From: Casey Schaufler <casey@schaufler-ca.com>
To: Eric Paris <eparis@redhat.com>
Cc: linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov,
netfilter-devel@vger.kernel.org, jmorris@namei.org,
sds@tycho.nsa.gov, jengelh@medozas.de, paul.moore@hp.com,
linux-security-module@vger.kernel.org, netfilter@vger.kernel.org,
mr.dash.four@googlemail.com
Subject: Re: [PATCH 4/6] security: secid_to_secctx returns len when data is NULL
Date: Mon, 27 Sep 2010 06:49:59 -0700 [thread overview]
Message-ID: <4CA0A107.3020903@schaufler-ca.com> (raw)
In-Reply-To: <20100924204538.28355.32426.stgit@paris.rdu.redhat.com>
On 9/24/2010 1:45 PM, Eric Paris wrote:
> With the (long ago) interface change to have the secid_to_secctx functions
> do the string allocation instead of having the caller do the allocation we
> lost the ability to query the security server for the length of the
> upcoming string. The SECMARK code would like to allocate a netlink skb
> with enough length to hold the string but it is just too unclean to do the
> string allocation twice or to do the allocation the first time and hold
> onto the string and slen. This patch adds the ability to call
> security_secid_to_secctx() with a NULL data pointer and it will just set
> the slen pointer.
>
> Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
For the Smack bit at least.
> ---
>
> security/selinux/ss/services.c | 11 +++++++++--
> security/smack/smack_lsm.c | 3 ++-
> 2 files changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 73508af..1d4955a 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -998,7 +998,8 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
> {
> char *scontextp;
>
> - *scontext = NULL;
> + if (scontext)
> + *scontext = NULL;
> *scontext_len = 0;
>
> if (context->len) {
> @@ -1015,6 +1016,9 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
> *scontext_len += strlen(sym_name(&policydb, SYM_TYPES, context->type - 1)) + 1;
> *scontext_len += mls_compute_context_len(context);
>
> + if (!scontext)
> + return 0;
> +
> /* Allocate space for the context; caller must free this space. */
> scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
> if (!scontextp)
> @@ -1054,7 +1058,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
> struct context *context;
> int rc = 0;
>
> - *scontext = NULL;
> + if (scontext)
> + *scontext = NULL;
> *scontext_len = 0;
>
> if (!ss_initialized) {
> @@ -1062,6 +1067,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
> char *scontextp;
>
> *scontext_len = strlen(initial_sid_to_string[sid]) + 1;
> + if (!scontext)
> + goto out;
> scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
> if (!scontextp) {
> rc = -ENOMEM;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index c448d57..b95d7b1 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3005,7 +3005,8 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
> {
> char *sp = smack_from_secid(secid);
>
> - *secdata = sp;
> + if (secdata)
> + *secdata = sp;
> *seclen = strlen(sp);
> return 0;
> }
>
>
WARNING: multiple messages have this Message-ID (diff)
From: Casey Schaufler <casey@schaufler-ca.com>
To: Eric Paris <eparis@redhat.com>
Cc: linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov,
netfilter-devel@vger.kernel.org, jmorris@namei.org,
sds@tycho.nsa.gov, jengelh@medozas.de, paul.moore@hp.com,
linux-security-module@vger.kernel.org, netfilter@vger.kernel.org,
mr.dash.four@googlemail.com
Subject: Re: [PATCH 4/6] security: secid_to_secctx returns len when data is NULL
Date: Mon, 27 Sep 2010 06:49:59 -0700 [thread overview]
Message-ID: <4CA0A107.3020903@schaufler-ca.com> (raw)
In-Reply-To: <20100924204538.28355.32426.stgit@paris.rdu.redhat.com>
On 9/24/2010 1:45 PM, Eric Paris wrote:
> With the (long ago) interface change to have the secid_to_secctx functions
> do the string allocation instead of having the caller do the allocation we
> lost the ability to query the security server for the length of the
> upcoming string. The SECMARK code would like to allocate a netlink skb
> with enough length to hold the string but it is just too unclean to do the
> string allocation twice or to do the allocation the first time and hold
> onto the string and slen. This patch adds the ability to call
> security_secid_to_secctx() with a NULL data pointer and it will just set
> the slen pointer.
>
> Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
For the Smack bit at least.
> ---
>
> security/selinux/ss/services.c | 11 +++++++++--
> security/smack/smack_lsm.c | 3 ++-
> 2 files changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 73508af..1d4955a 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -998,7 +998,8 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
> {
> char *scontextp;
>
> - *scontext = NULL;
> + if (scontext)
> + *scontext = NULL;
> *scontext_len = 0;
>
> if (context->len) {
> @@ -1015,6 +1016,9 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
> *scontext_len += strlen(sym_name(&policydb, SYM_TYPES, context->type - 1)) + 1;
> *scontext_len += mls_compute_context_len(context);
>
> + if (!scontext)
> + return 0;
> +
> /* Allocate space for the context; caller must free this space. */
> scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
> if (!scontextp)
> @@ -1054,7 +1058,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
> struct context *context;
> int rc = 0;
>
> - *scontext = NULL;
> + if (scontext)
> + *scontext = NULL;
> *scontext_len = 0;
>
> if (!ss_initialized) {
> @@ -1062,6 +1067,8 @@ static int security_sid_to_context_core(u32 sid, char **scontext,
> char *scontextp;
>
> *scontext_len = strlen(initial_sid_to_string[sid]) + 1;
> + if (!scontext)
> + goto out;
> scontextp = kmalloc(*scontext_len, GFP_ATOMIC);
> if (!scontextp) {
> rc = -ENOMEM;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index c448d57..b95d7b1 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3005,7 +3005,8 @@ static int smack_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
> {
> char *sp = smack_from_secid(secid);
>
> - *secdata = sp;
> + if (secdata)
> + *secdata = sp;
> *seclen = strlen(sp);
> return 0;
> }
>
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2010-09-27 13:49 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-24 20:45 [PATCH 1/6] secmark: do not return early if there was no error Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-24 20:45 ` [PATCH 2/6] secmark: make secmark object handling generic Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-25 8:39 ` Pablo Neira Ayuso
2010-09-27 16:47 ` Eric Paris
2010-09-27 16:47 ` Eric Paris
2010-09-24 20:45 ` [PATCH 3/6] secmark: export binary yes/no rather than kernel internal secid Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-25 8:41 ` Pablo Neira Ayuso
2010-09-27 16:44 ` Eric Paris
2010-09-27 16:44 ` Eric Paris
2010-09-27 0:50 ` James Morris
2010-09-27 0:50 ` James Morris
2010-09-27 17:01 ` Eric Paris
2010-09-27 17:01 ` Eric Paris
2010-09-27 18:29 ` Paul Moore
2010-09-27 18:29 ` Paul Moore
2010-09-27 19:25 ` Eric Paris
2010-09-27 19:25 ` Eric Paris
2010-09-27 19:45 ` Paul Moore
2010-09-27 19:45 ` Paul Moore
2010-09-27 22:48 ` Pablo Neira Ayuso
2010-09-28 0:00 ` Jan Engelhardt
2010-09-28 8:45 ` Mr Dash Four
2010-09-27 23:45 ` James Morris
2010-09-27 23:45 ` James Morris
2010-09-28 12:32 ` Casey Schaufler
2010-09-28 12:32 ` Casey Schaufler
2010-09-24 20:45 ` [PATCH 4/6] security: secid_to_secctx returns len when data is NULL Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-27 13:49 ` Casey Schaufler [this message]
2010-09-27 13:49 ` Casey Schaufler
2010-09-24 20:45 ` [PATCH 5/6] conntrack: export lsm context rather than internal secid via netlink Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-24 21:08 ` Jan Engelhardt
2010-09-27 11:01 ` Pablo Neira Ayuso
2010-09-27 16:51 ` Eric Paris
2010-09-27 16:51 ` Eric Paris
2010-09-24 20:45 ` [PATCH 6/6] secmark: export secctx, drop secmark in procfs Eric Paris
2010-09-24 20:45 ` Eric Paris
2010-09-24 21:01 ` [PATCH 1/6] secmark: do not return early if there was no error Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CA0A107.3020903@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=eparis@redhat.com \
--cc=jengelh@medozas.de \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mr.dash.four@googlemail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
--cc=paul.moore@hp.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.