diff options
| author | Eric Paris <eparis@redhat.com> | 2010-10-25 14:41:32 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2010-10-26 14:37:18 -0400 |
| commit | 497f32337073a2da102c49a53779097b5394711b (patch) | |
| tree | 203cbcd3f9462737d872e24fb2c847ce9a69de45 /security/integrity/ima/ima_main.c | |
| parent | b575156dafef208415ff0842c392733d16d4ccf1 (diff) | |
IMA: use unsigned int instead of long for counters
Currently IMA uses 2 longs in struct inode. To save space (and as it
seems impossible to overflow 32 bits) we switch these to unsigned int.
The switch to unsigned does require slightly different checks for
underflow, but it isn't complex.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/integrity/ima/ima_main.c')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 995bd1b98fa8..5a1bf3df11f8 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
| @@ -178,11 +178,18 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode, | |||
| 178 | struct file *file) | 178 | struct file *file) |
| 179 | { | 179 | { |
| 180 | mode_t mode = file->f_mode; | 180 | mode_t mode = file->f_mode; |
| 181 | bool dump = false; | ||
| 182 | |||
| 181 | BUG_ON(!mutex_is_locked(&iint->mutex)); | 183 | BUG_ON(!mutex_is_locked(&iint->mutex)); |
| 182 | 184 | ||
| 183 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) | 185 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) { |
| 186 | if (unlikely(iint->readcount == 0)) | ||
| 187 | dump = true; | ||
| 184 | iint->readcount--; | 188 | iint->readcount--; |
| 189 | } | ||
| 185 | if (mode & FMODE_WRITE) { | 190 | if (mode & FMODE_WRITE) { |
| 191 | if (unlikely(iint->writecount == 0)) | ||
| 192 | dump = true; | ||
| 186 | iint->writecount--; | 193 | iint->writecount--; |
| 187 | if (iint->writecount == 0) { | 194 | if (iint->writecount == 0) { |
| 188 | if (iint->version != inode->i_version) | 195 | if (iint->version != inode->i_version) |
| @@ -190,10 +197,8 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode, | |||
| 190 | } | 197 | } |
| 191 | } | 198 | } |
| 192 | 199 | ||
| 193 | if (((iint->readcount < 0) || | 200 | if (dump && !ima_limit_imbalance(file)) { |
| 194 | (iint->writecount < 0)) && | 201 | printk(KERN_INFO "%s: open/free imbalance (r:%u w:%u)\n", |
| 195 | !ima_limit_imbalance(file)) { | ||
| 196 | printk(KERN_INFO "%s: open/free imbalance (r:%ld w:%ld)\n", | ||
| 197 | __func__, iint->readcount, iint->writecount); | 202 | __func__, iint->readcount, iint->writecount); |
| 198 | dump_stack(); | 203 | dump_stack(); |
| 199 | } | 204 | } |