ima: initialize ima before inodes can be allocated

[safe/jmp/linux-2.6] / security / integrity / ima / ima_iint.c

diff --git a/security/integrity/ima/ima_iint.c b/security/integrity/ima/ima_iint.c
index fa592ff..0d83edc 100644 (file)
--- a/security/integrity/ima/ima_iint.c
+++ b/security/integrity/ima/ima_iint.c
@@ -52,9 +52,6 @@ int ima_inode_alloc(struct inode *inode)
        struct ima_iint_cache *iint = NULL;
        int rc = 0;
 
-       if (!ima_initialized)
-               return 0;
-
        iint = kmem_cache_alloc(iint_cache, GFP_NOFS);
        if (!iint)
                return -ENOMEM;
@@ -118,8 +115,6 @@ void ima_inode_free(struct inode *inode)
 {
        struct ima_iint_cache *iint;
 
-       if (!ima_initialized)
-               return;
        spin_lock(&ima_iint_lock);
        iint = radix_tree_delete(&ima_iint_store, (unsigned long)inode);
        spin_unlock(&ima_iint_lock);
@@ -141,9 +136,11 @@ static void init_once(void *foo)
        kref_set(&iint->refcount, 1);
 }
 
-void __init ima_iintcache_init(void)
+static int __init ima_iintcache_init(void)
 {
        iint_cache =
            kmem_cache_create("iint_cache", sizeof(struct ima_iint_cache), 0,
                              SLAB_PANIC, init_once);
+       return 0;
 }
+security_initcall(ima_iintcache_init);