We should return -EINVAL if the user specifies LSM_FLAG_SINGLE without supplying a valid lsm_ctx struct buffer. Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> --- security/security.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/security.c b/security/security.c index 9c63acded4ee..67ded406a5ea 100644 --- a/security/security.c +++ b/security/security.c @@ -3923,9 +3923,9 @@ int security_getselfattr(unsigned int attr, struct lsm_ctx __user *uctx, /* * Only flag supported is LSM_FLAG_SINGLE */ - if (flags != LSM_FLAG_SINGLE) + if (flags != LSM_FLAG_SINGLE || !uctx) return -EINVAL; - if (uctx && copy_from_user(&lctx, uctx, sizeof(lctx))) + if (copy_from_user(&lctx, uctx, sizeof(lctx))) return -EFAULT; /* * If the LSM ID isn't specified it is an error. -- 2.42.0
