From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> Use the READ_ONCE() and WRITE_ONCE() macros to mark concurrent read and write accesses to the portion of the inode security blob containing the iint pointer. Writers are serialized by the iint lock. Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> --- security/integrity/ima/ima_iint.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c index fca9db293c79..c763f431fbc1 100644 --- a/security/integrity/ima/ima_iint.c +++ b/security/integrity/ima/ima_iint.c @@ -32,7 +32,7 @@ struct ima_iint_cache *ima_iint_find(struct inode *inode) if (!iint_lock) return NULL; - return iint_lock->iint; + return READ_ONCE(iint_lock->iint); } #define IMA_MAX_NESTING (FILESYSTEM_MAX_STACK_DEPTH + 1) @@ -99,7 +99,7 @@ struct ima_iint_cache *ima_inode_get(struct inode *inode) lockdep_assert_held(&iint_lock->mutex); - iint = iint_lock->iint; + iint = READ_ONCE(iint_lock->iint); if (iint) return iint; @@ -109,7 +109,7 @@ struct ima_iint_cache *ima_inode_get(struct inode *inode) ima_iint_init_always(iint, inode); - iint_lock->iint = iint; + WRITE_ONCE(iint_lock->iint, iint); return iint; } -- 2.47.0.118.gfd3785337b
