Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756772AbYKTQox (ORCPT ); Thu, 20 Nov 2008 11:44:53 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1756227AbYKTQoV (ORCPT ); Thu, 20 Nov 2008 11:44:21 -0500 Received: from e2.ny.us.ibm.com ([32.97.182.142]:60878 "EHLO e2.ny.us.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756154AbYKTQoT (ORCPT ); Thu, 20 Nov 2008 11:44:19 -0500 From: Mimi Zohar To: linux-kernel@vger.kernel.org Cc: Mimi Zohar , Andrew Morton , James Morris , Christoph Hellwig , Al Viro , David Safford , Serge Hallyn , Mimi Zohar Subject: [PATCH 4/4] integrity: replace task uid with cred uid Date: Thu, 20 Nov 2008 11:43:06 -0500 Message-Id: <7dd0b2866a56c67b997df0eff9319383bbc775f4.1227137423.git.zohar@linux.vnet.ibm.com> X-Mailer: git-send-email 1.5.6.5 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2071 Lines: 52 This patch addresses the credential merge changes in the security-testing-2.6/next tree. Signed-off-by: Mimi Zohar --- diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index f62f2b7..4d59a86 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -44,7 +44,7 @@ static int update_file_hash(struct file *f, struct path *path, rc = -EINVAL; goto out; } - file = dentry_open(de, mnt, O_RDONLY); + file = dentry_open(de, mnt, O_RDONLY, current->cred); if (IS_ERR(file)) { ima_info("%s dentry_open failed\n", de->d_name.name); rc = PTR_ERR(file); diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 2e95c35..867bfaf 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -95,7 +95,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule, if ((rule->flags & IMA_FSMAGIC) && rule->fsmagic != inode->i_sb->s_magic) return false; - if ((rule->flags & IMA_UID) && rule->uid != tsk->uid) + if ((rule->flags & IMA_UID) && rule->uid != tsk->cred->uid) return false; for (i = 0; i < MAX_LSM_RULES; i++) { int rc; diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c index 758e5dd..8e32d84 100644 --- a/security/integrity/integrity_audit.c +++ b/security/integrity/integrity_audit.c @@ -49,7 +49,7 @@ void integrity_audit_msg(int audit_msgno, struct inode *inode, ab = audit_log_start(current->audit_context, GFP_KERNEL, audit_msgno); audit_log_format(ab, "integrity: pid=%d uid=%u auid=%u", - current->pid, current->uid, + current->pid, current->cred->uid, audit_get_loginuid(current)); audit_log_task_context(ab); switch (audit_msgno) { -- 1.5.6.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/