diff options
-rw-r--r-- | include/linux/fs.h | 3 | ||||
-rw-r--r-- | security/integrity/ima/ima_iint.c | 7 | ||||
-rw-r--r-- | security/integrity/ima/ima_main.c | 11 |
3 files changed, 11 insertions, 10 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index baf3e55..ef85322 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -794,8 +794,7 @@ struct inode { #endif #ifdef CONFIG_IMA - /* protected by i_lock */ - unsigned int i_readcount; /* struct files open RO */ + atomic_t i_readcount; /* struct files open RO */ #endif atomic_t i_writecount; #ifdef CONFIG_SECURITY diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index c442e47..f005355 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -137,10 +137,11 @@ void ima_inode_free(struct inode *inode) { struct ima_iint_cache *iint; - if (inode->i_readcount) - printk(KERN_INFO "%s: readcount: %u\n", __func__, inode->i_readcount); + if (atomic_read(&inode->i_readcount)) + printk(KERN_INFO "%s: readcount: %u\n", __func__, + atomic_read(&inode->i_readcount)); - inode->i_readcount = 0; + atomic_set(&inode->i_readcount, 0); if (!IS_IMA(inode)) return; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 203de97..6e8cb93 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -113,7 +113,7 @@ void ima_counts_get(struct file *file) goto out; if (mode & FMODE_WRITE) { - if (inode->i_readcount && IS_IMA(inode)) + if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) send_tomtou = true; goto out; } @@ -127,7 +127,7 @@ void ima_counts_get(struct file *file) out: /* remember the vfs deals with i_writecount */ if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) - inode->i_readcount++; + atomic_inc(&inode->i_readcount); spin_unlock(&inode->i_lock); @@ -149,15 +149,16 @@ static void ima_dec_counts(struct inode *inode, struct file *file) assert_spin_locked(&inode->i_lock); if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) { - if (unlikely(inode->i_readcount == 0)) { + if (unlikely(atomic_read(&inode->i_readcount) == 0)) { if (!ima_limit_imbalance(file)) { printk(KERN_INFO "%s: open/free imbalance (r:%u)\n", - __func__, inode->i_readcount); + __func__, + atomic_read(&inode->i_readcount)); dump_stack(); } return; } - inode->i_readcount--; + atomic_dec(&inode->i_readcount); } } |