diff options
Diffstat (limited to 'security/integrity')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 60dd61527b1e..203de979d305 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
| @@ -112,22 +112,23 @@ void ima_counts_get(struct file *file) | |||
| 112 | if (!ima_initialized) | 112 | if (!ima_initialized) |
| 113 | goto out; | 113 | goto out; |
| 114 | 114 | ||
| 115 | rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK); | ||
| 116 | if (rc < 0) | ||
| 117 | goto out; | ||
| 118 | |||
| 119 | if (mode & FMODE_WRITE) { | 115 | if (mode & FMODE_WRITE) { |
| 120 | if (inode->i_readcount) | 116 | if (inode->i_readcount && IS_IMA(inode)) |
| 121 | send_tomtou = true; | 117 | send_tomtou = true; |
| 122 | goto out; | 118 | goto out; |
| 123 | } | 119 | } |
| 124 | 120 | ||
| 121 | rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK); | ||
| 122 | if (rc < 0) | ||
| 123 | goto out; | ||
| 124 | |||
| 125 | if (atomic_read(&inode->i_writecount) > 0) | 125 | if (atomic_read(&inode->i_writecount) > 0) |
| 126 | send_writers = true; | 126 | send_writers = true; |
| 127 | out: | 127 | out: |
| 128 | /* remember the vfs deals with i_writecount */ | 128 | /* remember the vfs deals with i_writecount */ |
| 129 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) | 129 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
| 130 | inode->i_readcount++; | 130 | inode->i_readcount++; |
| 131 | |||
| 131 | spin_unlock(&inode->i_lock); | 132 | spin_unlock(&inode->i_lock); |
| 132 | 133 | ||
| 133 | if (send_tomtou) | 134 | if (send_tomtou) |