summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-04-20 16:21:18 +0200
committerJames Morris <jmorris@namei.org>2010-04-21 01:58:16 +0200
commit28ef4002ec7b4be27f1110b83e255df8159c786a (patch)
treee7b32aeb36ecf2d76235aa7d436a7578738a98cc /security
parentIMA: reject policies with unknown entries (diff)
downloadlinux-28ef4002ec7b4be27f1110b83e255df8159c786a.tar.xz
linux-28ef4002ec7b4be27f1110b83e255df8159c786a.zip
IMA: handle whitespace better
IMA parser will fail if whitespace is used in any way other than a single space. Using a tab or even using 2 spaces in a row will result in a policy being rejected. This patch makes the kernel ignore whitespace a bit better. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/ima/ima_policy.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dee2dc062bcc..1bc9e31ae250 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
entry->uid = -1;
entry->action = UNKNOWN;
- while ((p = strsep(&rule, " ")) != NULL) {
+ while ((p = strsep(&rule, " \t")) != NULL) {
substring_t args[MAX_OPT_ARGS];
int token;
unsigned long lnum;
if (result < 0)
break;
- if (!*p)
- break;
+ if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
+ continue;
token = match_token(p, policy_tokens, args);
switch (token) {
case Opt_measure: