On Fri, 2014-10-03 at 14:40 +0300, Dmitry Kasatkin wrote: > Empty policy lines cause parsing failures which is, especially > for new users, hard to spot. This patch prevents it. > > It is now possible to 'cat policy > <securityfs>/ima/policy'.
The patch itself is fine, but dropping this comment as commit "6ccd045 ima: handle multiple rules per write" already added support to 'cat' the policy. Mimi > Changes in v2: > * strip leading blanks and tabs in rules to prevent parsing failures > > Signed-off-by: Dmitry Kasatkin <[email protected]> > --- > security/integrity/ima/ima_policy.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/security/integrity/ima/ima_policy.c > b/security/integrity/ima/ima_policy.c > index bf232b9..d2c47d4 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -696,8 +696,9 @@ ssize_t ima_parse_add_rule(char *rule) > > p = strsep(&rule, "\n"); > len = strlen(p) + 1; > + p += strspn(p, " \t"); > > - if (*p == '#') > + if (*p == '#' || *p == '\0') > return len; > > entry = kzalloc(sizeof(*entry), GFP_KERNEL); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
