30a46a4647
When proc_pid_attr_write() was changed to use memdup_user apparmor's
(interface violating) assumption that the setprocattr buffer was always
a single page was violated.
The size test is not strictly speaking needed as proc_pid_attr_write()
will reject anything larger, but for the sake of robustness we can keep
it in.
SMACK and SELinux look safe to me, but somebody else should probably
have a look just in case.
Based on original patch from Vegard Nossum <vegard.nossum@oracle.com>
modified for the case that apparmor provides null termination.
Fixes:
|
||
---|---|---|
.. | ||
include | ||
.gitignore | ||
apparmorfs.c | ||
audit.c | ||
capability.c | ||
context.c | ||
crypto.c | ||
domain.c | ||
file.c | ||
ipc.c | ||
Kconfig | ||
lib.c | ||
lsm.c | ||
Makefile | ||
match.c | ||
path.c | ||
policy.c | ||
policy_unpack.c | ||
procattr.c | ||
resource.c | ||
sid.c |