summaryrefslogtreecommitdiff
path: root/security/integrity/ima/ima_main.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/integrity/ima/ima_main.c')
-rw-r--r--security/integrity/ima/ima_main.c15
1 files changed, 10 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 995bd1b98fa8..5a1bf3df11f8 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -178,11 +178,18 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode,
struct file *file)
{
mode_t mode = file->f_mode;
+ bool dump = false;
+
BUG_ON(!mutex_is_locked(&iint->mutex));
- if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ)
+ if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) {
+ if (unlikely(iint->readcount == 0))
+ dump = true;
iint->readcount--;
+ }
if (mode & FMODE_WRITE) {
+ if (unlikely(iint->writecount == 0))
+ dump = true;
iint->writecount--;
if (iint->writecount == 0) {
if (iint->version != inode->i_version)
@@ -190,10 +197,8 @@ static void ima_dec_counts(struct ima_iint_cache *iint, struct inode *inode,
}
}
- if (((iint->readcount < 0) ||
- (iint->writecount < 0)) &&
- !ima_limit_imbalance(file)) {
- printk(KERN_INFO "%s: open/free imbalance (r:%ld w:%ld)\n",
+ if (dump && !ima_limit_imbalance(file)) {
+ printk(KERN_INFO "%s: open/free imbalance (r:%u w:%u)\n",
__func__, iint->readcount, iint->writecount);
dump_stack();
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-18 23:10:57 +0000