summaryrefslogtreecommitdiffstats
path: root/security/integrity/ima
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2024-12-01 03:14:56 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2024-12-01 03:14:56 +0100
commit8a6a03ad5b04a29f07fb79d2990d93c82394f730 (patch)
treeaecdecce90a0b9f3250d61ae680043f2c23416ca /security/integrity/ima
parentMerge tag 'block-6.13-20242901' of git://git.kernel.dk/linux (diff)
parentima: uncover hidden variable in ima_match_rules() (diff)
downloadlinux-8a6a03ad5b04a29f07fb79d2990d93c82394f730.tar.xz
linux-8a6a03ad5b04a29f07fb79d2990d93c82394f730.zip
Merge tag 'lsm-pr-20241129' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm
Pull ima fix from Paul Moore: "One small patch to fix a function parameter / local variable naming snafu that went up to you in the current merge window" * tag 'lsm-pr-20241129' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: ima: uncover hidden variable in ima_match_rules()
Diffstat (limited to 'security/integrity/ima')
-rw-r--r--security/integrity/ima/ima_policy.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dbfd554b4624..21a8e54c383f 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -635,7 +635,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
return false;
for (i = 0; i < MAX_LSM_RULES; i++) {
int rc = 0;
- struct lsm_prop prop = { };
+ struct lsm_prop inode_prop = { };
if (!lsm_rule->lsm[i].rule) {
if (!lsm_rule->lsm[i].args_p)
@@ -649,15 +649,16 @@ retry:
case LSM_OBJ_USER:
case LSM_OBJ_ROLE:
case LSM_OBJ_TYPE:
- security_inode_getlsmprop(inode, &prop);
- rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type,
+ security_inode_getlsmprop(inode, &inode_prop);
+ rc = ima_filter_rule_match(&inode_prop,
+ lsm_rule->lsm[i].type,
Audit_equal,
lsm_rule->lsm[i].rule);
break;
case LSM_SUBJ_USER:
case LSM_SUBJ_ROLE:
case LSM_SUBJ_TYPE:
- rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type,
+ rc = ima_filter_rule_match(prop, lsm_rule->lsm[i].type,
Audit_equal,
lsm_rule->lsm[i].rule);
break;