[PATCH] IMA,LSM: Uncover hidden variable in ima_match_rules()

[Casey Schaufler]

The variable name "prop" is inadvertently used twice in
ima_match_rules(), resulting in incorrect use of the local
variable when the function parameter should have been.
Rename the local variable and correct the use if the parameter.

Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
Suggested-by: Roberto Sassu <roberto.sassu at huawei.com>
Reviewed-by: Roberto Sassu <roberto.sassu at huawei.com>
---
 security/integrity/ima/ima_policy.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index dbfd554b4624..21a8e54c383f 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -635,7 +635,7 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		return false;
 	for (i = 0; i < MAX_LSM_RULES; i++) {
 		int rc = 0;
-		struct lsm_prop prop = { };
+		struct lsm_prop inode_prop = { };
 
 		if (!lsm_rule->lsm[i].rule) {
 			if (!lsm_rule->lsm[i].args_p)
@@ -649,15 +649,16 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
 		case LSM_OBJ_USER:
 		case LSM_OBJ_ROLE:
 		case LSM_OBJ_TYPE:
-			security_inode_getlsmprop(inode, &prop);
-			rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type,
+			security_inode_getlsmprop(inode, &inode_prop);
+			rc = ima_filter_rule_match(&inode_prop,
+						   lsm_rule->lsm[i].type,
 						   Audit_equal,
 						   lsm_rule->lsm[i].rule);
 			break;
 		case LSM_SUBJ_USER:
 		case LSM_SUBJ_ROLE:
 		case LSM_SUBJ_TYPE:
-			rc = ima_filter_rule_match(&prop, lsm_rule->lsm[i].type,
+			rc = ima_filter_rule_match(prop, lsm_rule->lsm[i].type,
 						   Audit_equal,
 						   lsm_rule->lsm[i].rule);
 			break;