Integrity appraisal measures files on file_free and stores the file measurement as an xattr. Measure the file before releasing it. Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxx> Acked-by: Serge Hallyn <serue@xxxxxxxxxx> --- fs/file_table.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/fs/file_table.c b/fs/file_table.c index 5c7d10e..6bcb299 100644 --- a/fs/file_table.c +++ b/fs/file_table.c @@ -241,10 +241,10 @@ static void __fput(struct file *file) if (file->f_op && file->f_op->fasync) file->f_op->fasync(-1, file, 0); } + ima_file_free(file); if (file->f_op && file->f_op->release) file->f_op->release(inode, file); security_file_free(file); - ima_file_free(file); if (unlikely(S_ISCHR(inode->i_mode) && inode->i_cdev != NULL)) cdev_put(inode->i_cdev); fops_put(file->f_op); -- 1.6.6.1 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
