From 890275b5eb79e9933d12290473eab9ac38da0051 Mon Sep 17 00:00:00 2001 From: Mimi Zohar Date: Tue, 2 Nov 2010 10:13:07 -0400 Subject: IMA: maintain i_readcount in the VFS layer ima_counts_get() updated the readcount and invalidated the PCR, as necessary. Only update the i_readcount in the VFS layer. Move the PCR invalidation checks to ima_file_check(), where it belongs. Maintaining the i_readcount in the VFS layer, will allow other subsystems to use i_readcount. Signed-off-by: Mimi Zohar Acked-by: Eric Paris --- fs/file_table.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'fs/file_table.c') diff --git a/fs/file_table.c b/fs/file_table.c index c3dee381f1b..0c724deb46f 100644 --- a/fs/file_table.c +++ b/fs/file_table.c @@ -190,7 +190,8 @@ struct file *alloc_file(struct path *path, fmode_t mode, file_take_write(file); WARN_ON(mnt_clone_write(path->mnt)); } - ima_counts_get(file); + if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) + i_readcount_inc(path->dentry->d_inode); return file; } EXPORT_SYMBOL(alloc_file); @@ -251,6 +252,8 @@ static void __fput(struct file *file) fops_put(file->f_op); put_pid(file->f_owner.pid); file_sb_list_del(file); + if ((file->f_mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) + i_readcount_dec(inode); if (file->f_mode & FMODE_WRITE) drop_file_write_access(file); file->f_path.dentry = NULL; -- cgit v1.2.3-18-g5258