diff options
| -rw-r--r-- | security/integrity/ima/ima_main.c | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index dcc98cf542d8..7689c1e21f09 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
| @@ -81,7 +81,6 @@ static void ima_rdwr_violation_check(struct file *file) | |||
| 81 | { | 81 | { |
| 82 | struct inode *inode = file_inode(file); | 82 | struct inode *inode = file_inode(file); |
| 83 | fmode_t mode = file->f_mode; | 83 | fmode_t mode = file->f_mode; |
| 84 | int must_measure; | ||
| 85 | bool send_tomtou = false, send_writers = false; | 84 | bool send_tomtou = false, send_writers = false; |
| 86 | char *pathbuf = NULL; | 85 | char *pathbuf = NULL; |
| 87 | const char *pathname; | 86 | const char *pathname; |
| @@ -94,16 +93,12 @@ static void ima_rdwr_violation_check(struct file *file) | |||
| 94 | if (mode & FMODE_WRITE) { | 93 | if (mode & FMODE_WRITE) { |
| 95 | if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) | 94 | if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) |
| 96 | send_tomtou = true; | 95 | send_tomtou = true; |
| 97 | goto out; | 96 | } else { |
| 97 | if ((atomic_read(&inode->i_writecount) > 0) && | ||
| 98 | ima_must_measure(inode, MAY_READ, FILE_CHECK)) | ||
| 99 | send_writers = true; | ||
| 98 | } | 100 | } |
| 99 | 101 | ||
| 100 | must_measure = ima_must_measure(inode, MAY_READ, FILE_CHECK); | ||
| 101 | if (!must_measure) | ||
| 102 | goto out; | ||
| 103 | |||
| 104 | if (atomic_read(&inode->i_writecount) > 0) | ||
| 105 | send_writers = true; | ||
| 106 | out: | ||
| 107 | mutex_unlock(&inode->i_mutex); | 102 | mutex_unlock(&inode->i_mutex); |
| 108 | 103 | ||
| 109 | if (!send_tomtou && !send_writers) | 104 | if (!send_tomtou && !send_writers) |