ima: Use the common function to detect LSM conditionals in a rule

Make broader use of ima_rule_contains_lsm_cond() to check if a given rule contains an LSM conditional. This is a code cleanup and has no user-facing change. Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
author: Tyler Hicks <tyhicks@linux.microsoft.com> 2020-07-09 01:19:10 -0500
committer: Mimi Zohar <zohar@linux.ibm.com> 2020-07-20 13:28:16 -0400
commit: 592b24cbdc12e52bdb5937c0697df9febf41f8d9 (patch)
tree: 77f69fd50babed73ba3e2d8695fdbf145d4cc336 /security/integrity
parent: 30031b0ec8aef903ebede41f43a8d021f0030499 (diff)
download: linux-592b24cbdc12e52bdb5937c0697df9febf41f8d9.tar.bz2
1 files changed, 2 insertions, 9 deletions
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index c679144af042..dcd1aaac4ff0 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -360,17 +360,10 @@ static bool ima_rule_contains_lsm_cond(struct ima_rule_entry *entry)
 static void ima_lsm_update_rules(void)
 {
 	struct ima_rule_entry *entry, *e;
-	int i, result, needs_update;
+	int result;
 
 	list_for_each_entry_safe(entry, e, &ima_policy_rules, list) {
-		needs_update = 0;
-		for (i = 0; i < MAX_LSM_RULES; i++) {
-			if (entry->lsm[i].args_p) {
-				needs_update = 1;
-				break;
-			}
-		}
-		if (!needs_update)
+		if (!ima_rule_contains_lsm_cond(entry))
 			continue;
 
 		result = ima_lsm_update_rule(entry);
author	Tyler Hicks <tyhicks@linux.microsoft.com>	2020-07-09 01:19:10 -0500
committer	Mimi Zohar <zohar@linux.ibm.com>	2020-07-20 13:28:16 -0400
commit	592b24cbdc12e52bdb5937c0697df9febf41f8d9 (patch)
tree	77f69fd50babed73ba3e2d8695fdbf145d4cc336 /security/integrity
parent	30031b0ec8aef903ebede41f43a8d021f0030499 (diff)
download	linux-592b24cbdc12e52bdb5937c0697df9febf41f8d9.tar.bz2