7702f25f82804a261f90ad03422bd2c3.zip
ima: define ima_post_create_tmpfile() hook and add missing call
If tmpfiles can be made persistent, then newly created tmpfiles need to be treated like any other new files in policy. This patch indicates which newly created tmpfiles are in policy, causing the file hash to be calculated on __fput(). Reported-by: Ignaz Forster <ignaz.forster@gmx.de> [rgoldwyn@suse.com: Call ima_post_create_tmpfile() in vfs_tmpfile() as opposed to do_tmpfile(). This will help the case for overlayfs where copy_up is denied while overwriting a file.] Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/namei.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/namei.c b/fs/namei.c
index 914178cdbe94..373a7ec4b09d 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -3462,6 +3462,7 @@ struct dentry *vfs_tmpfile(struct dentry *dentry, umode_t mode, int open_flag)
inode->i_state |= I_LINKABLE;
spin_unlock(&inode->i_lock);
}
+ ima_post_create_tmpfile(inode);
return child;
out_err: