Re: [RFC][PATCH 4/4] ima: added support for new kernel cmdlineparameter ima_template_fmt

From: Mimi Zohar
Date: Thu Dec 05 2013 - 08:33:05 EST

Next message: Hanjun Guo: "Re: [RFC part2 PATCH 2/9] ARM64 / ACPI: Prefill cpu possible/presentmaps and map logical cpu id to APIC id"
Previous message: Konstantin Khlebnikov: "[PATCH 2/2] ARM64: fix framepointer check in unwind_frame"
In reply to: Mimi Zohar: "Re: [RFC][PATCH 4/4] ima: added support for new kernel cmdlineparameter ima_template_fmt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2013-12-05 at 07:15 -0500, Mimi Zohar wrote:
> On Thu, 2013-12-05 at 09:49 +0100, Roberto Sassu wrote:
> > On 12/04/2013 10:05 PM, Mimi Zohar wrote:
> > > On Thu, 2013-11-07 at 15:00 +0100, Roberto Sassu wrote:

> > >> +static int __init ima_template_fmt_setup(char *str)
> > >> +{
> > >> + int num_templates = ARRAY_SIZE(defined_templates);
> > >> + char *str_ptr_start = str;
> > >> + char *str_ptr_end = str_ptr_start;
> > >> +
> > >> + if (ima_template)
> > >> + return 1;
> > >> +
> > >> + while (str_ptr_start != NULL) {
> > >> + char field_id[IMA_TEMPLATE_FIELD_ID_MAX_LEN];
> > >> + int len;
> > >> +
> > >> + str_ptr_end = strpbrk(str_ptr_start, "|");
> > >> + if (str_ptr_end == NULL)
> > >> + len = str + strlen(str) - str_ptr_start;
> > >> + else
> > >> + len = str_ptr_end++ - str_ptr_start;
> > >> +
> > >> + if (len >= IMA_TEMPLATE_FIELD_ID_MAX_LEN) {
> > >> + pr_err("IMA: field too long, using template %s\n",
> > >> + CONFIG_IMA_DEFAULT_TEMPLATE);
> > >> + return 1;
> > >> + }
> > >> +
> > >> + memcpy(field_id, str_ptr_start, len);
> > >> + field_id[len] = '\0';
> > >> + if (lookup_template_field(field_id) == NULL) {
> > >> + pr_err("IMA: field '%s' not found, using template %s\n",
> > >> + field_id, CONFIG_IMA_DEFAULT_TEMPLATE);
> > >> + return 1;
> > >> + }
> > >> +
> > >> + str_ptr_start = str_ptr_end;
> > >> + }
> > >> +
> > >
> > > Roberto, looking this over again, I think this can be simplified by
> > > using strsep().
> > >
> >
> > Hi Mimi
> >
> > yes, the code can be simplified. However, I did not use strsep()
> > to avoid that this function modifies the kernel command line
> > (it replaces the passed separator character with '\0').
> > Since the custom format string is parsed again later, I also
> > have to revert changes made by strsep().
>
> Somehow the code needs to be simplified and cleaned up. For example,
> str_ptr_start/end need to be renamed to something simpler, like
> field/field_end or token/token_end. (Refer to Documentation/CodingStyle
> chapter 4 for variable naming style.) Perhaps, instead of using
> strsep(), write a function to return a pointer to the field and field
> length.

Using lib/string.c:strcspn() might help.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Hanjun Guo: "Re: [RFC part2 PATCH 2/9] ARM64 / ACPI: Prefill cpu possible/presentmaps and map logical cpu id to APIC id"
Previous message: Konstantin Khlebnikov: "[PATCH 2/2] ARM64: fix framepointer check in unwind_frame"
In reply to: Mimi Zohar: "Re: [RFC][PATCH 4/4] ima: added support for new kernel cmdlineparameter ima_template_fmt"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]