The unencrypted files are being measured. Update the counters to get
rid of the ecryptfs imbalance message. (http://bugzilla.redhat.com/519737)
Reported-by: Sachin Garg
Cc: [email protected]
Signed-off-by: Mimi Zohar <[email protected]>
---
fs/ecryptfs/main.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
index 101fe4c..c6ac85d 100644
--- a/fs/ecryptfs/main.c
+++ b/fs/ecryptfs/main.c
@@ -35,6 +35,7 @@
#include <linux/key.h>
#include <linux/parser.h>
#include <linux/fs_stack.h>
+#include <linux/ima.h>
#include "ecryptfs_kernel.h"
/**
@@ -118,6 +119,7 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
const struct cred *cred = current_cred();
struct ecryptfs_inode_info *inode_info =
ecryptfs_inode_to_private(ecryptfs_dentry->d_inode);
+ int opened_lower_file = 0;
int rc = 0;
mutex_lock(&inode_info->lower_file_mutex);
@@ -134,9 +136,12 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
"for lower_dentry [0x%p] and lower_mnt [0x%p]; "
"rc = [%d]\n", lower_dentry, lower_mnt, rc);
inode_info->lower_file = NULL;
- }
+ } else
+ opened_lower_file = 1;
}
mutex_unlock(&inode_info->lower_file_mutex);
+ if (opened_lower_file)
+ ima_counts_get(inode_info->lower_file);
return rc;
}
--
1.6.0.6
On 10/05/2009 01:25 PM, Mimi Zohar wrote:
> The unencrypted files are being measured. Update the counters to get
> rid of the ecryptfs imbalance message. (http://bugzilla.redhat.com/519737)
>
> Reported-by: Sachin Garg
> Cc: [email protected]
> Signed-off-by: Mimi Zohar <[email protected]>
> ---
> fs/ecryptfs/main.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/fs/ecryptfs/main.c b/fs/ecryptfs/main.c
> index 101fe4c..c6ac85d 100644
> --- a/fs/ecryptfs/main.c
> +++ b/fs/ecryptfs/main.c
> @@ -35,6 +35,7 @@
> #include <linux/key.h>
> #include <linux/parser.h>
> #include <linux/fs_stack.h>
> +#include <linux/ima.h>
> #include "ecryptfs_kernel.h"
>
> /**
> @@ -118,6 +119,7 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
> const struct cred *cred = current_cred();
> struct ecryptfs_inode_info *inode_info =
> ecryptfs_inode_to_private(ecryptfs_dentry->d_inode);
> + int opened_lower_file = 0;
> int rc = 0;
>
> mutex_lock(&inode_info->lower_file_mutex);
> @@ -134,9 +136,12 @@ int ecryptfs_init_persistent_file(struct dentry *ecryptfs_dentry)
> "for lower_dentry [0x%p] and lower_mnt [0x%p]; "
> "rc = [%d]\n", lower_dentry, lower_mnt, rc);
> inode_info->lower_file = NULL;
> - }
> + } else
> + opened_lower_file = 1;
> }
> mutex_unlock(&inode_info->lower_file_mutex);
> + if (opened_lower_file)
> + ima_counts_get(inode_info->lower_file);
> return rc;
> }
>
Hi Mimi - Thanks for the updated patch!
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git#next
Tyler