summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDmitry Kasatkin <d.kasatkin@samsung.com>2014-02-27 19:16:47 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2014-03-07 18:15:48 +0100
commit1d91ac6213003f525ac34da5e39cbb6612d19deb (patch)
tree8182a8b6df13e506b1888fce3395b75a9aa1f23b
parentevm: EVM does not use MD5 (diff)
downloadlinux-1d91ac6213003f525ac34da5e39cbb6612d19deb.tar.xz
linux-1d91ac6213003f525ac34da5e39cbb6612d19deb.zip
ima: skip memory allocation for empty files
Memory allocation is unnecessary for empty files. This patch calculates the hash without memory allocation. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
-rw-r--r--security/integrity/ima/ima_crypto.c20
1 files changed, 12 insertions, 8 deletions
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index d257e3631152..1bde8e627766 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -87,16 +87,20 @@ static int ima_calc_file_hash_tfm(struct file *file,
if (rc != 0)
return rc;
- rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
- if (!rbuf) {
- rc = -ENOMEM;
+ i_size = i_size_read(file_inode(file));
+
+ if (i_size == 0)
goto out;
- }
+
+ rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
+ if (!rbuf)
+ return -ENOMEM;
+
if (!(file->f_mode & FMODE_READ)) {
file->f_mode |= FMODE_READ;
read = 1;
}
- i_size = i_size_read(file_inode(file));
+
while (offset < i_size) {
int rbuf_len;
@@ -113,12 +117,12 @@ static int ima_calc_file_hash_tfm(struct file *file,
if (rc)
break;
}
- kfree(rbuf);
- if (!rc)
- rc = crypto_shash_final(&desc.shash, hash->digest);
if (read)
file->f_mode &= ~FMODE_READ;
+ kfree(rbuf);
out:
+ if (!rc)
+ rc = crypto_shash_final(&desc.shash, hash->digest);
return rc;
}