[PATCH] lsm: convert security_setselfattr() to use memdup_user()

Casey Schaufler casey at schaufler-ca.com
Thu Nov 2 16:42:52 UTC 2023


On 11/1/2023 6:53 PM, Paul Moore wrote:
> As suggested by the kernel test robot, memdup_user() is a better
> option than the combo of kmalloc()/copy_from_user().
>
> Reported-by: kernel test robot <lkp at intel.com>
> Closes: https://lore.kernel.org/oe-kbuild-all/202310270805.2ArE52i5-lkp@intel.com/
> Signed-off-by: Paul Moore <paul at paul-moore.com>

Acked-by: Casey Schaufler <casey at schaufler-ca.com>

> ---
>  security/security.c | 11 +++--------
>  1 file changed, 3 insertions(+), 8 deletions(-)
>
> diff --git a/security/security.c b/security/security.c
> index a808fd5eba6d..d7b15ea67c3f 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -4011,14 +4011,9 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
>  	if (size > PAGE_SIZE)
>  		return -E2BIG;
>  
> -	lctx = kmalloc(size, GFP_KERNEL);
> -	if (lctx == NULL)
> -		return -ENOMEM;
> -
> -	if (copy_from_user(lctx, uctx, size)) {
> -		rc = -EFAULT;
> -		goto free_out;
> -	}
> +	lctx = memdup_user(uctx, size);
> +	if (IS_ERR(lctx))
> +		return PTR_ERR(lctx);
>  
>  	if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) ||
>  	    lctx->len < lctx->ctx_len + sizeof(*lctx)) {



More information about the Linux-security-module-archive mailing list