Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 272a6e90 authored by Dmitry Kasatkin's avatar Dmitry Kasatkin Committed by Mimi Zohar
Browse files

ima: no need to allocate entry for comment 



If a rule is a comment, there is no need to allocate an entry.
Move the checking for comments before allocating the entry.

Signed-off-by: default avatarDmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: default avatarMimi Zohar <zohar@linux.vnet.ibm.com>
parent 78bb5d0b

security/integrity/ima/ima_policy.c

+6 −8
Original line number Diff line number Diff line
@@ -694,6 +694,12 @@ ssize_t ima_parse_add_rule(char *rule) 
		return -EACCES;

	}



	p = strsep(&rule, "\n");

	len = strlen(p) + 1;



	if (*p == '#')

		return len;



	entry = kzalloc(sizeof(*entry), GFP_KERNEL);

	if (!entry) {

		integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
@@ -703,14 +709,6 @@ ssize_t ima_parse_add_rule(char *rule) 


	INIT_LIST_HEAD(&entry->list);



	p = strsep(&rule, "\n");

	len = strlen(p) + 1;



	if (*p == '#') {

		kfree(entry);

		return len;

	}



	result = ima_parse_rule(p, entry);

	if (result) {

		kfree(entry);