integrity: Fix possible multiple allocation in integrity_inode_get()
stable inclusion from stable-v4.19.291 commit 2a3ff660ccab67d3fde64ecd88caa73c883eb265 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I7ZELT CVE: NA -------------------------------- commit 9df6a487 upstream. When integrity_inode_get() is querying and inserting the cache, there is a conditional race in the concurrent environment. The race condition is the result of not properly implementing "double-checked locking". In this case, it first checks to see if the iint cache record exists before taking the lock, but doesn't check again after taking the integrity_iint_lock. Fixes: bf2276d1 ("ima: allocating iint improvements") Signed-off-by:Tianjia Zhang <tianjia.zhang@linux.alibaba.com> Cc: Dmitry Kasatkin <dmitry.kasatkin@gmail.com> Cc: <stable@vger.kernel.org> # v3.10+ Signed-off-by:
Loading
Please sign in to comment