[PATCH] lsm: convert security_setselfattr() to use memdup_user()
Paul Moore
paul at paul-moore.com
Thu Nov 2 01:53:55 UTC 2023
As suggested by the kernel test robot, memdup_user() is a better
option than the combo of kmalloc()/copy_from_user().
Reported-by: kernel test robot <lkp at intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202310270805.2ArE52i5-lkp@intel.com/
Signed-off-by: Paul Moore <paul at paul-moore.com>
---
security/security.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/security/security.c b/security/security.c
index a808fd5eba6d..d7b15ea67c3f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -4011,14 +4011,9 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
if (size > PAGE_SIZE)
return -E2BIG;
- lctx = kmalloc(size, GFP_KERNEL);
- if (lctx == NULL)
- return -ENOMEM;
-
- if (copy_from_user(lctx, uctx, size)) {
- rc = -EFAULT;
- goto free_out;
- }
+ lctx = memdup_user(uctx, size);
+ if (IS_ERR(lctx))
+ return PTR_ERR(lctx);
if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) ||
lctx->len < lctx->ctx_len + sizeof(*lctx)) {
--
2.42.0
More information about the Linux-security-module-archive
mailing list