Re: [Linux-ima-user] Measurement list and path of measured files

[Mimi Z. <zo...@li...>]

On Mon, 2012-06-18 at 08:40 -0700, Peter Moody wrote:
> On Mon, Jun 18, 2012 at 5:05 AM, Mimi Zohar <zo...@li...> wrote:
> 
> > Thanks Dmitry.  Both this version and Peter Moody's post, which uses the
> > existing upstream audit_log_d_path() and d_path(), use the full pathname
> > only for auditing purposes.
> 
> I haven't seen any response from Al, has there been any answer offlist
> that you know of?

No.  Let's assume, unless we hear differently, it is ok.  I was thinking
something like the following, where get_d_path() is similar to
audit_log_d_path().

@@ -170,12 +192,17 @@ static int process_measurement(struct file *file, const un
        rc = ima_collect_measurement(iint, file);
        if (rc != 0)
                goto out;
+
+       pathname = get_d_path(&file->f_path, &buffer, GFP_KERNEL);
        if (action & IMA_MEASURE)
-               ima_store_measurement(iint, file, filename);
+               ima_store_measurement(iint, file,
+                                     !pathname ? filename: pathname);
        if (action & IMA_APPRAISE)
-               rc = ima_appraise_measurement(iint, file, filename);
+               rc = ima_appraise_measurement(iint, file,
+                                     !pathname ? filename: pathname);
        if (action & IMA_AUDIT)
-               ima_audit_measurement(iint, filename);
+               ima_audit_measurement(iint, !pathname ? filename: pathname);
+       kfree(buffer);
 out:
        mutex_unlock(&inode->i_mutex);
        return (rc && must_appraise) ? -EACCES : 0;

thanks,

Mimi