Signed-off-by: Duan Jiong <[email protected]>
---
security/selinux/xfrm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index 425b9f9..5c809c1 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -268,10 +268,10 @@ int selinux_xfrm_policy_clone(struct xfrm_sec_ctx *old_ctx,
if (!old_ctx)
return 0;
- new_ctx = kmalloc(sizeof(*old_ctx) + old_ctx->ctx_len, GFP_ATOMIC);
+ new_ctx = kmemdup(old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len,
+ GFP_ATOMIC);
if (!new_ctx)
return -ENOMEM;
- memcpy(new_ctx, old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len);
atomic_inc(&selinux_xfrm_refcount);
*new_ctxp = new_ctx;
--
1.8.3.1
On Thursday, September 26, 2013 10:47:52 AM Duan Jiong wrote:
> Signed-off-by: Duan Jiong <[email protected]>
> ---
> security/selinux/xfrm.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
FYI: SELinux patches should be sent to the SELinux mailing list (I added it to
the CC list). You can also CC the LSM list if you like, but they *need* to be
sent to the SELinux list in the future.
I did some minor whitespace/alignment fixup and merged your patch; it is
queued up for 3.13.
* git://git.infradead.org/users/pcmoore/selinux
> diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
> index 425b9f9..5c809c1 100644
> --- a/security/selinux/xfrm.c
> +++ b/security/selinux/xfrm.c
> @@ -268,10 +268,10 @@ int selinux_xfrm_policy_clone(struct xfrm_sec_ctx
> *old_ctx, if (!old_ctx)
> return 0;
>
> - new_ctx = kmalloc(sizeof(*old_ctx) + old_ctx->ctx_len, GFP_ATOMIC);
> + new_ctx = kmemdup(old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len,
> + GFP_ATOMIC);
> if (!new_ctx)
> return -ENOMEM;
> - memcpy(new_ctx, old_ctx, sizeof(*old_ctx) + old_ctx->ctx_len);
> atomic_inc(&selinux_xfrm_refcount);
> *new_ctxp = new_ctx;
--
paul moore
http://www.paul-moore.com