IMA: policy can be updated zero times

Commit "IMA: policy can now be updated multiple times" assumed that the policy would be updated at least once. If there are zero updates, the temporary list head object will get added to the policy list, and later dereferenced as an IMA policy object, which means that invalid memory will be accessed. Changelog: - Move list_empty() test to ima_release_policy(), before audit msg - Mimi Signed-off-by: Sasha Levin <sasha.levin@oracle.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
author: Sasha Levin <sasha.levin@oracle.com> 2015-12-22 13:51:23 (GMT)
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> 2015-12-24 23:56:45 (GMT)
commit: 0112721df4edbdd07b800813300d76811572f080 (patch)
tree: 9ad07cfcfdd6aedb1c0764187b95646d05b83b1a /security/integrity/ima/ima_policy.c
parent: 92cc916638a48f285736cd5541536e2e1b73ecf8 (diff)
download: linux-0112721df4edbdd07b800813300d76811572f080.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index ba5d2fc..0a3b781 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -416,6 +416,14 @@ void __init ima_init_policy(void)
 	ima_rules = &ima_default_rules;
 }
 
+/* Make sure we have a valid policy, at least containing some rules. */
+int ima_check_policy()
+{
+	if (list_empty(&ima_temp_rules))
+		return -EINVAL;
+	return 0;
+}
+
 /**
  * ima_update_policy - update default_rules with new measure rules
  *
author	Sasha Levin <sasha.levin@oracle.com>	2015-12-22 13:51:23 (GMT)
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	2015-12-24 23:56:45 (GMT)
commit	0112721df4edbdd07b800813300d76811572f080 (patch)
tree	9ad07cfcfdd6aedb1c0764187b95646d05b83b1a /security/integrity/ima/ima_policy.c
parent	92cc916638a48f285736cd5541536e2e1b73ecf8 (diff)
download	linux-0112721df4edbdd07b800813300d76811572f080.tar.xz