Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 28ef4002 authored by Eric Paris's avatar Eric Paris Committed by James Morris
Browse files

IMA: handle whitespace better 



IMA parser will fail if whitespace is used in any way other than a single
space.  Using a tab or even using 2 spaces in a row will result in a policy
being rejected.  This patch makes the kernel ignore whitespace a bit better.

Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Acked-by: default avatarMimi Zohar <zohar@us.ibm.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent e9d393bf

security/integrity/ima/ima_policy.c

+3 −3
Original line number Original line Diff line number Diff line
@@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) 




	entry->uid = -1;

	entry->uid = -1;

	entry->action = UNKNOWN;

	entry->action = UNKNOWN;

	while ((p = strsep(&rule, " ")) != NULL) {

	while ((p = strsep(&rule, " \t")) != NULL) {

		substring_t args[MAX_OPT_ARGS];

		substring_t args[MAX_OPT_ARGS];

		int token;

		int token;

		unsigned long lnum;

		unsigned long lnum;





		if (result < 0)

		if (result < 0)

			break;

			break;

		if (!*p)

		if ((*p == '\0') || (*p == ' ') || (*p == '\t'))

			break;

			continue;

		token = match_token(p, policy_tokens, args);

		token = match_token(p, policy_tokens, args);

		switch (token) {

		switch (token) {

		case Opt_measure:

		case Opt_measure: