On 2022-06-08 12:01:19, Deven Bowers wrote:
> +/**
> + * getaudit: Read handler for the securityfs node, "ipe/success_audit"
> + * @f: Supplies a file structure representing the securityfs node.
> + * @data: Supplies a buffer passed to the read syscall
> + * @len: Supplies the length of @data
> + * @offset: unused.
> + *
> + * Return:
> + * >0 - Success, Length of buffer written
> + * <0 - Error
> + */
> +static ssize_t getaudit(struct file *f, char __user *data,
> + size_t len, loff_t *offset)
> +{
> + const char *result;
> + struct ipe_context *ctx;
> +
> + ctx = ipe_current_ctx();
> +
> + rcu_read_lock();
> + result = ((READ_ONCE(ctx->success_audit)) ? "1" : "0");
> + rcu_read_unlock();
> +
> + ipe_put_ctx(ctx);
> + return simple_read_from_buffer(data, len, offset, result, 2);
While doing some internal testing, I noticed that some of the IPE files
in securityfs (ipe/audit, ipe/enforce, and ipe/policies/*/active) are
including the NULL terminator (size of 2) in the securityfs file
contents. This is not common to do and this busybox build that my test
machine is using even has some trouble when displaying those files with
cat. I see all three instances of this pattern with this command:
$ git grep simple_read_from_buffer\(.*,\ 2\) security/ipe
I think going to a length of 1 would be best.
Tyler
