IMA: handle whitespace better

IMA parser will fail if whitespace is used in any way other than a single
space.  Using a tab or even using 2 spaces in a row will result in a policy
being rejected.  This patch makes the kernel ignore whitespace a bit better.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 3 insertions, 3 deletions

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dee2dc062bcc..1bc9e31ae250 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -265,15 +265,15 @@ static int ima_parse_rule(char *rule, struct ima_measure_rule_entry *entry)
 
         entry->uid = -1;
         entry->action = UNKNOWN;
-        while ((p = strsep(&rule, " ")) != NULL) {
+        while ((p = strsep(&rule, " \t")) != NULL) {
                 substring_t args[MAX_OPT_ARGS];
                 int token;
                 unsigned long lnum;
 
                 if (result < 0)
                         break;
-                if (!*p)
-                        break;
+                if ((*p == '\0') || (*p == ' ') || (*p == '\t'))
+                        continue;
                 token = match_token(p, policy_tokens, args);
                 switch (token) {
                 case Opt_measure: