diff options
author | Mark Brown <broonie@kernel.org> | 2014-11-14 18:07:40 +0000 |
---|---|---|
committer | Mark Brown <broonie@kernel.org> | 2014-11-14 18:07:40 +0000 |
commit | 24a92c14505e9768d206ba8133054298d64103e6 (patch) | |
tree | 721bffa213dd8faff305b44dd8bfc1fa4af81c45 /security | |
parent | 71b34fd1db384bb37b092bd6d0cf1b6be4fc7c26 (diff) | |
parent | 8eb52971d4749c0192358e1942ca83d8dc7e686b (diff) |
Merge branch 'linux-linaro-lsk' into linux-linaro-lsk-android
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/evm/evm_main.c | 9 | ||||
-rw-r--r-- | security/selinux/hooks.c | 2 |
2 files changed, 7 insertions, 4 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index b9b2bebeb350..b980a6ce5c79 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -286,9 +286,12 @@ int evm_inode_setxattr(struct dentry *dentry, const char *xattr_name, { const struct evm_ima_xattr_data *xattr_data = xattr_value; - if ((strcmp(xattr_name, XATTR_NAME_EVM) == 0) - && (xattr_data->type == EVM_XATTR_HMAC)) - return -EPERM; + if (strcmp(xattr_name, XATTR_NAME_EVM) == 0) { + if (!xattr_value_len) + return -EINVAL; + if (xattr_data->type != EVM_IMA_XATTR_DIGSIG) + return -EPERM; + } return evm_protect_xattr(dentry, xattr_name, xattr_value, xattr_value_len); } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a8485c1fc3ae..2eca0e3f7b86 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -444,6 +444,7 @@ next_inode: list_entry(sbsec->isec_head.next, struct inode_security_struct, list); struct inode *inode = isec->inode; + list_del_init(&isec->list); spin_unlock(&sbsec->isec_lock); inode = igrab(inode); if (inode) { @@ -452,7 +453,6 @@ next_inode: iput(inode); } spin_lock(&sbsec->isec_lock); - list_del_init(&isec->list); goto next_inode; } spin_unlock(&sbsec->isec_lock); |