On Fri, Jan 03, 2020 at 12:11:27PM -0500, Mimi Zohar wrote: > On Fri, 2020-01-03 at 15:51 +0800, clayc@xxxxxxx wrote: > > From: Clay Chang <clayc@xxxxxxx> > > Normally this "From" line is only seen when the sender isn't the patch > author. Any ideas what happened? > Hi Mimi, Apparently I should not use "--from" in git-send-email command. > > > > When reading ima_policy from securityfs, there is a missing > > space between output string of LSM rules. > > > > Signed-off-by: Clay Chang <clayc@xxxxxxx> > > Good catch! IMA policy rules based on LSM labels are used to > constrain which files are in policy. Normally a single LSM label is > enough (e.g. dont_measure obj_type=auditd_log_t). Could you include > in this patch description a use case where multiple LSM labels are > needed? > Apology for not expressed my intention clearly. The intention of this patch is to add a space after printing LSM rules (if any) and the remaining rules. Currently, if I have a policy, for example: appraise func=BPRM_CHECK obj_type=shell_exec_t appraise_type=imasig The read back result is: appraise func=BPRM_CHECK obj_type=shell_exec_tappraise_type=imasig which is not correct. I do not have a case for multiple LSM labels, but if there is one such case, this patch will also apply. I will post a v2 patch with tuned description. Thanks, Clay
