Smack: handle zero-length security labels without panic

Zero-length security labels are invalid but kernel should handle them.

This patch fixes kernel panic after setting zero-length security labels:
# attr -S -s "SMACK64" -V "" file

And after writing zero-length string into smackfs files syslog and onlycp:
# python -c 'import os; os.write(1, "")' > /smack/syslog

The problem is caused by brain-damaged logic in function smk_parse_smack()
which takes pointer to buffer and its length but if length below or equal zero
it thinks that the buffer is zero-terminated. Unfortunately callers of this
function are widely used and proper fix requires serious refactoring.

Signed-off-by: Konstantin Khlebnikov <k.khlebnikov@samsung.com>

1 files changed, 1 insertions, 1 deletions

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index b11ab23b328b..afa5ad0e7f72 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -923,7 +923,7 @@ static int smack_inode_setxattr(struct dentry *dentry, const char *name,
                 rc = -EPERM;
 
         if (rc == 0 && check_import) {
-                skp = smk_import_entry(value, size);
+                skp = size ? smk_import_entry(value, size) : NULL;
                 if (skp == NULL || (check_star &&
                     (skp == &smack_known_star || skp == &smack_known_web)))
                         rc = -EINVAL;