Merge tag 'v3.8-rc2' into next

Sync to Linus' tree. Linux 3.8-rc2
author: James Morris <james.l.morris@oracle.com> 2013-01-07 02:06:43 +0100
committer: James Morris <james.l.morris@oracle.com> 2013-01-07 02:06:43 +0100
commit: cf9ce948f47640797bd19980e1d99c6d17d0bdc3 (patch)
tree: 97ce168cf32ac88b9aa93408b0b681747416a504 /security/integrity/ima/ima_main.c
parent: Smack: create a sysfs mount point for smackfs (diff)
parent: Linux 3.8-rc2 (diff)
download: linux-cf9ce948f47640797bd19980e1d99c6d17d0bdc3.tar.xz
linux-cf9ce948f47640797bd19980e1d99c6d17d0bdc3.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 73c9a268253e..45de18e9a6f2 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -280,6 +280,27 @@ int ima_file_check(struct file *file, int mask)
 }
 EXPORT_SYMBOL_GPL(ima_file_check);
 
+/**
+ * ima_module_check - based on policy, collect/store/appraise measurement.
+ * @file: pointer to the file to be measured/appraised
+ *
+ * Measure/appraise kernel modules based on policy.
+ *
+ * Always return 0 and audit dentry_open failures.
+ * Return code is based upon measurement appraisal.
+ */
+int ima_module_check(struct file *file)
+{
+	int rc;
+
+	if (!file)
+		rc = INTEGRITY_UNKNOWN;
+	else
+		rc = process_measurement(file, file->f_dentry->d_name.name,
+					 MAY_EXEC, MODULE_CHECK);
+	return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
+}
+
 static int __init init_ima(void)
 {
 	int error;
author	James Morris <james.l.morris@oracle.com>	2013-01-07 02:06:43 +0100
committer	James Morris <james.l.morris@oracle.com>	2013-01-07 02:06:43 +0100
commit	cf9ce948f47640797bd19980e1d99c6d17d0bdc3 (patch)
tree	97ce168cf32ac88b9aa93408b0b681747416a504 /security/integrity/ima/ima_main.c
parent	Smack: create a sysfs mount point for smackfs (diff)
parent	Linux 3.8-rc2 (diff)
download	linux-cf9ce948f47640797bd19980e1d99c6d17d0bdc3.tar.xz linux-cf9ce948f47640797bd19980e1d99c6d17d0bdc3.zip