github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 22:14:04 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
904de138ba
linux/security
History
Roberto Sassu 904de138ba ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() 
[ Upstream commit 0014cc04e8 ]

Commit a408e4a86b ("ima: open a new file instance if no read
permissions") tries to create a new file descriptor to calculate a file
digest if the file has not been opened with O_RDONLY flag. However, if a
new file descriptor cannot be obtained, it sets the FMODE_READ flag to
file->f_flags instead of file->f_mode.

This patch fixes this issue by replacing f_flags with f_mode as it was
before that commit.

Cc: stable@vger.kernel.org # 4.20.x
Fixes: a408e4a86b ("ima: open a new file instance if no read permissions")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-05-27 17:37:28 +02:00
..
apparmor apparmor: don't try to replace stale label in ptrace access check 2020-01-27 14:49:55 +01:00
integrity ima: Set file->f_mode instead of file->f_flags in ima_calc_file_hash() 2020-05-27 17:37:28 +02:00
keys KEYS: Avoid false positive ENOMEM error on key read 2020-04-29 16:31:23 +02:00
loadpin module: replace the existing LSM hook in init_module 2018-07-16 12:31:57 -07:00
selinux selinux: properly handle multiple messages in selinux_netlink_send() 2020-05-06 08:13:32 +02:00
smack LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00
tomoyo tomoyo: Use atomic_t for statistics counter 2020-02-05 14:43:38 +00:00
yama Yama: Check for pid death before checking ancestry 2019-01-22 21:40:32 +01:00
commoncap.c LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-04-27 09:36:40 +02:00
inode.c securityfs: fix use-after-free on symlink traversal 2019-05-25 18:23:42 +02:00
Kconfig Revert "x86/mm/legacy: Populate the user page-table with user pgd's" 2018-09-14 17:08:45 +02:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-03-19 13:12:41 +01:00
Makefile
min_addr.c
security.c LSM: generalize flag passing to security_capable 2020-01-23 08:21:29 +01:00