diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2009-12-16 12:04:02 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-12-16 12:04:02 -0800 |
| commit | bac5e54c29f352d962a2447d22735316b347b9f1 (patch) | |
| tree | 7642993fa93164835ffaa2dacd341388193f1979 /security/integrity/ima/ima_iint.c | |
| parent | 529e89430d6c0d64db8ac474cb95e68e2527c79a (diff) | |
| parent | c05c4edd876b7ae92787d1295868afcb89b6a348 (diff) | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (38 commits)
direct I/O fallback sync simplification
ocfs: stop using do_sync_mapping_range
cleanup blockdev_direct_IO locking
make generic_acl slightly more generic
sanitize xattr handler prototypes
libfs: move EXPORT_SYMBOL for d_alloc_name
vfs: force reval of target when following LAST_BIND symlinks (try #7)
ima: limit imbalance msg
Untangling ima mess, part 3: kill dead code in ima
Untangling ima mess, part 2: deal with counters
Untangling ima mess, part 1: alloc_file()
O_TRUNC open shouldn't fail after file truncation
ima: call ima_inode_free ima_inode_free
IMA: clean up the IMA counts updating code
ima: only insert at inode creation time
ima: valid return code from ima_inode_alloc
fs: move get_empty_filp() deffinition to internal.h
Sanitize exec_permission_lite()
Kill cached_lookup() and real_lookup()
Kill path_lookup_open()
...
Trivial conflicts in fs/direct-io.c
Diffstat (limited to 'security/integrity/ima/ima_iint.c')
| -rw-r--r-- | security/integrity/ima/ima_iint.c | 79 |
1 files changed, 12 insertions, 67 deletions
diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index a4e2b1dac94..fa592ff1ac1 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -19,8 +19,6 @@ #include <linux/radix-tree.h> #include "ima.h" -#define ima_iint_delete ima_inode_free - RADIX_TREE(ima_iint_store, GFP_ATOMIC); DEFINE_SPINLOCK(ima_iint_lock); @@ -45,22 +43,21 @@ out: return iint; } -/* Allocate memory for the iint associated with the inode - * from the iint_cache slab, initialize the iint, and - * insert it into the radix tree. - * - * On success return a pointer to the iint; on failure return NULL. +/** + * ima_inode_alloc - allocate an iint associated with an inode + * @inode: pointer to the inode */ -struct ima_iint_cache *ima_iint_insert(struct inode *inode) +int ima_inode_alloc(struct inode *inode) { struct ima_iint_cache *iint = NULL; int rc = 0; if (!ima_initialized) - return iint; + return 0; + iint = kmem_cache_alloc(iint_cache, GFP_NOFS); if (!iint) - return iint; + return -ENOMEM; rc = radix_tree_preload(GFP_NOFS); if (rc < 0) @@ -70,65 +67,13 @@ struct ima_iint_cache *ima_iint_insert(struct inode *inode) rc = radix_tree_insert(&ima_iint_store, (unsigned long)inode, iint); spin_unlock(&ima_iint_lock); out: - if (rc < 0) { + if (rc < 0) kmem_cache_free(iint_cache, iint); - if (rc == -EEXIST) { - spin_lock(&ima_iint_lock); - iint = radix_tree_lookup(&ima_iint_store, - (unsigned long)inode); - spin_unlock(&ima_iint_lock); - } else - iint = NULL; - } - radix_tree_preload_end(); - return iint; -} - -/** - * ima_inode_alloc - allocate an iint associated with an inode - * @inode: pointer to the inode - * - * Return 0 on success, 1 on failure. - */ -int ima_inode_alloc(struct inode *inode) -{ - struct ima_iint_cache *iint; - - if (!ima_initialized) - return 0; - - iint = ima_iint_insert(inode); - if (!iint) - return 1; - return 0; -} - -/* ima_iint_find_insert_get - get the iint associated with an inode - * - * Most insertions are done at inode_alloc, except those allocated - * before late_initcall. When the iint does not exist, allocate it, - * initialize and insert it, and increment the iint refcount. - * - * (Can't initialize at security_initcall before any inodes are - * allocated, got to wait at least until proc_init.) - * - * Return the iint. - */ -struct ima_iint_cache *ima_iint_find_insert_get(struct inode *inode) -{ - struct ima_iint_cache *iint = NULL; - iint = ima_iint_find_get(inode); - if (iint) - return iint; - - iint = ima_iint_insert(inode); - if (iint) - kref_get(&iint->refcount); + radix_tree_preload_end(); - return iint; + return rc; } -EXPORT_SYMBOL_GPL(ima_iint_find_insert_get); /* iint_free - called when the iint refcount goes to zero */ void iint_free(struct kref *kref) @@ -164,12 +109,12 @@ void iint_rcu_free(struct rcu_head *rcu_head) } /** - * ima_iint_delete - called on integrity_inode_free + * ima_inode_free - called on security_inode_free * @inode: pointer to the inode * * Free the integrity information(iint) associated with an inode. */ -void ima_iint_delete(struct inode *inode) +void ima_inode_free(struct inode *inode) { struct ima_iint_cache *iint; |