diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-16 01:52:24 -0500 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-21 11:50:51 -0500 |
| commit | c3300aaf95fb4e5be41e731fa6427d0d996d32ac (patch) | |
| tree | 2d50bb0215464c9aa191f989b13ba398dcf6766c /security | |
| parent | 55c0e5bd078eba2d41d76fa25d5d5e55f1ff09ee (diff) | |
smack: get rid of match_token()
same issue as with selinux...
[fix by Andrei Vagin folded in]
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security')
| -rw-r--r-- | security/smack/smack_lsm.c | 56 |
1 files changed, 38 insertions, 18 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index dba7bc53d86a..d479def4d6a0 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c | |||
| @@ -59,14 +59,31 @@ static LIST_HEAD(smk_ipv6_port_list); | |||
| 59 | static struct kmem_cache *smack_inode_cache; | 59 | static struct kmem_cache *smack_inode_cache; |
| 60 | int smack_enabled; | 60 | int smack_enabled; |
| 61 | 61 | ||
| 62 | static const match_table_t smk_mount_tokens = { | 62 | #define A(s) {"smack"#s, sizeof("smack"#s) - 1, Opt_##s} |
| 63 | {Opt_fsdefault, SMK_FSDEFAULT "%s"}, | 63 | static struct { |
| 64 | {Opt_fsfloor, SMK_FSFLOOR "%s"}, | 64 | const char *name; |
| 65 | {Opt_fshat, SMK_FSHAT "%s"}, | 65 | int len; |
| 66 | {Opt_fsroot, SMK_FSROOT "%s"}, | 66 | int opt; |
| 67 | {Opt_fstransmute, SMK_FSTRANS "%s"}, | 67 | } smk_mount_opts[] = { |
| 68 | {Opt_error, NULL}, | 68 | A(fsdefault), A(fsfloor), A(fshat), A(fsroot), A(fstransmute) |
| 69 | }; | 69 | }; |
| 70 | #undef A | ||
| 71 | |||
| 72 | static int match_opt_prefix(char *s, int l, char **arg) | ||
| 73 | { | ||
| 74 | int i; | ||
| 75 | |||
| 76 | for (i = 0; i < ARRAY_SIZE(smk_mount_opts); i++) { | ||
| 77 | size_t len = smk_mount_opts[i].len; | ||
| 78 | if (len > l || memcmp(s, smk_mount_opts[i].name, len)) | ||
| 79 | continue; | ||
| 80 | if (len == l || s[len] != '=') | ||
| 81 | continue; | ||
| 82 | *arg = s + len + 1; | ||
| 83 | return smk_mount_opts[i].opt; | ||
| 84 | } | ||
| 85 | return Opt_error; | ||
| 86 | } | ||
| 70 | 87 | ||
| 71 | #ifdef CONFIG_SECURITY_SMACK_BRINGUP | 88 | #ifdef CONFIG_SECURITY_SMACK_BRINGUP |
| 72 | static char *smk_bu_mess[] = { | 89 | static char *smk_bu_mess[] = { |
| @@ -689,23 +706,23 @@ out_opt_err: | |||
| 689 | static int smack_parse_opts_str(char *options, | 706 | static int smack_parse_opts_str(char *options, |
| 690 | void **mnt_opts) | 707 | void **mnt_opts) |
| 691 | { | 708 | { |
| 692 | char *p; | 709 | char *from = options; |
| 693 | int rc = -ENOMEM; | ||
| 694 | int token; | ||
| 695 | 710 | ||
| 696 | if (!options) | 711 | if (!options) |
| 697 | return 0; | 712 | return 0; |
| 698 | 713 | ||
| 699 | while ((p = strsep(&options, ",")) != NULL) { | 714 | while (1) { |
| 700 | substring_t args[MAX_OPT_ARGS]; | 715 | char *next = strchr(from, ','); |
| 701 | const char *arg; | 716 | int token, len, rc; |
| 702 | 717 | char *arg = NULL; | |
| 703 | if (!*p) | ||
| 704 | continue; | ||
| 705 | 718 | ||
| 706 | token = match_token(p, smk_mount_tokens, args); | 719 | if (next) |
| 720 | len = next - from; | ||
| 721 | else | ||
| 722 | len = strlen(from); | ||
| 707 | 723 | ||
| 708 | arg = match_strdup(&args[0]); | 724 | token = match_opt_prefix(from, len, &arg); |
| 725 | arg = kmemdup_nul(arg, from + len - arg, GFP_KERNEL); | ||
| 709 | rc = smack_add_opt(token, arg, mnt_opts); | 726 | rc = smack_add_opt(token, arg, mnt_opts); |
| 710 | if (unlikely(rc)) { | 727 | if (unlikely(rc)) { |
| 711 | kfree(arg); | 728 | kfree(arg); |
| @@ -714,6 +731,9 @@ static int smack_parse_opts_str(char *options, | |||
| 714 | *mnt_opts = NULL; | 731 | *mnt_opts = NULL; |
| 715 | return rc; | 732 | return rc; |
| 716 | } | 733 | } |
| 734 | if (!from[len]) | ||
| 735 | break; | ||
| 736 | from += len + 1; | ||
| 717 | } | 737 | } |
| 718 | return 0; | 738 | return 0; |
| 719 | } | 739 | } |