[RFC PATCH v1] ima: verify mprotect change is consistent with mmap policy
nramas at linux.microsoft.com
Tue May 5 17:52:12 UTC 2020
On 5/5/20 10:30 AM, Mimi Zohar wrote:
> Files can be mmap'ed read/write and later changed to execute to circumvent
> IMA's mmap appraise policy rules. Due to locking issues (mmap semaphore
> would be taken prior to i_mutex), files can not be measured or appraised at
> this point. Eliminate this integrity gap, by denying the mprotect
> PROT_EXECUTE change, if an mmap appraise policy rule exists.
> On mprotect change success, return 0. On failure, return -EACESS.
> Signed-off-by: Mimi Zohar <zohar at linux.ibm.com>
> Changelog v1:
> - Reverse tests to remove code indentation. (Lakshmi Ramasubramanian)
> - General code cleanup, including adding comments.
> include/linux/ima.h | 7 ++++++
> security/integrity/ima/ima_main.c | 51 +++++++++++++++++++++++++++++++++++++++
> security/security.c | 7 +++++-
> 3 files changed, 64 insertions(+), 1 deletion(-)
Reviewed-by: Lakshmi Ramasubramanian <nramas at linux.microsoft.com>
More information about the Linux-security-module-archive