commit 28ef4002ec7b4be27f1110b83e255df8159c786a
author Eric Paris <eparis@redhat.com> Tue Apr 20 10:21:18 2010 -0400
committer James Morris <jmorris@namei.org> Wed Apr 21 09:58:16 2010 +1000
tree e7b32aeb36ecf2d76235aa7d436a7578738a98cc
parent e9d393bf8660fbbbe00617015224342bac3ea6fc

IMA: handle whitespace better

IMA parser will fail if whitespace is used in any way other than a single
space.  Using a tab or even using 2 spaces in a row will result in a policy
being rejected.  This patch makes the kernel ignore whitespace a bit better.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>

security/integrity/ima/ima_policy.c

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dee2dc0..1bc9e31 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -265,15 +265,15 @@
 
 	entry->uid = -1;
 	entry->action = UNKNOWN;
-	while ((p = strsep(&rule, " ")) != NULL) {
+	while ((p = strsep(&rule, " \t")) != NULL) {
 		substring_t args[MAX_OPT_ARGS];
 		int token;
 		unsigned long lnum;
 
 		if (result < 0)
 			break;
-		if (!*p)
-			break;
+		if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
+			continue;
 		token = match_token(p, policy_tokens, args);
 		switch (token) {
 		case Opt_measure: