diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-10-25 13:22:23 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-10-25 13:22:23 -0700 |
commit | 57ce66d39f10fb01efabd72b14eb033deddb226b (patch) | |
tree | aea270718c7b82df9cfcb10794d4b69cfaf61f38 /security/integrity/ima/ima_fs.c | |
parent | Merge branch 'work.lookup' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs (diff) | |
parent | MAINTAINERS: add Jarkko as maintainer for trusted keys (diff) | |
download | linux-dev-57ce66d39f10fb01efabd72b14eb033deddb226b.tar.xz linux-dev-57ce66d39f10fb01efabd72b14eb033deddb226b.zip |
Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull integrity updates from James Morris:
"From Mimi: This contains a couple of bug fixes, including one for a
recent problem with calculating file hashes on overlayfs, and some
code cleanup"
* 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
MAINTAINERS: add Jarkko as maintainer for trusted keys
ima: open a new file instance if no read permissions
ima: fix showing large 'violations' or 'runtime_measurements_count'
security/integrity: remove unnecessary 'init_keyring' variable
security/integrity: constify some read-only data
vfs: require i_size <= SIZE_MAX in kernel_read_file()
Diffstat (limited to 'security/integrity/ima/ima_fs.c')
-rw-r--r-- | security/integrity/ima/ima_fs.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index ae9d5c766a3c..3183cc23d0f8 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -42,14 +42,14 @@ static int __init default_canonical_fmt_setup(char *str) __setup("ima_canonical_fmt", default_canonical_fmt_setup); static int valid_policy = 1; -#define TMPBUFLEN 12 + static ssize_t ima_show_htable_value(char __user *buf, size_t count, loff_t *ppos, atomic_long_t *val) { - char tmpbuf[TMPBUFLEN]; + char tmpbuf[32]; /* greater than largest 'long' string value */ ssize_t len; - len = scnprintf(tmpbuf, TMPBUFLEN, "%li\n", atomic_long_read(val)); + len = scnprintf(tmpbuf, sizeof(tmpbuf), "%li\n", atomic_long_read(val)); return simple_read_from_buffer(buf, count, ppos, tmpbuf, len); } @@ -179,7 +179,8 @@ int ima_measurements_show(struct seq_file *m, void *v) /* 6th: template specific data */ for (i = 0; i < e->template_desc->num_fields; i++) { enum ima_show_type show = IMA_SHOW_BINARY; - struct ima_template_field *field = e->template_desc->fields[i]; + const struct ima_template_field *field = + e->template_desc->fields[i]; if (is_ima_template && strcmp(field->field_id, "d") == 0) show = IMA_SHOW_BINARY_NO_FIELD_LEN; |