Re: [PATCH] Kernel: Improvement in code readability when memdup_user_nul() fails.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Serge E. Hallyn" <serge@hallyn.com>
To: Sachin Shukla <sachin.s5@samsung.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Kees Cook <keescook@chromium.org>,
	Serge Hallyn <serge@hallyn.com>, Andrey Vagin <avagin@openvz.org>,
	linux-kernel@vger.kernel.org, sachiniiitm@gmail.com,
	ravikant.s2@samsung.com, p.shailesh@samsung.com,
	ashish.kalra@samsung.com, vidushi.koul@samsung.com
Subject: Re: [PATCH] Kernel: Improvement in code readability when memdup_user_nul() fails.
Date: Fri, 11 Nov 2016 09:40:00 -0600	[thread overview]
Message-ID: <20161111154000.GA30539@mail.hallyn.com> (raw)
In-Reply-To: <1478855235-26233-1-git-send-email-sachin.s5@samsung.com>

On Fri, Nov 11, 2016 at 02:37:15PM +0530, Sachin Shukla wrote:
> From: "Sachin Shukla" <sachin.s5@samsung.com>
> 
> There is no need to call kfree() if memdup_user_nul() fails, as no memory
> was allocated and the error in the error-valued pointer should be returned.

Hi,

in general, having a common exit path is considered more readable,
more easily reviewable, than having more exit paths.  To this end,
initializing pointers to NULL and kfree()ing them at common exit
paths even when they may not have been alloc()ed yet is also often
seen as more readable.

> Signed-off-by: Sachin Shukla <sachin.s5@samsung.com>

I do appreciate the work, and I recognize these things can be subjective,
but I would say

Nacked-by: Serge Hallyn <serge@hallyn.com>

> ---
>  kernel/user_namespace.c |   25 ++++++++++++++-----------
>  1 file changed, 14 insertions(+), 11 deletions(-)
> 
> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
> index 86b7854..a0ffbf0 100644
> --- a/kernel/user_namespace.c
> +++ b/kernel/user_namespace.c
> @@ -672,28 +672,31 @@ static ssize_t map_write(struct file *file, const char __user *buf,
>  	 */
>  	mutex_lock(&userns_state_mutex);
>  
> -	ret = -EPERM;
>  	/* Only allow one successful write to the map */
> -	if (map->nr_extents != 0)
> -		goto out;
> +	if (map->nr_extents != 0) {
> +		mutex_unlock(&userns_state_mutex);
> +		return -EPERM;
> +	}
>  
>  	/*
>  	 * Adjusting namespace settings requires capabilities on the target.
>  	 */
> -	if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN))
> -		goto out;
> +	if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN)) {
> +		mutex_unlock(&userns_state_mutex);
> +		return -EPERM;
> +	}
>  
>  	/* Only allow < page size writes at the beginning of the file */
> -	ret = -EINVAL;
> -	if ((*ppos != 0) || (count >= PAGE_SIZE))
> -		goto out;
> +	if ((*ppos != 0) || (count >= PAGE_SIZE)) {
> +		mutex_unlock(&userns_state_mutex);
> +		return -EINVAL;
> +	}
>  
>  	/* Slurp in the user data */
>  	kbuf = memdup_user_nul(buf, count);
>  	if (IS_ERR(kbuf)) {
> -		ret = PTR_ERR(kbuf);
> -		kbuf = NULL;
> -		goto out;
> +		mutex_unlock(&userns_state_mutex);
> +		return PTR_ERR(kbuf);
>  	}
>  
>  	/* Parse the user data */
> -- 
> 1.7.9.5

next prev parent reply	other threads:[~2016-11-11 15:39 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-11  9:07 [PATCH] Kernel: Improvement in code readability when memdup_user_nul() fails Sachin Shukla
2016-11-11 10:02 ` Vivek Gautam
2016-11-11 15:40 ` Serge E. Hallyn [this message]
2016-11-11 16:55 ` Eric W. Biederman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161111154000.GA30539@mail.hallyn.com \
    --to=serge@hallyn.com \
    --cc=ashish.kalra@samsung.com \
    --cc=avagin@openvz.org \
    --cc=ebiederm@xmission.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=p.shailesh@samsung.com \
    --cc=ravikant.s2@samsung.com \
    --cc=sachin.s5@samsung.com \
    --cc=sachiniiitm@gmail.com \
    --cc=vidushi.koul@samsung.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.