From 2960e6cb5f7c662b8edb6b0d2edc72095b4f5672 Mon Sep 17 00:00:00 2001 From: Dmitry Kasatkin Date: Fri, 6 May 2011 11:34:13 +0300 Subject: evm: additional parameter to pass integrity cache entry 'iint' Additional iint parameter allows to skip lookup in the cache. Signed-off-by: Dmitry Kasatkin Signed-off-by: Mimi Zohar --- security/integrity/evm/evm_main.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'security/integrity') diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index b65adb5b06c..0fa8261c365 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -127,21 +127,19 @@ static int evm_protected_xattr(const char *req_xattr_name) */ enum integrity_status evm_verifyxattr(struct dentry *dentry, const char *xattr_name, - void *xattr_value, size_t xattr_value_len) + void *xattr_value, size_t xattr_value_len, + struct integrity_iint_cache *iint) { - struct inode *inode = dentry->d_inode; - struct integrity_iint_cache *iint; - enum integrity_status status; - if (!evm_initialized || !evm_protected_xattr(xattr_name)) return INTEGRITY_UNKNOWN; - iint = integrity_iint_find(inode); - if (!iint) - return INTEGRITY_UNKNOWN; - status = evm_verify_hmac(dentry, xattr_name, xattr_value, + if (!iint) { + iint = integrity_iint_find(dentry->d_inode); + if (!iint) + return INTEGRITY_UNKNOWN; + } + return evm_verify_hmac(dentry, xattr_name, xattr_value, xattr_value_len, iint); - return status; } EXPORT_SYMBOL_GPL(evm_verifyxattr); -- cgit v1.2.3-18-g5258