Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c9d9ac52 authored by Mimi Zohar's avatar Mimi Zohar Committed by James Morris
Browse files

integrity: move ima_counts_get 



Based on discussion on lkml (Andrew Morton and Eric Paris),
move ima_counts_get down a layer into shmem/hugetlb__file_setup().
Resolves drm shmem_file_setup() usage case as well.

HD comment:
  I still think you're doing this at the wrong level, but recognize
  that you probably won't be persuaded until a few more users of
  alloc_file() emerge, all wanting your ima_counts_get().

  Resolving GEM's shmem_file_setup() is an improvement, so I'll say

Acked-by: default avatarHugh Dickins <hugh.dickins@tiscali.co.uk>
Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent b9fc745d

fs/hugetlbfs/inode.c

+2 −0
Original line number Diff line number Diff line
@@ -30,6 +30,7 @@ 
#include <linux/dnotify.h>

#include <linux/statfs.h>

#include <linux/security.h>

#include <linux/ima.h>



#include <asm/uaccess.h>
@@ -997,6 +998,7 @@ struct file *hugetlb_file_setup(const char *name, size_t size, int acctflag) 
			&hugetlbfs_file_operations);

	if (!file)

		goto out_dentry; /* inode is already attached */

	ima_counts_get(file);



	return file;

ipc/shm.c

+0 −1
Original line number Diff line number Diff line
@@ -384,7 +384,6 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) 
	error = PTR_ERR(file);

	if (IS_ERR(file))

		goto no_file;

	ima_counts_get(file);



	id = ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni);

	if (id < 0) {

mm/shmem.c

+1 −1
Original line number Diff line number Diff line
@@ -2659,6 +2659,7 @@ struct file *shmem_file_setup(char *name, loff_t size, unsigned long flags) 
	if (error)

		goto close_file;

#endif

	ima_counts_get(file);

	return file;



close_file:
@@ -2684,7 +2685,6 @@ int shmem_zero_setup(struct vm_area_struct *vma) 
	if (IS_ERR(file))

		return PTR_ERR(file);



	ima_counts_get(file);

	if (vma->vm_file)

		fput(vma->vm_file);

	vma->vm_file = file;