mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2024-11-21 19:46:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

evm: stop avoidably reading i_writecount in evm_file_release

Browse Source 
The EVM_NEW_FILE flag is unset if the file already existed at the time
of open and this can be checked without looking at i_writecount.

Not accessing it reduces traffic on the cacheline during parallel open
of the same file and drop the evm_file_release routine from second place
to bottom of the profile.

Fixes: 75a323e604 ("evm: Make it independent from 'integrity' LSM")
Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
Reviewed-by: Roberto Sassu <roberto.sassu@huawei.com>
Cc: stable@vger.kernel.org # 6.9+
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mateusz Guzik 2024-08-06 15:36:07 +02:00 committed by Mimi Zohar
parent 923168a063
commit 699ae62419
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
security/integrity/evm/evm_main.c
View File

@ -1084,7 +1084,8 @@ static void evm_file_release(struct file *file)
if (!S_ISREG(inode->i_mode) || !(mode & FMODE_WRITE))
return;
if (iint && atomic_read(&inode->i_writecount) == 1)
if (iint && iint->flags & EVM_NEW_FILE &&
atomic_read(&inode->i_writecount) == 1)
iint->flags &= ~EVM_NEW_FILE;
}