diff options
-rw-r--r-- | security/integrity/ima/ima_policy.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index 12e8adcd80a2..013a423d14b6 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -79,8 +79,8 @@ struct ima_rule_entry { uuid_t fsuuid; kuid_t uid; kuid_t fowner; - bool (*uid_op)(kuid_t, kuid_t); /* Handlers for operators */ - bool (*fowner_op)(kuid_t, kuid_t); /* uid_eq(), uid_gt(), uid_lt() */ + bool (*uid_op)(kuid_t cred_uid, kuid_t rule_uid); /* Handlers for operators */ + bool (*fowner_op)(kuid_t cred_uid, kuid_t rule_uid); /* uid_eq(), uid_gt(), uid_lt() */ int pcr; unsigned int allowed_algos; /* bitfield of allowed hash algorithms */ struct { @@ -1550,8 +1550,10 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry) result = kstrtoul(args[0].from, 10, &lnum); if (!result) { - entry->fowner = make_kuid(current_user_ns(), (uid_t)lnum); - if (!uid_valid(entry->fowner) || (((uid_t)lnum) != lnum)) + entry->fowner = make_kuid(current_user_ns(), + (uid_t)lnum); + if (!uid_valid(entry->fowner) || + (((uid_t)lnum) != lnum)) result = -EINVAL; else entry->flags |= IMA_FOWNER; |