summaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-04-20 16:21:07 +0200
committerJames Morris <jmorris@namei.org>2010-04-21 01:58:14 +0200
commitb9035b1fd7933c11e68dbbf49b530cc43bf1da65 (patch)
treeb2f6846ee36422db9a58705e902054d4dac1c438 /security/integrity
parentIMA: do not allow the same rule to specify the same thing twice (diff)
downloadlinux-b9035b1fd7933c11e68dbbf49b530cc43bf1da65.tar.xz
linux-b9035b1fd7933c11e68dbbf49b530cc43bf1da65.zip
IMA: set entry->action to UNKNOWN rather than hard coding
ima_parse_rule currently sets entry->action = -1 and then later tests if (entry->action == UNKNOWN). It is true that UNKNOWN == -1 but actually setting it to UNKNOWN makes a lot more sense in case things change in the future. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/ima/ima_policy.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index c771a2036691..012701157378 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -264,7 +264,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
entry->uid = -1;
- entry->action = -1;
+ entry->action = UNKNOWN;
while ((p = strsep(&rule, " ")) != NULL) {
substring_t args[MAX_OPT_ARGS];
int token;