summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorAl Viro <viro@ftp.linux.org.uk>2007-03-12 16:17:58 +0000
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-03-14 15:27:48 -0700
commit04ff97086b1a3237bbd1fe6390fa80fe75207e23 (patch)
tree877e26055759d84a726c6bc68245bc6f9a4a5753 /security
parentc4823bce033be74c0fcfbcae2f1be0854fdc2e18 (diff)
downloadlinux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.tar.gz
linux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.tar.bz2
linux-3.10-04ff97086b1a3237bbd1fe6390fa80fe75207e23.zip
[PATCH] sanitize security_getprocattr() API
have it return the buffer it had allocated Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/dummy.c2
-rw-r--r--security/selinux/hooks.c8
2 files changed, 7 insertions, 3 deletions
diff --git a/security/dummy.c b/security/dummy.c
index 558795b237d..8ffd76405b5 100644
--- a/security/dummy.c
+++ b/security/dummy.c
@@ -907,7 +907,7 @@ static void dummy_d_instantiate (struct dentry *dentry, struct inode *inode)
return;
}
-static int dummy_getprocattr(struct task_struct *p, char *name, void *value, size_t size)
+static int dummy_getprocattr(struct task_struct *p, char *name, char **value)
{
return -EINVAL;
}
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 19a385e9968..d41e24d6ae4 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4468,11 +4468,12 @@ static void selinux_d_instantiate (struct dentry *dentry, struct inode *inode)
}
static int selinux_getprocattr(struct task_struct *p,
- char *name, void *value, size_t size)
+ char *name, char **value)
{
struct task_security_struct *tsec;
u32 sid;
int error;
+ unsigned len;
if (current != p) {
error = task_has_perm(current, p, PROCESS__GETATTR);
@@ -4500,7 +4501,10 @@ static int selinux_getprocattr(struct task_struct *p,
if (!sid)
return 0;
- return selinux_getsecurity(sid, value, size);
+ error = security_sid_to_context(sid, value, &len);
+ if (error)
+ return error;
+ return len;
}
static int selinux_setprocattr(struct task_struct *p,