On 12/12/2019 2:54 PM, Mimi Zohar wrote:
I can also move the setting of ima_process_key flag inside the lock
along with the above change.
My concern is with the last sentence "Since ima_process_keys is set to
true above, any new key will be processed immediately and not queued."
It's unlikely, but possible, that a second process will wait for the
ima_keys_mutex. Either we remove this sentence or move setting
ima_process_keys to after taking the lock.
Mimi
Sure - i'll move the setting of ima_process_keys flag inside the lock
and define the flag as static. Will keep the comment as is.
thanks,
-lakshmi
