GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-03-16 12:14:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

ima: without an IMA policy loaded, return quickly

Browse source 
Unless an IMA policy is loaded, don't bother checking for an appraise
policy rule.  Return immediately.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2021-03-19 11:14:25 -04:00
parent 92063f3ca7
commit f873b28f26
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
security/integrity/ima/ima_main.c
View file

@ -606,6 +606,9 @@ void ima_post_create_tmpfile(struct user_namespace *mnt_userns,
struct integrity_iint_cache *iint;
int must_appraise;
if (!ima_policy_flag || !S_ISREG(inode->i_mode))
return;
must_appraise = ima_must_appraise(mnt_userns, inode, MAY_ACCESS,
FILE_CHECK);
if (!must_appraise)
@ -636,6 +639,9 @@ void ima_post_path_mknod(struct user_namespace *mnt_userns,
struct inode *inode = dentry->d_inode;
int must_appraise;
if (!ima_policy_flag || !S_ISREG(inode->i_mode))
return;
must_appraise = ima_must_appraise(mnt_userns, inode, MAY_ACCESS,
FILE_CHECK);
if (!must_appraise)