IMA: set entry->action to UNKNOWN rather than hard coding
ima_parse_rule currently sets entry->action = -1 and then later tests
if (entry->action == UNKNOWN). It is true that UNKNOWN == -1 but actually
setting it to UNKNOWN makes a lot more sense in case things change in the
future.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index c771a20..0127011 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -264,7 +264,7 @@
ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
entry->uid = -1;
- entry->action = -1;
+ entry->action = UNKNOWN;
while ((p = strsep(&rule, " ")) != NULL) {
substring_t args[MAX_OPT_ARGS];
int token;