diff options
author | Ondrej Mosnacek <omosnace@redhat.com> | 2021-05-12 17:32:10 +0300 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2021-05-14 23:38:19 +0300 |
commit | 869cbeef18e5c4370157e733b947d44f37441ea9 (patch) | |
tree | fb5bed2397fc5a90fdd06d6ae4c182b6b7f0afa1 | |
parent | fd781f459b60522f9fbfa1e125f122cf86d4a45b (diff) | |
download | linux-869cbeef18e5c4370157e733b947d44f37441ea9.tar.xz |
lsm_audit,selinux: pass IB device name by reference
While trying to address a Coverity warning that the dev_name string
might end up unterminated when strcpy'ing it in
selinux_ib_endport_manage_subnet(), I realized that it is possible (and
simpler) to just pass the dev_name pointer directly, rather than copying
the string to a buffer.
The ibendport variable goes out of scope at the end of the function
anyway, so the lifetime of the dev_name pointer will never be shorter
than that of ibendport, thus we can safely just pass the dev_name
pointer and be done with it.
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Acked-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r-- | include/linux/lsm_audit.h | 8 | ||||
-rw-r--r-- | security/selinux/hooks.c | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/include/linux/lsm_audit.h b/include/linux/lsm_audit.h index cd23355d2271..17d02eda9538 100644 --- a/include/linux/lsm_audit.h +++ b/include/linux/lsm_audit.h @@ -48,13 +48,13 @@ struct lsm_ioctlop_audit { }; struct lsm_ibpkey_audit { - u64 subnet_prefix; - u16 pkey; + u64 subnet_prefix; + u16 pkey; }; struct lsm_ibendport_audit { - char dev_name[IB_DEVICE_NAME_MAX]; - u8 port; + const char *dev_name; + u8 port; }; /* Auxiliary data to use in generating the audit record. */ diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index eaea837d89d1..fc6a3ab7e179 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6850,7 +6850,7 @@ static int selinux_ib_endport_manage_subnet(void *ib_sec, const char *dev_name, return err; ad.type = LSM_AUDIT_DATA_IBENDPORT; - strncpy(ibendport.dev_name, dev_name, sizeof(ibendport.dev_name)); + ibendport.dev_name = dev_name; ibendport.port = port_num; ad.u.ibendport = &ibendport; return avc_has_perm(&selinux_state, |