3 files changed, 16 insertions, 4 deletions

diff --git a/include/linux/security.h b/include/linux/security.h
index d70adc394f62..b8246a8df7d2 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1285,9 +1285,13 @@ static inline void security_free_mnt_opts(struct security_mnt_opts *opts)
  *      Return 0 if permission is granted.
  *
  * @secid_to_secctx:
- *      Convert secid to security context.
+ *      Convert secid to security context.  If secdata is NULL the length of
+ *      the result will be returned in seclen, but no secdata will be returned.
+ *      This does mean that the length could change between calls to check the
+ *      length and the next call which actually allocates and returns the secdata.
  *      @secid contains the security ID.
  *      @secdata contains the pointer that stores the converted security context.
+ *      @seclen pointer which contains the length of the data
  * @secctx_to_secid:
  *      Convert security context to secid.
  *      @secid contains the pointer to the generated security ID.
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 494ff527c174..60964d79e5eb 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -991,7 +991,8 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
 {
         char *scontextp;
 
-        *scontext = NULL;
+        if (scontext)
+                *scontext = NULL;
         *scontext_len = 0;
 
         if (context->len) {
@@ -1008,6 +1009,9 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
         *scontext_len += strlen(policydb.p_type_val_to_name[context->type - 1]) + 1;
         *scontext_len += mls_compute_context_len(context);
 
+        if (!scontext)
+                return 0;
+
         /* Allocate space for the context; caller must free this space. */
         scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
         if (!scontextp)
@@ -1047,7 +1051,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
         struct context *context;
         int rc = 0;
 
-        *scontext = NULL;
+        if (scontext)
+                *scontext = NULL;
         *scontext_len  = 0;
 
         if (!ss_initialized) {
@@ -1055,6 +1060,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
                         char *scontextp;
 
                         *scontext_len = strlen(initial_sid_to_string[sid]) + 1;
+                        if (!scontext)
+                                goto out;
                         scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
                         if (!scontextp) {
                                 rc = -ENOMEM;
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 174aec44bfac..bc39f4067af6 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -3004,7 +3004,8 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
 {
         char *sp = smack_from_secid(secid);
 
-        *secdata = sp;
+        if (secdata)
+                *secdata = sp;
         *seclen = strlen(sp);
         return 0;
 }