diff options
author | Paul Moore <paul@paul-moore.com> | 2023-11-01 23:42:12 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2023-11-13 04:54:42 +0100 |
commit | 9ba8802c8b66fbde2ee32ab4c44cd418f9444486 (patch) | |
tree | c24159c49950527c3e9159cc0fbc7fbf1880c054 /security/security.c | |
parent | lsm: align based on pointer length in lsm_fill_user_ctx() (diff) | |
download | linux-9ba8802c8b66fbde2ee32ab4c44cd418f9444486.tar.xz linux-9ba8802c8b66fbde2ee32ab4c44cd418f9444486.zip |
lsm: convert security_setselfattr() to use memdup_user()
As suggested by the kernel test robot, memdup_user() is a better
option than the combo of kmalloc()/copy_from_user().
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202310270805.2ArE52i5-lkp@intel.com/
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/security.c')
-rw-r--r-- | security/security.c | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/security/security.c b/security/security.c index a808fd5eba6d..d7b15ea67c3f 100644 --- a/security/security.c +++ b/security/security.c @@ -4011,14 +4011,9 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx, if (size > PAGE_SIZE) return -E2BIG; - lctx = kmalloc(size, GFP_KERNEL); - if (lctx == NULL) - return -ENOMEM; - - if (copy_from_user(lctx, uctx, size)) { - rc = -EFAULT; - goto free_out; - } + lctx = memdup_user(uctx, size); + if (IS_ERR(lctx)) + return PTR_ERR(lctx); if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) || lctx->len < lctx->ctx_len + sizeof(*lctx)) { |