lsm: correct error codes in security_getselfattr()

We should return -EINVAL if the user specifies LSM_FLAG_SINGLE without supplying a valid lsm_ctx struct buffer. Acked-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Paul Moore <paul@paul-moore.com>

lsm: correct error codes in security_getselfattr()
We should return -EINVAL if the user specifies LSM_FLAG_SINGLE without supplying a valid lsm_ctx struct buffer. Acked-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Paul Moore <paul@paul-moore.com>
fdcf699b · Paul Moore · dc46db78 · fdcf699b
Commit fdcf699b authored Oct 24, 2023 by Paul Moore
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

security/security.c security/security.c +2 -2

No files found.
--- a/security/security.c
+++ b/security/security.c
@@ -3922,9 +3922,9 @@ int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx,
 		/*
 		 * Only flag supported is LSM_FLAG_SINGLE
 		 */
-		if (flags != LSM_FLAG_SINGLE)
+		if (flags != LSM_FLAG_SINGLE || !uctx)
 			return -EINVAL;
-		if (uctx && copy_from_user(&lctx, uctx, sizeof(lctx)))
+		if (copy_from_user(&lctx, uctx, sizeof(lctx)))
 			return -EFAULT;
 		/*
 		 * If the LSM ID isn't specified it is an error.