ima: move full pathname resolution to separate function

[GitHub/mt8127/android_kernel_alcatel_ttab.git] / security / integrity / ima / ima_api.c

diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index b356884fb3ef9c17dbc3d71396ac01c98e20a400..9382a4c568b2bc04493808747d51da63b595bf9e 100644 (file)
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -100,12 +100,12 @@ err_out:
  * ima_get_action - appraise & measure decision based on policy.
  * @inode: pointer to inode to measure
  * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXECUTE)
- * @function: calling function (FILE_CHECK, BPRM_CHECK, FILE_MMAP)
+ * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK)
  *
  * The policy is defined in terms of keypairs:
  *             subj=, obj=, type=, func=, mask=, fsmagic=
  *     subj,obj, and type: are LSM specific.
- *     func: FILE_CHECK | BPRM_CHECK | FILE_MMAP
+ *     func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
  *     mask: contains the permission mask
  *     fsmagic: hex value
  *
@@ -237,3 +237,20 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
 
        iint->flags |= IMA_AUDITED;
 }
+
+const char *ima_d_path(struct path *path, char **pathbuf)
+{
+       char *pathname = NULL;
+
+       /* We will allow 11 spaces for ' (deleted)' to be appended */
+       *pathbuf = kmalloc(PATH_MAX + 11, GFP_KERNEL);
+       if (*pathbuf) {
+               pathname = d_path(path, *pathbuf, PATH_MAX + 11);
+               if (IS_ERR(pathname)) {
+                       kfree(*pathbuf);
+                       *pathbuf = NULL;
+                       pathname = NULL;
+               }
+       }
+       return pathname;
+}