aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima.h1
-rw-r--r--security/integrity/ima/ima_iint.c6
-rw-r--r--security/integrity/ima/ima_main.c16
3 files changed, 6 insertions, 17 deletions
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 80aca3d2cb71..b546b90f5fa8 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -108,7 +108,6 @@ struct ima_iint_cache {
108 struct mutex mutex; /* protects: version, flags, digest */ 108 struct mutex mutex; /* protects: version, flags, digest */
109 /* protected by inode->i_lock */ 109 /* protected by inode->i_lock */
110 unsigned int readcount; /* measured files readcount */ 110 unsigned int readcount; /* measured files readcount */
111 unsigned int writecount;/* measured files writecount */
112 struct kref refcount; /* ima_iint_cache reference count */ 111 struct kref refcount; /* ima_iint_cache reference count */
113}; 112};
114 113
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c
index db71a13f27fe..e68891f8d55a 100644
--- a/security/integrity/ima/ima_iint.c
+++ b/security/integrity/ima/ima_iint.c
@@ -129,11 +129,6 @@ void iint_free(struct kref *kref)
129 iint->readcount); 129 iint->readcount);
130 iint->readcount = 0; 130 iint->readcount = 0;
131 } 131 }
132 if (iint->writecount != 0) {
133 printk(KERN_INFO "%s: writecount: %u\n", __func__,
134 iint->writecount);
135 iint->writecount = 0;
136 }
137 kref_init(&iint->refcount); 132 kref_init(&iint->refcount);
138 kmem_cache_free(iint_cache, iint); 133 kmem_cache_free(iint_cache, iint);
139} 134}
@@ -166,7 +161,6 @@ static void init_once(void *foo)
166 iint->flags = 0UL; 161 iint->flags = 0UL;
167 mutex_init(&iint->mutex); 162 mutex_init(&iint->mutex);
168 iint->readcount = 0; 163 iint->readcount = 0;
169 iint->writecount = 0;
170 kref_init(&iint->refcount); 164 kref_init(&iint->refcount);
171} 165}
172 166
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 2f9b5d50424e..24660bf3f82a 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -94,8 +94,6 @@ static void ima_inc_counts(struct ima_iint_cache *iint, fmode_t mode)
94 94
95 if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) 95 if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
96 iint->readcount++; 96 iint->readcount++;
97 if (mode & FMODE_WRITE)
98 iint->writecount++;
99} 97}
100 98
101/* 99/*
@@ -173,18 +171,16 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode,
173 iint->readcount--; 171 iint->readcount--;
174 } 172 }
175 if (mode & FMODE_WRITE) { 173 if (mode & FMODE_WRITE) {
176 if (unlikely(iint->writecount == 0)) 174 if (atomic_read(&inode->i_writecount) <= 0)
177 dump = true; 175 dump = true;
178 iint->writecount--; 176 if (atomic_read(&inode->i_writecount) == 1 &&
179 if (iint->writecount == 0) { 177 iint->version != inode->i_version)
180 if (iint->version != inode->i_version) 178 iint->flags &= ~IMA_MEASURED;
181 iint->flags &= ~IMA_MEASURED;
182 }
183 } 179 }
184 180
185 if (dump && !ima_limit_imbalance(file)) { 181 if (dump && !ima_limit_imbalance(file)) {
186 printk(KERN_INFO "%s: open/free imbalance (r:%u w:%u)\n", 182 printk(KERN_INFO "%s: open/free imbalance (r:%u)\n",
187 __func__, iint->readcount, iint->writecount); 183 __func__, iint->readcount);
188 dump_stack(); 184 dump_stack();
189 } 185 }
190} 186}