• Davi Arnaut's avatar
    [PATCH] Bug fixes and cleanup for the BSD Secure Levels LSM · 6bb08da4
    Davi Arnaut authored
    This patch address several issues in the current BSD Secure Levels code:
    
    o plaintext_to_sha1: Missing check for a NULL return from __get_free_page
    
    o passwd_write_file: A page is leaked if the password is wrong.
    
    o fix securityfs registration order
    
    o seclvl_init is a mess and can't properly tolerate failures, failure
      path is upside down (deldif and delf should be switched)
    
    Cleanups:
    
    o plaintext_to_sha1: Use buffers passed in
    o passwd_write_file: Use kmalloc() instead of get_zeroed_page()
    o passwd_write_file: hashedPassword comparison is just memcmp
    o s/ENOSYS/EINVAL/
    o misc
    
    (akpm: after some discussion it appears that the BSD secure levels feature
    should be scheduled for removal.  But for now, let's fix these problems up).
    Signed-off-by: default avatarDavi Arnaut <davi.arnaut@gmail.com>
    Cc: Michael Halcrow <mhalcrow@us.ibm.com>
    Cc: Chris Wright <chrisw@sous-sol.org>
    Cc: Stephen Smalley <sds@epoch.ncsc.mil>
    Cc: James Morris <jmorris@namei.org>
    Cc: Serge Hallyn <serue@us.ibm.com>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    6bb08da4
seclvl.c 17.1 KB