Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull integrity subsystem regression fix from James Morris:
 "Commit fdf90729e578 "ima: support new kernel module syscall" by error
  modified init_module() to return INTEGRITY_UNKNOWN (which is 4) to
  user space if the kernel was built with CONFIG_IMA_APPRAISE=y.

  As a result, user space can no longer load kernel modules using
  init_module().  This commit fixes this regression."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
  ima: fallback to MODULE_SIG_ENFORCE for existing kernel module syscall

1 files changed, 8 insertions, 4 deletions

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 45de18e9a6f2..dba965de90d3 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -291,11 +291,15 @@ EXPORT_SYMBOL_GPL(ima_file_check);
  */
 int ima_module_check(struct file *file)
 {
-	int rc;
+	int rc = 0;
 
-	if (!file)
-		rc = INTEGRITY_UNKNOWN;
-	else
+	if (!file) {
+		if (ima_appraise & IMA_APPRAISE_MODULES) {
+#ifndef CONFIG_MODULE_SIG_FORCE
+			rc = -EACCES;	/* INTEGRITY_UNKNOWN */
+#endif
+		}
+	} else
 		rc = process_measurement(file, file->f_dentry->d_name.name,
 					 MAY_EXEC, MODULE_CHECK);
 	return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;