On Thu, 2019-12-12 at 17:59 -0800, Lakshmi Ramasubramanian wrote:
> On 12/12/19 5:55 PM, Mimi Zohar wrote:
> >> +/*
> >> + * ima_process_queued_keys() - process keys queued for measurement
> >> + *
> >> + * This function sets ima_process_keys to true and processes queued keys.
> >> + * From here on keys will be processed right away (not queued).
> >> + */
> >> +void ima_process_queued_keys(void)
> >> +{
> >> + struct ima_key_entry *entry, *tmp;
> >> + LIST_HEAD(temp_ima_keys);
> >> +
> >> + if (ima_process_keys)
> >> + return;
> >> +
> >> + /*
> >> + * To avoid holding the mutex when processing queued keys,
> >> + * transfer the queued keys with the mutex held to a temp list,
> >> + * release the mutex, and then process the queued keys from
> >> + * the temp list.
> >> + *
> >> + * Since ima_process_keys is set to true, any new key will be
> >> + * processed immediately and not be queued.
> >> + */
> >> + INIT_LIST_HEAD(&temp_ima_keys);
> >> +
> >> + mutex_lock(&ima_keys_mutex);
> >
> > Don't you need a test here, before setting ima_process_keys?
> >
> > if (ima_process_keys)
> > return;
> >
> > Mimi
>
> That check is done before the comment - at the start of
> ima_process_queued_keys().
The first test prevents taking the mutex unnecessarily.
Mimi
> +void ima_process_queued_keys(void)
> +{
> + struct ima_key_entry *entry, *tmp;
> + LIST_HEAD(temp_ima_keys);
> +
> + if (ima_process_keys)
> + return;
>
> thanks,
> -lakshmi
