1 files changed, 35 insertions, 44 deletions
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c
index 785f4960e0d3..440f5c4e1e2d 100644
--- a/net/netlabel/netlabel_unlabeled.c
+++ b/net/netlabel/netlabel_unlabeled.c
@@ -55,9 +55,13 @@ static struct genl_family netlbl_unlabel_gnl_family = {
        .hdrsize = 0,
        .name = NETLBL_NLTYPE_UNLABELED_NAME,
        .version = NETLBL_PROTO_VERSION,
-        .maxattr = 0,
+        .maxattr = NLBL_UNLABEL_A_MAX,
 };
+/* NetLabel Netlink attribute policy */
+static struct nla_policy netlbl_unlabel_genl_policy[NLBL_UNLABEL_A_MAX + 1] = {
+        [NLBL_UNLABEL_A_ACPTFLG] = { .type = NLA_U8 },
+};
 /*
 * NetLabel Command Handlers
@@ -75,31 +79,18 @@ static struct genl_family netlbl_unlabel_gnl_family = {
 */
 static int netlbl_unlabel_accept(struct sk_buff *skb, struct genl_info *info)
 {
-        int ret_val;
+        int ret_val = -EINVAL;
-        struct nlattr *data = netlbl_netlink_payload_data(skb);
+        u8 value;
-        u32 value;
-        ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
-        if (ret_val != 0)
-                return ret_val;
-        if (netlbl_netlink_payload_len(skb) == NETLBL_LEN_U32) {
+        if (info->attrs[NLBL_UNLABEL_A_ACPTFLG]) {
-                value = nla_get_u32(data);
+                value = nla_get_u8(info->attrs[NLBL_UNLABEL_A_ACPTFLG]);
                if (value == 1 || value == 0) {
                        atomic_set(&netlabel_unlabel_accept_flg, value);
-                        netlbl_netlink_send_ack(info,
+                        ret_val = 0;
-                                                netlbl_unlabel_gnl_family.id,
-                                                NLBL_UNLABEL_C_ACK,
-                                                NETLBL_E_OK);
-                        return 0;
                }
        }
-        netlbl_netlink_send_ack(info,
+        return ret_val;
-                                netlbl_unlabel_gnl_family.id,
-                                NLBL_UNLABEL_C_ACK,
-                                EINVAL);
-        return -EINVAL;
 }
 /**
@@ -114,39 +105,39 @@ static int netlbl_unlabel_accept(struct sk_buff *skb, struct genl_info *info)
 */
 static int netlbl_unlabel_list(struct sk_buff *skb, struct genl_info *info)
 {
-        int ret_val = -ENOMEM;
+        int ret_val = -EINVAL;
        struct sk_buff *ans_skb;
+        void *data;
-        ans_skb = netlbl_netlink_alloc_skb(0,
+        ans_skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
-                                           GENL_HDRLEN + NETLBL_LEN_U32,
-                                           GFP_KERNEL);
        if (ans_skb == NULL)
                goto list_failure;
+        data = netlbl_netlink_hdr_put(ans_skb,
-        if (netlbl_netlink_hdr_put(ans_skb,
+                                      info->snd_pid,
-                                   info->snd_pid,
+                                      info->snd_seq,
-                                   0,
+                                      netlbl_unlabel_gnl_family.id,
-                                   netlbl_unlabel_gnl_family.id,
+                                      0,
-                                   NLBL_UNLABEL_C_LIST) == NULL)
+                                      NLBL_UNLABEL_C_LIST);
+        if (data == NULL) {
+                ret_val = -ENOMEM;
                goto list_failure;
+        }
-        ret_val = nla_put_u32(ans_skb,
+        ret_val = nla_put_u8(ans_skb,
-                              NLA_U32,
+                             NLBL_UNLABEL_A_ACPTFLG,
-                              atomic_read(&netlabel_unlabel_accept_flg));
+                             atomic_read(&netlabel_unlabel_accept_flg));
        if (ret_val != 0)
                goto list_failure;
-        ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);
+        genlmsg_end(ans_skb, data);
+        ret_val = genlmsg_unicast(ans_skb, info->snd_pid);
        if (ret_val != 0)
                goto list_failure;
        return 0;
 list_failure:
-        netlbl_netlink_send_ack(info,
+        kfree(ans_skb);
-                                netlbl_unlabel_gnl_family.id,
-                                NLBL_UNLABEL_C_ACK,
-                                -ret_val);
        return ret_val;
 }
@@ -157,7 +148,8 @@ list_failure:
 static struct genl_ops netlbl_unlabel_genl_c_accept = {
        .cmd = NLBL_UNLABEL_C_ACCEPT,
-        .flags = 0,
+        .flags = GENL_ADMIN_PERM,
+        .policy = netlbl_unlabel_genl_policy,
        .doit = netlbl_unlabel_accept,
        .dumpit = NULL,
 };
@@ -165,6 +157,7 @@ static struct genl_ops netlbl_unlabel_genl_c_accept = {
 static struct genl_ops netlbl_unlabel_genl_c_list = {
        .cmd = NLBL_UNLABEL_C_LIST,
        .flags = 0,
+        .policy = netlbl_unlabel_genl_policy,
        .doit = netlbl_unlabel_list,
        .dumpit = NULL,
 };
@@ -218,10 +211,8 @@ int netlbl_unlabel_genl_init(void)
 */
 int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr)
 {
-        if (atomic_read(&netlabel_unlabel_accept_flg) == 1) {
+        if (atomic_read(&netlabel_unlabel_accept_flg) == 1)
-                memset(secattr, 0, sizeof(*secattr));
+                return netlbl_secattr_init(secattr);
-                return 0;
-        }
        return -ENOMSG;
 }

diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 785f4960e0d3..440f5c4e1e2d 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c
@@ -55,9 +55,13 @@ static struct genl_family netlbl_unlabel_gnl_family = {
55	.hdrsize = 0,	55	.hdrsize = 0,
56	.name = NETLBL_NLTYPE_UNLABELED_NAME,	56	.name = NETLBL_NLTYPE_UNLABELED_NAME,
57	.version = NETLBL_PROTO_VERSION,	57	.version = NETLBL_PROTO_VERSION,
58	.maxattr = 0,	58	.maxattr = NLBL_UNLABEL_A_MAX,
59	};	59	};
60		60
		61	/* NetLabel Netlink attribute policy */
		62	static struct nla_policy netlbl_unlabel_genl_policy[NLBL_UNLABEL_A_MAX + 1] = {
		63	[NLBL_UNLABEL_A_ACPTFLG] = { .type = NLA_U8 },
		64	};
61		65
62	/*	66	/*
63	* NetLabel Command Handlers	67	* NetLabel Command Handlers
@@ -75,31 +79,18 @@ static struct genl_family netlbl_unlabel_gnl_family = {
75	*/	79	*/
76	static int netlbl_unlabel_accept(struct sk_buff skb, struct genl_info info)	80	static int netlbl_unlabel_accept(struct sk_buff skb, struct genl_info info)
77	{	81	{
78	int ret_val;	82	int ret_val = -EINVAL;
79	struct nlattr *data = netlbl_netlink_payload_data(skb);	83	u8 value;
80	u32 value;
81
82	ret_val = netlbl_netlink_cap_check(skb, CAP_NET_ADMIN);
83	if (ret_val != 0)
84	return ret_val;
85		84
86	if (netlbl_netlink_payload_len(skb) == NETLBL_LEN_U32) {	85	if (info->attrs[NLBL_UNLABEL_A_ACPTFLG]) {
87	value = nla_get_u32(data);	86	value = nla_get_u8(info->attrs[NLBL_UNLABEL_A_ACPTFLG]);
88	if (value == 1 \|\| value == 0) {	87	if (value == 1 \|\| value == 0) {
89	atomic_set(&netlabel_unlabel_accept_flg, value);	88	atomic_set(&netlabel_unlabel_accept_flg, value);
90	netlbl_netlink_send_ack(info,	89	ret_val = 0;
91	netlbl_unlabel_gnl_family.id,
92	NLBL_UNLABEL_C_ACK,
93	NETLBL_E_OK);
94	return 0;
95	}	90	}
96	}	91	}
97		92
98	netlbl_netlink_send_ack(info,	93	return ret_val;
99	netlbl_unlabel_gnl_family.id,
100	NLBL_UNLABEL_C_ACK,
101	EINVAL);
102	return -EINVAL;
103	}	94	}
104		95
105	/**	96	/**
@@ -114,39 +105,39 @@ static int netlbl_unlabel_accept(struct sk_buff skb, struct genl_info info)
114	*/	105	*/
115	static int netlbl_unlabel_list(struct sk_buff skb, struct genl_info info)	106	static int netlbl_unlabel_list(struct sk_buff skb, struct genl_info info)
116	{	107	{
117	int ret_val = -ENOMEM;	108	int ret_val = -EINVAL;
118	struct sk_buff *ans_skb;	109	struct sk_buff *ans_skb;
		110	void *data;
119		111
120	ans_skb = netlbl_netlink_alloc_skb(0,	112	ans_skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
121	GENL_HDRLEN + NETLBL_LEN_U32,
122	GFP_KERNEL);
123	if (ans_skb == NULL)	113	if (ans_skb == NULL)
124	goto list_failure;	114	goto list_failure;
125		115	data = netlbl_netlink_hdr_put(ans_skb,
126	if (netlbl_netlink_hdr_put(ans_skb,	116	info->snd_pid,
127	info->snd_pid,	117	info->snd_seq,
128	0,	118	netlbl_unlabel_gnl_family.id,
129	netlbl_unlabel_gnl_family.id,	119	0,
130	NLBL_UNLABEL_C_LIST) == NULL)	120	NLBL_UNLABEL_C_LIST);
		121	if (data == NULL) {
		122	ret_val = -ENOMEM;
131	goto list_failure;	123	goto list_failure;
		124	}
132		125
133	ret_val = nla_put_u32(ans_skb,	126	ret_val = nla_put_u8(ans_skb,
134	NLA_U32,	127	NLBL_UNLABEL_A_ACPTFLG,
135	atomic_read(&netlabel_unlabel_accept_flg));	128	atomic_read(&netlabel_unlabel_accept_flg));
136	if (ret_val != 0)	129	if (ret_val != 0)
137	goto list_failure;	130	goto list_failure;
138		131
139	ret_val = netlbl_netlink_snd(ans_skb, info->snd_pid);	132	genlmsg_end(ans_skb, data);
		133
		134	ret_val = genlmsg_unicast(ans_skb, info->snd_pid);
140	if (ret_val != 0)	135	if (ret_val != 0)
141	goto list_failure;	136	goto list_failure;
142
143	return 0;	137	return 0;
144		138
145	list_failure:	139	list_failure:
146	netlbl_netlink_send_ack(info,	140	kfree(ans_skb);
147	netlbl_unlabel_gnl_family.id,
148	NLBL_UNLABEL_C_ACK,
149	-ret_val);
150	return ret_val;	141	return ret_val;
151	}	142	}
152		143
@@ -157,7 +148,8 @@ list_failure:
157		148
158	static struct genl_ops netlbl_unlabel_genl_c_accept = {	149	static struct genl_ops netlbl_unlabel_genl_c_accept = {
159	.cmd = NLBL_UNLABEL_C_ACCEPT,	150	.cmd = NLBL_UNLABEL_C_ACCEPT,
160	.flags = 0,	151	.flags = GENL_ADMIN_PERM,
		152	.policy = netlbl_unlabel_genl_policy,
161	.doit = netlbl_unlabel_accept,	153	.doit = netlbl_unlabel_accept,
162	.dumpit = NULL,	154	.dumpit = NULL,
163	};	155	};
@@ -165,6 +157,7 @@ static struct genl_ops netlbl_unlabel_genl_c_accept = {
165	static struct genl_ops netlbl_unlabel_genl_c_list = {	157	static struct genl_ops netlbl_unlabel_genl_c_list = {
166	.cmd = NLBL_UNLABEL_C_LIST,	158	.cmd = NLBL_UNLABEL_C_LIST,
167	.flags = 0,	159	.flags = 0,
		160	.policy = netlbl_unlabel_genl_policy,
168	.doit = netlbl_unlabel_list,	161	.doit = netlbl_unlabel_list,
169	.dumpit = NULL,	162	.dumpit = NULL,
170	};	163	};
@@ -218,10 +211,8 @@ int netlbl_unlabel_genl_init(void)
218	*/	211	*/
219	int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr)	212	int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr)
220	{	213	{
221	if (atomic_read(&netlabel_unlabel_accept_flg) == 1) {	214	if (atomic_read(&netlabel_unlabel_accept_flg) == 1)
222	memset(secattr, 0, sizeof(*secattr));	215	return netlbl_secattr_init(secattr);
223	return 0;
224	}
225		216
226	return -ENOMSG;	217	return -ENOMSG;
227	}	218	}