On Fri, 2020-01-03 at 15:51 +0800, clayc@xxxxxxx wrote: > From: Clay Chang <clayc@xxxxxxx> Normally this "From" line is only seen when the sender isn't the patch author. Any ideas what happened? > > When reading ima_policy from securityfs, there is a missing > space between output string of LSM rules. > > Signed-off-by: Clay Chang <clayc@xxxxxxx> Good catch! IMA policy rules based on LSM labels are used to constrain which files are in policy. Normally a single LSM label is enough (e.g. dont_measure obj_type=auditd_log_t). Could you include in this patch description a use case where multiple LSM labels are needed? thanks, Mimi > --- > security/integrity/ima/ima_policy.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c > index ef8dfd47c7e3..1a266e4f99bc 100644 > --- a/security/integrity/ima/ima_policy.c > +++ b/security/integrity/ima/ima_policy.c > @@ -1496,6 +1496,7 @@ int ima_policy_show(struct seq_file *m, void *v) > (char *)entry->lsm[i].args_p); > break; > } > + seq_puts(m, " "); > } > } > if (entry->template)
