|
@@ -91,8 +91,13 @@ static void ima_rdwr_violation_check(struct file *file)
|
|
|
mutex_lock(&inode->i_mutex); /* file metadata: permissions, xattr */
|
|
mutex_lock(&inode->i_mutex); /* file metadata: permissions, xattr */
|
|
|
|
|
|
|
|
if (mode & FMODE_WRITE) {
|
|
if (mode & FMODE_WRITE) {
|
|
|
- if (atomic_read(&inode->i_readcount) && IS_IMA(inode))
|
|
|
|
|
- send_tomtou = true;
|
|
|
|
|
|
|
+ if (atomic_read(&inode->i_readcount) && IS_IMA(inode)) {
|
|
|
|
|
+ struct integrity_iint_cache *iint;
|
|
|
|
|
+ iint = integrity_iint_find(inode);
|
|
|
|
|
+ /* IMA_MEASURE is set from reader side */
|
|
|
|
|
+ if (iint && (iint->flags & IMA_MEASURE))
|
|
|
|
|
+ send_tomtou = true;
|
|
|
|
|
+ }
|
|
|
} else {
|
|
} else {
|
|
|
if ((atomic_read(&inode->i_writecount) > 0) &&
|
|
if ((atomic_read(&inode->i_writecount) > 0) &&
|
|
|
ima_must_measure(inode, MAY_READ, FILE_CHECK))
|
|
ima_must_measure(inode, MAY_READ, FILE_CHECK))
|
Dmitry Kasatkin