summaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/ima_main.c')
-rw-r--r--security/integrity/ima/ima_main.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 03bb52ecf490..62f59eca32d3 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -79,6 +79,7 @@ __setup("ima_hash=", hash_setup);
*/
static void ima_rdwr_violation_check(struct file *file,
struct integrity_iint_cache *iint,
+ int must_measure,
char **pathbuf,
const char **pathname)
{
@@ -95,8 +96,7 @@ static void ima_rdwr_violation_check(struct file *file,
send_tomtou = true;
}
} else {
- if ((atomic_read(&inode->i_writecount) > 0) &&
- ima_must_measure(inode, MAY_READ, FILE_CHECK))
+ if ((atomic_read(&inode->i_writecount) > 0) && must_measure)
send_writers = true;
}
@@ -174,7 +174,7 @@ static int process_measurement(struct file *file, int mask, int function,
* Included is the appraise submask.
*/
action = ima_get_action(inode, mask, function);
- violation_check = (function == FILE_CHECK &&
+ violation_check = ((function == FILE_CHECK || function == MMAP_CHECK) &&
(ima_policy_flag & IMA_MEASURE));
if (!action && !violation_check)
return 0;
@@ -194,7 +194,8 @@ static int process_measurement(struct file *file, int mask, int function,
}
if (violation_check) {
- ima_rdwr_violation_check(file, iint, &pathbuf, &pathname);
+ ima_rdwr_violation_check(file, iint, action & IMA_MEASURE,
+ &pathbuf, &pathname);
if (!action) {
rc = 0;
goto out_free;