diff options
Diffstat (limited to 'security/integrity/ima/ima_main.c')
| -rw-r--r-- | security/integrity/ima/ima_main.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c index 101c512564ec..b85e61bcf246 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -249,7 +249,11 @@ void ima_counts_put(struct path *path, int mask) struct inode *inode = path->dentry->d_inode; struct ima_iint_cache *iint; - if (!ima_initialized || !S_ISREG(inode->i_mode)) + /* The inode may already have been freed, freeing the iint + * with it. Verify the inode is not NULL before dereferencing + * it. + */ + if (!ima_initialized || !inode || !S_ISREG(inode->i_mode)) return; iint = ima_iint_find_insert_get(inode); if (!iint) @@ -262,6 +266,8 @@ void ima_counts_put(struct path *path, int mask) else if (mask & (MAY_READ | MAY_EXEC)) iint->readcount--; mutex_unlock(&iint->mutex); + + kref_put(&iint->refcount, iint_free); } /* @@ -291,6 +297,8 @@ void ima_counts_get(struct file *file) if (file->f_mode & FMODE_WRITE) iint->writecount++; mutex_unlock(&iint->mutex); + + kref_put(&iint->refcount, iint_free); } EXPORT_SYMBOL_GPL(ima_counts_get); |