Merge tag 'hardening-v6.0-rc2' of git://git.kernel.org/pub/scm/linux/…

…kernel/git/kees/linux Pull hardening fixes from Kees Cook: - Also undef LATENT_ENTROPY_PLUGIN for per-file disabling (Andrew Donnellan) - Return EFAULT on copy_from_user() failures in LoadPin (Kees Cook) * tag 'hardening-v6.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: gcc-plugins: Undefine LATENT_ENTROPY_PLUGIN when plugin disabled for a file LoadPin: Return EFAULT on copy_from_user() failures
Uduru0522 · Aug 19, 2022 · e45c890 · e45c890
2 parents 8fd0005 + 012e8d2
commit e45c890
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 5 deletions.
diff --git a/scripts/Makefile.gcc-plugins b/scripts/Makefile.gcc-plugins
@@ -4,7 +4,7 @@ gcc-plugin-$(CONFIG_GCC_PLUGIN_LATENT_ENTROPY)	+= latent_entropy_plugin.so
 gcc-plugin-cflags-$(CONFIG_GCC_PLUGIN_LATENT_ENTROPY)		\
 		+= -DLATENT_ENTROPY_PLUGIN
 ifdef CONFIG_GCC_PLUGIN_LATENT_ENTROPY
-    DISABLE_LATENT_ENTROPY_PLUGIN += -fplugin-arg-latent_entropy_plugin-disable
+    DISABLE_LATENT_ENTROPY_PLUGIN += -fplugin-arg-latent_entropy_plugin-disable -ULATENT_ENTROPY_PLUGIN
 endif
 export DISABLE_LATENT_ENTROPY_PLUGIN
 

diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
@@ -356,13 +356,11 @@ static long dm_verity_ioctl(struct file *filp, unsigned int cmd, unsigned long a
 {
 	void __user *uarg = (void __user *)arg;
 	unsigned int fd;
-	int rc;
 
 	switch (cmd) {
 	case LOADPIN_IOC_SET_TRUSTED_VERITY_DIGESTS:
-		rc = copy_from_user(&fd, uarg, sizeof(fd));
-		if (rc)
-			return rc;
+		if (copy_from_user(&fd, uarg, sizeof(fd)))
+			return -EFAULT;
 
 		return read_trusted_verity_root_digests(fd);