commit bf2276d10ce58ff44ab8857266a6718024496af6
author Dmitry Kasatkin <dmitry.kasatkin@intel.com> Wed Oct 19 12:04:40 2011 +0300
committer Mimi Zohar <zohar@linux.vnet.ibm.com> Fri Sep 07 14:57:45 2012 -0400
tree 7be39c026fd30856248f68c964d0f1e2ae703c25
parent 07f6a79415d7d502ee0c7d02ace6594a7be7429a

ima: allocating iint improvements

With IMA-appraisal's removal of the iint mutex and taking the i_mutex
instead, allocating the iint becomes a lot simplier, as we don't need
to be concerned with two processes racing to allocate the iint. This
patch cleans up and improves performance for allocating the iint.

- removed redundant double i_mutex locking
- combined iint allocation with tree search

Changelog v2:
- removed the rwlock/read_lock changes from this patch

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>

security/integrity/ima/ima_main.c

diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 6eb28d4..df65212 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -162,19 +162,14 @@
 	if (!action)
 		return 0;
 
-retry:
-	iint = integrity_iint_find(inode);
-	if (!iint) {
-		rc = integrity_inode_alloc(inode);
-		if (!rc || rc == -EEXIST)
-			goto retry;
-		return rc;
-	}
-
 	must_appraise = action & IMA_APPRAISE;
 
 	mutex_lock(&inode->i_mutex);
 
+	iint = integrity_inode_get(inode);
+	if (!iint)
+		goto out;
+
 	/* Determine if already appraised/measured based on bitmask
 	 * (IMA_MEASURE, IMA_MEASURED, IMA_APPRAISE, IMA_APPRAISED) */
 	iint->flags |= action;