diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-04-14 09:21:47 -0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2013-06-20 07:47:49 -0400 |
commit | 37ec43cdc4c776bd39aae469fdfa494bdf0344c7 (patch) | |
tree | 589b7010500c1a159ef25a6d4ce71d91c5ab765e /security | |
parent | 8912176ce04368d3a0699860c5a0cc64c49a1eba (diff) | |
download | linux-37ec43cdc4c776bd39aae469fdfa494bdf0344c7.tar.gz linux-37ec43cdc4c776bd39aae469fdfa494bdf0344c7.tar.bz2 linux-37ec43cdc4c776bd39aae469fdfa494bdf0344c7.zip |
evm: calculate HMAC after initializing posix acl on tmpfs
Included in the EVM hmac calculation is the i_mode. Any changes to
the i_mode need to be reflected in the hmac. shmem_mknod() currently
calls generic_acl_init(), which modifies the i_mode, after calling
security_inode_init_security(). This patch reverses the order in
which they are called.
Reported-by: Sven Vermeulen <sven.vermeulen@siphos.be>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Hugh Dickins <hughd@google.com>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions