UBUNTU: SAUCE: LSM: Use lsmcontext in security_secid_to_secctx

[mirror_ubuntu-jammy-kernel.git] / net / netfilter / nfnetlink_queue.c

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 3603bd938b74fbfaeb1967e4df971bf84df0613e..4490bcb2a8b65b40ef3cc7114186a0b853824a9a 100644 (file)
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -306,6 +306,7 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata)
        u32 seclen = 0;
 #if IS_ENABLED(CONFIG_NETWORK_SECMARK)
        struct lsmblob blob;
+       struct lsmcontext context = { };
 
        if (!skb || !sk_fullsock(skb->sk))
                return 0;
@@ -317,10 +318,12 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata)
                 * blob. security_secid_to_secctx() will know which security
                 * module to use to create the secctx.  */
                lsmblob_init(&blob, skb->secmark);
-               security_secid_to_secctx(&blob, secdata, &seclen);
+               security_secid_to_secctx(&blob, &context);
+               *secdata = context.context;
        }
 
        read_unlock_bh(&skb->sk->sk_callback_lock);
+       seclen = context.len;
 #endif
        return seclen;
 }