Merge tag 'Smack-for-5.9' of git://github.com/cschaufler/smack-next (bfdd5aaa) · Commits · 戴 / test

security/smack/smackfs.c

+16 −3

Original line number	Diff line number	Diff line
		@@ -884,7 +884,7 @@ static ssize_t smk_set_cipso(struct file file, const char __user buf,
		}

		ret = sscanf(rule, "%d", &maplevel);
		if (ret != 1 \|\| maplevel > SMACK_CIPSO_MAXLEVEL)
		if (ret != 1 \|\| maplevel < 0 \|\| maplevel > SMACK_CIPSO_MAXLEVEL)
		goto out;

		rule += SMK_DIGITLEN;
		@@ -905,6 +905,10 @@ static ssize_t smk_set_cipso(struct file file, const char __user buf,

		for (i = 0; i < catlen; i++) {
		rule += SMK_DIGITLEN;
		if (rule > data + count) {
		rc = -EOVERFLOW;
		goto out;
		}
		ret = sscanf(rule, "%u", &cat);
		if (ret != 1 \|\| cat > SMACK_CIPSO_MAXCATNUM)
		goto out;
		@@ -2720,7 +2724,6 @@ static int smk_open_relabel_self(struct inode inode, struct file file)
		static ssize_t smk_write_relabel_self(struct file file, const char __user buf,
		size_t count, loff_t *ppos)
		{
		struct task_smack *tsp = smack_cred(current_cred());
		char *data;
		int rc;
		LIST_HEAD(list_tmp);
		@@ -2745,11 +2748,21 @@ static ssize_t smk_write_relabel_self(struct file file, const char __user buf,
		kfree(data);

		if (!rc \|\| (rc == -EINVAL && list_empty(&list_tmp))) {
		struct cred *new;
		struct task_smack *tsp;

		new = prepare_creds();
		if (!new) {
		rc = -ENOMEM;
		goto out;
		}
		tsp = smack_cred(new);
		smk_destroy_label_list(&tsp->smk_relabel);
		list_splice(&list_tmp, &tsp->smk_relabel);
		commit_creds(new);
		return count;
		}

		out:
		smk_destroy_label_list(&list_tmp);
		return rc;
		}