LoadPin: Return EFAULT on copy_from_user() failures

The copy_from_user() function returns the number of bytes remaining to be copied on a failure. Such failures should return -EFAULT to high levels. Reported-by: kernel test robot <lkp@intel.com> Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Fixes: 3f805f8cc23b ("LoadPin: Enable loading from trusted dm-verity devices") Cc: Matthias Kaehlcke <mka@chromium.org> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: linux-security-module@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org>
author: Kees Cook <keescook@chromium.org> 2022-08-16 12:14:54 -0700
committer: Kees Cook <keescook@chromium.org> 2022-08-16 12:17:18 -0700
commit: 6a3981af3fd97fec57f2c5eeca213cbf5216a3c0 (patch)
tree: 6a24427f919e17b23e9b959d78357e5884cc1119 /security
parent: 27603a606fda0806d7c08914bc976931aa42020e (diff)
download: linux-6a3981af3fd97fec57f2c5eeca213cbf5216a3c0.tar.gz
1 files changed, 2 insertions, 4 deletions
diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
index 6ab5f2bbf41f..44521582dcba 100644
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
@@ -356,13 +356,11 @@ static long dm_verity_ioctl(struct file *filp, unsigned int cmd, unsigned long a
 {
 	void __user *uarg = (void __user *)arg;
 	unsigned int fd;
-	int rc;
 
 	switch (cmd) {
 	case LOADPIN_IOC_SET_TRUSTED_VERITY_DIGESTS:
-		rc = copy_from_user(&fd, uarg, sizeof(fd));
-		if (rc)
-			return rc;
+		if (copy_from_user(&fd, uarg, sizeof(fd)))
+			return -EFAULT;
 
 		return read_trusted_verity_root_digests(fd);
author	Kees Cook <keescook@chromium.org>	2022-08-16 12:14:54 -0700
committer	Kees Cook <keescook@chromium.org>	2022-08-16 12:17:18 -0700
commit	6a3981af3fd97fec57f2c5eeca213cbf5216a3c0 (patch)
tree	6a24427f919e17b23e9b959d78357e5884cc1119 /security
parent	27603a606fda0806d7c08914bc976931aa42020e (diff)
download	linux-6a3981af3fd97fec57f2c5eeca213cbf5216a3c0.tar.gz