summaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_policy.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/ima_policy.c')
-rw-r--r--security/integrity/ima/ima_policy.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 2ba72bc5d9c2..fc128a6b4abe 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -572,7 +572,6 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
bool result = false;
struct ima_rule_entry *lsm_rule = rule;
bool rule_reinitialized = false;
- struct user_namespace *mnt_userns = mnt_idmap_owner(idmap);
if ((rule->flags & IMA_FUNC) &&
(rule->func != func && func != POST_SETATTR))
@@ -625,11 +624,11 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
return false;
}
if ((rule->flags & IMA_FOWNER) &&
- !rule->fowner_op(i_uid_into_vfsuid(mnt_userns, inode),
+ !rule->fowner_op(i_uid_into_vfsuid(idmap, inode),
rule->fowner))
return false;
if ((rule->flags & IMA_FGROUP) &&
- !rule->fgroup_op(i_gid_into_vfsgid(mnt_userns, inode),
+ !rule->fgroup_op(i_gid_into_vfsgid(idmap, inode),
rule->fgroup))
return false;
for (i = 0; i < MAX_LSM_RULES; i++) {
generated by cgit (git 2.34.1) at 2024-06-25 12:28:56 +0000