[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] xen/flask: change bool_maxstr to PAGE_SIZE

commit 50daa79c58af69cc0ce8a92f46f829003f11727d
Author:     Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
AuthorDate: Tue May 26 14:13:28 2015 -0400
Commit:     Ian Campbell <ian.campbell@xxxxxxxxxx>
CommitDate: Wed Jun 3 11:12:01 2015 +0100

    xen/flask: change bool_maxstr to PAGE_SIZE
    
    When FLASK_{GET,SET}BOOL is called with a named boolean, the call to
    flask_security_resolve_bool is made prior to bool_maxstr being populated
    by flask_security_make_bools.  This results in the maximum string length
    being specified as zero, which is not useful.  While it would be
    possible to initialize bool_maxstr correctly prior to its use, it is
    simpler to use a fixed maximum of PAGE_SIZE as is done for the other
    calls to safe_copy_string_from_guest.
    
    Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
    Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
---
 xen/xsm/flask/flask_op.c |    5 ++---
 1 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
index 8dee021..f4f5dd1 100644
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -55,7 +55,6 @@ static DEFINE_SPINLOCK(sel_sem);
 /* global data for booleans */
 static int bool_num = 0;
 static int *bool_pending_values = NULL;
-static size_t bool_maxstr;
 static int flask_security_make_bools(void);
 
 extern int ss_initialized;
@@ -318,7 +317,7 @@ static int flask_security_resolve_bool(struct 
xen_flask_boolean *arg)
     if ( arg->bool_id != -1 )
         return 0;
 
-    name = safe_copy_string_from_guest(arg->name, arg->size, bool_maxstr);
+    name = safe_copy_string_from_guest(arg->name, arg->size, PAGE_SIZE);
     if ( IS_ERR(name) )
         return PTR_ERR(name);
 
@@ -459,7 +458,7 @@ static int flask_security_make_bools(void)
     
     xfree(bool_pending_values);
     
-    ret = security_get_bools(&num, NULL, &values, &bool_maxstr);
+    ret = security_get_bools(&num, NULL, &values, NULL);
     if ( ret != 0 )
         goto out;
 
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.