| Message ID | 1472121165-29071-8-git-send-email-mic@digikod.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Thu, Aug 25, 2016 at 3:32 AM, Mickaël Salaün <mic@digikod.net> wrote: > Add a max errno value. > > This is not strictly needed but should improve reliability. > > Signed-off-by: Mickaël Salaün <mic@digikod.net> > Cc: Arnd Bergmann <arnd@arndb.de> > Cc: Serge E. Hallyn <serge@hallyn.com> > Cc: James Morris <james.l.morris@oracle.com> > Cc: Kees Cook <keescook@chromium.org> > --- > include/uapi/asm-generic/errno-base.h | 1 + > security/landlock/lsm.c | 6 +++--- > 2 files changed, 4 insertions(+), 3 deletions(-) > > diff --git a/include/uapi/asm-generic/errno-base.h b/include/uapi/asm-generic/errno-base.h > index 65115978510f..43407a403e72 100644 > --- a/include/uapi/asm-generic/errno-base.h > +++ b/include/uapi/asm-generic/errno-base.h > @@ -35,5 +35,6 @@ > #define EPIPE 32 /* Broken pipe */ > #define EDOM 33 /* Math argument out of domain of func */ > #define ERANGE 34 /* Math result not representable */ > +#define _ERRNO_LAST ERANGE At the very least this needs a more sensible name. -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/include/uapi/asm-generic/errno-base.h b/include/uapi/asm-generic/errno-base.h index 65115978510f..43407a403e72 100644 --- a/include/uapi/asm-generic/errno-base.h +++ b/include/uapi/asm-generic/errno-base.h @@ -35,5 +35,6 @@ #define EPIPE 32 /* Broken pipe */ #define EDOM 33 /* Math argument out of domain of func */ #define ERANGE 34 /* Math result not representable */ +#define _ERRNO_LAST ERANGE #endif diff --git a/security/landlock/lsm.c b/security/landlock/lsm.c index aa9d4a64826e..322309068066 100644 --- a/security/landlock/lsm.c +++ b/security/landlock/lsm.c @@ -11,7 +11,6 @@ #include <asm/current.h> #include <linux/bpf.h> /* enum bpf_reg_type, struct landlock_data */ #include <linux/cred.h> -#include <linux/err.h> /* MAX_ERRNO */ #include <linux/filter.h> /* struct bpf_prog, BPF_PROG_RUN() */ #include <linux/kernel.h> /* FIELD_SIZEOF() */ #include <linux/lsm_hooks.h> @@ -104,8 +103,9 @@ static int landlock_run_prog(__u64 args[6]) } } if (!ret) { - if (cur_ret > MAX_ERRNO) - ret = MAX_ERRNO; + /* check errno to not mess with kernel code */ + if (cur_ret > _ERRNO_LAST) + ret = EPERM; else ret = cur_ret; }
Add a max errno value. This is not strictly needed but should improve reliability. Signed-off-by: Mickaël Salaün <mic@digikod.net> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Serge E. Hallyn <serge@hallyn.com> Cc: James Morris <james.l.morris@oracle.com> Cc: Kees Cook <keescook@chromium.org> --- include/uapi/asm-generic/errno-base.h | 1 + security/landlock/lsm.c | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-)