mirror of
				git://git.yoctoproject.org/linux-yocto.git
				synced 2025-10-22 15:03:53 +02:00 
			
		
		
		
	net: corrections for security_secid_to_secctx returns
security_secid_to_secctx() returns the size of the new context,
whereas previous versions provided that via a pointer parameter.
Correct the type of the value returned in nfqnl_get_sk_secctx()
and the check for error in netlbl_unlhsh_add(). Add an error
check.
Fixes: 2d470c7781 ("lsm: replace context+len with lsm_context")
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
			
			
This commit is contained in:
		
							parent
							
								
									b00083aed4
								
							
						
					
					
						commit
						3b44cd0998
					
				|  | @ -470,9 +470,9 @@ static int nfqnl_put_sk_classid(struct sk_buff *skb, struct sock *sk) | |||
| 	return 0; | ||||
| } | ||||
| 
 | ||||
| static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *ctx) | ||||
| static int nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *ctx) | ||||
| { | ||||
| 	u32 seclen = 0; | ||||
| 	int seclen = 0; | ||||
| #if IS_ENABLED(CONFIG_NETWORK_SECMARK) | ||||
| 
 | ||||
| 	if (!skb || !sk_fullsock(skb->sk)) | ||||
|  | @ -568,7 +568,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, | |||
| 	const struct nfnl_ct_hook *nfnl_ct; | ||||
| 	bool csum_verify; | ||||
| 	struct lsm_context ctx; | ||||
| 	u32 seclen = 0; | ||||
| 	int seclen = 0; | ||||
| 	ktime_t tstamp; | ||||
| 
 | ||||
| 	size = nlmsg_total_size(sizeof(struct nfgenmsg)) | ||||
|  | @ -643,7 +643,9 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, | |||
| 
 | ||||
| 	if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) { | ||||
| 		seclen = nfqnl_get_sk_secctx(entskb, &ctx); | ||||
| 		if (seclen >= 0) | ||||
| 		if (seclen < 0) | ||||
| 			return NULL; | ||||
| 		if (seclen) | ||||
| 			size += nla_total_size(seclen); | ||||
| 	} | ||||
| 
 | ||||
|  | @ -782,7 +784,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, | |||
| 	if (nfqnl_put_sk_classid(skb, entskb->sk) < 0) | ||||
| 		goto nla_put_failure; | ||||
| 
 | ||||
| 	if (seclen && nla_put(skb, NFQA_SECCTX, ctx.len, ctx.context)) | ||||
| 	if (seclen > 0 && nla_put(skb, NFQA_SECCTX, ctx.len, ctx.context)) | ||||
| 		goto nla_put_failure; | ||||
| 
 | ||||
| 	if (ct && nfnl_ct->build(skb, ct, ctinfo, NFQA_CT, NFQA_CT_INFO) < 0) | ||||
|  |  | |||
|  | @ -437,7 +437,7 @@ int netlbl_unlhsh_add(struct net *net, | |||
| unlhsh_add_return: | ||||
| 	rcu_read_unlock(); | ||||
| 	if (audit_buf != NULL) { | ||||
| 		if (security_secid_to_secctx(secid, &ctx) == 0) { | ||||
| 		if (security_secid_to_secctx(secid, &ctx) >= 0) { | ||||
| 			audit_log_format(audit_buf, " sec_obj=%s", ctx.context); | ||||
| 			security_release_secctx(&ctx); | ||||
| 		} | ||||
|  | @ -490,7 +490,7 @@ static int netlbl_unlhsh_remove_addr4(struct net *net, | |||
| 					  addr->s_addr, mask->s_addr); | ||||
| 		dev_put(dev); | ||||
| 		if (entry != NULL && | ||||
| 		    security_secid_to_secctx(entry->secid, &ctx) == 0) { | ||||
| 		    security_secid_to_secctx(entry->secid, &ctx) >= 0) { | ||||
| 			audit_log_format(audit_buf, " sec_obj=%s", ctx.context); | ||||
| 			security_release_secctx(&ctx); | ||||
| 		} | ||||
|  | @ -548,7 +548,7 @@ static int netlbl_unlhsh_remove_addr6(struct net *net, | |||
| 					  addr, mask); | ||||
| 		dev_put(dev); | ||||
| 		if (entry != NULL && | ||||
| 		    security_secid_to_secctx(entry->secid, &ctx) == 0) { | ||||
| 		    security_secid_to_secctx(entry->secid, &ctx) >= 0) { | ||||
| 			audit_log_format(audit_buf, " sec_obj=%s", ctx.context); | ||||
| 			security_release_secctx(&ctx); | ||||
| 		} | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Casey Schaufler
						Casey Schaufler