Re: [GIT] Security subsystem updates for 3.9

[Linus Torvalds]

On Thu, Feb 21, 2013 at 10:06 AM, Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>
> Almost, and enforcing file integrity is enabled.  The merged result
> should look like what's contained in
> linux-integrity/next-upstreamed-patches:
>
> int ima_module_check(struct file *file)
> {
>         if (!file) {
>                 if ((ima_appraise & IMA_APPRAISE_MODULES) &&
>                     (ima_appraise & IMA_APPRAISE_ENFORCE)) {
> #ifndef CONFIG_MODULE_SIG_FORCE
>                         return -EACCES; /* INTEGRITY_UNKNOWN */
> #endif
>                 }
>                 return 0;

Ugh. The placement of that #ifndef is just horrible, please don't do
that. Just add it around the whole if-statement rather than around
just the return. Not because the compiler can't optimize away the
tests, but because it's much more obvious to a *human* what the ifndef
actually does.

Anyway, I don't have the IMA_APPRAISE_ENFORCE bit checking, it wasn't
obvious from the conflict, so somebody will need to add that.

           Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/