selinux: improve error checking in sel_write_load()

[ Upstream commit 42c773238037c90b3302bf37a57ae3b5c3f6004a ]

Move our existing input sanity checking to the top of sel_write_load()
and add a check to ensure the buffer size is non-zero.

Move a local variable initialization from the declaration to before it
is used.

Minor style adjustments.

Reported-by: Sam Sun <samsun1006219@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
[cascardo: keep fsi initialization at its declaration point as it is used earlier]
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@igalia.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index d893c2280f595e084cab2089593cd1410eb8b167..7415f49a3d81eb3ca1d75fb3c18f2e8d8069915d 100644 (file)
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -620,6 +620,13 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
        ssize_t length;
        void *data = NULL;
 
+       /* no partial writes */
+       if (*ppos)
+               return -EINVAL;
+       /* no empty policies */
+       if (!count)
+               return -EINVAL;
+
        mutex_lock(&fsi->state->policy_mutex);
 
        length = avc_has_perm(&selinux_state,
@@ -628,26 +635,21 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
        if (length)
                goto out;
 
-       /* No partial writes. */
-       length = -EINVAL;
-       if (*ppos != 0)
-               goto out;
-
-       length = -ENOMEM;
        data = vmalloc(count);
-       if (!data)
+       if (!data) {
+               length = -ENOMEM;
                goto out;
-
-       length = -EFAULT;
-       if (copy_from_user(data, buf, count) != 0)
+       }
+       if (copy_from_user(data, buf, count) != 0) {
+               length = -EFAULT;
                goto out;
+       }
 
        length = security_load_policy(fsi->state, data, count, &load_state);
        if (length) {
                pr_warn_ratelimited("SELinux: failed to load policy\n");
                goto out;
        }
-
        length = sel_make_policy_nodes(fsi, load_state.policy);
        if (length) {
                selinux_policy_cancel(fsi->state, &load_state);
@@ -655,13 +657,12 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
        }
 
        selinux_policy_commit(fsi->state, &load_state);
-
        length = count;
-
        audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_POLICY_LOAD,
                "auid=%u ses=%u lsm=selinux res=1",
                from_kuid(&init_user_ns, audit_get_loginuid(current)),
                audit_get_sessionid(current));
+
 out:
        mutex_unlock(&fsi->state->policy_mutex);
        vfree(data);