evm: additional parameter to pass integrity cache entry 'iint'

Additional iint parameter allows to skip lookup in the cache.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@nokia.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

1 files changed, 8 insertions, 10 deletions

diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index b65adb5b06c8..0fa8261c3655 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -127,21 +127,19 @@ static int evm_protected_xattr(const char *req_xattr_name)
  */
 enum integrity_status evm_verifyxattr(struct dentry *dentry,
                                       const char *xattr_name,
-                                      void *xattr_value, size_t xattr_value_len)
+                                      void *xattr_value, size_t xattr_value_len,
+                                      struct integrity_iint_cache *iint)
 {
-        struct inode *inode = dentry->d_inode;
-        struct integrity_iint_cache *iint;
-        enum integrity_status status;
-
         if (!evm_initialized || !evm_protected_xattr(xattr_name))
                 return INTEGRITY_UNKNOWN;
 
-        iint = integrity_iint_find(inode);
-        if (!iint)
-                return INTEGRITY_UNKNOWN;
-        status = evm_verify_hmac(dentry, xattr_name, xattr_value,
+        if (!iint) {
+                iint = integrity_iint_find(dentry->d_inode);
+                if (!iint)
+                        return INTEGRITY_UNKNOWN;
+        }
+        return evm_verify_hmac(dentry, xattr_name, xattr_value,
                                  xattr_value_len, iint);
-        return status;
 }
 EXPORT_SYMBOL_GPL(evm_verifyxattr);