diff options
author | Al Viro <viro@ftp.linux.org.uk> | 2007-03-12 16:17:58 +0000 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-03-14 15:27:48 -0700 |
commit | 04ff97086b1a3237bbd1fe6390fa80fe75207e23 (patch) | |
tree | 877e26055759d84a726c6bc68245bc6f9a4a5753 /security | |
parent | c4823bce033be74c0fcfbcae2f1be0854fdc2e18 (diff) | |
download | linux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.tar.gz linux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.tar.bz2 linux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.zip |
[PATCH] sanitize security_getprocattr() API
have it return the buffer it had allocated
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/dummy.c | 2 | ||||
-rw-r--r-- | security/selinux/hooks.c | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/security/dummy.c b/security/dummy.c index 558795b237d..8ffd76405b5 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -907,7 +907,7 @@ static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode) return; } -static int dummy_getprocattr(struct task_struct *p, char *name, void *value, size_t size) +static int dummy_getprocattr(struct task_struct *p, char *name, char **value) { return -EINVAL; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 19a385e9968..d41e24d6ae4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4468,11 +4468,12 @@ static void selinux_d_instantiate (struct dentry *dentry, struct inode *inode) } static int selinux_getprocattr(struct task_struct *p, - char *name, void *value, size_t size) + char *name, char **value) { struct task_security_struct *tsec; u32 sid; int error; + unsigned len; if (current != p) { error = task_has_perm(current, p, PROCESS__GETATTR); @@ -4500,7 +4501,10 @@ static int selinux_getprocattr(struct task_struct *p, if (!sid) return 0; - return selinux_getsecurity(sid, value, size); + error = security_sid_to_context(sid, value, &len); + if (error) + return error; + return len; } static int selinux_setprocattr(struct task_struct *p, |