projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ab51f3) | patch
vfs: move ima_file_free before releasing the file
authorMimi Zohar <zohar@linux.vnet.ibm.com>
Thu, 17 Mar 2011 02:48:43 +0000 (22:48 -0400)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Fri, 7 Sep 2012 18:57:27 +0000 (14:57 -0400)
commit4199d35cbc90c15db447d115bd96ffa5f1d60d3a
treef012b30b0b2269eef36261ac5b7a918cd91f95b8tree | snapshot (tar.gz zip)
parent2ab51f3721f7abdf92d89cb79d3d6c0062ddc14bcommit | diff
vfs: move ima_file_free before releasing the file

ima_file_free(), called on __fput(), currently flags files that have
changed, so that the file is re-measured.  For appraising a files's
integrity, the file's hash must be re-calculated and stored in the
'security.ima' xattr to reflect any changes.

This patch moves the ima_file_free() call to before releasing the file
in preparation of ima-appraisal measuring the file and updating the
'security.ima' xattr.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
fs/file_table.c diff | blob | blame | history