ima: update appraise flags after policy update completes
authorMimi Zohar <zohar@linux.vnet.ibm.com>
Mon, 7 Dec 2015 19:35:47 +0000 (14:35 -0500)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 15 Dec 2015 15:01:43 +0000 (10:01 -0500)
commit6ad6afa14610c1fed3303c719b1f8f86f19f1fd3
tree93a14e6217adbcb1232d50927c2f3c09eef9a242
parent501f1bde66525f94403a5b78832a9218ef9b1c14
ima: update appraise flags after policy update completes

While creating a temporary list of new rules, the ima_appraise flag is
updated, but not reverted on failure to append the new rules to the
existing policy.  This patch defines temp_ima_appraise flag.  Only when
the new rules are appended to the policy is the flag updated.

Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Acked-by: Petko Manolov <petkan@mip-labs.com>
security/integrity/ima/ima_policy.c