aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c43
1 files changed, 15 insertions, 28 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index be6de0b8734f..e5ed07510309 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -136,32 +136,6 @@ static DEFINE_SPINLOCK(sb_security_lock);
136 136
137static struct kmem_cache *sel_inode_cache; 137static struct kmem_cache *sel_inode_cache;
138 138
139/* Return security context for a given sid or just the context
140 length if the buffer is null or length is 0 */
141static int selinux_getsecurity(u32 sid, void *buffer, size_t size)
142{
143 char *context;
144 unsigned len;
145 int rc;
146
147 rc = security_sid_to_context(sid, &context, &len);
148 if (rc)
149 return rc;
150
151 if (!buffer || !size)
152 goto getsecurity_exit;
153
154 if (size < len) {
155 len = -ERANGE;
156 goto getsecurity_exit;
157 }
158 memcpy(buffer, context, len);
159
160getsecurity_exit:
161 kfree(context);
162 return len;
163}
164
165/** 139/**
166 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled 140 * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
167 * 141 *
@@ -2675,14 +2649,27 @@ static int selinux_inode_removexattr (struct dentry *dentry, char *name)
2675 * 2649 *
2676 * Permission check is handled by selinux_inode_getxattr hook. 2650 * Permission check is handled by selinux_inode_getxattr hook.
2677 */ 2651 */
2678static int selinux_inode_getsecurity(const struct inode *inode, const char *name, void *buffer, size_t size, int err) 2652static int selinux_inode_getsecurity(const struct inode *inode, const char *name, void **buffer, bool alloc)
2679{ 2653{
2654 u32 size;
2655 int error;
2656 char *context = NULL;
2680 struct inode_security_struct *isec = inode->i_security; 2657 struct inode_security_struct *isec = inode->i_security;
2681 2658
2682 if (strcmp(name, XATTR_SELINUX_SUFFIX)) 2659 if (strcmp(name, XATTR_SELINUX_SUFFIX))
2683 return -EOPNOTSUPP; 2660 return -EOPNOTSUPP;
2684 2661
2685 return selinux_getsecurity(isec->sid, buffer, size); 2662 error = security_sid_to_context(isec->sid, &context, &size);
2663 if (error)
2664 return error;
2665 error = size;
2666 if (alloc) {
2667 *buffer = context;
2668 goto out_nofree;
2669 }
2670 kfree(context);
2671out_nofree:
2672 return error;
2686} 2673}
2687 2674
2688static int selinux_inode_setsecurity(struct inode *inode, const char *name, 2675static int selinux_inode_setsecurity(struct inode *inode, const char *name,