From: Stefan Berger stefanb@linux.ibm.com
stable inclusion from stable-v5.10.101 commit 0795b7100d25994080343b8dabb60e903747bf42 bugzilla: https://gitee.com/openeuler/kernel/issues/I5669Z
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
commit f7333b9572d0559e00352a926c92f29f061b4569 upstream.
The removal of ima_dir currently fails since ima_policy still exists, so remove the ima_policy file before removing the directory.
Fixes: 4af4662fa4a9 ("integrity: IMA policy") Signed-off-by: Stefan Berger stefanb@linux.ibm.com Cc: stable@vger.kernel.org Acked-by: Christian Brauner brauner@kernel.org Signed-off-by: Mimi Zohar zohar@linux.ibm.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
conflicts: security/integrity/ima/ima_fs.c
Signed-off-by: Yu Liao liaoyu15@huawei.com Reviewed-by: Wei Li liwei391@huawei.com Signed-off-by: Zheng Zengkai zhengzengkai@huawei.com --- security/integrity/ima/ima_fs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 254916e62845..f1bc3e201bd8 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -637,12 +637,12 @@ int __init ima_fs_init(void) securityfs_remove(digest_list_data_del); securityfs_remove(digest_list_data); securityfs_remove(digests_count); + securityfs_remove(ima_policy); securityfs_remove(violations); securityfs_remove(runtime_measurements_count); securityfs_remove(ascii_runtime_measurements); securityfs_remove(binary_runtime_measurements); securityfs_remove(ima_symlink); securityfs_remove(ima_dir); - securityfs_remove(ima_policy); return -1; }