Re: [PATCH v5 2/2] ima: Handle -ESTALE returned by ima_filter_rule_match()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Scott,

On Wed, 2022-09-21 at 20:58 +0800, GUO Zihua wrote:
>                 }
> -               if (!rc)
> -                       return false;
> +
> +               if (rc == -ESTALE && !rule_reinitialized) {

Ok, this limits allocating ima_lsm_copy_rule() to the first -ESTALE,

> +                       lsm_rule = ima_lsm_copy_rule(rule);
> +                       if (lsm_rule) {
> +                               rule_reinitialized = true;
> +                               goto retry;

but "retry" is also limited to the first -ESTALE.

> +                       }
> +               }
> +               if (!rc) {
> +                       result = false;
> +                       goto out;
> +               }
>         }
> -       return true;
> +       result = true;
> +
> +out:
> +       if (rule_reinitialized) {
> +               for (i = 0; i < MAX_LSM_RULES; i++)
> +                       ima_filter_rule_free(lsm_rule->lsm[i].rule);
> +               kfree(lsm_rule);
> +       }
> +       return result;
>  }

-- 

thanks,

Mimi
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux