dm-ima: don't copy the active table to the inactive table

If an inactive table was cleared, dm_ima_measure_on_table_clear() was
copying the ima.active_table to ima.inactive_table. This is not what
device-mapper does, and it makes the IMA measurements show an inactive
table when there isn't one. Also, once this is removed, the code no
longer needs to keep checking if the active and the inactive table point
to the same memory.

Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com>
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>

diff --git a/drivers/md/dm-ima.c b/drivers/md/dm-ima.c
index 8b84b676cad44c1fd9697aa4fa7361d8fc7081c6..c141068bc6b46aa3852f5f18ab51b393b28ce7c2 100644 (file)
--- a/drivers/md/dm-ima.c
+++ b/drivers/md/dm-ima.c
@@ -281,17 +281,13 @@ void dm_ima_measure_on_table_load(struct dm_table *table)
        if (!digest_buf)
                goto error;
 
-       if (table->md->ima.active_table.hash != table->md->ima.inactive_table.hash)
-               kfree(table->md->ima.inactive_table.hash);
-
+       kfree(table->md->ima.inactive_table.hash);
        table->md->ima.inactive_table.hash = digest_buf;
        table->md->ima.inactive_table.hash_len = strlen(digest_buf);
        table->md->ima.inactive_table.num_targets = num_targets;
 
-       if (table->md->ima.active_table.device_metadata !=
-           table->md->ima.inactive_table.device_metadata)
-               kfree(table->md->ima.inactive_table.device_metadata);
 
+       kfree(table->md->ima.inactive_table.device_metadata);
        table->md->ima.inactive_table.device_metadata = device_data_buf;
        table->md->ima.inactive_table.device_metadata_len = device_data_buf_len;
 
@@ -330,19 +326,9 @@ void dm_ima_measure_on_device_resume(struct mapped_device *md, bool swap)
        l += strlen(DM_IMA_VERSION_STR);
 
        if (swap) {
-               if (md->ima.active_table.hash != md->ima.inactive_table.hash)
-                       kfree(md->ima.active_table.hash);
-
-               md->ima.active_table.hash = NULL;
-               md->ima.active_table.hash_len = 0;
-
-               if (md->ima.active_table.device_metadata !=
-                   md->ima.inactive_table.device_metadata)
-                       kfree(md->ima.active_table.device_metadata);
-
-               md->ima.active_table.device_metadata = NULL;
-               md->ima.active_table.device_metadata_len = 0;
-               md->ima.active_table.num_targets = 0;
+               kfree(md->ima.active_table.hash);
+               kfree(md->ima.active_table.device_metadata);
+               memset(&md->ima.active_table, 0, sizeof(md->ima.active_table));
 
                if (md->ima.inactive_table.hash) {
                        md->ima.active_table.hash = md->ima.inactive_table.hash;
@@ -518,15 +504,10 @@ error:
        kfree(capacity_str);
 exit:
        kfree(md->ima.active_table.device_metadata);
-
-       if (md->ima.active_table.device_metadata !=
-           md->ima.inactive_table.device_metadata)
-               kfree(md->ima.inactive_table.device_metadata);
+       kfree(md->ima.inactive_table.device_metadata);
 
        kfree(md->ima.active_table.hash);
-
-       if (md->ima.active_table.hash != md->ima.inactive_table.hash)
-               kfree(md->ima.inactive_table.hash);
+       kfree(md->ima.inactive_table.hash);
 
        memset(&md->ima.active_table, 0, sizeof(md->ima.active_table));
        memset(&md->ima.inactive_table, 0, sizeof(md->ima.inactive_table));
@@ -594,34 +575,9 @@ void dm_ima_measure_on_table_clear(struct mapped_device *md, bool new_map)
        dm_ima_measure_data("dm_table_clear", device_table_data, l, noio);
 
        if (new_map) {
-               if (md->ima.inactive_table.hash &&
-                   md->ima.inactive_table.hash != md->ima.active_table.hash)
-                       kfree(md->ima.inactive_table.hash);
-
-               md->ima.inactive_table.hash = NULL;
-               md->ima.inactive_table.hash_len = 0;
-
-               if (md->ima.inactive_table.device_metadata &&
-                   md->ima.inactive_table.device_metadata != md->ima.active_table.device_metadata)
-                       kfree(md->ima.inactive_table.device_metadata);
-
-               md->ima.inactive_table.device_metadata = NULL;
-               md->ima.inactive_table.device_metadata_len = 0;
-               md->ima.inactive_table.num_targets = 0;
-
-               if (md->ima.active_table.hash) {
-                       md->ima.inactive_table.hash = md->ima.active_table.hash;
-                       md->ima.inactive_table.hash_len = md->ima.active_table.hash_len;
-               }
-
-               if (md->ima.active_table.device_metadata) {
-                       md->ima.inactive_table.device_metadata =
-                               md->ima.active_table.device_metadata;
-                       md->ima.inactive_table.device_metadata_len =
-                               md->ima.active_table.device_metadata_len;
-                       md->ima.inactive_table.num_targets =
-                               md->ima.active_table.num_targets;
-               }
+               kfree(md->ima.inactive_table.hash);
+               kfree(md->ima.inactive_table.device_metadata);
+               memset(&md->ima.inactive_table, 0, sizeof(md->ima.inactive_table));
        }
 
        kfree(dev_name);