diff options
author | Eric Paris <eparis@redhat.com> | 2010-04-20 16:21:18 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2010-04-21 01:58:16 +0200 |
commit | 28ef4002ec7b4be27f1110b83e255df8159c786a (patch) | |
tree | e7b32aeb36ecf2d76235aa7d436a7578738a98cc /security | |
parent | IMA: reject policies with unknown entries (diff) | |
download | linux-28ef4002ec7b4be27f1110b83e255df8159c786a.tar.xz linux-28ef4002ec7b4be27f1110b83e255df8159c786a.zip |
IMA: handle whitespace better
IMA parser will fail if whitespace is used in any way other than a single
space. Using a tab or even using 2 spaces in a row will result in a policy
being rejected. This patch makes the kernel ignore whitespace a bit better.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/integrity/ima/ima_policy.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index dee2dc062bcc..1bc9e31ae250 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) entry->uid = -1; entry->action = UNKNOWN; - while ((p = strsep(&rule, " ")) != NULL) { + while ((p = strsep(&rule, " \t")) != NULL) { substring_t args[MAX_OPT_ARGS]; int token; unsigned long lnum; if (result < 0) break; - if (!*p) - break; + if ((*p == '\0') || (*p == ' ') || (*p == '\t')) + continue; token = match_token(p, policy_tokens, args); switch (token) { case Opt_measure: |