diff options
author | Kevin Hilman <khilman@linaro.org> | 2015-08-14 10:39:12 -0700 |
---|---|---|
committer | Kevin Hilman <khilman@linaro.org> | 2015-08-14 10:39:12 -0700 |
commit | 373cea9e2c9c6495a80efdae55cf2114f384a75b (patch) | |
tree | 7a8c31aff389cd60937edf7d311c2d93d42a3c7d /security/integrity/evm/evm_main.c | |
parent | ea64087da6e7655f5acac074a70496b50b310a29 (diff) | |
parent | 8a7eb06341c73248d152a2a12e4f00f472295de7 (diff) |
Merge branch 'linux-linaro-lsk-v3.14' into linux-linaro-lsk-v3.14-rtlsk-v3.14-15.08-rt
Diffstat (limited to 'security/integrity/evm/evm_main.c')
-rw-r--r-- | security/integrity/evm/evm_main.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 690cd632bd5b..3d1d3aceb213 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -20,6 +20,7 @@ #include <linux/xattr.h> #include <linux/integrity.h> #include <linux/evm.h> +#include <linux/magic.h> #include <crypto/hash.h> #include "evm.h" @@ -275,6 +276,17 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name, iint = integrity_iint_find(dentry->d_inode); if (iint && (iint->flags & IMA_NEW_FILE)) return 0; + + /* exception for pseudo filesystems */ + if (dentry->d_inode->i_sb->s_magic == TMPFS_MAGIC + || dentry->d_inode->i_sb->s_magic == SYSFS_MAGIC) + return 0; + + integrity_audit_msg(AUDIT_INTEGRITY_METADATA, + dentry->d_inode, dentry->d_name.name, + "update_metadata", + integrity_status_msg[evm_status], + -EPERM, 0); } out: if (evm_status != INTEGRITY_PASS) |