From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.1 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS, USER_AGENT_SANE_1,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D681C433E3 for ; Thu, 13 Aug 2020 14:04:23 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0D1E820771 for ; Thu, 13 Aug 2020 14:04:23 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=linux.microsoft.com header.i=@linux.microsoft.com header.b="lvoYtVAA" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726174AbgHMOEV (ORCPT ); Thu, 13 Aug 2020 10:04:21 -0400 Received: from linux.microsoft.com ([13.77.154.182]:41532 "EHLO linux.microsoft.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726106AbgHMOEU (ORCPT ); Thu, 13 Aug 2020 10:04:20 -0400 Received: from localhost.localdomain (c-73-172-233-15.hsd1.md.comcast.net [73.172.233.15]) by linux.microsoft.com (Postfix) with ESMTPSA id 034C020B4908; Thu, 13 Aug 2020 07:04:18 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 034C020B4908 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1597327459; bh=0o/tDcek5PuEa2pxXB2PA3cbNFGUQi/hGYiJ8ibqWyU=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=lvoYtVAAPFSMeYex1kEUrFn9hM+XwFoYuDCVTMJPYhLukLLadgXPk5xzPEuc/GT2+ XemgykeTtZUJFE9NNrriE2ahzsf5lRPPG/0XIQ8dkz9MF8vPAt1D6BOqJmPxoyF47P q/F2ZK8/GINbFqT1aVYsh4Lz0sgP5SftJdAF8TjQ= Subject: Re: [PATCH v2 1/4] selinux: Create function for selinuxfs directory cleanup To: Stephen Smalley Cc: SElinux list , Ondrej Mosnacek , Paul Moore , Linux FS Devel , Al Viro References: <20200812191525.1120850-1-dburgener@linux.microsoft.com> <20200812191525.1120850-2-dburgener@linux.microsoft.com> From: Daniel Burgener Message-ID: <27f58aaf-467c-f804-f6a0-d3bdab7e3c25@linux.microsoft.com> Date: Thu, 13 Aug 2020 10:04:17 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On 8/12/20 3:21 PM, Stephen Smalley wrote: > On Wed, Aug 12, 2020 at 3:15 PM Daniel Burgener > wrote: >> Separating the cleanup from the creation will simplify two things in >> future patches in this series. First, the creation can be made generic, >> to create directories not tied to the selinux_fs_info structure. Second, >> we will ultimately want to reorder creation and deletion so that the >> deletions aren't performed until the new directory structures have already >> been moved into place. >> >> Signed-off-by: Daniel Burgener >> --- >> security/selinux/selinuxfs.c | 41 ++++++++++++++++++++++++------------ >> 1 file changed, 27 insertions(+), 14 deletions(-) >> >> diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c >> index 131816878e50..fc914facb48f 100644 >> --- a/security/selinux/selinuxfs.c >> +++ b/security/selinux/selinuxfs.c >> @@ -355,6 +355,9 @@ static int sel_make_classes(struct selinux_fs_info *fsi, >> static struct dentry *sel_make_dir(struct dentry *dir, const char *name, >> unsigned long *ino); >> >> +/* declaration for sel_remove_old_policy_nodes */ >> +static void sel_remove_entries(struct dentry *de); >> + >> static ssize_t sel_read_mls(struct file *filp, char __user *buf, >> size_t count, loff_t *ppos) >> { >> @@ -509,11 +512,35 @@ static const struct file_operations sel_policy_ops = { >> .llseek = generic_file_llseek, >> }; >> >> +static void sel_remove_old_policy_nodes(struct selinux_fs_info *fsi) >> +{ >> + u32 i; >> + >> + /* bool_dir cleanup */ >> + for (i = 0; i < fsi->bool_num; i++) >> + kfree(fsi->bool_pending_names[i]); >> + kfree(fsi->bool_pending_names); >> + kfree(fsi->bool_pending_values); >> + fsi->bool_num = 0; >> + fsi->bool_pending_names = NULL; >> + fsi->bool_pending_values = NULL; >> + >> + sel_remove_entries(fsi->bool_dir); >> + >> + /* class_dir cleanup */ >> + sel_remove_entries(fsi->class_dir); >> + >> + /* policycap_dir cleanup */ >> + sel_remove_entries(fsi->policycap_dir); > This one shouldn't have its entries removed anymore. Yes, you're right.  This didn't come up in my testing because this part of the function gets removed in the fourth patch in the series anyways.  Given that most of this patch actually gets lost in the fourth patch, that's probably an indication that I should rethink having this patch in the series at all.  I'll come up with something cleaner for version 2. -Daniel