[PATCH 07/13] fs/kernel_read_file: Switch buffer size arg to size_t
David Laight
David.Laight at ACULAB.COM
Mon Jul 20 08:34:32 UTC 2020
From: Kees Cook
> Sent: 17 July 2020 18:43
> In preparation for further refactoring of kernel_read_file*(), rename
> the "max_size" argument to the more accurate "buf_size", and correct
> its type to size_t. Add kerndoc to explain the specifics of how the
> arguments will be used. Note that with buf_size now size_t, it can no
> longer be negative (and was never called with a negative value). Adjust
> callers to use it as a "maximum size" when *buf is NULL.
>
> Signed-off-by: Kees Cook <keescook at chromium.org>
> ---
> fs/kernel_read_file.c | 34 +++++++++++++++++++++++---------
> include/linux/kernel_read_file.h | 8 ++++----
> security/integrity/digsig.c | 2 +-
> security/integrity/ima/ima_fs.c | 2 +-
> 4 files changed, 31 insertions(+), 15 deletions(-)
>
> diff --git a/fs/kernel_read_file.c b/fs/kernel_read_file.c
> index dc28a8def597..e21a76001fff 100644
> --- a/fs/kernel_read_file.c
> +++ b/fs/kernel_read_file.c
> @@ -5,15 +5,31 @@
> #include <linux/security.h>
> #include <linux/vmalloc.h>
>
> +/**
> + * kernel_read_file() - read file contents into a kernel buffer
> + *
> + * @file file to read from
> + * @buf pointer to a "void *" buffer for reading into (if
> + * *@buf is NULL, a buffer will be allocated, and
> + * @buf_size will be ignored)
> + * @buf_size size of buf, if already allocated. If @buf not
> + * allocated, this is the largest size to allocate.
> + * @id the kernel_read_file_id identifying the type of
> + * file contents being read (for LSMs to examine)
> + *
> + * Returns number of bytes read (no single read will be bigger
> + * than INT_MAX), or negative on error.
> + *
> + */
That seems to be self-inconsistent.
If '*buf' is NULL is both says that buf_size is ignored and
is treated as a limit.
To make life easier, zero should probably be treated as no-limit.
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
More information about the Linux-security-module-archive
mailing list