evm: clean verification status
Dmitry Kasatkin [Mon, 15 Aug 2011 12:30:11 +0000 (15:30 +0300)]
When allocating from slab, initialization is done the first time in
init_once() and subsequently on free.  Because evm_status was not
re-initialized on free, evm_verify_hmac() skipped verifications.

This patch re-initializes evm_status.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>

security/integrity/iint.c

index 0a23e07..399641c 100644 (file)
@@ -74,6 +74,7 @@ static void iint_free(struct integrity_iint_cache *iint)
 {
        iint->version = 0;
        iint->flags = 0UL;
+       iint->evm_status = INTEGRITY_UNKNOWN;
        kmem_cache_free(iint_cache, iint);
 }