IMA: Handle dentry_open failures

Currently IMA does not handle failures from dentry_open().  This means that we
leave a pointer set to ERR_PTR(errno) and then try to use it just a few lines
later in fput().  Oops.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Eric Paris 2009-05-11 13:59:16 -04:00 committed by James Morris
parent 37bcbf13d3
commit f06dd16a03
1 changed files with 6 additions and 4 deletions

View File

@ -116,10 +116,6 @@ static int get_path_measurement(struct ima_iint_cache *iint, struct file *file,
{ {
int rc = 0; int rc = 0;
if (IS_ERR(file)) {
pr_info("%s dentry_open failed\n", filename);
return rc;
}
iint->opencount++; iint->opencount++;
iint->readcount++; iint->readcount++;
@ -185,6 +181,12 @@ int ima_path_check(struct path *path, int mask)
struct vfsmount *mnt = mntget(path->mnt); struct vfsmount *mnt = mntget(path->mnt);
file = dentry_open(dentry, mnt, O_RDONLY, current_cred()); file = dentry_open(dentry, mnt, O_RDONLY, current_cred());
if (IS_ERR(file)) {
pr_info("%s dentry_open failed\n", dentry->d_name.name);
rc = PTR_ERR(file);
file = NULL;
goto out;
}
rc = get_path_measurement(iint, file, dentry->d_name.name); rc = get_path_measurement(iint, file, dentry->d_name.name);
} }
out: out: