summaryrefslogtreecommitdiffstats
path: root/security/smack/smack.h
diff options
context:
space:
mode:
authorAhmed S. Darwish <darwish.07@gmail.com>2008-03-13 12:32:34 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2008-03-13 13:11:43 -0700
commitb500ce8d24d1f14426643da5f6fada28c1f60533 (patch)
tree17b6084b29434a968f787e238548a843126e2ec3 /security/smack/smack.h
parent93d74463d018ddf05c169ad399e62e90e0f82fc0 (diff)
downloadlinux-b500ce8d24d1f14426643da5f6fada28c1f60533.tar.gz
linux-b500ce8d24d1f14426643da5f6fada28c1f60533.tar.bz2
linux-b500ce8d24d1f14426643da5f6fada28c1f60533.zip
smackfs: do not trust `count' in inodes write()s
Smackfs write() implementation does not put a higher bound on the number of bytes to copy from user-space. This may lead to a DOS attack if a malicious `count' field is given. Assure that given `count' is exactly the length needed for a /smack/load rule. In case of /smack/cipso where the length is relative, assure that `count' does not exceed the size needed for a buffer representing maximum possible number of CIPSO 2.2 categories. Signed-off-by: Ahmed S. Darwish <darwish.07@gmail.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/smack/smack.h')
-rw-r--r--security/smack/smack.h8
1 files changed, 0 insertions, 8 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index a21a0e907ab3..62c1e982849d 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -26,14 +26,6 @@
#define SMK_MAXLEN 23
#define SMK_LABELLEN (SMK_MAXLEN+1)
-/*
- * How many kinds of access are there?
- * Here's your answer.
- */
-#define SMK_ACCESSDASH '-'
-#define SMK_ACCESSLOW "rwxa"
-#define SMK_ACCESSKINDS (sizeof(SMK_ACCESSLOW) - 1)
-
struct superblock_smack {
char *smk_root;
char *smk_floor;