Merge commit 'v3.14' into next

diff --git a/MAINTAINERS b/MAINTAINERS
index 900d98eec2fcb6fef620ac4b5b0afdcbea637fb5..1c323b0290cd1760441f0f39c36d6739c48070e4 100644 (file)
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3380,7 +3380,9 @@ F:        Documentation/filesystems/ext4.txt
 F:     fs/ext4/
 
 Extended Verification Module (EVM)
-M:     Mimi Zohar <zohar@us.ibm.com>
+M:     Mimi Zohar <zohar@linux.vnet.ibm.com>
+L:     linux-ima-devel@lists.sourceforge.net
+L:     linux-security-module@vger.kernel.org
 S:     Supported
 F:     security/integrity/evm/
 
@@ -4402,8 +4404,11 @@ S:       Maintained
 F:     drivers/ipack/
 
 INTEGRITY MEASUREMENT ARCHITECTURE (IMA)
-M:     Mimi Zohar <zohar@us.ibm.com>
+M:     Mimi Zohar <zohar@linux.vnet.ibm.com>
 M:     Dmitry Kasatkin <d.kasatkin@samsung.com>
+L:     linux-ima-devel@lists.sourceforge.net
+L:     linux-ima-user@lists.sourceforge.net
+L:     linux-security-module@vger.kernel.org
 S:     Supported
 F:     security/integrity/ima/
 
@@ -5071,8 +5076,8 @@ F:        include/keys/
 F:     security/keys/
 
 KEYS-TRUSTED
-M:     David Safford <safford@watson.ibm.com>
-M:     Mimi Zohar <zohar@us.ibm.com>
+M:     David Safford <safford@us.ibm.com>
+M:     Mimi Zohar <zohar@linux.vnet.ibm.com>
 L:     linux-security-module@vger.kernel.org
 L:     keyrings@linux-nfs.org
 S:     Supported
@@ -5082,8 +5087,8 @@ F:        security/keys/trusted.c
 F:     security/keys/trusted.h
 
 KEYS-ENCRYPTED
-M:     Mimi Zohar <zohar@us.ibm.com>
-M:     David Safford <safford@watson.ibm.com>
+M:     Mimi Zohar <zohar@linux.vnet.ibm.com>
+M:     David Safford <safford@us.ibm.com>
 L:     linux-security-module@vger.kernel.org
 L:     keyrings@linux-nfs.org
 S:     Supported
@@ -7730,11 +7735,10 @@ M:      Security Officers <security@kernel.org>
 S:     Supported
 
 SELINUX SECURITY MODULE
+M:     Paul Moore <paul@paul-moore.com>
 M:     Stephen Smalley <sds@tycho.nsa.gov>
-M:     James Morris <james.l.morris@oracle.com>
 M:     Eric Paris <eparis@parisplace.org>
-M:     Paul Moore <paul@paul-moore.com>
-L:     selinux@tycho.nsa.gov (subscribers-only, general discussion)
+L:     selinux@tycho.nsa.gov (moderated for non-subscribers)
 W:     http://selinuxproject.org
 T:     git git://git.infradead.org/users/pcmoore/selinux
 S:     Supported

diff --git a/include/linux/fs.h b/include/linux/fs.h
index 23b2a35d712efbec3e31df0cae70b69a17b81616..6e765d28841b260aedb2668cfbdd1719818245e4 100644 (file)
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -589,6 +589,9 @@ struct inode {
        atomic_t                i_count;
        atomic_t                i_dio_count;
        atomic_t                i_writecount;
+#ifdef CONFIG_IMA
+       atomic_t                i_readcount; /* struct files open RO */
+#endif
        const struct file_operations    *i_fop; /* former ->i_op->default_file_ops */
        struct file_lock        *i_flock;
        struct address_space    i_data;
@@ -609,9 +612,6 @@ struct inode {
        struct hlist_head       i_fsnotify_marks;
 #endif
 
-#ifdef CONFIG_IMA
-       atomic_t                i_readcount; /* struct files open RO */
-#endif
        void                    *i_private; /* fs or device private pointer */
 };
 

diff --git a/kernel/capability.c b/kernel/capability.c
index 34019c57888d4d093956b81963b557abd95103e9..a8d63df0c322491165d32d66db542781a7e27f99 100644 (file)
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -7,6 +7,8 @@
  * 30 May 2002:        Cleanup, Robert M. Love <rml@tech9.net>
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/audit.h>
 #include <linux/capability.h>
 #include <linux/mm.h>
@@ -42,15 +44,10 @@ __setup("no_file_caps", file_caps_disable);
 
 static void warn_legacy_capability_use(void)
 {
-       static int warned;
-       if (!warned) {
-               char name[sizeof(current->comm)];
-
-               printk(KERN_INFO "warning: `%s' uses 32-bit capabilities"
-                      " (legacy support in use)\n",
-                      get_task_comm(name, current));
-               warned = 1;
-       }
+       char name[sizeof(current->comm)];
+
+       pr_info_once("warning: `%s' uses 32-bit capabilities (legacy support in use)\n",
+                    get_task_comm(name, current));
 }
 
 /*
@@ -71,16 +68,10 @@ static void warn_legacy_capability_use(void)
 
 static void warn_deprecated_v2(void)
 {
-       static int warned;
+       char name[sizeof(current->comm)];
 
-       if (!warned) {
-               char name[sizeof(current->comm)];
-
-               printk(KERN_INFO "warning: `%s' uses deprecated v2"
-                      " capabilities in a way that may be insecure.\n",
-                      get_task_comm(name, current));
-               warned = 1;
-       }
+       pr_info_once("warning: `%s' uses deprecated v2 capabilities in a way that may be insecure\n",
+                    get_task_comm(name, current));
 }
 
 /*
@@ -380,7 +371,7 @@ bool has_capability_noaudit(struct task_struct *t, int cap)
 bool ns_capable(struct user_namespace *ns, int cap)
 {
        if (unlikely(!cap_valid(cap))) {
-               printk(KERN_CRIT "capable() called with invalid cap=%u\n", cap);
+               pr_crit("capable() called with invalid cap=%u\n", cap);
                BUG();
        }
 

diff --git a/kernel/seccomp.c b/kernel/seccomp.c
index b7a10048a32c11fb473515d9075ef2b0782a563a..0e004a70f63a572d751b95cbdef8316ce1e22053 100644 (file)
--- a/kernel/seccomp.c
+++ b/kernel/seccomp.c
@@ -293,7 +293,7 @@ fail:
  *
  * Returns 0 on success and non-zero otherwise.
  */
-long seccomp_attach_user_filter(char __user *user_filter)
+static long seccomp_attach_user_filter(char __user *user_filter)
 {
        struct sock_fprog fprog;
        long ret = -EFAULT;

diff --git a/security/Makefile b/security/Makefile
index a5918e01a4f71a6e97abc664682bd23f75bc544f..05f1c934d74bda522fb54318b33d1f206d5860ba 100644 (file)
--- a/security/Makefile
+++ b/security/Makefile
@@ -16,14 +16,14 @@ obj-$(CONFIG_MMU)                   += min_addr.o
 # Object file lists
 obj-$(CONFIG_SECURITY)                 += security.o capability.o
 obj-$(CONFIG_SECURITYFS)               += inode.o
-obj-$(CONFIG_SECURITY_SELINUX)         += selinux/built-in.o
-obj-$(CONFIG_SECURITY_SMACK)           += smack/built-in.o
+obj-$(CONFIG_SECURITY_SELINUX)         += selinux/
+obj-$(CONFIG_SECURITY_SMACK)           += smack/
 obj-$(CONFIG_AUDIT)                    += lsm_audit.o
-obj-$(CONFIG_SECURITY_TOMOYO)          += tomoyo/built-in.o
-obj-$(CONFIG_SECURITY_APPARMOR)                += apparmor/built-in.o
-obj-$(CONFIG_SECURITY_YAMA)            += yama/built-in.o
+obj-$(CONFIG_SECURITY_TOMOYO)          += tomoyo/
+obj-$(CONFIG_SECURITY_APPARMOR)                += apparmor/
+obj-$(CONFIG_SECURITY_YAMA)            += yama/
 obj-$(CONFIG_CGROUP_DEVICE)            += device_cgroup.o
 
 # Object integrity file lists
 subdir-$(CONFIG_INTEGRITY)             += integrity
-obj-$(CONFIG_INTEGRITY)                        += integrity/built-in.o
+obj-$(CONFIG_INTEGRITY)                        += integrity/

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 4257b7e2796bf16e41db9ddca0e1f7c8e0d08a02..998100093332a1390d1bc26b07eab91307fa2917 100644 (file)
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -751,7 +751,7 @@ module_param_named(enabled, apparmor_enabled, bool, S_IRUGO);
 static int __init apparmor_enabled_setup(char *str)
 {
        unsigned long enabled;
-       int error = strict_strtoul(str, 0, &enabled);
+       int error = kstrtoul(str, 0, &enabled);
        if (!error)
                apparmor_enabled = enabled ? 1 : 0;
        return 1;

diff --git a/security/capability.c b/security/capability.c
index 21e2b9cae685f01536ed159443707d5046c8c34c..ad0d4de6994474aba384955e240c73b88a03398e 100644 (file)
--- a/security/capability.c
+++ b/security/capability.c
@@ -116,7 +116,7 @@ static int cap_dentry_init_security(struct dentry *dentry, int mode,
                                        struct qstr *name, void **ctx,
                                        u32 *ctxlen)
 {
-       return 0;
+       return -EOPNOTSUPP;
 }
 
 static int cap_inode_alloc_security(struct inode *inode)

diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index 0f9cffb1f9ade08400a916d7a5e3694679266e49..0793f4811cb7d6644def01b8563d8bc913619fe0 100644 (file)
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -10,6 +10,6 @@ obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
 integrity-y := iint.o
 
 subdir-$(CONFIG_IMA)                   += ima
-obj-$(CONFIG_IMA)                      += ima/built-in.o
+obj-$(CONFIG_IMA)                      += ima/
 subdir-$(CONFIG_EVM)                   += evm
-obj-$(CONFIG_EVM)                      += evm/built-in.o
+obj-$(CONFIG_EVM)                      += evm/

diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index fea9749c37562b1006885cf56410361a64f31db1..d35b4915b00d4722e76464baba6b272ce86332f0 100644 (file)
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -1,10 +1,10 @@
 config EVM
        boolean "EVM support"
-       depends on SECURITY && KEYS && (TRUSTED_KEYS=y || TRUSTED_KEYS=n)
+       depends on SECURITY
+       select KEYS
+       select ENCRYPTED_KEYS
        select CRYPTO_HMAC
-       select CRYPTO_MD5
        select CRYPTO_SHA1
-       select ENCRYPTED_KEYS
        default n
        help
          EVM protects a file's security extended attributes against

diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index 30bd1ec0232e1ddd2a7d7585e752ae6c6bedcdc9..37c88ddb3cfe459e88822742e3cd25b15fb6f992 100644 (file)
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -32,19 +32,19 @@ extern struct crypto_shash *hash_tfm;
 /* List of EVM protected security xattrs */
 extern char *evm_config_xattrnames[];
 
-extern int evm_init_key(void);
-extern int evm_update_evmxattr(struct dentry *dentry,
-                              const char *req_xattr_name,
-                              const char *req_xattr_value,
-                              size_t req_xattr_value_len);
-extern int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
-                        const char *req_xattr_value,
-                        size_t req_xattr_value_len, char *digest);
-extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
-                        const char *req_xattr_value,
-                        size_t req_xattr_value_len, char *digest);
-extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
-                        char *hmac_val);
-extern int evm_init_secfs(void);
+int evm_init_key(void);
+int evm_update_evmxattr(struct dentry *dentry,
+                       const char *req_xattr_name,
+                       const char *req_xattr_value,
+                       size_t req_xattr_value_len);
+int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
+                 const char *req_xattr_value,
+                 size_t req_xattr_value_len, char *digest);
+int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
+                 const char *req_xattr_value,
+                 size_t req_xattr_value_len, char *digest);
+int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
+                 char *hmac_val);
+int evm_init_secfs(void);
 
 #endif

diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 3bab89eb21d608b1123b97188234137db83869b8..babd8626bf968f584153518d7ecb60e9a4616d39 100644 (file)
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -13,6 +13,8 @@
  *      Using root's kernel master key (kmk), calculate the HMAC
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/module.h>
 #include <linux/crypto.h>
 #include <linux/xattr.h>
@@ -103,13 +105,13 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
                umode_t mode;
        } hmac_misc;
 
-       memset(&hmac_misc, 0, sizeof hmac_misc);
+       memset(&hmac_misc, 0, sizeof(hmac_misc));
        hmac_misc.ino = inode->i_ino;
        hmac_misc.generation = inode->i_generation;
        hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
        hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
        hmac_misc.mode = inode->i_mode;
-       crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc);
+       crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
        if (evm_hmac_version > 1)
                crypto_shash_update(desc, inode->i_sb->s_uuid,
                                    sizeof(inode->i_sb->s_uuid));
@@ -221,7 +223,7 @@ int evm_init_hmac(struct inode *inode, const struct xattr *lsm_xattr,
 
        desc = init_desc(EVM_XATTR_HMAC);
        if (IS_ERR(desc)) {
-               printk(KERN_INFO "init_desc failed\n");
+               pr_info("init_desc failed\n");
                return PTR_ERR(desc);
        }
 

diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 336b3ddfe63f5304374f860419cd3f5251bde5b8..996092f21b64a4b71ee1a46acc49a94802e7618e 100644 (file)
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -14,6 +14,8 @@
  *     evm_inode_removexattr, and evm_verifyxattr
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/module.h>
 #include <linux/crypto.h>
 #include <linux/audit.h>
@@ -432,7 +434,7 @@ static int __init init_evm(void)
 
        error = evm_init_secfs();
        if (error < 0) {
-               printk(KERN_INFO "EVM: Error registering secfs\n");
+               pr_info("Error registering secfs\n");
                goto err;
        }
 
@@ -449,7 +451,7 @@ static int __init evm_display_config(void)
        char **xattrname;
 
        for (xattrname = evm_config_xattrnames; *xattrname != NULL; xattrname++)
-               printk(KERN_INFO "EVM: %s\n", *xattrname);
+               pr_info("%s\n", *xattrname);
        return 0;
 }
 

diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
index 30f670ad6ac3a63ce98db857ad812eab144d6419..cf12a04717d32d8ab8e90d94c0aa39cc282abc3a 100644 (file)
--- a/security/integrity/evm/evm_secfs.c
+++ b/security/integrity/evm/evm_secfs.c
@@ -13,6 +13,8 @@
  *     - Get the key and enable EVM
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/uaccess.h>
 #include <linux/module.h>
 #include "evm.h"
@@ -79,9 +81,9 @@ static ssize_t evm_write_key(struct file *file, const char __user *buf,
        error = evm_init_key();
        if (!error) {
                evm_initialized = 1;
-               pr_info("EVM: initialized\n");
+               pr_info("initialized\n");
        } else
-               pr_err("EVM: initialization failed\n");
+               pr_err("initialization failed\n");
        return count;
 }
 

diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index c49d3f14cbec96b49e2b8bedf15b4be570c5a7ef..a521edf4cbd62ff1b3a3f878976826576c01d2f7 100644 (file)
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -151,7 +151,7 @@ static void init_once(void *foo)
 {
        struct integrity_iint_cache *iint = foo;
 
-       memset(iint, 0, sizeof *iint);
+       memset(iint, 0, sizeof(*iint));
        iint->version = 0;
        iint->flags = 0UL;
        iint->ima_file_status = INTEGRITY_UNKNOWN;

diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 0356e1d437ca31cde30910567128168dbfd0a5ca..f79fa8be203cd3703ad1a7fedddfe7037f602cdd 100644 (file)
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -27,7 +27,7 @@
 #include "../integrity.h"
 
 enum ima_show_type { IMA_SHOW_BINARY, IMA_SHOW_BINARY_NO_FIELD_LEN,
-                    IMA_SHOW_ASCII };
+                    IMA_SHOW_BINARY_OLD_STRING_FMT, IMA_SHOW_ASCII };
 enum tpm_pcrs { TPM_PCR0 = 0, TPM_PCR8 = 8 };
 
 /* digest size for IMA, fits SHA1 or MD5 */

diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index c38bbce8c6a629e246d8f6bef7557e224707d88b..ba9e4d792dd577acd3662ade0928b55fdc02d21b 100644 (file)
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -92,8 +92,8 @@ int ima_store_template(struct ima_template_entry *entry,
                       int violation, struct inode *inode,
                       const unsigned char *filename)
 {
-       const char *op = "add_template_measure";
-       const char *audit_cause = "hashing_error";
+       static const char op[] = "add_template_measure";
+       static const char audit_cause[] = "hashing_error";
        char *template_name = entry->template_desc->name;
        int result;
        struct {
@@ -132,7 +132,7 @@ void ima_add_violation(struct file *file, const unsigned char *filename,
                       const char *op, const char *cause)
 {
        struct ima_template_entry *entry;
-       struct inode *inode = file->f_dentry->d_inode;
+       struct inode *inode = file_inode(file);
        int violation = 1;
        int result;
 
@@ -160,10 +160,10 @@ err_out:
  * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK)
  *
  * The policy is defined in terms of keypairs:
- *             subj=, obj=, type=, func=, mask=, fsmagic=
+ *             subj=, obj=, type=, func=, mask=, fsmagic=
  *     subj,obj, and type: are LSM specific.
- *     func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
- *     mask: contains the permission mask
+ *     func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
+ *     mask: contains the permission mask
  *     fsmagic: hex value
  *
  * Returns IMA_MEASURE, IMA_APPRAISE mask.
@@ -248,7 +248,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint,
  *
  * We only get here if the inode has not already been measured,
  * but the measurement could already exist:
- *     - multiple copies of the same file on either the same or
+ *     - multiple copies of the same file on either the same or
  *       different filesystems.
  *     - the inode was previously flushed as well as the iint info,
  *       containing the hashing info.
@@ -260,8 +260,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint,
                           struct evm_ima_xattr_data *xattr_value,
                           int xattr_len)
 {
-       const char *op = "add_template_measure";
-       const char *audit_cause = "ENOMEM";
+       static const char op[] = "add_template_measure";
+       static const char audit_cause[] = "ENOMEM";
        int result = -ENOMEM;
        struct inode *inode = file_inode(file);
        struct ima_template_entry *entry;
@@ -332,5 +332,5 @@ const char *ima_d_path(struct path *path, char **pathbuf)
                        pathname = NULL;
                }
        }
-       return pathname;
+       return pathname ?: (const char *)path->dentry->d_name.name;
 }

diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 734e9468aca01c9a3724a57136f6d8bf371951f3..291bf0f3a46d7989c1d4cf77fdba0237a6d0fb1f 100644 (file)
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -177,11 +177,11 @@ int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
                             struct evm_ima_xattr_data *xattr_value,
                             int xattr_len)
 {
+       static const char op[] = "appraise_data";
+       char *cause = "unknown";
        struct dentry *dentry = file->f_dentry;
        struct inode *inode = dentry->d_inode;
        enum integrity_status status = INTEGRITY_UNKNOWN;
-       const char *op = "appraise_data";
-       char *cause = "unknown";
        int rc = xattr_len, hash_start = 0;
 
        if (!ima_appraise)

diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index fdf60def52e90c93799e7d6ff6298ab4dd68c6d3..1bde8e62776620e6e5ed2cb2900d39c91df992f8 100644 (file)
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -10,9 +10,11 @@
  * the Free Software Foundation, version 2 of the License.
  *
  * File: ima_crypto.c
- *     Calculates md5/sha1 file hash, template hash, boot-aggreate hash
+ *     Calculates md5/sha1 file hash, template hash, boot-aggreate hash
  */
 
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/kernel.h>
 #include <linux/file.h>
 #include <linux/crypto.h>
@@ -85,16 +87,20 @@ static int ima_calc_file_hash_tfm(struct file *file,
        if (rc != 0)
                return rc;
 
-       rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
-       if (!rbuf) {
-               rc = -ENOMEM;
+       i_size = i_size_read(file_inode(file));
+
+       if (i_size == 0)
                goto out;
-       }
+
+       rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
+       if (!rbuf)
+               return -ENOMEM;
+
        if (!(file->f_mode & FMODE_READ)) {
                file->f_mode |= FMODE_READ;
                read = 1;
        }
-       i_size = i_size_read(file_inode(file));
+
        while (offset < i_size) {
                int rbuf_len;
 
@@ -111,12 +117,12 @@ static int ima_calc_file_hash_tfm(struct file *file,
                if (rc)
                        break;
        }
-       kfree(rbuf);
-       if (!rc)
-               rc = crypto_shash_final(&desc.shash, hash->digest);
        if (read)
                file->f_mode &= ~FMODE_READ;
+       kfree(rbuf);
 out:
+       if (!rc)
+               rc = crypto_shash_final(&desc.shash, hash->digest);
        return rc;
 }
 
@@ -161,15 +167,22 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data,
                return rc;
 
        for (i = 0; i < num_fields; i++) {
+               u8 buffer[IMA_EVENT_NAME_LEN_MAX + 1] = { 0 };
+               u8 *data_to_hash = field_data[i].data;
+               u32 datalen = field_data[i].len;
+
                if (strcmp(td->name, IMA_TEMPLATE_IMA_NAME) != 0) {
                        rc = crypto_shash_update(&desc.shash,
                                                (const u8 *) &field_data[i].len,
                                                sizeof(field_data[i].len));
                        if (rc)
                                break;
+               } else if (strcmp(td->fields[i]->field_id, "n") == 0) {
+                       memcpy(buffer, data_to_hash, datalen);
+                       data_to_hash = buffer;
+                       datalen = IMA_EVENT_NAME_LEN_MAX + 1;
                }
-               rc = crypto_shash_update(&desc.shash, field_data[i].data,
-                                        field_data[i].len);
+               rc = crypto_shash_update(&desc.shash, data_to_hash, datalen);
                if (rc)
                        break;
        }
@@ -205,7 +218,7 @@ static void __init ima_pcrread(int idx, u8 *pcr)
                return;
 
        if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
-               pr_err("IMA: Error Communicating to TPM chip\n");
+               pr_err("Error Communicating to TPM chip\n");
 }
 
 /*

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index db01125926bdb1e696165389bcdd26117e9d25fc..da92fcc08d151645c8139ba724c9c15ccd029267 100644 (file)
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -133,14 +133,14 @@ static int ima_measurements_show(struct seq_file *m, void *v)
         * PCR used is always the same (config option) in
         * little-endian format
         */
-       ima_putc(m, &pcr, sizeof pcr);
+       ima_putc(m, &pcr, sizeof(pcr));
 
        /* 2nd: template digest */
        ima_putc(m, e->digest, TPM_DIGEST_SIZE);
 
        /* 3rd: template name size */
        namelen = strlen(e->template_desc->name);
-       ima_putc(m, &namelen, sizeof namelen);
+       ima_putc(m, &namelen, sizeof(namelen));
 
        /* 4th:  template name */
        ima_putc(m, e->template_desc->name, namelen);
@@ -160,6 +160,8 @@ static int ima_measurements_show(struct seq_file *m, void *v)
 
                if (is_ima_template && strcmp(field->field_id, "d") == 0)
                        show = IMA_SHOW_BINARY_NO_FIELD_LEN;
+               if (is_ima_template && strcmp(field->field_id, "n") == 0)
+                       show = IMA_SHOW_BINARY_OLD_STRING_FMT;
                field->field_show(m, show, &e->template_data[i]);
        }
        return 0;
@@ -290,7 +292,7 @@ static atomic_t policy_opencount = ATOMIC_INIT(1);
 /*
  * ima_open_policy: sequentialize access to the policy file
  */
-static int ima_open_policy(struct inode * inode, struct file * filp)
+static int ima_open_policy(struct inode *inode, struct file *filp)
 {
        /* No point in being allowed to open it if you aren't going to write */
        if (!(filp->f_flags & O_WRONLY))

diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 37122768554a9e69d4866f9c9a72864f157afef3..e8f9d70a465d11168748967928e34491f46c1765 100644 (file)
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -14,6 +14,9 @@
  * File: ima_init.c
  *             initialization and cleanup functions
  */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/module.h>
 #include <linux/scatterlist.h>
 #include <linux/slab.h>
@@ -42,10 +45,10 @@ int ima_used_chip;
  */
 static void __init ima_add_boot_aggregate(void)
 {
+       static const char op[] = "add_boot_aggregate";
+       const char *audit_cause = "ENOMEM";
        struct ima_template_entry *entry;
        struct integrity_iint_cache tmp_iint, *iint = &tmp_iint;
-       const char *op = "add_boot_aggregate";
-       const char *audit_cause = "ENOMEM";
        int result = -ENOMEM;
        int violation = 0;
        struct {
@@ -93,7 +96,7 @@ int __init ima_init(void)
                ima_used_chip = 1;
 
        if (!ima_used_chip)
-               pr_info("IMA: No TPM chip found, activating TPM-bypass!\n");
+               pr_info("No TPM chip found, activating TPM-bypass!\n");
 
        rc = ima_init_crypto();
        if (rc)

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 149ee1119f87ba37c7673efdd7fd4d0e50cae809..52ac6cf41f880bec8360f42a6526213117bdbc43 100644 (file)
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -71,15 +71,14 @@ __setup("ima_hash=", hash_setup);
  * ima_rdwr_violation_check
  *
  * Only invalidate the PCR for measured files:
- *     - Opening a file for write when already open for read,
+ *     - Opening a file for write when already open for read,
  *       results in a time of measure, time of use (ToMToU) error.
  *     - Opening a file for read when already open for write,
- *       could result in a file measurement error.
+ *       could result in a file measurement error.
  *
  */
 static void ima_rdwr_violation_check(struct file *file)
 {
-       struct dentry *dentry = file->f_path.dentry;
        struct inode *inode = file_inode(file);
        fmode_t mode = file->f_mode;
        int must_measure;
@@ -111,8 +110,6 @@ out:
                return;
 
        pathname = ima_d_path(&file->f_path, &pathbuf);
-       if (!pathname || strlen(pathname) > IMA_EVENT_NAME_LEN_MAX)
-               pathname = dentry->d_name.name;
 
        if (send_tomtou)
                ima_add_violation(file, pathname, "invalid_pcr", "ToMToU");
@@ -220,9 +217,7 @@ static int process_measurement(struct file *file, const char *filename,
        if (rc != 0)
                goto out_digsig;
 
-       pathname = !filename ? ima_d_path(&file->f_path, &pathbuf) : filename;
-       if (!pathname)
-               pathname = (const char *)file->f_dentry->d_name.name;
+       pathname = filename ?: ima_d_path(&file->f_path, &pathbuf);
 
        if (action & IMA_MEASURE)
                ima_store_measurement(iint, file, pathname,

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index a9c3d3cd1990d506a431614ffcf1d63ee53434a3..93873a450ff720ff47bf5ec92b23b179bb0628dd 100644 (file)
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -7,7 +7,7 @@
  * the Free Software Foundation, version 2 of the License.
  *
  * ima_policy.c
- *     - initialize default measure policy rules
+ *     - initialize default measure policy rules
  *
  */
 #include <linux/module.h>
@@ -21,8 +21,8 @@
 #include "ima.h"
 
 /* flags definitions */
-#define IMA_FUNC       0x0001
-#define IMA_MASK       0x0002
+#define IMA_FUNC       0x0001
+#define IMA_MASK       0x0002
 #define IMA_FSMAGIC    0x0004
 #define IMA_UID                0x0008
 #define IMA_FOWNER     0x0010
@@ -69,35 +69,35 @@ struct ima_rule_entry {
  * and running executables.
  */
 static struct ima_rule_entry default_rules[] = {
-       {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = MEASURE,.func = MMAP_CHECK,.mask = MAY_EXEC,
+       {.action = DONT_MEASURE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_MEASURE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
         .flags = IMA_FUNC | IMA_MASK},
-       {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC,
+       {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
         .flags = IMA_FUNC | IMA_MASK},
-       {.action = MEASURE,.func = FILE_CHECK,.mask = MAY_READ,.uid = GLOBAL_ROOT_UID,
+       {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ, .uid = GLOBAL_ROOT_UID,
         .flags = IMA_FUNC | IMA_MASK | IMA_UID},
-       {.action = MEASURE,.func = MODULE_CHECK, .flags = IMA_FUNC},
+       {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
 };
 
 static struct ima_rule_entry default_appraise_rules[] = {
-       {.action = DONT_APPRAISE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = RAMFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = DONT_APPRAISE,.fsmagic = CGROUP_SUPER_MAGIC,.flags = IMA_FSMAGIC},
-       {.action = APPRAISE,.fowner = GLOBAL_ROOT_UID,.flags = IMA_FOWNER},
+       {.action = DONT_APPRAISE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = RAMFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = DONT_APPRAISE, .fsmagic = CGROUP_SUPER_MAGIC, .flags = IMA_FSMAGIC},
+       {.action = APPRAISE, .fowner = GLOBAL_ROOT_UID, .flags = IMA_FOWNER},
 };
 
 static LIST_HEAD(ima_default_rules);
@@ -122,12 +122,12 @@ static int __init default_appraise_policy_setup(char *str)
 }
 __setup("ima_appraise_tcb", default_appraise_policy_setup);
 
-/* 
+/*
  * Although the IMA policy does not change, the LSM policy can be
  * reloaded, leaving the IMA LSM based rules referring to the old,
  * stale LSM policy.
  *
- * Update the IMA LSM based rules to reflect the reloaded LSM policy. 
+ * Update the IMA LSM based rules to reflect the reloaded LSM policy.
  * We assume the rules still exist; and BUG_ON() if they don't.
  */
 static void ima_lsm_update_rules(void)
@@ -167,9 +167,11 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
        const struct cred *cred = current_cred();
        int i;
 
-       if ((rule->flags & IMA_FUNC) && rule->func != func)
+       if ((rule->flags & IMA_FUNC) &&
+           (rule->func != func && func != POST_SETATTR))
                return false;
-       if ((rule->flags & IMA_MASK) && rule->mask != mask)
+       if ((rule->flags & IMA_MASK) &&
+           (rule->mask != mask && func != POST_SETATTR))
                return false;
        if ((rule->flags & IMA_FSMAGIC)
            && rule->fsmagic != inode->i_sb->s_magic)
@@ -216,7 +218,7 @@ retry:
                        retried = 1;
                        ima_lsm_update_rules();
                        goto retry;
-               } 
+               }
                if (!rc)
                        return false;
        }
@@ -232,7 +234,7 @@ static int get_subaction(struct ima_rule_entry *rule, int func)
        if (!(rule->flags & IMA_FUNC))
                return IMA_FILE_APPRAISE;
 
-       switch(func) {
+       switch (func) {
        case MMAP_CHECK:
                return IMA_MMAP_APPRAISE;
        case BPRM_CHECK:
@@ -304,7 +306,7 @@ void __init ima_init_policy(void)
        measure_entries = ima_use_tcb ? ARRAY_SIZE(default_rules) : 0;
        appraise_entries = ima_use_appraise_tcb ?
                         ARRAY_SIZE(default_appraise_rules) : 0;
-       
+
        for (i = 0; i < measure_entries + appraise_entries; i++) {
                if (i < measure_entries)
                        list_add_tail(&default_rules[i].list,
@@ -329,7 +331,7 @@ void __init ima_init_policy(void)
  */
 void ima_update_policy(void)
 {
-       const char *op = "policy_update";
+       static const char op[] = "policy_update";
        const char *cause = "already exists";
        int result = 1;
        int audit_info = 0;
@@ -520,8 +522,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
                                break;
                        }
 
-                       result = strict_strtoul(args[0].from, 16,
-                                               &entry->fsmagic);
+                       result = kstrtoul(args[0].from, 16, &entry->fsmagic);
                        if (!result)
                                entry->flags |= IMA_FSMAGIC;
                        break;
@@ -547,7 +548,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
                                break;
                        }
 
-                       result = strict_strtoul(args[0].from, 10, &lnum);
+                       result = kstrtoul(args[0].from, 10, &lnum);
                        if (!result) {
                                entry->uid = make_kuid(current_user_ns(), (uid_t)lnum);
                                if (!uid_valid(entry->uid) || (((uid_t)lnum) != lnum))
@@ -564,7 +565,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
                                break;
                        }
 
-                       result = strict_strtoul(args[0].from, 10, &lnum);
+                       result = kstrtoul(args[0].from, 10, &lnum);
                        if (!result) {
                                entry->fowner = make_kuid(current_user_ns(), (uid_t)lnum);
                                if (!uid_valid(entry->fowner) || (((uid_t)lnum) != lnum))
@@ -645,7 +646,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
  */
 ssize_t ima_parse_add_rule(char *rule)
 {
-       const char *op = "update_policy";
+       static const char op[] = "update_policy";
        char *p;
        struct ima_rule_entry *entry;
        ssize_t result, len;

diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index d85e99761f4fc66afa251bb2bd657062d84d9b77..552705d5a78d0bbd518cb416e146846cf23df7e4 100644 (file)
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -18,6 +18,9 @@
  *       The measurement list is append-only. No entry is
  *       ever removed or changed during the boot-cycle.
  */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <linux/module.h>
 #include <linux/rculist.h>
 #include <linux/slab.h>
@@ -72,7 +75,7 @@ static int ima_add_digest_entry(struct ima_template_entry *entry)
 
        qe = kmalloc(sizeof(*qe), GFP_KERNEL);
        if (qe == NULL) {
-               pr_err("IMA: OUT OF MEMORY ERROR creating queue entry.\n");
+               pr_err("OUT OF MEMORY ERROR creating queue entry\n");
                return -ENOMEM;
        }
        qe->entry = entry;
@@ -95,8 +98,7 @@ static int ima_pcr_extend(const u8 *hash)
 
        result = tpm_pcr_extend(TPM_ANY_NUM, CONFIG_IMA_MEASURE_PCR_IDX, hash);
        if (result != 0)
-               pr_err("IMA: Error Communicating to TPM chip, result: %d\n",
-                      result);
+               pr_err("Error Communicating to TPM chip, result: %d\n", result);
        return result;
 }
 
@@ -115,7 +117,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
 
        mutex_lock(&ima_extend_list_mutex);
        if (!violation) {
-               memcpy(digest, entry->digest, sizeof digest);
+               memcpy(digest, entry->digest, sizeof(digest));
                if (ima_lookup_digest_entry(digest)) {
                        audit_cause = "hash_exists";
                        result = -EEXIST;
@@ -131,7 +133,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
        }
 
        if (violation)          /* invalidate pcr */
-               memset(digest, 0xff, sizeof digest);
+               memset(digest, 0xff, sizeof(digest));
 
        tpmresult = ima_pcr_extend(digest);
        if (tpmresult != 0) {

diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 635695f6a185a1d24ee3d1bfb05d4f7ebe8cedb0..a076a967ec4768f64ebfcd0a84509080e7eb6b18 100644 (file)
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -12,6 +12,9 @@
  * File: ima_template.c
  *      Helpers to manage template descriptors.
  */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
 #include <crypto/hash_info.h>
 
 #include "ima.h"
@@ -19,20 +22,20 @@
 
 static struct ima_template_desc defined_templates[] = {
        {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
-       {.name = "ima-ng",.fmt = "d-ng|n-ng"},
-       {.name = "ima-sig",.fmt = "d-ng|n-ng|sig"},
+       {.name = "ima-ng", .fmt = "d-ng|n-ng"},
+       {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
 };
 
 static struct ima_template_field supported_fields[] = {
-       {.field_id = "d",.field_init = ima_eventdigest_init,
+       {.field_id = "d", .field_init = ima_eventdigest_init,
         .field_show = ima_show_template_digest},
-       {.field_id = "n",.field_init = ima_eventname_init,
+       {.field_id = "n", .field_init = ima_eventname_init,
         .field_show = ima_show_template_string},
-       {.field_id = "d-ng",.field_init = ima_eventdigest_ng_init,
+       {.field_id = "d-ng", .field_init = ima_eventdigest_ng_init,
         .field_show = ima_show_template_digest_ng},
-       {.field_id = "n-ng",.field_init = ima_eventname_ng_init,
+       {.field_id = "n-ng", .field_init = ima_eventname_ng_init,
         .field_show = ima_show_template_string},
-       {.field_id = "sig",.field_init = ima_eventsig_init,
+       {.field_id = "sig", .field_init = ima_eventsig_init,
         .field_show = ima_show_template_sig},
 };
 
@@ -58,7 +61,7 @@ static int __init ima_template_setup(char *str)
         */
        if (template_len == 3 && strcmp(str, IMA_TEMPLATE_IMA_NAME) == 0 &&
            ima_hash_algo != HASH_ALGO_SHA1 && ima_hash_algo != HASH_ALGO_MD5) {
-               pr_err("IMA: template does not support hash alg\n");
+               pr_err("template does not support hash alg\n");
                return 1;
        }
 

diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity/ima/ima_template_lib.c
index 1683bbf289a407048daad7d4c73154fdb05cfec6..1506f02485726e18e3f6ba5c8c057da9e00e296a 100644 (file)
--- a/security/integrity/ima/ima_template_lib.c
+++ b/security/integrity/ima/ima_template_lib.c
@@ -27,7 +27,6 @@ static bool ima_template_hash_algo_allowed(u8 algo)
 enum data_formats {
        DATA_FMT_DIGEST = 0,
        DATA_FMT_DIGEST_WITH_ALGO,
-       DATA_FMT_EVENT_NAME,
        DATA_FMT_STRING,
        DATA_FMT_HEX
 };
@@ -37,18 +36,10 @@ static int ima_write_template_field_data(const void *data, const u32 datalen,
                                         struct ima_field_data *field_data)
 {
        u8 *buf, *buf_ptr;
-       u32 buflen;
+       u32 buflen = datalen;
 
-       switch (datafmt) {
-       case DATA_FMT_EVENT_NAME:
-               buflen = IMA_EVENT_NAME_LEN_MAX + 1;
-               break;
-       case DATA_FMT_STRING:
+       if (datafmt == DATA_FMT_STRING)
                buflen = datalen + 1;
-               break;
-       default:
-               buflen = datalen;
-       }
 
        buf = kzalloc(buflen, GFP_KERNEL);
        if (!buf)
@@ -63,7 +54,7 @@ static int ima_write_template_field_data(const void *data, const u32 datalen,
         * split into multiple template fields (the space is the delimitator
         * character for measurements lists in ASCII format).
         */
-       if (datafmt == DATA_FMT_EVENT_NAME || datafmt == DATA_FMT_STRING) {
+       if (datafmt == DATA_FMT_STRING) {
                for (buf_ptr = buf; buf_ptr - buf < datalen; buf_ptr++)
                        if (*buf_ptr == ' ')
                                *buf_ptr = '_';
@@ -109,13 +100,16 @@ static void ima_show_template_data_binary(struct seq_file *m,
                                          enum data_formats datafmt,
                                          struct ima_field_data *field_data)
 {
+       u32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ?
+           strlen(field_data->data) : field_data->len;
+
        if (show != IMA_SHOW_BINARY_NO_FIELD_LEN)
-               ima_putc(m, &field_data->len, sizeof(u32));
+               ima_putc(m, &len, sizeof(len));
 
-       if (!field_data->len)
+       if (!len)
                return;
 
-       ima_putc(m, field_data->data, field_data->len);
+       ima_putc(m, field_data->data, len);
 }
 
 static void ima_show_template_field_data(struct seq_file *m,
@@ -129,6 +123,7 @@ static void ima_show_template_field_data(struct seq_file *m,
                break;
        case IMA_SHOW_BINARY:
        case IMA_SHOW_BINARY_NO_FIELD_LEN:
+       case IMA_SHOW_BINARY_OLD_STRING_FMT:
                ima_show_template_data_binary(m, show, datafmt, field_data);
                break;
        default:
@@ -277,8 +272,6 @@ static int ima_eventname_init_common(struct integrity_iint_cache *iint,
 {
        const char *cur_filename = NULL;
        u32 cur_filename_len = 0;
-       enum data_formats fmt = size_limit ?
-           DATA_FMT_EVENT_NAME : DATA_FMT_STRING;
 
        BUG_ON(filename == NULL && file == NULL);
 
@@ -301,7 +294,7 @@ static int ima_eventname_init_common(struct integrity_iint_cache *iint,
                cur_filename_len = IMA_EVENT_NAME_LEN_MAX;
 out:
        return ima_write_template_field_data(cur_filename, cur_filename_len,
-                                            fmt, field_data);
+                                            DATA_FMT_STRING, field_data);
 }
 
 /*

diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index d7efb30404aaed01d860a5bf274477ce56e2e481..aab9fa5a8231e7380097a96092296bdcebfa22f2 100644 (file)
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -7,7 +7,7 @@
  * the Free Software Foundation, version 2 of the License.
  *
  * File: integrity_audit.c
- *     Audit calls for the integrity subsystem
+ *     Audit calls for the integrity subsystem
  */
 
 #include <linux/fs.h>
@@ -22,7 +22,7 @@ static int __init integrity_audit_setup(char *str)
 {
        unsigned long audit;
 
-       if (!strict_strtoul(str, 0, &audit))
+       if (!kstrtoul(str, 0, &audit))
                integrity_audit_info = audit ? 1 : 0;
        return 1;
 }
@@ -33,6 +33,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
                         const char *cause, int result, int audit_info)
 {
        struct audit_buffer *ab;
+       char name[TASK_COMM_LEN];
 
        if (!integrity_audit_info && audit_info == 1)   /* Skip info messages */
                return;
@@ -49,7 +50,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode,
        audit_log_format(ab, " cause=");
        audit_log_string(ab, cause);
        audit_log_format(ab, " comm=");
-       audit_log_untrustedstring(ab, current->comm);
+       audit_log_untrustedstring(ab, get_task_comm(name, current));
        if (fname) {
                audit_log_format(ab, " name=");
                audit_log_untrustedstring(ab, fname);

diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index 9e1e005c75967d497831fb67146020aeed4bc4a8..5fe443d120afe81826902cc70efecff24ccee1bb 100644 (file)
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -609,7 +609,7 @@ static struct encrypted_key_payload *encrypted_key_alloc(struct key *key,
        long dlen;
        int ret;
 
-       ret = strict_strtol(datalen, 10, &dlen);
+       ret = kstrtol(datalen, 10, &dlen);
        if (ret < 0 || dlen < MIN_DATA_SIZE || dlen > MAX_DATA_SIZE)
                return ERR_PTR(-EINVAL);
 

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index e13fcf7636f7ffa0ff40d7cd60408645621dab1f..6b804aa4529a171bfab534307903b142c23cf891 100644 (file)
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -753,7 +753,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
                                return -EINVAL;
                        break;
                case Opt_keyhandle:
-                       res = strict_strtoul(args[0].from, 16, &handle);
+                       res = kstrtoul(args[0].from, 16, &handle);
                        if (res < 0)
                                return -EINVAL;
                        opt->keytype = SEAL_keytype;
@@ -782,7 +782,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
                                return -EINVAL;
                        break;
                case Opt_pcrlock:
-                       res = strict_strtoul(args[0].from, 10, &lock);
+                       res = kstrtoul(args[0].from, 10, &lock);
                        if (res < 0)
                                return -EINVAL;
                        opt->pcrlock = lock;
@@ -820,7 +820,7 @@ static int datablob_parse(char *datablob, struct trusted_key_payload *p,
                c = strsep(&datablob, " \t");
                if (!c)
                        return -EINVAL;
-               ret = strict_strtol(c, 10, &keylen);
+               ret = kstrtol(c, 10, &keylen);
                if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE)
                        return -EINVAL;
                p->key_len = keylen;

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b332e2cc0954becf1fa365f9690fef63d52ba97c..869c2f1e0da187f9f406798f3afba3df90cd98ad 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -106,7 +106,7 @@ int selinux_enforcing;
 static int __init enforcing_setup(char *str)
 {
        unsigned long enforcing;
-       if (!strict_strtoul(str, 0, &enforcing))
+       if (!kstrtoul(str, 0, &enforcing))
                selinux_enforcing = enforcing ? 1 : 0;
        return 1;
 }
@@ -119,7 +119,7 @@ int selinux_enabled = CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE;
 static int __init selinux_enabled_setup(char *str)
 {
        unsigned long enabled;
-       if (!strict_strtoul(str, 0, &enabled))
+       if (!kstrtoul(str, 0, &enabled))
                selinux_enabled = enabled ? 1 : 0;
        return 1;
 }
@@ -1418,15 +1418,33 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
                isec->sid = sbsec->sid;
 
                if ((sbsec->flags & SE_SBPROC) && !S_ISLNK(inode->i_mode)) {
-                       if (opt_dentry) {
-                               isec->sclass = inode_mode_to_security_class(inode->i_mode);
-                               rc = selinux_proc_get_sid(opt_dentry,
-                                                         isec->sclass,
-                                                         &sid);
-                               if (rc)
-                                       goto out_unlock;
-                               isec->sid = sid;
-                       }
+                       /* We must have a dentry to determine the label on
+                        * procfs inodes */
+                       if (opt_dentry)
+                               /* Called from d_instantiate or
+                                * d_splice_alias. */
+                               dentry = dget(opt_dentry);
+                       else
+                               /* Called from selinux_complete_init, try to
+                                * find a dentry. */
+                               dentry = d_find_alias(inode);
+                       /*
+                        * This can be hit on boot when a file is accessed
+                        * before the policy is loaded.  When we load policy we
+                        * may find inodes that have no dentry on the
+                        * sbsec->isec_head list.  No reason to complain as
+                        * these will get fixed up the next time we go through
+                        * inode_doinit() with a dentry, before these inodes
+                        * could be used again by userspace.
+                        */
+                       if (!dentry)
+                               goto out_unlock;
+                       isec->sclass = inode_mode_to_security_class(inode->i_mode);
+                       rc = selinux_proc_get_sid(dentry, isec->sclass, &sid);
+                       dput(dentry);
+                       if (rc)
+                               goto out_unlock;
+                       isec->sid = sid;
                }
                break;
        }
@@ -3205,24 +3223,20 @@ error:
 
 static int selinux_mmap_addr(unsigned long addr)
 {
-       int rc = 0;
-       u32 sid = current_sid();
+       int rc;
+
+       /* do DAC check on address space usage */
+       rc = cap_mmap_addr(addr);
+       if (rc)
+               return rc;
 
-       /*
-        * notice that we are intentionally putting the SELinux check before
-        * the secondary cap_file_mmap check.  This is such a likely attempt
-        * at bad behaviour/exploit that we always want to get the AVC, even
-        * if DAC would have also denied the operation.
-        */
        if (addr < CONFIG_LSM_MMAP_MIN_ADDR) {
+               u32 sid = current_sid();
                rc = avc_has_perm(sid, sid, SECCLASS_MEMPROTECT,
                                  MEMPROTECT__MMAP_ZERO, NULL);
-               if (rc)
-                       return rc;
        }
 
-       /* do DAC check on address space usage */
-       return cap_mmap_addr(addr);
+       return rc;
 }
 
 static int selinux_mmap_file(struct file *file, unsigned long reqprot,

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index d60c0ee66387d8078055414992ad36d7a2d31fa8..c71737f6d1cc6284edaf1b7b0f8db43abfebd54d 100644 (file)
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -54,7 +54,7 @@ unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE;
 static int __init checkreqprot_setup(char *str)
 {
        unsigned long checkreqprot;
-       if (!strict_strtoul(str, 0, &checkreqprot))
+       if (!kstrtoul(str, 0, &checkreqprot))
                selinux_checkreqprot = checkreqprot ? 1 : 0;
        return 1;
 }