Skip to content

Commit

Permalink
ima: no need to allocate entry for comment
Browse files Browse the repository at this point in the history 
If a rule is a comment, there is no need to allocate an entry.
Move the checking for comments before allocating the entry.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
  • Loading branch information
Dmitry Kasatkin authored and Mimi Zohar committed Oct 12, 2014
1 parent 78bb5d0 commit 272a6e9
Showing 1 changed file with 6 additions and 8 deletions.
14 changes: 6 additions & 8 deletions security/integrity/ima/ima_policy.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -694,6 +694,12 @@ ssize_t ima_parse_add_rule(char *rule)
return -EACCES;
}

p = strsep(&rule, "\n");
len = strlen(p) + 1;

if (*p == '#')
return len;

entry = kzalloc(sizeof(*entry), GFP_KERNEL);
if (!entry) {
integrity_audit_msg(AUDIT_INTEGRITY_STATUS, NULL,
Expand All @@ -703,14 +709,6 @@ ssize_t ima_parse_add_rule(char *rule)

INIT_LIST_HEAD(&entry->list);

p = strsep(&rule, "\n");
len = strlen(p) + 1;

if (*p == '#') {
kfree(entry);
return len;
}

result = ima_parse_rule(p, entry);
if (result) {
kfree(entry);
Expand Down

0 comments on commit 272a6e9

Please sign in to comment.