aboutsummaryrefslogtreecommitdiffstats
path: root/security/integrity
diff options
context:
space:
mode:
authorDmitry Kasatkin <d.kasatkin@samsung.com>2014-03-04 11:04:20 -0500
committerMimi Zohar <zohar@linux.vnet.ibm.com>2014-03-07 12:15:45 -0500
commit2bb930abcf39d8be243ddb4583cf013ea2a750d6 (patch)
tree678aa6a54c7d8ed5ce5fa441039a5f65e3d978e6 /security/integrity
parent09b1148ef59c93d292a3355c00e9b5779b2ecad0 (diff)
integrity: fix checkpatch errors
Between checkpatch changes (eg. sizeof) and inconsistencies between Lindent and checkpatch, unfixed checkpatch errors make it difficult to see new errors. This patch fixes them. Some lines with over 80 chars remained unchanged to improve code readability. The "extern" keyword is removed from internal evm.h to make it consistent with internal ima.h. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security/integrity')
-rw-r--r--security/integrity/evm/evm.h28
-rw-r--r--security/integrity/evm/evm_crypto.c4
-rw-r--r--security/integrity/iint.c2
-rw-r--r--security/integrity/ima/ima_api.c8
-rw-r--r--security/integrity/ima/ima_crypto.c2
-rw-r--r--security/integrity/ima/ima_fs.c6
-rw-r--r--security/integrity/ima/ima_main.c4
-rw-r--r--security/integrity/ima/ima_policy.c65
-rw-r--r--security/integrity/ima/ima_queue.c4
-rw-r--r--security/integrity/ima/ima_template.c14
-rw-r--r--security/integrity/integrity_audit.c2
11 files changed, 69 insertions, 70 deletions
diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index 30bd1ec0232e..37c88ddb3cfe 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -32,19 +32,19 @@ extern struct crypto_shash *hash_tfm;
32/* List of EVM protected security xattrs */ 32/* List of EVM protected security xattrs */
33extern char *evm_config_xattrnames[]; 33extern char *evm_config_xattrnames[];
34 34
35extern int evm_init_key(void); 35int evm_init_key(void);
36extern int evm_update_evmxattr(struct dentry *dentry, 36int evm_update_evmxattr(struct dentry *dentry,
37 const char *req_xattr_name, 37 const char *req_xattr_name,
38 const char *req_xattr_value, 38 const char *req_xattr_value,
39 size_t req_xattr_value_len); 39 size_t req_xattr_value_len);
40extern int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, 40int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
41 const char *req_xattr_value, 41 const char *req_xattr_value,
42 size_t req_xattr_value_len, char *digest); 42 size_t req_xattr_value_len, char *digest);
43extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name, 43int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
44 const char *req_xattr_value, 44 const char *req_xattr_value,
45 size_t req_xattr_value_len, char *digest); 45 size_t req_xattr_value_len, char *digest);
46extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr, 46int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
47 char *hmac_val); 47 char *hmac_val);
48extern int evm_init_secfs(void); 48int evm_init_secfs(void);
49 49
50#endif 50#endif
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 9bd329f1927a..babd8626bf96 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -105,13 +105,13 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
105 umode_t mode; 105 umode_t mode;
106 } hmac_misc; 106 } hmac_misc;
107 107
108 memset(&hmac_misc, 0, sizeof hmac_misc); 108 memset(&hmac_misc, 0, sizeof(hmac_misc));
109 hmac_misc.ino = inode->i_ino; 109 hmac_misc.ino = inode->i_ino;
110 hmac_misc.generation = inode->i_generation; 110 hmac_misc.generation = inode->i_generation;
111 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); 111 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
112 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); 112 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
113 hmac_misc.mode = inode->i_mode; 113 hmac_misc.mode = inode->i_mode;
114 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); 114 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
115 if (evm_hmac_version > 1) 115 if (evm_hmac_version > 1)
116 crypto_shash_update(desc, inode->i_sb->s_uuid, 116 crypto_shash_update(desc, inode->i_sb->s_uuid,
117 sizeof(inode->i_sb->s_uuid)); 117 sizeof(inode->i_sb->s_uuid));
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index c49d3f14cbec..a521edf4cbd6 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -151,7 +151,7 @@ static void init_once(void *foo)
151{ 151{
152 struct integrity_iint_cache *iint = foo; 152 struct integrity_iint_cache *iint = foo;
153 153
154 memset(iint, 0, sizeof *iint); 154 memset(iint, 0, sizeof(*iint));
155 iint->version = 0; 155 iint->version = 0;
156 iint->flags = 0UL; 156 iint->flags = 0UL;
157 iint->ima_file_status = INTEGRITY_UNKNOWN; 157 iint->ima_file_status = INTEGRITY_UNKNOWN;
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 393b9d46c472..c6b4a732e89b 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -160,10 +160,10 @@ err_out:
160 * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK) 160 * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK)
161 * 161 *
162 * The policy is defined in terms of keypairs: 162 * The policy is defined in terms of keypairs:
163 * subj=, obj=, type=, func=, mask=, fsmagic= 163 * subj=, obj=, type=, func=, mask=, fsmagic=
164 * subj,obj, and type: are LSM specific. 164 * subj,obj, and type: are LSM specific.
165 * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK 165 * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
166 * mask: contains the permission mask 166 * mask: contains the permission mask
167 * fsmagic: hex value 167 * fsmagic: hex value
168 * 168 *
169 * Returns IMA_MEASURE, IMA_APPRAISE mask. 169 * Returns IMA_MEASURE, IMA_APPRAISE mask.
@@ -248,7 +248,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint,
248 * 248 *
249 * We only get here if the inode has not already been measured, 249 * We only get here if the inode has not already been measured,
250 * but the measurement could already exist: 250 * but the measurement could already exist:
251 * - multiple copies of the same file on either the same or 251 * - multiple copies of the same file on either the same or
252 * different filesystems. 252 * different filesystems.
253 * - the inode was previously flushed as well as the iint info, 253 * - the inode was previously flushed as well as the iint info,
254 * containing the hashing info. 254 * containing the hashing info.
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 99990578b7cd..d257e3631152 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -10,7 +10,7 @@
10 * the Free Software Foundation, version 2 of the License. 10 * the Free Software Foundation, version 2 of the License.
11 * 11 *
12 * File: ima_crypto.c 12 * File: ima_crypto.c
13 * Calculates md5/sha1 file hash, template hash, boot-aggreate hash 13 * Calculates md5/sha1 file hash, template hash, boot-aggreate hash
14 */ 14 */
15 15
16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 16#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 468a3ba3c539..da92fcc08d15 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -133,14 +133,14 @@ static int ima_measurements_show(struct seq_file *m, void *v)
133 * PCR used is always the same (config option) in 133 * PCR used is always the same (config option) in
134 * little-endian format 134 * little-endian format
135 */ 135 */
136 ima_putc(m, &pcr, sizeof pcr); 136 ima_putc(m, &pcr, sizeof(pcr));
137 137
138 /* 2nd: template digest */ 138 /* 2nd: template digest */
139 ima_putc(m, e->digest, TPM_DIGEST_SIZE); 139 ima_putc(m, e->digest, TPM_DIGEST_SIZE);
140 140
141 /* 3rd: template name size */ 141 /* 3rd: template name size */
142 namelen = strlen(e->template_desc->name); 142 namelen = strlen(e->template_desc->name);
143 ima_putc(m, &namelen, sizeof namelen); 143 ima_putc(m, &namelen, sizeof(namelen));
144 144
145 /* 4th: template name */ 145 /* 4th: template name */
146 ima_putc(m, e->template_desc->name, namelen); 146 ima_putc(m, e->template_desc->name, namelen);
@@ -292,7 +292,7 @@ static atomic_t policy_opencount = ATOMIC_INIT(1);
292/* 292/*
293 * ima_open_policy: sequentialize access to the policy file 293 * ima_open_policy: sequentialize access to the policy file
294 */ 294 */
295static int ima_open_policy(struct inode * inode, struct file * filp) 295static int ima_open_policy(struct inode *inode, struct file *filp)
296{ 296{
297 /* No point in being allowed to open it if you aren't going to write */ 297 /* No point in being allowed to open it if you aren't going to write */
298 if (!(filp->f_flags & O_WRONLY)) 298 if (!(filp->f_flags & O_WRONLY))
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 149ee1119f87..50413d02ac3a 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -71,10 +71,10 @@ __setup("ima_hash=", hash_setup);
71 * ima_rdwr_violation_check 71 * ima_rdwr_violation_check
72 * 72 *
73 * Only invalidate the PCR for measured files: 73 * Only invalidate the PCR for measured files:
74 * - Opening a file for write when already open for read, 74 * - Opening a file for write when already open for read,
75 * results in a time of measure, time of use (ToMToU) error. 75 * results in a time of measure, time of use (ToMToU) error.
76 * - Opening a file for read when already open for write, 76 * - Opening a file for read when already open for write,
77 * could result in a file measurement error. 77 * could result in a file measurement error.
78 * 78 *
79 */ 79 */
80static void ima_rdwr_violation_check(struct file *file) 80static void ima_rdwr_violation_check(struct file *file)
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index a556d5b9c57f..93873a450ff7 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -7,7 +7,7 @@
7 * the Free Software Foundation, version 2 of the License. 7 * the Free Software Foundation, version 2 of the License.
8 * 8 *
9 * ima_policy.c 9 * ima_policy.c
10 * - initialize default measure policy rules 10 * - initialize default measure policy rules
11 * 11 *
12 */ 12 */
13#include <linux/module.h> 13#include <linux/module.h>
@@ -21,8 +21,8 @@
21#include "ima.h" 21#include "ima.h"
22 22
23/* flags definitions */ 23/* flags definitions */
24#define IMA_FUNC 0x0001 24#define IMA_FUNC 0x0001
25#define IMA_MASK 0x0002 25#define IMA_MASK 0x0002
26#define IMA_FSMAGIC 0x0004 26#define IMA_FSMAGIC 0x0004
27#define IMA_UID 0x0008 27#define IMA_UID 0x0008
28#define IMA_FOWNER 0x0010 28#define IMA_FOWNER 0x0010
@@ -69,35 +69,35 @@ struct ima_rule_entry {
69 * and running executables. 69 * and running executables.
70 */ 70 */
71static struct ima_rule_entry default_rules[] = { 71static struct ima_rule_entry default_rules[] = {
72 {.action = DONT_MEASURE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 72 {.action = DONT_MEASURE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
73 {.action = DONT_MEASURE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, 73 {.action = DONT_MEASURE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
74 {.action = DONT_MEASURE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, 74 {.action = DONT_MEASURE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
75 {.action = DONT_MEASURE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, 75 {.action = DONT_MEASURE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
76 {.action = DONT_MEASURE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 76 {.action = DONT_MEASURE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
77 {.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC}, 77 {.action = DONT_MEASURE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
78 {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, 78 {.action = DONT_MEASURE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
79 {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, 79 {.action = DONT_MEASURE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
80 {.action = MEASURE,.func = MMAP_CHECK,.mask = MAY_EXEC, 80 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
81 .flags = IMA_FUNC | IMA_MASK}, 81 .flags = IMA_FUNC | IMA_MASK},
82 {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, 82 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
83 .flags = IMA_FUNC | IMA_MASK}, 83 .flags = IMA_FUNC | IMA_MASK},
84 {.action = MEASURE,.func = FILE_CHECK,.mask = MAY_READ,.uid = GLOBAL_ROOT_UID, 84 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ, .uid = GLOBAL_ROOT_UID,
85 .flags = IMA_FUNC | IMA_MASK | IMA_UID}, 85 .flags = IMA_FUNC | IMA_MASK | IMA_UID},
86 {.action = MEASURE,.func = MODULE_CHECK, .flags = IMA_FUNC}, 86 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
87}; 87};
88 88
89static struct ima_rule_entry default_appraise_rules[] = { 89static struct ima_rule_entry default_appraise_rules[] = {
90 {.action = DONT_APPRAISE,.fsmagic = PROC_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 90 {.action = DONT_APPRAISE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
91 {.action = DONT_APPRAISE,.fsmagic = SYSFS_MAGIC,.flags = IMA_FSMAGIC}, 91 {.action = DONT_APPRAISE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
92 {.action = DONT_APPRAISE,.fsmagic = DEBUGFS_MAGIC,.flags = IMA_FSMAGIC}, 92 {.action = DONT_APPRAISE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
93 {.action = DONT_APPRAISE,.fsmagic = TMPFS_MAGIC,.flags = IMA_FSMAGIC}, 93 {.action = DONT_APPRAISE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
94 {.action = DONT_APPRAISE,.fsmagic = RAMFS_MAGIC,.flags = IMA_FSMAGIC}, 94 {.action = DONT_APPRAISE, .fsmagic = RAMFS_MAGIC, .flags = IMA_FSMAGIC},
95 {.action = DONT_APPRAISE,.fsmagic = DEVPTS_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 95 {.action = DONT_APPRAISE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
96 {.action = DONT_APPRAISE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC}, 96 {.action = DONT_APPRAISE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
97 {.action = DONT_APPRAISE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, 97 {.action = DONT_APPRAISE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
98 {.action = DONT_APPRAISE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, 98 {.action = DONT_APPRAISE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
99 {.action = DONT_APPRAISE,.fsmagic = CGROUP_SUPER_MAGIC,.flags = IMA_FSMAGIC}, 99 {.action = DONT_APPRAISE, .fsmagic = CGROUP_SUPER_MAGIC, .flags = IMA_FSMAGIC},
100 {.action = APPRAISE,.fowner = GLOBAL_ROOT_UID,.flags = IMA_FOWNER}, 100 {.action = APPRAISE, .fowner = GLOBAL_ROOT_UID, .flags = IMA_FOWNER},
101}; 101};
102 102
103static LIST_HEAD(ima_default_rules); 103static LIST_HEAD(ima_default_rules);
@@ -122,12 +122,12 @@ static int __init default_appraise_policy_setup(char *str)
122} 122}
123__setup("ima_appraise_tcb", default_appraise_policy_setup); 123__setup("ima_appraise_tcb", default_appraise_policy_setup);
124 124
125/* 125/*
126 * Although the IMA policy does not change, the LSM policy can be 126 * Although the IMA policy does not change, the LSM policy can be
127 * reloaded, leaving the IMA LSM based rules referring to the old, 127 * reloaded, leaving the IMA LSM based rules referring to the old,
128 * stale LSM policy. 128 * stale LSM policy.
129 * 129 *
130 * Update the IMA LSM based rules to reflect the reloaded LSM policy. 130 * Update the IMA LSM based rules to reflect the reloaded LSM policy.
131 * We assume the rules still exist; and BUG_ON() if they don't. 131 * We assume the rules still exist; and BUG_ON() if they don't.
132 */ 132 */
133static void ima_lsm_update_rules(void) 133static void ima_lsm_update_rules(void)
@@ -218,7 +218,7 @@ retry:
218 retried = 1; 218 retried = 1;
219 ima_lsm_update_rules(); 219 ima_lsm_update_rules();
220 goto retry; 220 goto retry;
221 } 221 }
222 if (!rc) 222 if (!rc)
223 return false; 223 return false;
224 } 224 }
@@ -234,7 +234,7 @@ static int get_subaction(struct ima_rule_entry *rule, int func)
234 if (!(rule->flags & IMA_FUNC)) 234 if (!(rule->flags & IMA_FUNC))
235 return IMA_FILE_APPRAISE; 235 return IMA_FILE_APPRAISE;
236 236
237 switch(func) { 237 switch (func) {
238 case MMAP_CHECK: 238 case MMAP_CHECK:
239 return IMA_MMAP_APPRAISE; 239 return IMA_MMAP_APPRAISE;
240 case BPRM_CHECK: 240 case BPRM_CHECK:
@@ -306,7 +306,7 @@ void __init ima_init_policy(void)
306 measure_entries = ima_use_tcb ? ARRAY_SIZE(default_rules) : 0; 306 measure_entries = ima_use_tcb ? ARRAY_SIZE(default_rules) : 0;
307 appraise_entries = ima_use_appraise_tcb ? 307 appraise_entries = ima_use_appraise_tcb ?
308 ARRAY_SIZE(default_appraise_rules) : 0; 308 ARRAY_SIZE(default_appraise_rules) : 0;
309 309
310 for (i = 0; i < measure_entries + appraise_entries; i++) { 310 for (i = 0; i < measure_entries + appraise_entries; i++) {
311 if (i < measure_entries) 311 if (i < measure_entries)
312 list_add_tail(&default_rules[i].list, 312 list_add_tail(&default_rules[i].list,
@@ -522,8 +522,7 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
522 break; 522 break;
523 } 523 }
524 524
525 result = kstrtoul(args[0].from, 16, 525 result = kstrtoul(args[0].from, 16, &entry->fsmagic);
526 &entry->fsmagic);
527 if (!result) 526 if (!result)
528 entry->flags |= IMA_FSMAGIC; 527 entry->flags |= IMA_FSMAGIC;
529 break; 528 break;
diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index 91128b4b812a..552705d5a78d 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -117,7 +117,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
117 117
118 mutex_lock(&ima_extend_list_mutex); 118 mutex_lock(&ima_extend_list_mutex);
119 if (!violation) { 119 if (!violation) {
120 memcpy(digest, entry->digest, sizeof digest); 120 memcpy(digest, entry->digest, sizeof(digest));
121 if (ima_lookup_digest_entry(digest)) { 121 if (ima_lookup_digest_entry(digest)) {
122 audit_cause = "hash_exists"; 122 audit_cause = "hash_exists";
123 result = -EEXIST; 123 result = -EEXIST;
@@ -133,7 +133,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
133 } 133 }
134 134
135 if (violation) /* invalidate pcr */ 135 if (violation) /* invalidate pcr */
136 memset(digest, 0xff, sizeof digest); 136 memset(digest, 0xff, sizeof(digest));
137 137
138 tpmresult = ima_pcr_extend(digest); 138 tpmresult = ima_pcr_extend(digest);
139 if (tpmresult != 0) { 139 if (tpmresult != 0) {
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 9a4a0d182610..a076a967ec47 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -22,20 +22,20 @@
22 22
23static struct ima_template_desc defined_templates[] = { 23static struct ima_template_desc defined_templates[] = {
24 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT}, 24 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
25 {.name = "ima-ng",.fmt = "d-ng|n-ng"}, 25 {.name = "ima-ng", .fmt = "d-ng|n-ng"},
26 {.name = "ima-sig",.fmt = "d-ng|n-ng|sig"}, 26 {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
27}; 27};
28 28
29static struct ima_template_field supported_fields[] = { 29static struct ima_template_field supported_fields[] = {
30 {.field_id = "d",.field_init = ima_eventdigest_init, 30 {.field_id = "d", .field_init = ima_eventdigest_init,
31 .field_show = ima_show_template_digest}, 31 .field_show = ima_show_template_digest},
32 {.field_id = "n",.field_init = ima_eventname_init, 32 {.field_id = "n", .field_init = ima_eventname_init,
33 .field_show = ima_show_template_string}, 33 .field_show = ima_show_template_string},
34 {.field_id = "d-ng",.field_init = ima_eventdigest_ng_init, 34 {.field_id = "d-ng", .field_init = ima_eventdigest_ng_init,
35 .field_show = ima_show_template_digest_ng}, 35 .field_show = ima_show_template_digest_ng},
36 {.field_id = "n-ng",.field_init = ima_eventname_ng_init, 36 {.field_id = "n-ng", .field_init = ima_eventname_ng_init,
37 .field_show = ima_show_template_string}, 37 .field_show = ima_show_template_string},
38 {.field_id = "sig",.field_init = ima_eventsig_init, 38 {.field_id = "sig", .field_init = ima_eventsig_init,
39 .field_show = ima_show_template_sig}, 39 .field_show = ima_show_template_sig},
40}; 40};
41 41
diff --git a/security/integrity/integrity_audit.c b/security/integrity/integrity_audit.c
index 4b996ba48fc2..aab9fa5a8231 100644
--- a/security/integrity/integrity_audit.c
+++ b/security/integrity/integrity_audit.c
@@ -7,7 +7,7 @@
7 * the Free Software Foundation, version 2 of the License. 7 * the Free Software Foundation, version 2 of the License.
8 * 8 *
9 * File: integrity_audit.c 9 * File: integrity_audit.c
10 * Audit calls for the integrity subsystem 10 * Audit calls for the integrity subsystem
11 */ 11 */
12 12
13#include <linux/fs.h> 13#include <linux/fs.h>