提交 e8e66ed2 编写于 作者: L Linus Torvalds

Do not call 'ima_path_check()' for each path component

Not only is that a supremely timing-critical path, but it's hopefully
some day going to be lockless for the common case, and ima can't do
that.

Plus the integrity code doesn't even care about non-regular files, so it
was always a total waste of time and effort.
Acked-by: NSerge Hallyn <serue@us.ibm.com>
Acked-by: NMimi Zohar <zohar@us.ibm.com>
Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
上级 7c8460db
......@@ -856,9 +856,6 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
if (err == -EAGAIN)
err = inode_permission(nd->path.dentry->d_inode,
MAY_EXEC);
if (!err)
err = ima_path_check(&nd->path, MAY_EXEC,
IMA_COUNT_UPDATE);
if (err)
break;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册