Message ID | ba7cbf4aa2e584b2d9cb220a2a2e74ad1294d1eb.1521041387.git.joseph.salisbury@canonical.com |
---|---|
State | New |
Headers | show |
Series | [SRU,Artful,1/1] ima/policy: fix parsing of fsuuid | expand |
On 15.03.2018 20:56, Joseph Salisbury wrote: > From: Mike Rapoport <rppt@linux.vnet.ibm.com> > > BugLink: http://bugs.launchpad.net/bugs/1755804 > > The switch to uuid_t invereted the logic of verfication that &entry->fsuuid > is zero during parsing of "fsuuid=" rule. Instead of making sure the > &entry->fsuuid field is not attempted to be overwritten, we bail out for > perfectly correct rule. > > Fixes: 787d8c530af7 ("ima/policy: switch to use uuid_t") > > Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com> > Cc: stable@vger.kernel.org > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> > (cherry picked from commit 36447456e1cca853188505f2a964dbbeacfc7a7a) > Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> > --- > security/integrity/ima/ima_policy.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index 95209a5..8daf16e 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -743,7 +743,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) > case Opt_fsuuid: > ima_log_string(ab, "fsuuid", args[0].from); > > - if (uuid_is_null(&entry->fsuuid)) { > + if (!uuid_is_null(&entry->fsuuid)) { > result = -EINVAL; > break; > } >
On 15.03.2018 20:56, Joseph Salisbury wrote: > From: Mike Rapoport <rppt@linux.vnet.ibm.com> > > BugLink: http://bugs.launchpad.net/bugs/1755804 > > The switch to uuid_t invereted the logic of verfication that &entry->fsuuid > is zero during parsing of "fsuuid=" rule. Instead of making sure the > &entry->fsuuid field is not attempted to be overwritten, we bail out for > perfectly correct rule. > > Fixes: 787d8c530af7 ("ima/policy: switch to use uuid_t") > > Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com> > Cc: stable@vger.kernel.org > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> > (cherry picked from commit 36447456e1cca853188505f2a964dbbeacfc7a7a) > Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> > --- > security/integrity/ima/ima_policy.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index 95209a5..8daf16e 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -743,7 +743,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) > case Opt_fsuuid: > ima_log_string(ab, "fsuuid", args[0].from); > > - if (uuid_is_null(&entry->fsuuid)) { > + if (!uuid_is_null(&entry->fsuuid)) { > result = -EINVAL; > break; > } > Applied to artful master-next
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 95209a5..8daf16e 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -743,7 +743,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) case Opt_fsuuid: ima_log_string(ab, "fsuuid", args[0].from); - if (uuid_is_null(&entry->fsuuid)) { + if (!uuid_is_null(&entry->fsuuid)) { result = -EINVAL; break; }