selinux: improve error checking in sel_write_load()

Move our existing input sanity checking to the top of sel_write_load()
and add a check to ensure the buffer size is non-zero.

Move a local variable initialization from the declaration to before it
is used.

Minor style adjustments.

Reported-by: Sam Sun <samsun1006219@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 0619a1cbbfbe41a55dbb53021d769644978e0ada..d18581d741e8a602345ef8729a92363fa714a27f 100644 (file)
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -571,11 +571,18 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
                              size_t count, loff_t *ppos)
 
 {
-       struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info;
+       struct selinux_fs_info *fsi;
        struct selinux_load_state load_state;
        ssize_t length;
        void *data = NULL;
 
+       /* no partial writes */
+       if (*ppos)
+               return -EINVAL;
+       /* no empty policies */
+       if (!count)
+               return -EINVAL;
+
        mutex_lock(&selinux_state.policy_mutex);
 
        length = avc_has_perm(current_sid(), SECINITSID_SECURITY,
@@ -583,26 +590,22 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
        if (length)
                goto out;
 
-       /* No partial writes. */
-       length = -EINVAL;
-       if (*ppos != 0)
-               goto out;
-
-       length = -ENOMEM;
        data = vmalloc(count);
-       if (!data)
+       if (!data) {
+               length = -ENOMEM;
                goto out;
-
-       length = -EFAULT;
-       if (copy_from_user(data, buf, count) != 0)
+       }
+       if (copy_from_user(data, buf, count) != 0) {
+               length = -EFAULT;
                goto out;
+       }
 
        length = security_load_policy(data, count, &load_state);
        if (length) {
                pr_warn_ratelimited("SELinux: failed to load policy\n");
                goto out;
        }
-
+       fsi = file_inode(file)->i_sb->s_fs_info;
        length = sel_make_policy_nodes(fsi, load_state.policy);
        if (length) {
                pr_warn_ratelimited("SELinux: failed to initialize selinuxfs\n");
@@ -611,13 +614,12 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
        }
 
        selinux_policy_commit(&load_state);
-
        length = count;
-
        audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
                "auid=%u ses=%u lsm=selinux res=1",
                from_kuid(&init_user_ns, audit_get_loginuid(current)),
                audit_get_sessionid(current));
+
 out:
        mutex_unlock(&selinux_state.policy_mutex);
        vfree(data);