aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_main.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-12-04 15:47:52 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2009-12-16 12:16:46 -0500
commit9353384ec8128cb443463016bbabb44ca857ff52 (patch)
tree411ff22e85868aea1575d8b133187def3b0e0498 /security/integrity/ima/ima_main.c
parentima: valid return code from ima_inode_alloc (diff)
downloadlinux-dev-9353384ec8128cb443463016bbabb44ca857ff52.tar.xz
linux-dev-9353384ec8128cb443463016bbabb44ca857ff52.zip
ima: only insert at inode creation time
iints are supposed to be allocated when an inode is allocated (during security_inode_alloc()) But we have code which will attempt to allocate an iint during measurement calls. If we couldn't allocate the iint and we cared, we should have died during security_inode_alloc(). Not make the code more complex and less efficient. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/integrity/ima/ima_main.c')
-rw-r--r--security/integrity/ima/ima_main.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index b85e61bcf246..96fafc01e2c7 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -161,7 +161,7 @@ int ima_path_check(struct path *path, int mask, int update_counts)
if (!ima_initialized || !S_ISREG(inode->i_mode))
return 0;
- iint = ima_iint_find_insert_get(inode);
+ iint = ima_iint_find_get(inode);
if (!iint)
return 0;
@@ -219,7 +219,7 @@ static int process_measurement(struct file *file, const unsigned char *filename,
if (!ima_initialized || !S_ISREG(inode->i_mode))
return 0;
- iint = ima_iint_find_insert_get(inode);
+ iint = ima_iint_find_get(inode);
if (!iint)
return -ENOMEM;
@@ -255,7 +255,7 @@ void ima_counts_put(struct path *path, int mask)
*/
if (!ima_initialized || !inode || !S_ISREG(inode->i_mode))
return;
- iint = ima_iint_find_insert_get(inode);
+ iint = ima_iint_find_get(inode);
if (!iint)
return;
@@ -286,7 +286,7 @@ void ima_counts_get(struct file *file)
if (!ima_initialized || !S_ISREG(inode->i_mode))
return;
- iint = ima_iint_find_insert_get(inode);
+ iint = ima_iint_find_get(inode);
if (!iint)
return;
mutex_lock(&iint->mutex);
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.