ima: ignore empty and with whitespaces policy lines

Empty policy lines cause parsing failures which is, especially
for new users, hard to spot. This patch prevents it.

Changes in v2:
* strip leading blanks and tabs in rules to prevent parsing failures

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index bf232b98011e7cd12b8874f5ff3ccbfbf8c2fc13..d2c47d4df7b7339d017fb0459c023569ca1a6a56 100644 (file)
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -696,8 +696,9 @@ ssize_t ima_parse_add_rule(char *rule)
 
        p = strsep(&rule, "\n");
        len = strlen(p) + 1;
+       p += strspn(p, " \t");
 
-       if (*p == '#')
+       if (*p == '#' || *p == '\0')
                return len;
 
        entry = kzalloc(sizeof(*entry), GFP_KERNEL);