Re: [Patch 5/5]integrity: IMA as an integrity service provider

From: James Morris
Date: Tue Jul 22 2008 - 11:16:54 EST

Next message: el es: "Re: Kernel version : what about YYYY.MM.[01].x ?"
Previous message: James Bottomley: "Re: [RFC] fix kallsyms to allow discrimination of local symbols"
In reply to: Mimi Zohar: "Re: [Patch 5/5]integrity: IMA as an integrity service provider"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've applied these patches to:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#devel

which will go into linux-next in about a week.

I fixed up a couple of outstanding issues with atomic vs. atomic_long (see
the patch below).

Please test.

----

commit fe2e6187810af248f910f1ca498fe03b54cade2e
Author: James Morris <jmorris@xxxxxxxxx>
Date: Tue Jul 22 10:43:04 2008 -0400

integrity: fix up some atomic vs. atomic_long issues

Ensure atomic_long_t is used correctly throughout the
integrity code.

Signed-off-by: James Morris <jmorris@xxxxxxxxx>

diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index de982c6..986bfb1 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -98,7 +98,7 @@ void ima_template_show(struct seq_file *m, void *e,
extern spinlock_t ima_queue_lock;

struct ima_h_table {
- atomic_t len; /* number of stored measurements in the list */
+ atomic_long_t len; /* number of stored measurements in the list */
atomic_long_t violations;
unsigned int max_htable_size;
struct hlist_head queue[IMA_MEASURE_HTABLE_SIZE];
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index fa3cdb0..781460f 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -28,7 +28,7 @@ static ssize_t ima_show_htable_value(char __user *buf, size_t count,
char tmpbuf[TMPBUFLEN];
ssize_t len;

- len = scnprintf(tmpbuf, TMPBUFLEN, "%i\n", atomic_read(val));
+ len = scnprintf(tmpbuf, TMPBUFLEN, "%li\n", atomic_long_read(val));
return simple_read_from_buffer(buf, count, ppos, tmpbuf, len);
}

diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index e09ddb9..1cb4f03 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -106,7 +106,7 @@ int ima_add_measure_entry(struct ima_measure_entry *entry, int violation)
INIT_LIST_HEAD(&qe->later);
list_add_tail_rcu(&qe->later, &ima_measurements);

- atomic_inc(&ima_htable.len);
+ atomic_long_inc(&ima_htable.len);
if (ima_add_digest_entry(entry)) {
error = -ENOMEM;
goto out;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: el es: "Re: Kernel version : what about YYYY.MM.[01].x ?"
Previous message: James Bottomley: "Re: [RFC] fix kallsyms to allow discrimination of local symbols"
In reply to: Mimi Zohar: "Re: [Patch 5/5]integrity: IMA as an integrity service provider"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]