void ima_cleanup(void);
int ima_fs_init(void);
void ima_fs_cleanup(void);
+int ima_inode_alloc(struct inode *inode);
int ima_add_template_entry(struct ima_template_entry *entry, int violation,
const char *op, struct inode *inode);
int ima_calc_hash(struct file *file, char *digest);
unsigned char flags;
u8 digest[IMA_DIGEST_SIZE];
struct mutex mutex; /* protects: version, flags, digest */
- /* protected by inode->i_lock */
- unsigned int readcount; /* measured files readcount */
struct kref refcount; /* ima_iint_cache reference count */
};
refcount);
iint->version = 0;
iint->flags = 0UL;
- if (iint->readcount != 0) {
- printk(KERN_INFO "%s: readcount: %u\n", __func__,
- iint->readcount);
- iint->readcount = 0;
- }
kref_init(&iint->refcount);
kmem_cache_free(iint_cache, iint);
}
{
struct ima_iint_cache *iint;
+ if (inode->i_readcount)
+ printk(KERN_INFO "%s: readcount: %u\n", __func__, inode->i_readcount);
+
+ inode->i_readcount = 0;
+
spin_lock(&ima_iint_lock);
iint = __ima_iint_find(inode);
if (iint)
iint->version = 0;
iint->flags = 0UL;
mutex_init(&iint->mutex);
- iint->readcount = 0;
kref_init(&iint->refcount);
}
return found;
}
-/*
- * Update the counts given an fmode_t
- */
-static void ima_inc_counts(struct ima_iint_cache *iint, fmode_t mode)
-{
- assert_spin_locked(&iint->inode->i_lock);
-
- if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
- iint->readcount++;
-}
-
/*
* ima_counts_get - increment file counts
*
struct dentry *dentry = file->f_path.dentry;
struct inode *inode = dentry->d_inode;
fmode_t mode = file->f_mode;
- struct ima_iint_cache *iint;
int rc;
bool send_tomtou = false, send_writers = false;
- if (!iint_initialized || !S_ISREG(inode->i_mode))
+ if (!S_ISREG(inode->i_mode))
return;
- iint = ima_iint_find_get(inode);
- if (!iint)
- return;
- mutex_lock(&iint->mutex);
+
spin_lock(&inode->i_lock);
if (!ima_initialized)
goto out;
- rc = ima_must_measure(iint, inode, MAY_READ, FILE_CHECK);
+ rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK);
if (rc < 0)
goto out;
if (mode & FMODE_WRITE) {
- if (iint->readcount)
+ if (inode->i_readcount)
send_tomtou = true;
goto out;
}
if (atomic_read(&inode->i_writecount) > 0)
send_writers = true;
out:
- ima_inc_counts(iint, file->f_mode);
+ /* remember the vfs deals with i_writecount */
+ if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
+ inode->i_readcount++;
spin_unlock(&inode->i_lock);
- mutex_unlock(&iint->mutex);
- kref_put(&iint->refcount, iint_free);
if (send_tomtou)
ima_add_violation(inode, dentry->d_name.name, "invalid_pcr",
assert_spin_locked(&inode->i_lock);
if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) {
- if (unlikely(iint->readcount == 0))
+ if (unlikely(inode->i_readcount == 0))
dump = true;
- iint->readcount--;
+ inode->i_readcount--;
}
if (mode & FMODE_WRITE) {
if (atomic_read(&inode->i_writecount) <= 0)
if (dump && !ima_limit_imbalance(file)) {
printk(KERN_INFO "%s: open/free imbalance (r:%u)\n",
- __func__, iint->readcount);
+ __func__, inode->i_readcount);
dump_stack();
}
}
projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff