Re: [Patch 5/5]integrity: IMA as an integrity service provider

[James Morris]

On Wed, 16 Jul 2008, Mimi Zohar wrote:


> +static ssize_t ima_show_htable_value(char __user *buf, size_t count,
> +				     loff_t *ppos, atomic_t *val)
> +{
> +	char tmpbuf[TMPBUFLEN];
> +	ssize_t len;
> +
> +	len = scnprintf(tmpbuf, TMPBUFLEN, "%i\n", atomic_read(val));
> +	return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);
> +}
> +
> +static ssize_t ima_show_htable_violations(struct file *filp,
> +					  char __user *buf,
> +					  size_t count, loff_t *ppos)
> +{
> +	return ima_show_htable_value(buf, count, ppos, &ima_htable.violations);
> +}


ima_htable.violations is an atomic_long_t and is not safe to pass 
to ima_show_htable_value.  Did you check for compilation warnings?

> +void ima_add_violation(struct inode *inode, const unsigned char *fname,
> +                      char *op, char *cause)
> +{
> +       int result;
> +
> +       /* can overflow, only indicator */
> +       atomic_inc(&ima_htable.violations);

This also generates a warning.  You probably want atomic_long_inc().


- James
-- 
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/