Do not call 'ima_path_check()' for each path component
Not only is that a supremely timing-critical path, but it's hopefully some day going to be lockless for the common case, and ima can't do that. Plus the integrity code doesn't even care about non-regular files, so it was always a total waste of time and effort. Acked-by: NSerge Hallyn <serue@us.ibm.com> Acked-by: NMimi Zohar <zohar@us.ibm.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
Showing
想要评论请 注册 或 登录