diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2009-02-04 09:06:57 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-02-05 17:05:30 -0500 |
| commit | 6146f0d5e47ca4047ffded0fb79b6c25359b386c (patch) | |
| tree | edd792e52ad56d4a5d3ac6caa8437d3283fc157e /fs/inode.c | |
| parent | 659aaf2bb5496a425ba14036b5b5900f593e4484 (diff) | |
integrity: IMA hooks
This patch replaces the generic integrity hooks, for which IMA registered
itself, with IMA integrity hooks in the appropriate places directly
in the fs directory.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs/inode.c')
| -rw-r--r-- | fs/inode.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/fs/inode.c b/fs/inode.c index 098a2443196f..ed22b14f2202 100644 --- a/fs/inode.c +++ b/fs/inode.c | |||
| @@ -17,6 +17,7 @@ | |||
| 17 | #include <linux/hash.h> | 17 | #include <linux/hash.h> |
| 18 | #include <linux/swap.h> | 18 | #include <linux/swap.h> |
| 19 | #include <linux/security.h> | 19 | #include <linux/security.h> |
| 20 | #include <linux/ima.h> | ||
| 20 | #include <linux/pagemap.h> | 21 | #include <linux/pagemap.h> |
| 21 | #include <linux/cdev.h> | 22 | #include <linux/cdev.h> |
| 22 | #include <linux/bootmem.h> | 23 | #include <linux/bootmem.h> |
| @@ -144,13 +145,13 @@ struct inode *inode_init_always(struct super_block *sb, struct inode *inode) | |||
| 144 | inode->i_cdev = NULL; | 145 | inode->i_cdev = NULL; |
| 145 | inode->i_rdev = 0; | 146 | inode->i_rdev = 0; |
| 146 | inode->dirtied_when = 0; | 147 | inode->dirtied_when = 0; |
| 147 | if (security_inode_alloc(inode)) { | 148 | |
| 148 | if (inode->i_sb->s_op->destroy_inode) | 149 | if (security_inode_alloc(inode)) |
| 149 | inode->i_sb->s_op->destroy_inode(inode); | 150 | goto out_free_inode; |
| 150 | else | 151 | |
| 151 | kmem_cache_free(inode_cachep, (inode)); | 152 | /* allocate and initialize an i_integrity */ |
| 152 | return NULL; | 153 | if (ima_inode_alloc(inode)) |
| 153 | } | 154 | goto out_free_security; |
| 154 | 155 | ||
| 155 | spin_lock_init(&inode->i_lock); | 156 | spin_lock_init(&inode->i_lock); |
| 156 | lockdep_set_class(&inode->i_lock, &sb->s_type->i_lock_key); | 157 | lockdep_set_class(&inode->i_lock, &sb->s_type->i_lock_key); |
| @@ -186,6 +187,15 @@ struct inode *inode_init_always(struct super_block *sb, struct inode *inode) | |||
| 186 | inode->i_mapping = mapping; | 187 | inode->i_mapping = mapping; |
| 187 | 188 | ||
| 188 | return inode; | 189 | return inode; |
| 190 | |||
| 191 | out_free_security: | ||
| 192 | security_inode_free(inode); | ||
| 193 | out_free_inode: | ||
| 194 | if (inode->i_sb->s_op->destroy_inode) | ||
| 195 | inode->i_sb->s_op->destroy_inode(inode); | ||
| 196 | else | ||
| 197 | kmem_cache_free(inode_cachep, (inode)); | ||
| 198 | return NULL; | ||
| 189 | } | 199 | } |
| 190 | EXPORT_SYMBOL(inode_init_always); | 200 | EXPORT_SYMBOL(inode_init_always); |
| 191 | 201 | ||