[RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()
Mimi Zohar
zohar at linux.ibm.com
Fri Nov 13 15:53:19 UTC 2020
Hi Roberto,
On Fri, 2020-11-13 at 09:01 +0100, Roberto Sassu wrote:
> Commit a1f9b1c0439db ("integrity/ima: switch to using __kernel_read")
> replaced the __vfs_read() call in integrity_kernel_read() with
> __kernel_read(), a new helper introduced by commit 61a707c543e2a ("fs: add
> a __kernel_read helper").
>
> Since the new helper requires that also the FMODE_CAN_READ flag is set in
> file->f_mode, this patch saves the original f_mode and sets the flag if the
> the file descriptor has the necessary file operation. Lastly, it restores
> the original f_mode at the end of ima_calc_file_hash().
>
> Cc: stable at vger.kernel.org # 5.8.x
> Fixes: a1f9b1c0439db ("integrity/ima: switch to using __kernel_read")
> Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
Thanks! It's now queued in next-integrity-testing.
Mimi
More information about the Linux-security-module-archive
mailing list