From 28ef4002ec7b4be27f1110b83e255df8159c786a Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 20 Apr 2010 10:21:18 -0400 Subject: [PATCH] IMA: handle whitespace better IMA parser will fail if whitespace is used in any way other than a single space. Using a tab or even using 2 spaces in a row will result in a policy being rejected. This patch makes the kernel ignore whitespace a bit better. Signed-off-by: Eric Paris Acked-by: Mimi Zohar Signed-off-by: James Morris --- security/integrity/ima/ima_policy.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index dee2dc062bcc..1bc9e31ae250 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry) entry->uid = -1; entry->action = UNKNOWN; - while ((p = strsep(&rule, " ")) != NULL) { + while ((p = strsep(&rule, " \t")) != NULL) { substring_t args[MAX_OPT_ARGS]; int token; unsigned long lnum; if (result < 0) break; - if (!*p) - break; + if ((*p == '\0') || (*p == ' ') || (*p == '\t')) + continue; token = match_token(p, policy_tokens, args); switch (token) { case Opt_measure: -- 2.34.1