summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKonstantin Khlebnikov <k.khlebnikov@samsung.com>2014-08-07 20:52:33 +0400
committerDamian Hobson-Garcia <dhobsong@igel.co.jp>2014-12-11 16:53:30 +0900
commit5bea3f230102ec819ae347aae57b360bc580b241 (patch)
tree1bba73a12032c0c9cd1826d7604018f13ec9de7d
parente492794699e780a72b90331164ac88b913ec8990 (diff)
downloadrenesas_kernel-5bea3f230102ec819ae347aae57b360bc580b241.tar.gz
renesas_kernel-5bea3f230102ec819ae347aae57b360bc580b241.tar.bz2
renesas_kernel-5bea3f230102ec819ae347aae57b360bc580b241.zip
Smack: fix behavior of smack_inode_listsecurity
Security operation ->inode_listsecurity is used for generating list of available extended attributes for syscall listxattr. Currently it's used only in nfs4 or if filesystem doesn't provide i_op->listxattr. The list is the set of NULL-terminated names, one after the other. This method must include zero byte at the and into result. Also this function must return length even if string does not fit into output buffer or it is NULL, see similar method in selinux and man listxattr. Change-Id: I3ba4524fead6ef6ab0c93238fa8d422e6b155efb Signed-off-by: Konstantin Khlebnikov <k.khlebnikov@samsung.com> Signed-off-by: Rafal Krypa <r.krypa@samsung.com> (cherry picked from commit 6bbeb11e8fc578a098283670213c890407429588) Signed-off-by: Damian Hobson-Garcia <dhobsong@igel.co.jp>
-rw-r--r--security/smack/smack_lsm.c9
1 files changed, 4 insertions, 5 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index f2c30801ce4..84735763731 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -1122,13 +1122,12 @@ static int smack_inode_getsecurity(const struct inode *inode,
static int smack_inode_listsecurity(struct inode *inode, char *buffer,
size_t buffer_size)
{
- int len = strlen(XATTR_NAME_SMACK);
+ int len = sizeof(XATTR_NAME_SMACK);
- if (buffer != NULL && len <= buffer_size) {
+ if (buffer != NULL && len <= buffer_size)
memcpy(buffer, XATTR_NAME_SMACK, len);
- return len;
- }
- return -EINVAL;
+
+ return len;
}
/**