summaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-05-18 16:26:10 +0200
committerJames Morris <jmorris@namei.org>2009-05-19 00:19:00 +0200
commit75834fc3b6fcff00327f5d2a18760c1e8e0179c5 (patch)
tree28b1085d2aa76517024709d2f077fdc41aeec4c2 /security/integrity
parentIMA: do not measure everything opened by root by default (diff)
downloadlinux-75834fc3b6fcff00327f5d2a18760c1e8e0179c5.tar.xz
linux-75834fc3b6fcff00327f5d2a18760c1e8e0179c5.zip
SELinux: move SELINUX_MAGIC into magic.h
The selinuxfs superblock magic is used inside the IMA code, but is being defined in two places and could someday get out of sync. This patch moves the declaration into magic.h so it is only done once. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_policy.c8
1 files changed, 3 insertions, 5 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dec6dcb1c8de..31d677f7c65f 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -49,14 +49,12 @@ struct ima_measure_rule_entry {
* written in terms of .action, .func, .mask, .fsmagic, and .uid
*/
static struct ima_measure_rule_entry default_rules[] = {
- {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,
- .flags = IMA_FSMAGIC},
+ {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC},
{.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC},
- {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,
- .flags = IMA_FSMAGIC},
- {.action = DONT_MEASURE,.fsmagic = 0xF97CFF8C,.flags = IMA_FSMAGIC},
+ {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
+ {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC},
{.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC,
.flags = IMA_FUNC | IMA_MASK},
{.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC,