From patchwork Fri Jun 24 16:38:45 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Casey Schaufler <casey@schaufler-ca.com>
X-Patchwork-Id: 9197899
Return-Path: <linux-security-module-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	E26CD60871
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Fri, 24 Jun 2016 16:39:01 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D34F1284BC
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Fri, 24 Jun 2016 16:39:01 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id C7FCC284BE; Fri, 24 Jun 2016 16:39:01 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 568D6284BC
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Fri, 24 Jun 2016 16:39:01 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751652AbcFXQiq (ORCPT
	<rfc822;patchwork-linux-security-module@patchwork.kernel.org>);
	Fri, 24 Jun 2016 12:38:46 -0400
Received: from nm22-vm1.bullet.mail.bf1.yahoo.com ([98.139.212.127]:42311
	"EHLO nm22-vm1.bullet.mail.bf1.yahoo.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1751495AbcFXQip (ORCPT
	<rfc822;linux-security-module@vger.kernel.org>);
	Fri, 24 Jun 2016 12:38:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048;
	t=1466786324; bh=KPQ0DEkAGQpOB5LMjU3mGsLhQUX74btslq7RbymBgpo=;
	h=Subject:To:References:Cc:From:Date:In-Reply-To:From:Subject;
	b=NMtzBpabfUNP0doxyDFWj13EuiYCdPQVVDL7BPe/CgvnZC+6HAKYgVeRt7l6QHAEBKLnLFMhr/+GDR8Q/+VmMfjmSDSLSz2KI9gVZ8ANaF191V0Ncfb8fQPdUft0p12Pq1CJYJkB8hlZwtIbvdZu6Dc3ZApC+1DM7gqkOLMXIlSCIV6TvZx3Wv9uh6xc6r2OjWAbu1Ke8Knk5AOS1MInBFbjzqF7KK6hdUJcAdtOJP4SgVkCufZDxKqIH26Gv6i6P8kn0EfJZyw2jCFkZnIQAQ0I2GkopYxsHnL8M0JivaGxQ/8ZxcN+VHDzCoPVS2v+MyiO0cPLHMPak+jUOHmuBg==
Received: from [98.139.170.178] by nm22.bullet.mail.bf1.yahoo.com with NNFMP;
	24 Jun 2016 16:38:44 -0000
Received: from [98.139.211.161] by tm21.bullet.mail.bf1.yahoo.com with NNFMP;
	24 Jun 2016 16:38:43 -0000
Received: from [127.0.0.1] by smtp218.mail.bf1.yahoo.com with NNFMP;
	24 Jun 2016 16:38:43 -0000
X-Yahoo-Newman-Id: 886304.65760.bm@smtp218.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 8xlkndwVM1mhfr4w2JQ3NjS7b9QZg6KyyPzafllW8sgOCgZ
	fwfwuZ32yvWmleHyjhsE25o4Bz_EEpiRHy3AOohFYswdVwSCrGE18uMtEuOe
	EniKl41pSEpluP2r3UNmlp23TxLv_s9XLIsaGhpOr9cfaCwPpR9eB8J9HCSa
	R2NN9mZTB0RjFk_T90VN76p2D8vrt5_NnKl8gb0UcVoZ7CKVho9ptWcNWQbs
	H3Iz0n49uTsgS2eW5MChsHQUCMRZ2sSnLJEHCaFNqpiE1iceC3axl.NLEHqF
	_Z28YswZ7sRoyZGqVLj190T30snp.6bHfk5.nQvJVtyMzhdxWQ1RYeMZ1_32
	F9bk26daaKq.qg0Z1G8nLmqAO8XhrN83bvlIlfn80M0zZjkmcBCSC7N.1IO8
	8C2krl51szM0hgUBkm94IfsLsddm83L_WdkPU3AwWe3qmSMrBe4o2laV00QC
	eSzw66MRqmoOBLmEK8xhHQLKsxblP1IwsTFCT.UzYfaAWD2.IlKeL4EFu9F0
	6dvEn7Aq.UTpu5Ch6Qe4bFEhM4CPayRUeu.UN0jNgk8DkuM0K5pXfTSCJTJE -
X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw--
Subject: [PATCH v4 4/3] LSM: Improve context interface for proc attrs
To: Kees Cook <keescook@chromium.org>
References: <599d0a80-0838-2baa-8ee2-7eefafc10cec@schaufler-ca.com>
	<5767eed4-78ec-cc4c-2ece-c1fec4d752af@schaufler-ca.com>
	<CAGXu5j+e_0MG1mi69dgagFvbmm_93v8rezr-kPRoCsmEvOY0ow@mail.gmail.com>
Cc: LSM <linux-security-module@vger.kernel.org>,
	James Morris <jmorris@namei.org>,
	John Johansen <john.johansen@canonical.com>,
	Stephen Smalley <sds@tycho.nsa.gov>, Paul Moore <paul@paul-moore.com>,
	Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
	LKLM <linux-kernel@vger.kernel.org>
From: Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <61a5d3be-b99c-69d3-8619-e5c4d1004dd5@schaufler-ca.com>
Date: Fri, 24 Jun 2016 09:38:45 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
	Thunderbird/45.1.1
MIME-Version: 1.0
In-Reply-To: 
 <CAGXu5j+e_0MG1mi69dgagFvbmm_93v8rezr-kPRoCsmEvOY0ow@mail.gmail.com>
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk
List-ID: <linux-security-module.vger.kernel.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Subject: [PATCH v4 4/3] LSM: Improve context interface for proc attrs

Replace kzalloc ... sprintf with kasprintf in the
"context" procfs attr code.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Kees Cook <keescook@chromium.org>
---
 security/apparmor/lsm.c    | 47 +++++++++++++++++++++++-----------------------
 security/selinux/hooks.c   |  4 +---
 security/smack/smack_lsm.c |  5 +----
 3 files changed, 26 insertions(+), 30 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 3790a7d..5cac15f 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -476,6 +476,8 @@ static int apparmor_getprocattr(struct task_struct *task, char *name,
 	const struct cred *cred = get_task_cred(task);
 	struct aa_task_cxt *cxt = cred_cxt(cred);
 	struct aa_profile *profile = NULL;
+	char *vp;
+	char *np;
 
 	if (strcmp(name, "current") == 0)
 		profile = aa_get_newest_profile(cxt->profile);
@@ -488,30 +490,29 @@ static int apparmor_getprocattr(struct task_struct *task, char *name,
 	else
 		error = -EINVAL;
 
-	if (profile) {
-		if (strcmp(name, "context") == 0) {
-			char *vp;
-			char *np;
-
-			error = aa_getprocattr(profile, &vp);
-			if (error > 0) {
-				error += 12;
-				*value = kzalloc(error, GFP_KERNEL);
-				if (*value == NULL)
-					error = -ENOMEM;
-				else {
-					sprintf(*value, "apparmor='%s'", vp);
-					np = strchr(*value, '\n');
-					if (np != NULL) {
-						np[0] = '\'';
-						np[1] = '\0';
-					}
-				}
-			}
-		} else
-			error = aa_getprocattr(profile, value);
-	}
+	if (profile == NULL)
+		goto put_out;
+
+	error = aa_getprocattr(profile, &vp);
+	if (error < 0)
+		goto put_out;
+
+	if (strcmp(name, "context") == 0) {
+		*value = kasprintf(GFP_KERNEL, "apparmor='%s'", vp);
+		if (*value == NULL) {
+			error = -ENOMEM;
+			goto put_out;
+		}
+		np = strchr(*value, '\n');
+		if (np != NULL) {
+			np[0] = '\'';
+			np[1] = '\0';
+		}
+		error = strlen(*value);
+	} else
+		*value = vp;
 
+put_out:
 	aa_put_profile(profile);
 	put_cred(cred);
 
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 3a21c2b..6397721 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5737,11 +5737,9 @@ static int selinux_getprocattr(struct task_struct *p,
 
 		error = security_sid_to_context(sid, &vp, &len);
 		if (!error) {
-			*value = kzalloc(len + 10, GFP_KERNEL);
+			*value = kasprintf(GFP_KERNEL, "selinux='%s'", vp);
 			if (*value == NULL)
 				error = -ENOMEM;
-			else
-				sprintf(*value, "selinux='%s'", vp);
 		}
 	}
 
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index d2d8624..92e66f8 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3574,18 +3574,15 @@ static int smack_getprocattr(struct task_struct *p, char *name, char **value)
 {
 	struct smack_known *skp = smk_of_task_struct(p);
 	char *cp;
-	int slen;
 
 	if (strcmp(name, "current") == 0) {
 		cp = kstrdup(skp->smk_known, GFP_KERNEL);
 		if (cp == NULL)
 			return -ENOMEM;
 	} else if (strcmp(name, "context") == 0) {
-		slen = strlen(skp->smk_known) + 9;
-		cp = kzalloc(slen, GFP_KERNEL);
+		cp = kasprintf(GFP_KERNEL, "smack='%s'", skp->smk_known);
 		if (cp == NULL)
 			return -ENOMEM;
-		sprintf(cp, "smack='%s'", skp->smk_known);
 	} else
 		return -EINVAL;