From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Fri, 14 Oct 2016 10:16:50 +0000 (+0200)
Subject: 4.4-stable patches
X-Git-Tag: v4.4.25~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9f2ef326c90d01b8b2c1016688e73adf1b5a8d49;p=thirdparty%2Fkernel%2Fstable-queue.git

4.4-stable patches

added patches:
	ima-use-file_dentry.patch
---

diff --git a/queue-4.4/ima-use-file_dentry.patch b/queue-4.4/ima-use-file_dentry.patch
new file mode 100644
index 00000000000..586fe1f2187
--- /dev/null
+++ b/queue-4.4/ima-use-file_dentry.patch
@@ -0,0 +1,54 @@
+From e71b9dff0634edb127f449e076e883ef24a8c76c Mon Sep 17 00:00:00 2001
+From: Miklos Szeredi <mszeredi@redhat.com>
+Date: Fri, 16 Sep 2016 12:44:20 +0200
+Subject: ima: use file_dentry()
+
+From: Miklos Szeredi <mszeredi@redhat.com>
+
+commit e71b9dff0634edb127f449e076e883ef24a8c76c upstream.
+
+Ima tries to call ->setxattr() on overlayfs dentry after having locked
+underlying inode, which results in a deadlock.
+
+Reported-by: Krisztian Litkey <kli@iki.fi>
+Fixes: 4bacc9c9234c ("overlayfs: Make f_path always point to the overlay and f_inode to the underlay")
+Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
+Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ security/integrity/ima/ima_api.c      |    2 +-
+ security/integrity/ima/ima_appraise.c |    4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+--- a/security/integrity/ima/ima_api.c
++++ b/security/integrity/ima/ima_api.c
+@@ -202,7 +202,7 @@ int ima_collect_measurement(struct integ
+ 	} hash;
+ 
+ 	if (xattr_value)
+-		*xattr_len = ima_read_xattr(file->f_path.dentry, xattr_value);
++		*xattr_len = ima_read_xattr(file_dentry(file), xattr_value);
+ 
+ 	if (!(iint->flags & IMA_COLLECTED)) {
+ 		u64 i_version = file_inode(file)->i_version;
+--- a/security/integrity/ima/ima_appraise.c
++++ b/security/integrity/ima/ima_appraise.c
+@@ -189,7 +189,7 @@ int ima_appraise_measurement(int func, s
+ {
+ 	static const char op[] = "appraise_data";
+ 	char *cause = "unknown";
+-	struct dentry *dentry = file->f_path.dentry;
++	struct dentry *dentry = file_dentry(file);
+ 	struct inode *inode = d_backing_inode(dentry);
+ 	enum integrity_status status = INTEGRITY_UNKNOWN;
+ 	int rc = xattr_len, hash_start = 0;
+@@ -289,7 +289,7 @@ out:
+  */
+ void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file)
+ {
+-	struct dentry *dentry = file->f_path.dentry;
++	struct dentry *dentry = file_dentry(file);
+ 	int rc = 0;
+ 
+ 	/* do not collect and update hash for digital signatures */
diff --git a/queue-4.4/series b/queue-4.4/series
index b60bdcf6e10..ace0c2ef08a 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -16,3 +16,4 @@ x86-dumpstack-fix-x86_32-kernel_stack_pointer-previous-stack-access.patch
 arm-dts-mvebu-armada-390-add-missing-compatibility-string-and-bracket.patch
 arm-dts-msm8064-remove-flags-from-spmi-mpp-irqs.patch
 arm-cpuidle-fix-error-return-code.patch
+ima-use-file_dentry.patch