lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not call 'ima_path_check()' for each path component

Browse Source 
Not only is that a supremely timing-critical path, but it's hopefully
some day going to be lockless for the common case, and ima can't do
that.

Plus the integrity code doesn't even care about non-regular files, so it
was always a total waste of time and effort.

Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
Linus Torvalds
2009-08-28 10:05:33 -07:00
parent 7c8460db30
commit e8e66ed25b
1 changed files with 0 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
fs/namei.c
View File

@@ -856,9 +856,6 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
if (err == -EAGAIN) if (err == -EAGAIN)
err = inode_permission(nd->path.dentry->d_inode, err = inode_permission(nd->path.dentry->d_inode,
MAY_EXEC); MAY_EXEC);
if (!err)
err = ima_path_check(&nd->path, MAY_EXEC,
IMA_COUNT_UPDATE);
if (err) if (err)
break; break;