IMA: handle whitespace better
authorEric Paris <eparis@redhat.com>
Tue, 20 Apr 2010 14:21:18 +0000 (10:21 -0400)
committerJames Morris <jmorris@namei.org>
Tue, 20 Apr 2010 23:58:16 +0000 (09:58 +1000)
IMA parser will fail if whitespace is used in any way other than a single
space.  Using a tab or even using 2 spaces in a row will result in a policy
being rejected.  This patch makes the kernel ignore whitespace a bit better.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/integrity/ima/ima_policy.c

index dee2dc062bcc8638b850b2546bc628915789af4f..1bc9e31ae2501f929d52f9f35095243e7cf8f059 100644 (file)
@@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
 
        entry->uid = -1;
        entry->action = UNKNOWN;
-       while ((p = strsep(&rule, " ")) != NULL) {
+       while ((p = strsep(&rule, " \t")) != NULL) {
                substring_t args[MAX_OPT_ARGS];
                int token;
                unsigned long lnum;
 
                if (result < 0)
                        break;
-               if (!*p)
-                       break;
+               if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
+                       continue;
                token = match_token(p, policy_tokens, args);
                switch (token) {
                case Opt_measure: