Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp939123ybt; Fri, 26 Jun 2020 15:40:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxrxN2O3iftXrOubhP7PNudiVIfNV+SyrblXsD+vfCgT/vxDETHVTWSLcGeSRpdvWuTGQ5g X-Received: by 2002:a17:906:3952:: with SMTP id g18mr4854146eje.68.1593211244988; Fri, 26 Jun 2020 15:40:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1593211244; cv=none; d=google.com; s=arc-20160816; b=ruG6r6YHNxbp7ydLyjPCBDY0mwxE7jDhQuBytMPvlm5NMi9o9CXk1Zmvanz92ED9S/ CrIt1wPQLOFy2ZIanWPJWdK1RUgyOll6E5pk6bjPYlbApZTdyC6vBJrTfFT/Hcs/YMxs CjjJhjg2rw5BuYSpzuOAPk6kalH8KycPfvjB9o4XEoFvJygGOfSX6tjxdK/3VveFj4BZ qrkH1HKnFjcwycbLQYNRVo8F2rid6SSIwQ2mrfpjH+IeebHc305XGFVfxe5WCuqz1+Xm DjMCYoHvH/TMB2MR8Nj+OcVn5bQyiJ7lnnXJP4uHOUu3T55YYXWTyBK2Q1iu5O6KQ73M d1aQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-filter; bh=OnoF3Cvq4ZBg8ldmzl4iVW8t9aRV7I4Rqnsmn7Rh0uU=; b=OTNo17gu6KQJDEbp22HneIlfU9z3pUBRO0eKaDZQjozAsBEBRgTZRQnZe0HR8fdF9n nbZ9nGZe+IXd7XXDY7he09JTlNug7q+Zv0FscizasrhZiBB6d8GuTBd4TAXmVN/+iS5x /yfSd4PZEuK/zOJL3quSN+ZKQBtfdzX5Wr9/t23rn5uwzwQ2uAYYCnj3piE6iku4V3fT i1KXZdyy6sw16NSRnvr6GY/UQB3h7XE6N8AY8spgS6krPd/WDPXMRXD7KZno0UTi4Si3 yljwoMC8xmmE1UlZrjIxcJ/cnNyvu7IDqLGwa2HyBIvuofrIRTJrosjiVRKGFzQrj39D FqzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=E0vgWKVe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bt2si1287633ejb.597.2020.06.26.15.40.21; Fri, 26 Jun 2020 15:40:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=E0vgWKVe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726475AbgFZWjv (ORCPT + 99 others); Fri, 26 Jun 2020 18:39:51 -0400 Received: from linux.microsoft.com ([13.77.154.182]:37954 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726531AbgFZWjo (ORCPT ); Fri, 26 Jun 2020 18:39:44 -0400 Received: from sequoia.work.tihix.com (162-237-133-238.lightspeed.rcsntx.sbcglobal.net [162.237.133.238]) by linux.microsoft.com (Postfix) with ESMTPSA id 17B9E20B4909; Fri, 26 Jun 2020 15:39:43 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 17B9E20B4909 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1593211183; bh=OnoF3Cvq4ZBg8ldmzl4iVW8t9aRV7I4Rqnsmn7Rh0uU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=E0vgWKVe7YVIbQjPwJuJUJttUHeG1McRiGzMYia4p4ev5d7vMEfMBJo3ZgCwKJnKe QKc7QOfSm8NoHnUuSqraBwhl/V30HGk6HAnJHB2HC6Tp72oHERJrrLL14fwaL5o/QO zUrHZthudTlom/GjtMo7CewxTtGXuOBHwOYnHIO0= From: Tyler Hicks To: Mimi Zohar , Dmitry Kasatkin Cc: James Morris , "Serge E . Hallyn" , Lakshmi Ramasubramanian , Prakhar Srivastava , linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v2 10/11] ima: Use the common function to detect LSM conditionals in a rule Date: Fri, 26 Jun 2020 17:38:59 -0500 Message-Id: <20200626223900.253615-11-tyhicks@linux.microsoft.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200626223900.253615-1-tyhicks@linux.microsoft.com> References: <20200626223900.253615-1-tyhicks@linux.microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Make broader use of ima_rule_contains_lsm_cond() to check if a given rule contains an LSM conditional. This is a code cleanup and has no user-facing change. Signed-off-by: Tyler Hicks Reviewed-by: Mimi Zohar --- * v2 - No change security/integrity/ima/ima_policy.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 43d49ad958fb..5eb14b567a31 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -360,17 +360,10 @@ static bool ima_rule_contains_lsm_cond(struct ima_rule_entry *entry) static void ima_lsm_update_rules(void) { struct ima_rule_entry *entry, *e; - int i, result, needs_update; + int result; list_for_each_entry_safe(entry, e, &ima_policy_rules, list) { - needs_update = 0; - for (i = 0; i < MAX_LSM_RULES; i++) { - if (entry->lsm[i].args_p) { - needs_update = 1; - break; - } - } - if (!needs_update) + if (!ima_rule_contains_lsm_cond(entry)) continue; result = ima_lsm_update_rule(entry); -- 2.25.1