From fdb8b20906f3546ba6c2f9f0686d8a5189516ba3 Mon Sep 17 00:00:00 2001 From: José Pekkarinen Date: Fri, 9 Oct 2015 08:42:44 +0300 Subject: Kernel bump from 4.1.3-rt to 4.1.7-rt. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These changes brings a vanilla kernel from kernel.org, and the patch applied for rt is patch-4.1.7-rt8.patch. No further changes needed. Change-Id: Id8dd03c2ddd971e4d1d69b905f3069737053b700 Signed-off-by: José Pekkarinen --- kernel/security/integrity/evm/evm_main.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'kernel/security/integrity/evm') diff --git a/kernel/security/integrity/evm/evm_main.c b/kernel/security/integrity/evm/evm_main.c index 10f994307..582091498 100644 --- a/kernel/security/integrity/evm/evm_main.c +++ b/kernel/security/integrity/evm/evm_main.c @@ -296,6 +296,17 @@ static int evm_protect_xattr(struct dentry *dentry, const char *xattr_name, iint = integrity_iint_find(d_backing_inode(dentry)); if (iint && (iint->flags & IMA_NEW_FILE)) return 0; + + /* exception for pseudo filesystems */ + if (dentry->d_inode->i_sb->s_magic == TMPFS_MAGIC + || dentry->d_inode->i_sb->s_magic == SYSFS_MAGIC) + return 0; + + integrity_audit_msg(AUDIT_INTEGRITY_METADATA, + dentry->d_inode, dentry->d_name.name, + "update_metadata", + integrity_status_msg[evm_status], + -EPERM, 0); } out: if (evm_status != INTEGRITY_PASS) -- cgit 1.2.3-korg