Merge branch 'master' into for-3.19/drivers

author: Jens Axboe <axboe@fb.com> 2014-11-19 05:43:46 +0300
committer: Jens Axboe <axboe@fb.com> 2014-11-19 05:43:46 +0300
commit: b3521729769ec71567a2e32a38609f87e781e41b (patch)
tree: 66a8494968706420c3eb043caa5868702d440d18 /security/integrity/evm/evm_main.c
parent: 139768895309c6c1d6913e909e9c9422f81a1640 (diff)
parent: fc14f9c1272f62c3e8d01300f52467c0d9af50f9 (diff)
download: linux-b3521729769ec71567a2e32a38609f87e781e41b.tar.xz
1 files changed, 6 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 9685af330de5..c5ee1a7c5e8a 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -319,9 +319,12 @@ int evm_inode_setxattr(struct dentry *dentry, const char *xattr_name,
 {
 	const struct evm_ima_xattr_data *xattr_data = xattr_value;
 
-	if ((strcmp(xattr_name, XATTR_NAME_EVM) == 0)
-	    && (xattr_data->type == EVM_XATTR_HMAC))
-		return -EPERM;
+	if (strcmp(xattr_name, XATTR_NAME_EVM) == 0) {
+		if (!xattr_value_len)
+			return -EINVAL;
+		if (xattr_data->type != EVM_IMA_XATTR_DIGSIG)
+			return -EPERM;
+	}
 	return evm_protect_xattr(dentry, xattr_name, xattr_value,
 				 xattr_value_len);
 }
author	Jens Axboe <axboe@fb.com>	2014-11-19 05:43:46 +0300
committer	Jens Axboe <axboe@fb.com>	2014-11-19 05:43:46 +0300
commit	b3521729769ec71567a2e32a38609f87e781e41b (patch)
tree	66a8494968706420c3eb043caa5868702d440d18 /security/integrity/evm/evm_main.c
parent	139768895309c6c1d6913e909e9c9422f81a1640 (diff)
parent	fc14f9c1272f62c3e8d01300f52467c0d9af50f9 (diff)
download	linux-b3521729769ec71567a2e32a38609f87e781e41b.tar.xz