LoadPin: Return EFAULT on copy_from_user() failures

The copy_from_user() function returns the number of bytes remaining to
be copied on a failure. Such failures should return -EFAULT to high
levels.

Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 3f805f8cc23b ("LoadPin: Enable loading from trusted dm-verity devices")
Cc: Matthias Kaehlcke <mka@chromium.org>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-security-module@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>

diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
index 6ab5f2b..4452158 100644 (file)
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
@@ -356,13 +356,11 @@ static long dm_verity_ioctl(struct file *filp, unsigned int cmd, unsigned long a
 {
        void __user *uarg = (void __user *)arg;
        unsigned int fd;
-       int rc;
 
        switch (cmd) {
        case LOADPIN_IOC_SET_TRUSTED_VERITY_DIGESTS:
-               rc = copy_from_user(&fd, uarg, sizeof(fd));
-               if (rc)
-                       return rc;
+               if (copy_from_user(&fd, uarg, sizeof(fd)))
+                       return -EFAULT;
 
                return read_trusted_verity_root_digests(fd);