linux-hardened/security/integrity/ima
Mimi Zohar 1adace9bb0 ima: remove unnecessary call to ima_must_measure
The original ima_must_measure() function based its results on cached
iint information, which required an iint be allocated for all files.
Currently, an iint is allocated only for files in policy.  As a result,
for those files in policy, ima_must_measure() is now called twice: once
to determine if the inode is in the measurement policy and, the second
time, to determine if it needs to be measured/re-measured.

The second call to ima_must_measure() unnecessarily checks to see if
the file is in policy. As we already know the file is in policy, this
patch removes the second unnecessary call to ima_must_measure(), removes
the vestige iint parameter, and just checks the iint directly to determine
if the inode has been measured or needs to be measured/re-measured.

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
2011-02-23 16:38:52 -05:00
..
ima.h ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_api.c ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
ima_crypto.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
ima_fs.c ima: use generic_file_llseek for securityfs 2010-08-02 15:34:58 +10:00
ima_iint.c IMA: remove IMA imbalance checking 2011-02-10 07:51:44 -05:00
ima_init.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
ima_main.c ima: remove unnecessary call to ima_must_measure 2011-02-23 16:38:52 -05:00
ima_policy.c ima: fix add LSM rule bug 2011-01-03 16:36:33 -08:00
ima_queue.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
Kconfig ima: remove ACPI dependency 2010-05-17 09:21:58 +10:00
Makefile integrity: IMA display 2009-02-06 09:05:31 +11:00