diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima_main.c | 29 | ||||
-rw-r--r-- | security/integrity/ima/ima_queue.c | 3 |
2 files changed, 30 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 6f611874d10e..101c512564ec 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c | |||
@@ -238,7 +238,34 @@ out: | |||
238 | } | 238 | } |
239 | 239 | ||
240 | /* | 240 | /* |
241 | * ima_opens_get - increment file counts | 241 | * ima_counts_put - decrement file counts |
242 | * | ||
243 | * File counts are incremented in ima_path_check. On file open | ||
244 | * error, such as ETXTBSY, decrement the counts to prevent | ||
245 | * unnecessary imbalance messages. | ||
246 | */ | ||
247 | void ima_counts_put(struct path *path, int mask) | ||
248 | { | ||
249 | struct inode *inode = path->dentry->d_inode; | ||
250 | struct ima_iint_cache *iint; | ||
251 | |||
252 | if (!ima_initialized || !S_ISREG(inode->i_mode)) | ||
253 | return; | ||
254 | iint = ima_iint_find_insert_get(inode); | ||
255 | if (!iint) | ||
256 | return; | ||
257 | |||
258 | mutex_lock(&iint->mutex); | ||
259 | iint->opencount--; | ||
260 | if ((mask & MAY_WRITE) || (mask == 0)) | ||
261 | iint->writecount--; | ||
262 | else if (mask & (MAY_READ | MAY_EXEC)) | ||
263 | iint->readcount--; | ||
264 | mutex_unlock(&iint->mutex); | ||
265 | } | ||
266 | |||
267 | /* | ||
268 | * ima_counts_get - increment file counts | ||
242 | * | 269 | * |
243 | * - for IPC shm and shmat file. | 270 | * - for IPC shm and shmat file. |
244 | * - for nfsd exported files. | 271 | * - for nfsd exported files. |
diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c index 7ec94314ac0c..a0880e9c8e05 100644 --- a/security/integrity/ima/ima_queue.c +++ b/security/integrity/ima/ima_queue.c | |||
@@ -134,7 +134,8 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation, | |||
134 | } | 134 | } |
135 | out: | 135 | out: |
136 | mutex_unlock(&ima_extend_list_mutex); | 136 | mutex_unlock(&ima_extend_list_mutex); |
137 | integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode, entry->template_name, | 137 | integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode, |
138 | entry->template.file_name, | ||
138 | op, audit_cause, result, audit_info); | 139 | op, audit_cause, result, audit_info); |
139 | return result; | 140 | return result; |
140 | } | 141 | } |