diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2010-11-02 10:13:07 -0400 |
---|---|---|
committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-02-10 07:51:44 -0500 |
commit | 890275b5eb79e9933d12290473eab9ac38da0051 (patch) | |
tree | 8fa529a6fdfa7647ed4e14287658b71df8636ddd /fs | |
parent | a5c96ebf1d71df0c5fb77ab58c9aeb307cf02372 (diff) |
IMA: maintain i_readcount in the VFS layer
ima_counts_get() updated the readcount and invalidated the PCR,
as necessary. Only update the i_readcount in the VFS layer.
Move the PCR invalidation checks to ima_file_check(), where it
belongs.
Maintaining the i_readcount in the VFS layer, will allow other
subsystems to use i_readcount.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/file_table.c | 5 | ||||
-rw-r--r-- | fs/open.c | 3 |
2 files changed, 6 insertions, 2 deletions
diff --git a/fs/file_table.c b/fs/file_table.c index c3dee381f1b4..0c724deb46f9 100644 --- a/fs/file_table.c +++ b/fs/file_table.c | |||
@@ -190,7 +190,8 @@ struct file *alloc_file(struct path *path, fmode_t mode, | |||
190 | file_take_write(file); | 190 | file_take_write(file); |
191 | WARN_ON(mnt_clone_write(path->mnt)); | 191 | WARN_ON(mnt_clone_write(path->mnt)); |
192 | } | 192 | } |
193 | ima_counts_get(file); | 193 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
194 | i_readcount_inc(path->dentry->d_inode); | ||
194 | return file; | 195 | return file; |
195 | } | 196 | } |
196 | EXPORT_SYMBOL(alloc_file); | 197 | EXPORT_SYMBOL(alloc_file); |
@@ -251,6 +252,8 @@ static void __fput(struct file *file) | |||
251 | fops_put(file->f_op); | 252 | fops_put(file->f_op); |
252 | put_pid(file->f_owner.pid); | 253 | put_pid(file->f_owner.pid); |
253 | file_sb_list_del(file); | 254 | file_sb_list_del(file); |
255 | if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) | ||
256 | i_readcount_dec(inode); | ||
254 | if (file->f_mode & FMODE_WRITE) | 257 | if (file->f_mode & FMODE_WRITE) |
255 | drop_file_write_access(file); | 258 | drop_file_write_access(file); |
256 | file->f_path.dentry = NULL; | 259 | file->f_path.dentry = NULL; |
@@ -688,7 +688,8 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt, | |||
688 | if (error) | 688 | if (error) |
689 | goto cleanup_all; | 689 | goto cleanup_all; |
690 | } | 690 | } |
691 | ima_counts_get(f); | 691 | if ((f->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
692 | i_readcount_inc(inode); | ||
692 | 693 | ||
693 | f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); | 694 | f->f_flags &= ~(O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC); |
694 | 695 | ||