IMA: set entry->action to UNKNOWN rather than hard coding
authorEric Paris <eparis@redhat.com>
Tue, 20 Apr 2010 14:21:07 +0000 (10:21 -0400)
committerJames Morris <jmorris@namei.org>
Tue, 20 Apr 2010 23:58:14 +0000 (09:58 +1000)
ima_parse_rule currently sets entry->action = -1 and then later tests
if (entry->action == UNKNOWN).  It is true that UNKNOWN == -1 but actually
setting it to UNKNOWN makes a lot more sense in case things change in the
future.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/integrity/ima/ima_policy.c

index c771a20366915466192555521569ea9874c8d497..012701157378584e0ef7e51faceda2deae0a8192 100644 (file)
@@ -264,7 +264,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
        ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
 
        entry->uid = -1;
-       entry->action = -1;
+       entry->action = UNKNOWN;
        while ((p = strsep(&rule, " ")) != NULL) {
                substring_t args[MAX_OPT_ARGS];
                int token;