aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_iint.c16
-rw-r--r--security/integrity/ima/ima_main.c1
2 files changed, 12 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c
index 969a1c1cb333..c442e47b6785 100644
--- a/security/integrity/ima/ima_iint.c
+++ b/security/integrity/ima/ima_iint.c
@@ -59,6 +59,9 @@ struct ima_iint_cache *ima_iint_find(struct inode *inode)
59{ 59{
60 struct ima_iint_cache *iint; 60 struct ima_iint_cache *iint;
61 61
62 if (!IS_IMA(inode))
63 return NULL;
64
62 spin_lock(&ima_iint_lock); 65 spin_lock(&ima_iint_lock);
63 iint = __ima_iint_find(inode); 66 iint = __ima_iint_find(inode);
64 spin_unlock(&ima_iint_lock); 67 spin_unlock(&ima_iint_lock);
@@ -91,6 +94,7 @@ int ima_inode_alloc(struct inode *inode)
91 new_iint->inode = inode; 94 new_iint->inode = inode;
92 new_node = &new_iint->rb_node; 95 new_node = &new_iint->rb_node;
93 96
97 mutex_lock(&inode->i_mutex); /* i_flags */
94 spin_lock(&ima_iint_lock); 98 spin_lock(&ima_iint_lock);
95 99
96 p = &ima_iint_tree.rb_node; 100 p = &ima_iint_tree.rb_node;
@@ -107,14 +111,17 @@ int ima_inode_alloc(struct inode *inode)
107 goto out_err; 111 goto out_err;
108 } 112 }
109 113
114 inode->i_flags |= S_IMA;
110 rb_link_node(new_node, parent, p); 115 rb_link_node(new_node, parent, p);
111 rb_insert_color(new_node, &ima_iint_tree); 116 rb_insert_color(new_node, &ima_iint_tree);
112 117
113 spin_unlock(&ima_iint_lock); 118 spin_unlock(&ima_iint_lock);
119 mutex_unlock(&inode->i_mutex); /* i_flags */
114 120
115 return 0; 121 return 0;
116out_err: 122out_err:
117 spin_unlock(&ima_iint_lock); 123 spin_unlock(&ima_iint_lock);
124 mutex_unlock(&inode->i_mutex); /* i_flags */
118 iint_free(new_iint); 125 iint_free(new_iint);
119 126
120 return rc; 127 return rc;
@@ -135,15 +142,14 @@ void ima_inode_free(struct inode *inode)
135 142
136 inode->i_readcount = 0; 143 inode->i_readcount = 0;
137 144
145 if (!IS_IMA(inode))
146 return;
147
138 spin_lock(&ima_iint_lock); 148 spin_lock(&ima_iint_lock);
139 iint = __ima_iint_find(inode); 149 iint = __ima_iint_find(inode);
140 if (iint) 150 rb_erase(&iint->rb_node, &ima_iint_tree);
141 rb_erase(&iint->rb_node, &ima_iint_tree);
142 spin_unlock(&ima_iint_lock); 151 spin_unlock(&ima_iint_lock);
143 152
144 if (!iint)
145 return;
146
147 iint_free(iint); 153 iint_free(iint);
148} 154}
149 155
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 1dccafef7494..60dd61527b1e 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -211,6 +211,7 @@ void ima_file_free(struct file *file)
211 211
212 if (!iint_initialized || !S_ISREG(inode->i_mode)) 212 if (!iint_initialized || !S_ISREG(inode->i_mode))
213 return; 213 return;
214
214 iint = ima_iint_find(inode); 215 iint = ima_iint_find(inode);
215 216
216 if (iint) 217 if (iint)