[PATCH] lsm: handle the NULL buffer case in lsm_fill_user_ctx()

Paul Moore paul at paul-moore.com
Thu Mar 14 15:49:18 UTC 2024


On Wed, Mar 13, 2024 at 10:22 PM Paul Moore <paul at paul-moore.com> wrote:
>
> Passing a NULL buffer into the lsm_get_self_attr() syscall is a valid
> way to quickly determine the minimum size of the buffer needed to for
> the syscall to return all of the LSM attributes to the caller.
> Unfortunately we/I broke that behavior in commit d7cf3412a9f6
> ("lsm: consolidate buffer size handling into lsm_fill_user_ctx()")
> such that it returned an error to the caller; this patch restores the
> original desired behavior of using the NULL buffer as a quick way to
> correctly size the attribute buffer.
>
> Cc: stable at vger.kernel.org
> Fixes: d7cf3412a9f6 ("lsm: consolidate buffer size handling into lsm_fill_user_ctx()")
> Signed-off-by: Paul Moore <paul at paul-moore.com>
> ---
>  security/security.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)

Merged into lsm/stable-6.9, if anyone has any objections please make
them know soon.

> diff --git a/security/security.c b/security/security.c
> index 5b2e0a15377d..7e118858b545 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -780,7 +780,9 @@ static int lsm_superblock_alloc(struct super_block *sb)
>   * @id: LSM id
>   * @flags: LSM defined flags
>   *
> - * Fill all of the fields in a userspace lsm_ctx structure.
> + * Fill all of the fields in a userspace lsm_ctx structure.  If @uctx is NULL
> + * simply calculate the required size to output via @utc_len and return
> + * success.
>   *
>   * Returns 0 on success, -E2BIG if userspace buffer is not large enough,
>   * -EFAULT on a copyout error, -ENOMEM if memory can't be allocated.
> @@ -799,6 +801,10 @@ int lsm_fill_user_ctx(struct lsm_ctx __user *uctx, u32 *uctx_len,
>                 goto out;
>         }
>
> +       /* no buffer - return success/0 and set @uctx_len to the req size */
> +       if (!uctx)
> +               goto out;
> +
>         nctx = kzalloc(nctx_len, GFP_KERNEL);
>         if (nctx == NULL) {
>                 rc = -ENOMEM;
> --
> 2.44.0

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list