---

yaml --- r: 192427 b: refs/heads/master c: 7233e3e h: refs/heads/master i: 192425: 989cafb 192423: 434ffbf v: v3
git-mirror · Apr 20, 2010 · 58cd7e7 · 58cd7e7
1 parent f1b686b
commit 58cd7e7
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 8 deletions.
diff --git a/[refs] b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 28ef4002ec7b4be27f1110b83e255df8159c786a
+refs/heads/master: 7233e3ee22b1506723411fe437bcf69f678e8cdd
diff --git a/trunk/security/integrity/ima/ima_policy.c b/trunk/security/integrity/ima/ima_policy.c
@@ -445,19 +445,26 @@ ssize_t ima_parse_add_rule(char *rule)
 
 	p = strsep(&rule, "\n");
 	len = strlen(p) + 1;
+
+	if (*p == '#') {
+		kfree(entry);
+		return len;
+	}
+
 	result = ima_parse_rule(p, entry);
-	if (!result) {
-		result = len;
-		mutex_lock(&ima_measure_mutex);
-		list_add_tail(&entry->list, &measure_policy_rules);
-		mutex_unlock(&ima_measure_mutex);
-	} else {
+	if (result) {
 		kfree(entry);
 		integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
 				    NULL, op, "invalid policy", result,
 				    audit_info);
+		return result;
 	}
-	return result;
+
+	mutex_lock(&ima_measure_mutex);
+	list_add_tail(&entry->list, &measure_policy_rules);
+	mutex_unlock(&ima_measure_mutex);
+
+	return len;
 }
 
 /* ima_delete_rules called to cleanup invalid policy */