diff options
| author |   Eric Paris <eparis@redhat.com> | 2010-04-20 10:21:18 -0400 |
|---|---|---|
| committer |   James Morris <jmorris@namei.org> | 2010-04-21 09:58:16 +1000 |
| commit | 28ef4002ec7b4be27f1110b83e255df8159c786a (patch) | |
| tree | e7b32aeb36ecf2d76235aa7d436a7578738a98cc /security/integrity | |
| parent | IMA: reject policies with unknown entries (diff) | |
| download | linux-dev-28ef4002ec7b4be27f1110b83e255df8159c786a.tar.xz linux-dev-28ef4002ec7b4be27f1110b83e255df8159c786a.zip | |
IMA: handle whitespace better
IMA parser will fail if whitespace is used in any way other than a single
space. Using a tab or even using 2 spaces in a row will result in a policy
being rejected. This patch makes the kernel ignore whitespace a bit better.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity')
| -rw-r--r-- | security/integrity/ima/ima_policy.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index dee2dc062bcc..1bc9e31ae250 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) entry->uid = -1; entry->action = UNKNOWN; - while ((p = strsep(&rule, " ")) != NULL) { + while ((p = strsep(&rule, " \t")) != NULL) { substring_t args[MAX_OPT_ARGS]; int token; unsigned long lnum; if (result < 0) break; - if (!*p) - break; + if ((*p == '\0') || (*p == ' ') || (*p == '\t')) + continue; token = match_token(p, policy_tokens, args); switch (token) { case Opt_measure: |