|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH 2/3] xen/flask: change bool_maxstr to PAGE_SIZE
When FLASK_{GET,SET}BOOL is called with a named boolean, the call to
flask_security_resolve_bool is made prior to bool_maxstr being populated
by flask_security_make_bools. This results in the maximum string length
being specified as zero, which is not useful. While it would be
possible to initialize bool_maxstr correctly prior to its use, it is
simpler to use a fixed maximum of PAGE_SIZE as is done for the other
calls to safe_copy_string_from_guest.
Signed-off-by: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
---
xen/xsm/flask/flask_op.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/xen/xsm/flask/flask_op.c b/xen/xsm/flask/flask_op.c
index 8dee021..f4f5dd1 100644
--- a/xen/xsm/flask/flask_op.c
+++ b/xen/xsm/flask/flask_op.c
@@ -55,7 +55,6 @@ static DEFINE_SPINLOCK(sel_sem);
/* global data for booleans */
static int bool_num = 0;
static int *bool_pending_values = NULL;
-static size_t bool_maxstr;
static int flask_security_make_bools(void);
extern int ss_initialized;
@@ -318,7 +317,7 @@ static int flask_security_resolve_bool(struct
xen_flask_boolean *arg)
if ( arg->bool_id != -1 )
return 0;
- name = safe_copy_string_from_guest(arg->name, arg->size, bool_maxstr);
+ name = safe_copy_string_from_guest(arg->name, arg->size, PAGE_SIZE);
if ( IS_ERR(name) )
return PTR_ERR(name);
@@ -459,7 +458,7 @@ static int flask_security_make_bools(void)
xfree(bool_pending_values);
- ret = security_get_bools(&num, NULL, &values, &bool_maxstr);
+ ret = security_get_bools(&num, NULL, &values, NULL);
if ( ret != 0 )
goto out;
--
2.1.0
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |