selinux: make more use of str_read() when loading the policy

Simplify the call sites, and enable future string validation in a single place. Signed-off-by: Christian Göttsche <[email protected]> [PM: subject tweak] Signed-off-by: Paul Moore <[email protected]>
author: Christian Göttsche <[email protected]> 2024-12-16 16:40:07 +0000
committer: Paul Moore <[email protected]> 2025-01-08 04:14:40 +0000
commit: 01c2253a0fbdccb58cd79d4ff9ab39964bfb4474 (patch)
tree: 24cd624adbbbee8ecad185613a68ab458ec9b14d /security/selinux/ss/conditional.c
parent: selinux: avoid unnecessary indirection in struct level_datum (diff)
download: kernel-01c2253a0fbdccb58cd79d4ff9ab39964bfb4474.tar.gz
kernel-01c2253a0fbdccb58cd79d4ff9ab39964bfb4474.zip
1 files changed, 2 insertions, 8 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index d8dcaf2ca88f..1bebfcb9c6a1 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -230,17 +230,11 @@ int cond_read_bool(struct policydb *p, struct symtab *s, struct policy_file *fp)
 		goto err;
 
 	len = le32_to_cpu(buf[2]);
-	if (((len == 0) || (len == (u32)-1)))
-		goto err;
 
-	rc = -ENOMEM;
-	key = kmalloc(len + 1, GFP_KERNEL);
-	if (!key)
-		goto err;
-	rc = next_entry(key, fp, len);
+	rc = str_read(&key, GFP_KERNEL, fp, len);
 	if (rc)
 		goto err;
-	key[len] = '\0';
+
 	rc = symtab_insert(s, key, booldatum);
 	if (rc)
 		goto err;
author	Christian Göttsche <[email protected]>	2024-12-16 16:40:07 +0000
committer	Paul Moore <[email protected]>	2025-01-08 04:14:40 +0000
commit	01c2253a0fbdccb58cd79d4ff9ab39964bfb4474 (patch)
tree	24cd624adbbbee8ecad185613a68ab458ec9b14d /security/selinux/ss/conditional.c
parent	selinux: avoid unnecessary indirection in struct level_datum (diff)
download	kernel-01c2253a0fbdccb58cd79d4ff9ab39964bfb4474.tar.gz kernel-01c2253a0fbdccb58cd79d4ff9ab39964bfb4474.zip