From patchwork Fri May 11 00:55:52 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Casey Schaufler X-Patchwork-Id: 10394443 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 6193560170 for ; Fri, 11 May 2018 14:41:33 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 52E0628E85 for ; Fri, 11 May 2018 14:41:33 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 47AFB28E89; Fri, 11 May 2018 14:41:33 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.4 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,MAILING_LIST_MULTI,NO_RDNS_DOTCOM_HELO,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from UCOL19PA11.eemsg.mail.mil (ucol19pa11.eemsg.mail.mil [214.24.24.84]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 387C828E97 for ; Fri, 11 May 2018 14:41:31 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.49,389,1520899200"; d="scan'208";a="511113875" Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3]) by UCOL19PA11.eemsg.mail.mil with ESMTP; 11 May 2018 14:41:29 +0000 X-IronPort-AV: E=Sophos;i="5.49,389,1520899200"; d="scan'208";a="13190461" IronPort-PHdr: =?us-ascii?q?9a23=3Arfmz8hS/N9xOVy039AEIply55Npsv+yvbD5Q0Y?= =?us-ascii?q?Iujvd0So/mwa68ZBeBt8tkgFKBZ4jH8fUM07OQ7/i7HzRYqb+681k6OKRWUB?= =?us-ascii?q?EEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i764jEdAA?= =?us-ascii?q?jwOhRoLerpBIHSk9631+ev8JHPfglEnjWwba98IRmssQndqtQdjJd/JKo21h?= =?us-ascii?q?bHuGZDdf5MxWNvK1KTnhL86dm18ZV+7SleuO8v+tBZX6nicKs2UbJXDDI9M2?= =?us-ascii?q?Ao/8LrrgXMTRGO5nQHTGoblAdDDhXf4xH7WpfxtTb6tvZ41SKHM8D6Uaw4VD?= =?us-ascii?q?K/5KpwVhTmlDkIOCI48GHPi8x/kqRboA66pxdix4LYeZyZOOZicq/Ye94VS3?= =?us-ascii?q?BBXsJMXCJfBI2yYZYEA+4YMepFs4Xxol0Dohy8Cga2BOPvzThIimbv0aAm3e?= =?us-ascii?q?ksEBzK0BU8E94TrX/YqMv5OLsXXe2z0aLGzyjMb+lO1Dnj5ojGchMvr/+CUr?= =?us-ascii?q?1/c8Xe1UYhGR7djliStIDoMS2a1v8WvmiH7edtT/6jh3IppgxzpDWk28ciip?= =?us-ascii?q?POhoIQ0l3J6z92wJ0rKty4VUV1fMKrEJtKuCGHOYt2Rt0tQ3t1sys91rIJo4?= =?us-ascii?q?W7czYKyZk83B7Qd/yHfJKV4hLtUOaePy14iGt5d72lnRq97U+gyujlW8SyzV?= =?us-ascii?q?1ErTJFn8HRun0C2BHf8MiKRuZn8ku/1juDyRrf5vxcLU01l6fXMYMtz780m5?= =?us-ascii?q?YJsEnOHjX6lFvogKKZcEgv5/Km5P79Yrr8o5+RL4p0igbjPaswgsG/GuE4Mh?= =?us-ascii?q?QWX2ic5OS8yKXv/U3nT7VOif07irXZv4rAJcQau665GBVZ0poj6hmjDzem18?= =?us-ascii?q?4UnX8bI1JeZB2LlY3pO1DKIPzgDPe/hUqjkCtzyvzbMbDsDY/BI3jenLv7Y7?= =?us-ascii?q?pw5FBQxBAuwdxH4pJbELABIPb9Wk/rs9zYCwc0MxeqzObjCdV90J4eWG2WDq?= =?us-ascii?q?CCN6PSrFmI6f4xLOmXf4IVpDb8JOQl5/7pl3M5n0QdcrOz0ZsYb3C4AOxqI1?= =?us-ascii?q?+Fbnr0ntcBDWAKsxI8TOztjl2NSyJTZ3aoUKI6/Tw7CoWmDYHGRo+3m7yBwD?= =?us-ascii?q?m0HodNZmxcDVCMC3jofZ2eW/gQcCKSPtNhkjscWLijSY8uzw2htAzhy7pgKO?= =?us-ascii?q?rU+zMYuInt1Nhx+u3Smgo99SFyD8SBzmGBVWZ0nnkHRzUuxqBwvVR9ykuf0a?= =?us-ascii?q?h/m/FYDcJc6OhXXQc8NJ7c0+t6BsvzWg3fYNiGVkyqQtK8ATE+Vtgx2cMBY1?= =?us-ascii?q?5hG9W+iRDOxzelA7gTl7yNGZM77Kbc33nqKsln1XnGzq4hg0MhQstVOm2snr?= =?us-ascii?q?R/+BTLB47Vj0WZkL6nerkA3CHX7meO1naBvEZdUAFsS6rFRmwfalHQrdvn+k?= =?us-ascii?q?PIV6WuBqg/Mgtd1c6CLbNHZcPxjVpcXvfjOc/ebnmpm2iqHxaIx6iMbJLue2?= =?us-ascii?q?oHwCrSFlIIkwcJ/XaJLQI+HDuuo3rCDDxyElLie0Ls8e9iqHylSk870QSKYF?= =?us-ascii?q?N917qv+h8YnvucS+sN0bICvScusTR0HFKm0NLRBNuMvQ1hfL9TYdkl+ldIyX?= =?us-ascii?q?rZtxBhPpynN61jhl8fcwNxv0710hV3DpxMkcksrH8wygp9M7iY0FBAdzOGw5?= =?us-ascii?q?/8ILvXJXfu/Bq3ca7Zxkne0MqK+qcI8Pk5pVTjvAWsFkU86XVqyNdV3GWB6Z?= =?us-ascii?q?XNFgodS4rxUlww9xh4ub7VfjU965nT1X12Pqm+qiXC1M4xBOs51hageM9SMK?= =?us-ascii?q?2eFADoFc0VG8muKPcxllisdhIEPfle9LU6PsO9bfeG37SrPOl4ljK8kWtH+J?= =?us-ascii?q?x90l6L9ydkSe7HxZUFw/aF3gacVDfzllShssfqmYxeYjESBGW/wzD+BIFNfq?= =?us-ascii?q?1yYZoLCWC2LsKt29p+nZ/tVGBC9FO4HVwJxMqpdQCVb1zn0g1azV4XrmC/mS?= =?us-ascii?q?uk0zx0lCkkobaF0yzK3evibwYHO25MRGR5llfjPYm0gM4cXEi0bggmjgGp5U?= =?us-ascii?q?DkyKhHvK5/NXXcQV9UfyjqKGFvSrGwuaefbMNU55MotCpWXP66YV+EVr73uw?= =?us-ascii?q?Ea3D/7H2tC2DA7cCmnuo73nxxgj2KdN2pzoWHCecF2whfe6tncSuRX3jYcQi?= =?us-ascii?q?l3lyXXDECmP9a15dWUi4vDsuemWmOvTJJTdTXrwp2atCug/mBqHwOwn+qold?= =?us-ascii?q?36FAg2yyj718NlVS/QthbzfpHr17imMeJgZkRoGl785NZmGoF5iIs8no0f2X?= =?us-ascii?q?gdhpWT8noKimPzMdRd2a3kdnoNQiQHw9nP4AjqwEdjNG6Gx5rlVnWBxctsf9?= =?us-ascii?q?26YmIN2iIh9sxKE7mb7LhFnStzv1q5ohncYeNlnjccz/su6WIVg/oTtAor0C?= =?us-ascii?q?qdHqgYHVNEMiz0ixSI89e+ob1NZGaodbiw0FRxncq9A7GFrABRQ235eoo+Ei?= =?us-ascii?q?9r9Ml/N0jM0HLr4IH+ZNbQdc4TtgGTkxrYjOhaNpQxluERiCpkJ239u2Yly+?= =?us-ascii?q?glghxyx526u5KHK2p19qKjHhFYLiH1Z98U+jz1laZRhNuW34SxEZV5ADoLWo?= =?us-ascii?q?foQuyyED8JqPTnLBiBECcnqnuBArrfGhKf6F16oH3RHZCrMGuXJHYHwtl4Qh?= =?us-ascii?q?mSOlBfihgOXDomhp45ChyqxMv5fUdn4DAe+0X1qgVKyu11NxnzSGHfqxm0aj?= =?us-ascii?q?0sUpiQMAJW7h1e50fSKcGe9vh8Hzxc/pC6sAONK3CbZgRRAWEHQEOEAUrvPr?= =?us-ascii?q?605dnP6+KYHPaxL+PSYbWSruxTT/SIxJKr0oR45DuMM8KPPndsD/IlxkpDQX?= =?us-ascii?q?B5G8PcmzoRUSAXkTzCb9KDrhem5iJ3tty/8OjsWA/364uAEb1SMclo+xCzmq?= =?us-ascii?q?qDOfCfizt+KTZCzJwM3WXIyL8d3FEMly5uayOhEbMatS7CVKjQgLNYDwYHay?= =?us-ascii?q?NvM8tF978z0RVIOc7cjNP1yqN0g+UrC1hbT1zhm8CoZcsMI22nMlPIGlqLPq?= =?us-ascii?q?ycJTLX28H3fb+8SbpIgeVarR2/pyuUE1T5MTSFiznpUAuvPPpWgy6HORxSoo?= =?us-ascii?q?a9cgxiCWL7VtLpdgW7MMNrjT0x2bA0gGnKOnQEMThkaE5NoLyQ7TlDgvVjFW?= =?us-ascii?q?xB73xlIvOCmymF7unXMJIWveFsAiRumOJQ+G46xKdN7CFYWPx1nzPfocV1rF?= =?us-ascii?q?2hlumPyyFnUAZVqjpRn4KEo1ltNb/C9pZeXXbE/RQN7XifChkRu9RkCsfvu7?= =?us-ascii?q?1LytTVmqP8MitC88nT/csaHcTUL9iHMHU5OxrzBDHUFBcFTSKsNWzHgUxdkf?= =?us-ascii?q?WS9nmLoZghsZXjgoQBSqVcVFAvEfMaEEtlFsQYIJhrRjMkjaKbjMkQ6HWlrR?= =?us-ascii?q?nRS8JavpbcW/2PH/rgMzeZgqNCZxcSxrP4N4sTPJXh20N+cll6gJjKG03IUN?= =?us-ascii?q?9XrS1udBE0r1tW/Xh5Vm08xUTlaga3738SEf67hRk2iwRkbeQq7jfs7E89Jk?= =?us-ascii?q?DWqysojEkxhdLljCiNcD72Kae8R5tWCy31tkcvNJP0WBx1bQqskkxnLzrLW7?= =?us-ascii?q?VRj758em9xkw/cpYFDGfhCQq1YeBUQ3+2YZ+000VRArSWq3U1H5evFCJt6kw?= =?us-ascii?q?sqdZ+sr25e1A94ad41JLDQJLBXwVRKgaKOpCCo3PgrwAACP0YN7H+SeCkQtU?= =?us-ascii?q?wOKLYpPS6o8/dv6QyFgDtDZHIDV/wxovJp90MxIeKAwDz807RbMEC+K/SfL7?= =?us-ascii?q?+Fu2jHjcOIWE0/1lgWmEZf57h5zccjflGPWEAu1rueChMJNcTaKQFPccVT9G?= =?us-ascii?q?LffSCQvuXR2Zh1JZmyFvj0Te+Ss6YZml+rExw3H4QN88sBBYKh31vCLcf9K7?= =?us-ascii?q?4Exw4t6xr3K1WYFvRJeQ6LkTcdr8G50pB3wZFXJisBDmVlLSW3+rHXqxcugP?= =?us-ascii?q?qERtc5fHEaX4oDNn8tV826nTNZs25HDDmt3eIT0BKC4CPkpiTMEDn8aMJuZO?= =?us-ascii?q?yKahNoCdG2/yg/8qethFHL9ZXeIn31Os55ut/T8+8aoYiIC+9MR7lnr0jcg5?= =?us-ascii?q?VYR2CtU2PXDd61Jp3wa44wbdz0Cne3SUGwizM1TsjrJ9mhNK6Ijh/0RYxMqo?= =?us-ascii?q?mUwCgjNdOhFjEZAxp/veUD5KNgagIde5U7ZB7ptwI5N6y5OgiVyc6hQ2e3Jj?= =?us-ascii?q?tQVvVfw/i6a6ZRzyUycu+w0GEgQY0iz+mr7U4NQ4kHgQrAyvalfIRRSzX8Gm?= =?us-ascii?q?JDdAXVvio2jXJhN+Yozuc42hPIvkEWMyqXe+xxdGxEo9Y8CEuIIXVwC2o3W1?= =?us-ascii?q?+cjY3H4g63x74c5jZTkcxI3ONCq3XxopjfYDewV6OxspXVrzAsbd44rK1tKY?= =?us-ascii?q?bjONeJtIvCnjzDS5ndqhGKUCygGPVGgdVfPCVYQP1MmWEkJ8MGo5ZB5lQtWc?= =?us-ascii?q?c+PbBPD7Mspr+yYzp+ESES1TMZV5+H3DEamOezwaHalhCLf5k5LBwEqo9Ngs?= =?us-ascii?q?UDXC5yYyMeoqCjV4HXl2+LSmgLPAkT4h5W5AIFjINweP7q4JbQRp9W1zFWu+?= =?us-ascii?q?50UjfMFpRw+Vr3UH2ZgVj5SPWkkuymxwFSwent0tYFRhFwF1JRx+FMlksnML?= =?us-ascii?q?t3MbUfvpbWsj+UckP3pGftx/G8JFlS18LUa1z4DIzKtWfnXCwT43sUSpNLyH?= =?us-ascii?q?HYCJQdjhF5ZLwtpFpSPICsYlz+6CA8x4R1A7m4Utimx04irXYCXSiqCdRAC+?= =?us-ascii?q?ZisFLZQzBlZperqJL+O5pMXmBQ4pqdq0xCkEVsNS65xoBQK8ZX4j4DRDJPuy?= =?us-ascii?q?mSvMOuSM1f3s97F4UDIs1iu3f7Aq9EO4Oco3w3urzu1n/W4CowsFGkyzWvA6?= =?us-ascii?q?W4Vf5W/3UCGgU1IGSTslUvD+wp8mrJ7lDBrlV08PxBCriJk0pxvC53HopSCT?= =?us-ascii?q?ZRyXClM1NzQWFGs+pAMqTaachcTOQpaBCyJRM+DeYm0FKN/U5qh3f1eStyth?= =?us-ascii?q?FV+yrFRQk7STEVgqvxmT0ZssynOzgaRIxTYDo8cSjFMByUmTpLvBlBdk5mQZ?= =?us-ascii?q?YZDchZ+7sDx4tb4tLCSVqwKSECRBFiKh833udelUFZtEWVYjzSDQ2tdfnTqB?= =?us-ascii?q?J3ZtuRoNSvLPvn4AdNkpnnv/wg96UfW32mnhWgTsvQr4DgqtGHtFaCeanjPu?= =?us-ascii?q?KgZn/BSSTDggqrhbc4FZXK+TbcMBZDIZlg1XUkeYThCXLMPRlePaIUOVdUVa?= =?us-ascii?q?BgZtVaue1aY8hkeLgX9qNzGh2HQQ7gF5K1oPlAMFnTWSzULz+d/eynvYLT8b?= =?us-ascii?q?vdRPD4ZsyX23bIWb94Poth5DngHLfqzJVe9Vbo1fdr6kN6U0LJMySboNTmPA?= =?us-ascii?q?ML69GodlH+sZ0xATPWHJBwnWLxxkFaacUYXTCl/Y8FyJNd9HbwU/h30lbysO?= =?us-ascii?q?1V87lr95U376puyceuKqfYMe5avlN/AhiIGgVq8Y0gAG1lSGBVZu8eNuvRfb?= =?us-ascii?q?gDgs/0sO33EbIY6AGO++NFc9THP1/OltO5Cj6CVRxOhB0BpiICLguAy/6FnL?= =?us-ascii?q?d5ScS/qujj3UIt+Fy+IQQYzL124IeE566IpPPWbxTNzLgLQK7qRtjporQroU?= =?us-ascii?q?OS6uUulKQSdWxtfw2nDO8dW9Yfxmj6y6AqwzgsE8TeEL3+4/NDS2g2njT7m5?= =?us-ascii?q?B6BVkWHO0bHaaT94REgmg4g/DZNsERcq1alWaPCB+kErsGyXG17iuaO3RqjQ?= =?us-ascii?q?/V3BHxW2yz6kX6rShiQSvD193jiFZaVqGrBUdOWCqkIU14sDKKPAfzsdr4p6?= =?us-ascii?q?Q0418sMmzlstKNm3GtOLVJEM3jPNacOzU7pEoLjJ0tQdyiwYYbGd6mLdcQ9n?= =?us-ascii?q?F+a+HS62Ktky9PuadInZHe4t2P+vXKAXagk7Caq6+TyzxCzXg4p14/4Mi6Nv?= =?us-ascii?q?7S/92KX+io12EJQid6vAvBWQK1qrPFoF0PPEyL0V3EmIoUMdFF03g40Vvm5O?= =?us-ascii?q?s4QN4p8gVRCJrAbesYpT/vIDv03UqfY9UvWymayDtXG1L4HEJ2GKcixW3wu9?= =?us-ascii?q?jJmm3I+10yQYlwdVLoigBrD4kiLkIt8lcXyDIZEQcRcRCbEK2oBUP9IIsFVE?= =?us-ascii?q?kMcw6I06Shd6csw0Jz3q2g6/PJYex7HaoNOe5XjhSSk1hDBpIWraoeTapndF?= =?us-ascii?q?9c767WqBLtC4rmX/j6jXo/L+C1QsRB/M8FsHst/xiwSAC96ZdZ6LYbkoqHer?= =?us-ascii?q?RDYZjWs8B2911n6iIXdixRnBh/iAu0UfgGq+D//tfbsJSp6uG0VKYuXukX7A?= =?us-ascii?q?Y7B2B/j5v2nVAirsra1/9GRY3JlYv/8A5MI3mQuIbZyRV8KvQBK5itfLl+83?= =?us-ascii?q?ULPS8eJ2gBPdCOcfkz/zdtMCnP51xFGs4MaskXPNDTlgBIik3kQ7VT9svHGl?= =?us-ascii?q?CGC4d8bd0o73HtxDAz75Q8Tv7q6CWqKpDH81FNI/RDgT1jlN3cougV3f3SCC?= =?us-ascii?q?8Q7XmCdRd1xiKCy5+QC/f/5uiMzM/bV0kGHyEsSYtdIiSN+RC/TOqviJrpSh?= =?us-ascii?q?+U6tP0gJ8mckKQR2C+nKMBsqlWCu5MkCT73j9ZFoDunPKYqN+s5WRYt1FdF4?= =?us-ascii?q?Zz9xLFEr1FPppnIRT4itWrRk9kCyvwZM7UbQEutPOLyOkD5et+Nk3+ZZIUIx?= =?us-ascii?q?8fxLL67GBaTg1wR7LsuVaZR+0RbsN8SPzYtnBV9Z5gK6gXMVifo5zqrjFIpE?= =?us-ascii?q?oqDw8pbL8wsyFVd0jPnA1TQKb0u78AhxACUd54p09DA2awN38/5zbdU6Rakr?= =?us-ascii?q?WRAuQP8jqPVqwOT1loMiRmThO0xpVhYb2pkOtDsmNbgyx9of8q0yd8SBu7oy?= =?us-ascii?q?3sqLoH2Sg897GgqDUBpXtFQ/2ckyjWB1VDwvAKgLwSCnn471yzfmUDYJH04L?= =?us-ascii?q?Z5OcTq7ZMh7GgnYRU/Yy0GWvytCy70j6OPDI2ArtZchBqWtcXVar+zKykSOa?= =?us-ascii?q?gnxRLlWXd9zhDUnAx0/2sTXjWg8NgkKZ24OcYkxSqoGm/beU0O4qxTs8vxsl?= =?us-ascii?q?gLQ/UwaV97xmVszNSHTDUXRMPTA2Y1khQkaWJcfZ1Y9xAaEbUojy2TvqlC+Q?= =?us-ascii?q?EUfCvUEpq79YbNh8vI3mM9TdhyzGLMuqKFno8q0GFim95s4C6BpnASd+3AU8?= =?us-ascii?q?ByGXXy14Zfyen7Z/qzqOAHTJVpxK6mUP8YPcmp4XG214lyWk+52rQeGEK0Me?= =?us-ascii?q?EbxrfBUieqVXOXVP+Oc2iNgzY5KFD96QOvLl0tZ8dAt1U9Pffahp5Aiw3hVq?= =?us-ascii?q?t5RiKUpVDF12EjKecaeBgtuIe7egwFUPIRZ/KCKucw2vE+DkUDb2PRFytsF+?= =?us-ascii?q?C2qUKtnJR8O3h45UX6YOLt8h3pMdeLHhkEEJXaroJq+fGhR2KOI3lgzBpoME?= =?us-ascii?q?lz7effGEw7tvVAfJaJgdjQm9N73PYAd/h3LSI9ut8TmoRk6YSPzseKcBfRwY?= =?us-ascii?q?j2JdHUpPiYHvLew14temFAXboTeRn16JkiPt4lR73TGqNUvRYGCqg5R5wuLH?= =?us-ascii?q?z89LxyLANvcg7RY6m0gsbqpuKXfJdUoWHZ7k4oJifGpxID0uC0TRB8b52ynH?= =?us-ascii?q?XyLpUwSS5AotBuERZmApVAG9kBrwumBJ6Unru3i9mv9ENm6Kc2tv/UMdWCgN?= =?us-ascii?q?C42ZhhGoNX7lGRPSrAQaxsjllhg8ysjfralJr8E8XvfZUDTuctBibhSZvjVt?= =?us-ascii?q?G7KzSTKof/dlRA/rq0zr10SFOSaTr/Uq7AszerYrEs2UwmzsRde+3JwXR597?= =?us-ascii?q?jG3PPqbnxf4yKkqmSEcpBY6QqOTdfCUgpURPzNy2NsGakafMOg7+sVGcAzy9?= =?us-ascii?q?ibpQ9o5XJN19XTZ+Cagwfo20RmZdqPN0bt2iAkSaEWMR+/Ng0qmmafpXPDVz?= =?us-ascii?q?AUZPOBAOJOxdqUFRfw/FJZnWA2enUHQjOuQs2ecyBP4OeXTy7P+ANQBMsYhM?= =?us-ascii?q?azeFUkrevqEK9vIJoT3a2Is7UB2fRuKyjJX8Vcd3XSK79weDhWDuzJv1UuSh?= =?us-ascii?q?UNtb8zW4w8Yd6FJ0ZRdA+jxC7phSDF1k68I9+h2b2CJyEV2n5H1bXA0CVJ4Q?= =?us-ascii?q?6jtqDdyvHuTKvEa9nWVfjeOWJxTjycSikzFwOq9E2itv4svb+cJnkS5EsdYT?= =?us-ascii?q?+IAUgVq+ZttY6URk3anOB4NLgNnuqbQGikSih/jrAzHQ5NvEWBQrwEDwaAPF?= =?us-ascii?q?H7h28JkwW5K+4ExnnlZqCWwqdPE7gdC5BBY9WCSNvRZP5aKi1tnTxfM+G5KY?= =?us-ascii?q?6P540l207FGDNKW5LD80eTGQvHGqbGlTv2QYUYuZQ1sSM0+9XW2zV6CLnMI6?= =?us-ascii?q?3A9myT2amc1w2gkLWCEGQgZlc6xucLAW3HxRhEewRmQ90WuUS4WqebfA4Mz3?= =?us-ascii?q?Mmj+tyxgUBMBp+SHxg03Ba3b69F8RVRERSjTaGUfQGa1cxBzQ18A=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2DKCQDMqvVa/wHyM5BcGwEBAQEDAQEBCQEBAYNAA4FcK?= =?us-ascii?q?INyiGKMEYF5dRqBQJNmKhMBhQeCQyE4FAECAQEBAQEBAgFrHAyCNSSCTwEDA?= =?us-ascii?q?wECIAQZAQE4AgMJAQEbAwECAwIiBAICAwFBCggGAQwGAgEBAYMegWkDFQOhR?= =?us-ascii?q?4oYbYFpM4JvAQEFgQIBAV6CNAOBNYJACBdyhHiCJIITgQ8jgjOIKIJUhzqEX?= =?us-ascii?q?mOLOAmOS2SHE4R4izWGSjMhgVJNIxWCfoIUg2iKHAFVT3oBAZAVAQE?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 11 May 2018 14:41:26 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w4BEfP1b003647; Fri, 11 May 2018 10:41:25 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w4B0tsWt007211 for ; Thu, 10 May 2018 20:55:54 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w4B0u1MU001923 for ; Thu, 10 May 2018 20:56:01 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1AIBACs6fRalywYGNZcHQIFDINBgV8og?= =?us-ascii?q?3GIYIwQgXl1GoFAk2uEdwJFgjshOBQBAgEBAQEBAQIUAQEBAQEGGAZLhTQBAwM?= =?us-ascii?q?jBBkBATgPHAMBAgMCJgICRQoIBgEMBgIBAYMfgWkDFQOgaYoYbYFpM4JvAQEFg?= =?us-ascii?q?QIBAV6COgOBNYJACBdyhHiCJIITgQ8jgjOIKIJUhziEXmOLNgmOSWSHEoR1giu?= =?us-ascii?q?JB4ZJM4FzTSMVgn6CLoNOihwBVU+QOwEB?= X-IPAS-Result: =?us-ascii?q?A1AIBACs6fRalywYGNZcHQIFDINBgV8og3GIYIwQgXl1GoF?= =?us-ascii?q?Ak2uEdwJFgjshOBQBAgEBAQEBAQIUAQEBAQEGGAZLhTQBAwMjBBkBATgPHAMBA?= =?us-ascii?q?gMCJgICRQoIBgEMBgIBAYMfgWkDFQOgaYoYbYFpM4JvAQEFgQIBAV6COgOBNYJ?= =?us-ascii?q?ACBdyhHiCJIITgQ8jgjOIKIJUhziEXmOLNgmOSWSHEoR1giuJB4ZJM4FzTSMVg?= =?us-ascii?q?n6CLoNOihwBVU+QOwEB?= X-IronPort-AV: E=Sophos;i="5.49,387,1520913600"; d="scan'208";a="274422" Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.35]) by goalie.tycho.ncsc.mil with ESMTP; 10 May 2018 20:56:01 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3Ac6k/RhAHcZlyMi+Y7APHUyQJP3N1i/DPJgcQr6?= =?us-ascii?q?AfoPdwSP35psiwAkXT6L1XgUPTWs2DsrQY07GQ6/iocFdDyK7JiGoFfp1IWk?= =?us-ascii?q?1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBA?= =?us-ascii?q?j0OxZrKeTpAI7SiNm82/yv95HJbAhEmDSwbaluIBmqsA7cqtQYjYx+J6gr1x?= =?us-ascii?q?DHuGFIe+NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PG?= =?us-ascii?q?Au+MLrrxjDQhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VC?= =?us-ascii?q?+85Kl3VhDnlCYHNyY48G7JjMxwkLlbqw+lqxBm3oLYfJ2ZOP94c6zaf9wVX2?= =?us-ascii?q?pBXsFWVyBYG4+xc4UCAuscMepBs4XxukYFoR+gCQWwAe/izCJDiH3r0q0gy+?= =?us-ascii?q?kvDB/I3AIgEdwNvnrbotr6O6UOXu6616TI0TfOYulK1Tvh5oXFcBYsquyMU7?= =?us-ascii?q?JqdsrRzFEiGh3fgVWLt4PkPy6e2PkRvGib9eVgSOyvi2o5pAFrvzOiwdsjhZ?= =?us-ascii?q?PSho0LylHJ7j55z5o1JdKiVU57b9qkH4VKty2DK4R5WNkuTH1vuCY/07ALv4?= =?us-ascii?q?OwcisSyJk/2RLTdvOKf5KW7h/sTuqdPzh1iGhqdb+wnxq/8EqtxvfhWsS11F?= =?us-ascii?q?tGtCtIn9nWunwTyRDe5c6KQeZn8Ei7wzaAzQXT5/lEIU8qkarbLIYszbAum5?= =?us-ascii?q?QKt0rOEDH7ll/qgaOKd0go4Pan5PriYrX9qZ+QLYp0hRv/MqQqgMC/BOU4Mg?= =?us-ascii?q?wWU2ia/+SzyqHj8FXnTLlXgfA6iLfVvZ/AKcgFqaO1GQBY34k75xa6FTim0d?= =?us-ascii?q?AYnXcdLFJCfRKKl5TmNEvVIP/mDfaymE+snytrx//cI73hDJHNIWbZkLv4Yb?= =?us-ascii?q?ly8VRQxxY0zdBa/55UEK0OIOrvWk/ts9zVFgQ5PBKww+bmDtV9y4wfVHmTAq?= =?us-ascii?q?6ZLKzSsViI6vgpI+mXfoAZojn9K/87562msXhsvWQ4Nf2t3J0KeDWjE/97OU?= =?us-ascii?q?SFcD/phdscFWoioAUzVqrphUeEXDoVYGy9CeZ0whIfLcryCYbFW5Dog7Gb2i?= =?us-ascii?q?q/NoNZa3oACV2WF3rsMYKeVKFIIBqbP8sptzsDT7XpH5coyBWGrAbnz/9iKe?= =?us-ascii?q?3O92sTspe1kJBO++DLlRw0vQdxBsCZ3nDFG3p4hUsUVjQ22+Z5ukU7xVCdh+?= =?us-ascii?q?wwuNEQMd1V+uMBBhw3MZ/a0vxSF8H5WgWHeMyADlmhXIPiSXsKa/sa4JoCYl?= =?us-ascii?q?12Bs65phTCxDaxRedM0buRC9Z8ppn59lPSYsp80H3bz7IJi1g9XtAJbTTggb?= =?us-ascii?q?RwoUybJYnJlQ27kKajc78R2maZ9mCDyyyMu0FRVhV9V43OVHYYYErdpNC/7U?= =?us-ascii?q?THGfvmKrkqKUNqzsmBYv9JZ9DyhlJBR9/oOM7ZZmOsniG3HxnegvuwYZbxZm?= =?us-ascii?q?JV/CzbBEFMxxge+3mbNA57BSq7pW/aJD0rEVXxbgX3+Opjsnr9SEJyzRncKw?= =?us-ascii?q?VD3r+44VYwguaGSuhbirABvz07qi5cGl+40tOQDMCP8VlPZqJZNPg0+1pWnV?= =?us-ascii?q?nStwVgMJitNeg2jVcFfhVfpEju3gh5Doha1MMj6ngtyVwheuqjzFpdembAjt?= =?us-ascii?q?jLMbrNJzy3rEj1Mfzfx03e3dCK+6wG9PU/rRD5sRq0ElY5rCo17vJy9yC33r?= =?us-ascii?q?ySUEwfXJfqXQAy/hl+4bTbZnp164DV0Ch0OLKv+n/Z2t0vDfc40BvoYdpFMa?= =?us-ascii?q?2FGQOzW80XDsSjMqorznC4ZxIDO6ZZ86s5?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0C6AwC66PRalywYGNZcHQEBBQELAYN?= =?us-ascii?q?AgV8og3GIYIwQgXl1GoFAk2uEdwJFgjshOBQBAgEBAQEBAQIBEwEBAQEBBhg?= =?us-ascii?q?GSwyCNSSCTwEDAyMEGQEBOA8cAwECAwImAgJFCggGAQwGAgEBgx+BaQMVA6B?= =?us-ascii?q?oihhtgWkzgm8BAQWBAgEBXoI6A4E1gkAIF3KEeIIkghOBDyOCM4goglSHOIR?= =?us-ascii?q?eY4s2CY5JZIcShHWCK4kHhkkzgXNNIxWCfoIUGoNOihwBVU+QOwEB?= X-IPAS-Result: =?us-ascii?q?A0C6AwC66PRalywYGNZcHQEBBQELAYNAgV8og3GIYIwQg?= =?us-ascii?q?Xl1GoFAk2uEdwJFgjshOBQBAgEBAQEBAQIBEwEBAQEBBhgGSwyCNSSCTwEDA?= =?us-ascii?q?yMEGQEBOA8cAwECAwImAgJFCggGAQwGAgEBgx+BaQMVA6BoihhtgWkzgm8BA?= =?us-ascii?q?QWBAgEBXoI6A4E1gkAIF3KEeIIkghOBDyOCM4goglSHOIReY4s2CY5JZIcSh?= =?us-ascii?q?HWCK4kHhkkzgXNNIxWCfoIUGoNOihwBVU+QOwEB?= X-IronPort-AV: E=Sophos;i="5.49,387,1520899200"; d="scan'208";a="13171002" X-IronPort-Outbreak-Status: No, level 0, Unknown - Unknown Received: from ucol3cpa06.eemsg.mail.mil ([214.24.24.44]) by emsm-gh1-uea11.NCSC.MIL with ESMTP; 11 May 2018 00:56:00 +0000 X-EEMSG-check-005: 0 X-EEMSG-check-006: 000-001;e01b1bb6-61eb-46fd-9dab-11ed91890512 Authentication-Results: UCOL3CPA04.eemsg.mail.mil; dkim=pass (signature verified) header.i=@yahoo.com X-EEMSG-check-008: 280326323|UCOL3CPA04_EEMSG_MP19.csd.disa.mil X-EEMSG-SBRS: 3.5 X-EEMSG-ORIG-IP: 66.163.189.90 X-EEMSG-check-002: true X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0ChAgD46PRah1q9o0JcHQIFDIUgKINxiGCOCXUagUCTa4R3AkWCOyE4FAECAQEBAQEBAhQBAQEKCwkIKCMMhSgBAwMjBBkBATgPHAMBAgMCJgICRQoIBgEMBgIBAYMfgWkDFaBrihhtgWkzgm8BAQWBAgEBXoI6A4E1gkAIF3KEeIQ3gQ8jgjOIKIJUhziEXmOLNgmOSWSHEoR1izKGSTOBc00jFYJ+gi6DToocAVUfMJA7AQE X-IPAS-Result: A0ChAgD46PRah1q9o0JcHQIFDIUgKINxiGCOCXUagUCTa4R3AkWCOyE4FAECAQEBAQEBAhQBAQEKCwkIKCMMhSgBAwMjBBkBATgPHAMBAgMCJgICRQoIBgEMBgIBAYMfgWkDFaBrihhtgWkzgm8BAQWBAgEBXoI6A4E1gkAIF3KEeIQ3gQ8jgjOIKIJUhziEXmOLNgmOSWSHEoR1izKGSTOBc00jFYJ+gi6DToocAVUfMJA7AQE Received: from sonic306-28.consmr.mail.ne1.yahoo.com ([66.163.189.90]) by UCOL3CPA04.eemsg.mail.mil with ESMTP; 11 May 2018 00:55:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1526000159; bh=moT20tL2ZQYsEe0p7SYK70qIB6BJmfm8jl2CiN/JYjI=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=jydSxcGlqX3QztFtMz/9dYoeHxP3mSqX16tvcJ4hlkuw8rLJV1ob42+v8+rYbr5vB5L9LLA/IaldUfOpienhZVZWjjUJC8yMQvf66iByNzcVjESnbPUKfyfN1KhpvuFzlkDdr8GPzw7C1Qefi/KKX5+aSfgiW3ZoqSG2zk0ADHippnkddrwG5KLFhQ9cBPc2N81OKG/7eoGioys5/mdrQ6MgLAHSuMZsMQkLPoudUmnz/rzCyLFO0Qpd61DHepeYhyKMJmNvW9rLeuPqpGtkZrH2kP2qbWvJDTsQjN1lWSOfLAFrQaabdNIBHlDhJ1FyA5ucr/H+DjGHDG4hP+F2kA== X-YMail-OSG: gYYk84oVM1lFzU5NsKk8_zA.JT31UPCBYC.XpJTp6ZCqnTnmyhDaBKiOIrwQHBx CR9WX6LkCiEOYnDKvcAEb1xevVQwyyT8JFLbPUIuF_1ydRS1geJ6oP9fMGMqP6LOLCIdON5JHQPX 8AnINhwBcZw_CNFBYv68Rge06mDw1v0OZrZMAevOn54VNTVW6fRoZakuKMYMi2Aw2Z_9V3BN1TKJ sgtzcHb_dUmBTpv3JlndUiWB46pg6NR2nPRMyPXDxnHsBSkO4BbuS3UFmy0vW7anpOdk7Gy_ns07 p1LVYTdIjjjXPCmhz5dBDA.STvIuNJXjEZkuc625ACDU1VQSQ7aLG8rmqIuRSrCcSPHXi3fgSvqw zF_6VnCtMO5Hldnhy.8T0E5Zz5wJHyRICnN0FcUN5fjb_BuX5Ew6VBpvz2zRKiRvpQwkAaZl42fD y9rfaygfP459u7Cxp9xij86n9zKwL3YWoNAQ6H5jEg66QzhCaaJEdjYlFBuEXB4_UUkcEurcc0Vs AByPYGDgm88NocPY.Huq7N78A4E4vdrfqc3w_2T02k1hk8lZucR7HBG.cXsQ7kQjjpl3XYYbR.52 _uLsOJZpwi1UtMoCGl_Sw78khG3vMxfSKQn.oCg5Jk6LCVm4.JSAGqxeE9TkcBPQ8Y5N016EzKMo KFso- Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.ne1.yahoo.com with HTTP; Fri, 11 May 2018 00:55:59 +0000 Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.105]) ([67.169.65.224]) by smtp409.mail.ne1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 89646ade84d92c8784d08fcb2d48c23c; Fri, 11 May 2018 00:55:55 +0000 (UTC) To: LSM , LKLM , Paul Moore , Stephen Smalley , SE Linux , "SMACK-discuss@lists.01.org" , John Johansen , Kees Cook , Tetsuo Handa , James Morris References: <7e8702ce-2598-e0a3-31a2-bc29157fb73d@schaufler-ca.com> X-EEMSG-check-009: 444-444 From: Casey Schaufler Message-ID: Date: Thu, 10 May 2018 17:55:52 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <7e8702ce-2598-e0a3-31a2-bc29157fb73d@schaufler-ca.com> Content-Language: en-US X-Mailman-Approved-At: Fri, 11 May 2018 10:37:08 -0400 Subject: [PATCH 20/23] LSM: Move common usercopy into X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Casey Schaufler Date: Thu, 10 May 2018 15:54:25 -0700 Subject: [PATCH 20/23] LSM: Move common usercopy into security_getpeersec_stream The modules implementing hook for getpeersec_stream don't need to be duplicating the copy-to-user checks. Moving the user copy part into the infrastructure makes the security module code simpler and reduces the places where user copy code may go awry. Signed-off-by: Casey Schaufler --- include/linux/lsm_hooks.h | 10 ++++------ include/linux/security.h | 6 ++++-- security/apparmor/lsm.c | 28 ++++++++++------------------ security/security.c | 17 +++++++++++++++-- security/selinux/hooks.c | 22 +++++++--------------- security/smack/smack_lsm.c | 19 ++++++++----------- 6 files changed, 48 insertions(+), 54 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 81504623afb4..84bc9ec01931 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -841,9 +841,8 @@ * SO_GETPEERSEC. For tcp sockets this can be meaningful if the * socket is associated with an ipsec SA. * @sock is the local socket. - * @optval userspace memory where the security state is to be copied. - * @optlen userspace int where the module should copy the actual length - * of the security state. + * @optval the security state. + * @optlen the actual length of the security state. * @len as input is the maximum length to copy to userspace provided * by the caller. * Return 0 if all is well, otherwise, typical getsockopt return @@ -1674,9 +1673,8 @@ union security_list_options { int (*socket_setsockopt)(struct socket *sock, int level, int optname); int (*socket_shutdown)(struct socket *sock, int how); int (*socket_sock_rcv_skb)(struct sock *sk, struct sk_buff *skb); - int (*socket_getpeersec_stream)(struct socket *sock, - char __user *optval, - int __user *optlen, unsigned int len); + int (*socket_getpeersec_stream)(struct socket *sock, char **optval, + int *optlen, unsigned int len); int (*socket_getpeersec_dgram)(struct socket *sock, struct sk_buff *skb, struct secids *secid); diff --git a/include/linux/security.h b/include/linux/security.h index ab70064c283f..712d138e0148 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1369,8 +1369,10 @@ static inline int security_sock_rcv_skb(struct sock *sk, return 0; } -static inline int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, - int __user *optlen, unsigned len) +static inline int security_socket_getpeersec_stream(struct socket *sock, + char __user *optval, + int __user *optlen, + unsigned int len) { return -ENOPROTOOPT; } diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 90453dbb4fac..7444cfa689b3 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1017,10 +1017,8 @@ static struct aa_label *sk_peer_label(struct sock *sk) * * Note: for tcp only valid if using ipsec or cipso on lan */ -static int apparmor_socket_getpeersec_stream(struct socket *sock, - char __user *optval, - int __user *optlen, - unsigned int len) +static int apparmor_socket_getpeersec_stream(struct socket *sock, char **optval, + int *optlen, unsigned int len) { char *name; int slen, error = 0; @@ -1037,22 +1035,16 @@ static int apparmor_socket_getpeersec_stream(struct socket *sock, FLAG_SHOW_MODE | FLAG_VIEW_SUBNS | FLAG_HIDDEN_UNCONFINED, GFP_KERNEL); /* don't include terminating \0 in slen, it breaks some apps */ - if (slen < 0) { + if (slen < 0) error = -ENOMEM; - } else { - if (slen > len) { - error = -ERANGE; - } else if (copy_to_user(optval, name, slen)) { - error = -EFAULT; - goto out; - } - if (put_user(slen, optlen)) - error = -EFAULT; -out: - kfree(name); - + else if (slen > len) + error = -ERANGE; + else { + *optlen = slen; + *optval = name; } - + if (error) + kfree(name); done: end_current_label_crit_section(label); diff --git a/security/security.c b/security/security.c index cbe1a497ec5a..6144ff52d862 100644 --- a/security/security.c +++ b/security/security.c @@ -1924,8 +1924,21 @@ EXPORT_SYMBOL(security_sock_rcv_skb); int security_socket_getpeersec_stream(struct socket *sock, char __user *optval, int __user *optlen, unsigned len) { - return call_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock, - optval, optlen, len); + char *tval = NULL; + u32 tlen; + int rc; + + rc = call_int_hook(socket_getpeersec_stream, -ENOPROTOOPT, sock, + &tval, &tlen, len); + if (rc == 0) { + tlen = strlen(tval) + 1; + if (put_user(tlen, optlen)) + rc = -EFAULT; + else if (copy_to_user(optval, tval, tlen)) + rc = -EFAULT; + kfree(tval); + } + return rc; } int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 81f104d9e85e..9520341daa78 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4955,10 +4955,8 @@ static int selinux_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) return err; } -static int selinux_socket_getpeersec_stream(struct socket *sock, - __user char *optval, - __user int *optlen, - unsigned int len) +static int selinux_socket_getpeersec_stream(struct socket *sock, char **optval, + int *optlen, unsigned int len) { int err = 0; char *scontext; @@ -4979,18 +4977,12 @@ static int selinux_socket_getpeersec_stream(struct socket *sock, return err; if (scontext_len > len) { - err = -ERANGE; - goto out_len; + kfree(scontext); + return -ERANGE; } - - if (copy_to_user(optval, scontext, scontext_len)) - err = -EFAULT; - -out_len: - if (put_user(scontext_len, optlen)) - err = -EFAULT; - kfree(scontext); - return err; + *optval = scontext; + *optlen = scontext_len; + return 0; } static int selinux_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, struct secids *secid) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 660a55ee8a57..12b00aac0c94 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3878,14 +3878,12 @@ static int smack_socket_sock_rcv_skb(struct sock *sk, struct sk_buff *skb) * * returns zero on success, an error code otherwise */ -static int smack_socket_getpeersec_stream(struct socket *sock, - char __user *optval, - int __user *optlen, unsigned len) +static int smack_socket_getpeersec_stream(struct socket *sock, char **optval, + int *optlen, unsigned int len) { struct socket_smack *ssp; char *rcp = ""; int slen = 1; - int rc = 0; ssp = smack_sock(sock->sk); if (ssp->smk_packet != NULL) { @@ -3894,14 +3892,13 @@ static int smack_socket_getpeersec_stream(struct socket *sock, } if (slen > len) - rc = -ERANGE; - else if (copy_to_user(optval, rcp, slen) != 0) - rc = -EFAULT; - - if (put_user(slen, optlen) != 0) - rc = -EFAULT; + return -ERANGE; - return rc; + *optval = kstrdup(rcp, GFP_ATOMIC); + if (*optval == NULL) + return -ENOMEM; + *optlen = slen; + return 0; }