From 9ba8802c8b66fbde2ee32ab4c44cd418f9444486 Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Wed, 1 Nov 2023 18:42:12 -0400 Subject: [PATCH] lsm: convert security_setselfattr() to use memdup_user() As suggested by the kernel test robot, memdup_user() is a better option than the combo of kmalloc()/copy_from_user(). Reported-by: kernel test robot Closes: https://lore.kernel.org/oe-kbuild-all/202310270805.2ArE52i5-lkp@intel.com/ Acked-by: Casey Schaufler Signed-off-by: Paul Moore --- security/security.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/security/security.c b/security/security.c index a808fd5eba6d..d7b15ea67c3f 100644 --- a/security/security.c +++ b/security/security.c @@ -4011,14 +4011,9 @@ int security_setselfattr(unsigned int attr, struct lsm_ctx __user *uctx, if (size > PAGE_SIZE) return -E2BIG; - lctx = kmalloc(size, GFP_KERNEL); - if (lctx == NULL) - return -ENOMEM; - - if (copy_from_user(lctx, uctx, size)) { - rc = -EFAULT; - goto free_out; - } + lctx = memdup_user(uctx, size); + if (IS_ERR(lctx)) + return PTR_ERR(lctx); if (size < lctx->len || size < lctx->ctx_len + sizeof(*lctx) || lctx->len < lctx->ctx_len + sizeof(*lctx)) {