summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-04-20 10:21:07 -0400
committerJames Morris <jmorris@namei.org>2010-04-21 09:58:14 +1000
commitb9035b1fd7933c11e68dbbf49b530cc43bf1da65 (patch)
treeb2f6846ee36422db9a58705e902054d4dac1c438
parent7b62e162129c3b28d51016774e0c7c57c710c452 (diff)
downloadlinux-b9035b1fd7933c11e68dbbf49b530cc43bf1da65.tar.gz
linux-b9035b1fd7933c11e68dbbf49b530cc43bf1da65.tar.bz2
linux-b9035b1fd7933c11e68dbbf49b530cc43bf1da65.zip
IMA: set entry->action to UNKNOWN rather than hard coding
ima_parse_rule currently sets entry->action = -1 and then later tests if (entry->action == UNKNOWN). It is true that UNKNOWN == -1 but actually setting it to UNKNOWN makes a lot more sense in case things change in the future. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/integrity/ima/ima_policy.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index c771a2036691..012701157378 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -264,7 +264,7 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
entry->uid = -1;
- entry->action = -1;
+ entry->action = UNKNOWN;
while ((p = strsep(&rule, " ")) != NULL) {
substring_t args[MAX_OPT_ARGS];
int token;