From: Konstantin Khlebnikov <k.khlebnikov@samsung.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>
Subject: [PATCH 3/3] Smack: remove unneeded NULL-termination from securtity label
Date: Thu, 07 Aug 2014 20:52:49 +0400 [thread overview]
Message-ID: <20140807165249.13463.60191.stgit@buzz> (raw)
In-Reply-To: <20140807165233.13463.55258.stgit@buzz>
Values of extended attributes are stored as binary blobs. NULL-termination
of them isn't required. It just wastes disk space and confuses command-line
tools like getfattr because they have to print that zero byte at the end.
This patch removes terminating zero byte from initial security label in
smack_inode_init_security and cuts it out in function smack_inode_getsecurity
which is used by syscall getxattr. This change seems completely safe, because
function smk_parse_smack ignores everything after first zero byte.
Signed-off-by: Konstantin Khlebnikov <k.khlebnikov@samsung.com>
---
security/smack/smack_lsm.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index afa5ad0..16ae853 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -672,7 +672,7 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
}
if (len)
- *len = strlen(isp) + 1;
+ *len = strlen(isp);
return 0;
}
@@ -1076,7 +1076,7 @@ static int smack_inode_getsecurity(const struct inode *inode,
if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
isp = smk_of_inode(inode);
- ilen = strlen(isp) + 1;
+ ilen = strlen(isp);
*buffer = isp;
return ilen;
}
@@ -1101,7 +1101,7 @@ static int smack_inode_getsecurity(const struct inode *inode,
else
return -EOPNOTSUPP;
- ilen = strlen(isp) + 1;
+ ilen = strlen(isp);
if (rc == 0) {
*buffer = isp;
rc = ilen;
next prev parent reply other threads:[~2014-08-07 16:52 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-07 16:52 [PATCH 1/3] Smack: fix behavior of smack_inode_listsecurity Konstantin Khlebnikov
2014-08-07 16:52 ` [PATCH 2/3] Smack: handle zero-length security labels without panic Konstantin Khlebnikov
2014-08-08 20:25 ` Serge E. Hallyn
2014-08-08 20:48 ` Konstantin Khlebnikov
2014-08-08 20:54 ` Serge E. Hallyn
2014-08-08 21:10 ` Casey Schaufler
2014-08-08 22:05 ` Casey Schaufler
2014-08-07 16:52 ` Konstantin Khlebnikov [this message]
2014-08-08 20:51 ` [PATCH 3/3] Smack: remove unneeded NULL-termination from securtity label Serge E. Hallyn
2014-08-08 22:05 ` Casey Schaufler
2014-08-08 20:27 ` [PATCH 1/3] Smack: fix behavior of smack_inode_listsecurity Serge E. Hallyn
2014-08-08 20:29 ` Casey Schaufler
2014-08-08 22:04 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140807165249.13463.60191.stgit@buzz \
--to=k.khlebnikov@samsung.com \
--cc=casey@schaufler-ca.com \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.