diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima.h | 1 | ||||
-rw-r--r-- | security/integrity/ima/ima_iint.c | 6 | ||||
-rw-r--r-- | security/integrity/ima/ima_main.c | 16 |
3 files changed, 6 insertions, 17 deletions
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 80aca3d2cb71..b546b90f5fa8 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h | |||
@@ -108,7 +108,6 @@ struct ima_iint_cache { | |||
108 | struct mutex mutex; /* protects: version, flags, digest */ | 108 | struct mutex mutex; /* protects: version, flags, digest */ |
109 | /* protected by inode->i_lock */ | 109 | /* protected by inode->i_lock */ |
110 | unsigned int readcount; /* measured files readcount */ | 110 | unsigned int readcount; /* measured files readcount */ |
111 | unsigned int writecount;/* measured files writecount */ | ||
112 | struct kref refcount; /* ima_iint_cache reference count */ | 111 | struct kref refcount; /* ima_iint_cache reference count */ |
113 | }; | 112 | }; |
114 | 113 | ||
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index db71a13f27fe..e68891f8d55a 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c | |||
@@ -129,11 +129,6 @@ void iint_free(struct kref *kref) | |||
129 | iint->readcount); | 129 | iint->readcount); |
130 | iint->readcount = 0; | 130 | iint->readcount = 0; |
131 | } | 131 | } |
132 | if (iint->writecount != 0) { | ||
133 | printk(KERN_INFO "%s: writecount: %u\n", __func__, | ||
134 | iint->writecount); | ||
135 | iint->writecount = 0; | ||
136 | } | ||
137 | kref_init(&iint->refcount); | 132 | kref_init(&iint->refcount); |
138 | kmem_cache_free(iint_cache, iint); | 133 | kmem_cache_free(iint_cache, iint); |
139 | } | 134 | } |
@@ -166,7 +161,6 @@ static void init_once(void *foo) | |||
166 | iint->flags = 0UL; | 161 | iint->flags = 0UL; |
167 | mutex_init(&iint->mutex); | 162 | mutex_init(&iint->mutex); |
168 | iint->readcount = 0; | 163 | iint->readcount = 0; |
169 | iint->writecount = 0; | ||
170 | kref_init(&iint->refcount); | 164 | kref_init(&iint->refcount); |
171 | } | 165 | } |
172 | 166 | ||
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 2f9b5d50424e..24660bf3f82a 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
@@ -94,8 +94,6 @@ static void ima_inc_counts(struct ima_iint_cache *iint, fmode_t mode) | |||
94 | 94 | ||
95 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) | 95 | if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) |
96 | iint->readcount++; | 96 | iint->readcount++; |
97 | if (mode & FMODE_WRITE) | ||
98 | iint->writecount++; | ||
99 | } | 97 | } |
100 | 98 | ||
101 | /* | 99 | /* |
@@ -173,18 +171,16 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode, | |||
173 | iint->readcount--; | 171 | iint->readcount--; |
174 | } | 172 | } |
175 | if (mode & FMODE_WRITE) { | 173 | if (mode & FMODE_WRITE) { |
176 | if (unlikely(iint->writecount == 0)) | 174 | if (atomic_read(&inode->i_writecount) <= 0) |
177 | dump = true; | 175 | dump = true; |
178 | iint->writecount--; | 176 | if (atomic_read(&inode->i_writecount) == 1 && |
179 | if (iint->writecount == 0) { | 177 | iint->version != inode->i_version) |
180 | if (iint->version != inode->i_version) | 178 | iint->flags &= ~IMA_MEASURED; |
181 | iint->flags &= ~IMA_MEASURED; | ||
182 | } | ||
183 | } | 179 | } |
184 | 180 | ||
185 | if (dump && !ima_limit_imbalance(file)) { | 181 | if (dump && !ima_limit_imbalance(file)) { |
186 | printk(KERN_INFO "%s: open/free imbalance (r:%u w:%u)\n", | 182 | printk(KERN_INFO "%s: open/free imbalance (r:%u)\n", |
187 | __func__, iint->readcount, iint->writecount); | 183 | __func__, iint->readcount); |
188 | dump_stack(); | 184 | dump_stack(); |
189 | } | 185 | } |
190 | } | 186 | } |