mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-01-22 07:53:11 -05:00
Code Activity

ima: ignore suffixed policy rule comments

Browse source 
Lines beginning with '#' in the IMA policy are comments and are ignored.
Instead of placing the rule and comment on separate lines, allow the
comment to be suffixed to the IMA policy rule.

Reviewed-by: Petr Vorel <pvorel@suse.cz>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2024-12-27 08:28:32 -05:00
parent 7eef7c8bac
commit 4785ed362a
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
security/integrity/ima/ima_policy.c
View file

@ -1432,7 +1432,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
int token; int token;
unsigned long lnum; unsigned long lnum;
if (result < 0) if (result < 0 || *p == '#') /* ignore suffixed comment */
break; break;
if ((*p == '\0') || (*p == ' ') || (*p == '\t')) if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
continue; continue;