Merge branch 'linux-linaro-lsk-v3.14' into linux-linaro-lsk-v3.14-rtlsk-v3.14-15.08-rt

author: Kevin Hilman <khilman@linaro.org> 2015-08-14 10:39:12 -0700
committer: Kevin Hilman <khilman@linaro.org> 2015-08-14 10:39:12 -0700
commit: 373cea9e2c9c6495a80efdae55cf2114f384a75b (patch)
tree: 7a8c31aff389cd60937edf7d311c2d93d42a3c7d /security/integrity/evm/evm_main.c
parent: ea64087da6e7655f5acac074a70496b50b310a29 (diff)
parent: 8a7eb06341c73248d152a2a12e4f00f472295de7 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 690cd632bd5b..3d1d3aceb213 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -20,6 +20,7 @@
 #include <linux/xattr.h>
 #include <linux/integrity.h>
 #include <linux/evm.h>
+#include <linux/magic.h>
 #include <crypto/hash.h>
 #include "evm.h"
 
@@ -275,6 +276,17 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name,
 		iint = integrity_iint_find(dentry->d_inode);
 		if (iint && (iint->flags & IMA_NEW_FILE))
 			return 0;
+
+		/* exception for pseudo filesystems */
+		if (dentry->d_inode->i_sb->s_magic == TMPFS_MAGIC
+		    || dentry->d_inode->i_sb->s_magic == SYSFS_MAGIC)
+			return 0;
+
+		integrity_audit_msg(AUDIT_INTEGRITY_METADATA,
+				    dentry->d_inode, dentry->d_name.name,
+				    "update_metadata",
+				    integrity_status_msg[evm_status],
+				    -EPERM, 0);
 	}
 out:
 	if (evm_status != INTEGRITY_PASS)
author	Kevin Hilman <khilman@linaro.org>	2015-08-14 10:39:12 -0700
committer	Kevin Hilman <khilman@linaro.org>	2015-08-14 10:39:12 -0700
commit	373cea9e2c9c6495a80efdae55cf2114f384a75b (patch)
tree	7a8c31aff389cd60937edf7d311c2d93d42a3c7d /security/integrity/evm/evm_main.c
parent	ea64087da6e7655f5acac074a70496b50b310a29 (diff)
parent	8a7eb06341c73248d152a2a12e4f00f472295de7 (diff)