diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2009-05-05 13:12:48 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-05-06 10:35:53 +1000 |
commit | 53fc0e2259f261602a2750dcc82b8d7bf04d3c35 (patch) | |
tree | 09eaec1b928d433cc50485331bc75f1f2529d0e9 | |
parent | 78a3d9d5654a7fd99cf8b2ab06b9497b9c7aad64 (diff) | |
download | op-kernel-dev-53fc0e2259f261602a2750dcc82b8d7bf04d3c35.zip op-kernel-dev-53fc0e2259f261602a2750dcc82b8d7bf04d3c35.tar.gz |
integrity: lsm audit rule matching fix
An audit subsystem change replaced AUDIT_EQUAL with Audit_equal.
Update calls to security_filter_rule_init()/match() to reflect
the change.
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/integrity/ima/ima_policy.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index b5291ad..b168c1d 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -96,7 +96,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule, if ((rule->flags & IMA_UID) && rule->uid != tsk->cred->uid) return false; for (i = 0; i < MAX_LSM_RULES; i++) { - int rc; + int rc = 0; u32 osid, sid; if (!rule->lsm[i].rule) @@ -109,7 +109,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule, security_inode_getsecid(inode, &osid); rc = security_filter_rule_match(osid, rule->lsm[i].type, - AUDIT_EQUAL, + Audit_equal, rule->lsm[i].rule, NULL); break; @@ -119,7 +119,7 @@ static bool ima_match_rules(struct ima_measure_rule_entry *rule, security_task_getsecid(tsk, &sid); rc = security_filter_rule_match(sid, rule->lsm[i].type, - AUDIT_EQUAL, + Audit_equal, rule->lsm[i].rule, NULL); default: @@ -227,7 +227,7 @@ static int ima_lsm_rule_init(struct ima_measure_rule_entry *entry, entry->lsm[lsm_rule].type = audit_type; result = security_filter_rule_init(entry->lsm[lsm_rule].type, - AUDIT_EQUAL, args, + Audit_equal, args, &entry->lsm[lsm_rule].rule); return result; } |