Commit 99db179f authored by Mimi Zohar's avatar Mimi Zohar Committed by Greg Kroah-Hartman

ima: ecryptfs fix imbalance message

commit 36520be8 upstream.

The unencrypted files are being measured.  Update the counters to get
rid of the ecryptfs imbalance message. (http://bugzilla.redhat.com/519737)

Reported-by: Sachin Garg
Cc: Eric Paris <eparis@redhat.com>
Cc: Dustin Kirkland <kirkland@canonical.com>
Cc: James Morris <jmorris@namei.org>
Cc: David Safford <safford@watson.ibm.com>
Signed-off-by: default avatarMimi Zohar <zohar@us.ibm.com>
Signed-off-by: default avatarTyler Hicks <tyhicks@linux.vnet.ibm.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
parent 94c517d6
...@@ -35,6 +35,7 @@ ...@@ -35,6 +35,7 @@
#include <linux/key.h> #include <linux/key.h>
#include <linux/parser.h> #include <linux/parser.h>
#include <linux/fs_stack.h> #include <linux/fs_stack.h>
#include <linux/ima.h>
#include "ecryptfs_kernel.h" #include "ecryptfs_kernel.h"
/** /**
...@@ -118,6 +119,7 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) ...@@ -118,6 +119,7 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
const struct cred *cred = current_cred(); const struct cred *cred = current_cred();
struct ecryptfs_inode_info *inode_info = struct ecryptfs_inode_info *inode_info =
ecryptfs_inode_to_private(ecryptfs_dentry->d_inode); ecryptfs_inode_to_private(ecryptfs_dentry->d_inode);
int opened_lower_file = 0;
int rc = 0; int rc = 0;
mutex_lock(&inode_info->lower_file_mutex); mutex_lock(&inode_info->lower_file_mutex);
...@@ -134,9 +136,12 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry) ...@@ -134,9 +136,12 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
"for lower_dentry [0x%p] and lower_mnt [0x%p]; " "for lower_dentry [0x%p] and lower_mnt [0x%p]; "
"rc = [%d]\n", lower_dentry, lower_mnt, rc); "rc = [%d]\n", lower_dentry, lower_mnt, rc);
inode_info->lower_file = NULL; inode_info->lower_file = NULL;
} } else
opened_lower_file = 1;
} }
mutex_unlock(&inode_info->lower_file_mutex); mutex_unlock(&inode_info->lower_file_mutex);
if (opened_lower_file)
ima_counts_get(inode_info->lower_file);
return rc; return rc;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment