diff options
Diffstat (limited to 'security/security.c')
| -rw-r--r-- | security/security.c | 52 | 
1 files changed, 45 insertions, 7 deletions
| diff --git a/security/security.c b/security/security.c index 0144a98d3712..7035ee35a393 100644 --- a/security/security.c +++ b/security/security.c @@ -29,6 +29,7 @@  #include <linux/backing-dev.h>  #include <linux/string.h>  #include <linux/msg.h> +#include <linux/overflow.h>  #include <net/flow.h>  /* How many LSMs were built into the kernel? */ @@ -4015,6 +4016,7 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx,  	struct security_hook_list *hp;  	struct lsm_ctx *lctx;  	int rc = LSM_RET_DEFAULT(setselfattr); +	u64 required_len;  	if (flags)  		return -EINVAL; @@ -4027,8 +4029,9 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx,  	if (IS_ERR(lctx))  		return PTR_ERR(lctx); -	if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) || -	    lctx->len < lctx->ctx_len + sizeof(*lctx)) { +	if (size < lctx->len || +	    check_add_overflow(sizeof(*lctx), lctx->ctx_len, &required_len) || +	    lctx->len < required_len) {  		rc = -EINVAL;  		goto free_out;  	} @@ -4255,7 +4258,19 @@ EXPORT_SYMBOL(security_inode_setsecctx);   */  int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)  { -	return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, ctx, ctxlen); +	struct security_hook_list *hp; +	int rc; + +	/* +	 * Only one module will provide a security context. +	 */ +	hlist_for_each_entry(hp, &security_hook_heads.inode_getsecctx, list) { +		rc = hp->hook.inode_getsecctx(inode, ctx, ctxlen); +		if (rc != LSM_RET_DEFAULT(inode_getsecctx)) +			return rc; +	} + +	return LSM_RET_DEFAULT(inode_getsecctx);  }  EXPORT_SYMBOL(security_inode_getsecctx); @@ -4612,8 +4627,20 @@ EXPORT_SYMBOL(security_sock_rcv_skb);  int security_socket_getpeersec_stream(struct socket *sock, sockptr_t optval,  				      sockptr_t optlen, unsigned int len)  { -	return call_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock, -			     optval, optlen, len); +	struct security_hook_list *hp; +	int rc; + +	/* +	 * Only one module will provide a security context. +	 */ +	hlist_for_each_entry(hp, &security_hook_heads.socket_getpeersec_stream, +			     list) { +		rc = hp->hook.socket_getpeersec_stream(sock, optval, optlen, +						       len); +		if (rc != LSM_RET_DEFAULT(socket_getpeersec_stream)) +			return rc; +	} +	return LSM_RET_DEFAULT(socket_getpeersec_stream);  }  /** @@ -4633,8 +4660,19 @@ int security_socket_getpeersec_stream(struct socket *sock, sockptr_t optval,  int security_socket_getpeersec_dgram(struct socket *sock,  				     struct sk_buff *skb, u32 *secid)  { -	return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock, -			     skb, secid); +	struct security_hook_list *hp; +	int rc; + +	/* +	 * Only one module will provide a security context. +	 */ +	hlist_for_each_entry(hp, &security_hook_heads.socket_getpeersec_dgram, +			     list) { +		rc = hp->hook.socket_getpeersec_dgram(sock, skb, secid); +		if (rc != LSM_RET_DEFAULT(socket_getpeersec_dgram)) +			return rc; +	} +	return LSM_RET_DEFAULT(socket_getpeersec_dgram);  }  EXPORT_SYMBOL(security_socket_getpeersec_dgram); | 
