Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into for-linus

author: James Morris <james.l.morris@oracle.com> 2014-10-29 15:03:54 +1100
committer: James Morris <james.l.morris@oracle.com> 2014-10-29 15:03:54 +1100
commit: 6c880ad51b829006c5387df88967954c0e874993 (patch)
tree: 3a164ed2e33c874be7dbe4783037985996ac9efc /security/integrity/ima/ima_appraise.c
parent: Merge branch 'for-3.18' of git://linux-nfs.org/~bfields/linux (diff)
parent: evm: check xattr value length and type in evm_inode_setxattr() (diff)
download: linux-dev-6c880ad51b829006c5387df88967954c0e874993.tar.xz
linux-dev-6c880ad51b829006c5387df88967954c0e874993.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index 922685483bd3..7c8f41e618b6 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -378,6 +378,8 @@ int ima_inode_setxattr(struct dentry *dentry, const char *xattr_name,
 	result = ima_protect_xattr(dentry, xattr_name, xattr_value,
 				   xattr_value_len);
 	if (result == 1) {
+		if (!xattr_value_len || (xvalue->type >= IMA_XATTR_LAST))
+			return -EINVAL;
 		ima_reset_appraise_flags(dentry->d_inode,
 			 (xvalue->type == EVM_IMA_XATTR_DIGSIG) ? 1 : 0);
 		result = 0;
author	James Morris <james.l.morris@oracle.com>	2014-10-29 15:03:54 +1100
committer	James Morris <james.l.morris@oracle.com>	2014-10-29 15:03:54 +1100
commit	6c880ad51b829006c5387df88967954c0e874993 (patch)
tree	3a164ed2e33c874be7dbe4783037985996ac9efc /security/integrity/ima/ima_appraise.c
parent	Merge branch 'for-3.18' of git://linux-nfs.org/~bfields/linux (diff)
parent	evm: check xattr value length and type in evm_inode_setxattr() (diff)
download	linux-dev-6c880ad51b829006c5387df88967954c0e874993.tar.xz linux-dev-6c880ad51b829006c5387df88967954c0e874993.zip