evm: check for remount ro in progress before writing - linux-dev - Linux kernel development work

diff options

author	Sascha Hauer <s.hauer@pengutronix.de>	2018-03-01 13:38:45 +0100
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2018-03-25 07:26:31 -0400
commit	70946c4ac2a9e036e3cf7048cd670507f5074b04 (patch)
tree	4aa0507018b17e9f20acea856124e95967f98d19 /security/integrity/ima/ima_policy.c
parent	ima: Improvements in ima_appraise_measurement() (diff)
download	linux-dev-70946c4ac2a9e036e3cf7048cd670507f5074b04.tar.xz linux-dev-70946c4ac2a9e036e3cf7048cd670507f5074b04.zip

evm: check for remount ro in progress before writing

EVM might update the evm xattr while the VFS performs a remount to readonly mode. This is not properly checked for, additionally check the s_readonly_remount superblock flag before writing. The bug can for example be observed with UBIFS. UBIFS checks the free space on the device before and after a remount. With EVM enabled the free space sometimes differs between both checks. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

Diffstat (limited to 'security/integrity/ima/ima_policy.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: