diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 60dd61527b1e0881eb1818e97cde3034b0d2d026..203de979d30565811c2da951cae458e08645d6ab 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -112,22 +112,23 @@ void ima_counts_get(struct file *file) if (!ima_initialized) goto out; - rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK); - if (rc < 0) - goto out; - if (mode & FMODE_WRITE) { - if (inode->i_readcount) + if (inode->i_readcount && IS_IMA(inode)) send_tomtou = true; goto out; } + rc = ima_must_measure(NULL, inode, MAY_READ, FILE_CHECK); + if (rc < 0) + goto out; + if (atomic_read(&inode->i_writecount) > 0) send_writers = true; out: /* remember the vfs deals with i_writecount */ if ((mode & (FMODE_READ | FMODE_WRITE)) == FMODE_READ) inode->i_readcount++; + spin_unlock(&inode->i_lock); if (send_tomtou)