[PATCH] apparmor: remove dead code

linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] apparmor: remove dead code
@ 2018-08-23 13:42 Gustavo A. R. Silva
  2018-08-23 18:21 ` John Johansen
  2018-08-23 18:35 ` kbuild test robot
  0 siblings, 2 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2018-08-23 13:42 UTC (permalink / raw)
  To: linux-security-module

Due to commit fb5841091f28 ("apparmor: remove no-op permission check
in policy_unpack"), there is some leftover code.

Coverity reports this issue as Structurally dead code. Fix this by
removing such code.

Addresses-Coverity-ID: 1472998 ("Structurally dead code")
Fixes: fb5841091f28 ("apparmor: remove no-op permission check in policy_unpack")
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
 security/apparmor/policy_unpack.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 3647b58..21cb384 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -422,10 +422,6 @@ static struct aa_dfa *unpack_dfa(struct aa_ext *e)
 	}
 
 	return dfa;
-
-fail:
-	aa_put_dfa(dfa);
-	return ERR_PTR(-EPROTO);
 }
 
 /**
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH] apparmor: remove dead code
  2018-08-23 13:42 [PATCH] apparmor: remove dead code Gustavo A. R. Silva
@ 2018-08-23 18:21 ` John Johansen
  2018-08-23 18:33   ` Gustavo A. R. Silva
  2018-08-23 18:35 ` kbuild test robot
  1 sibling, 1 reply; 4+ messages in thread
From: John Johansen @ 2018-08-23 18:21 UTC (permalink / raw)
  To: linux-security-module

On 08/23/2018 06:42 AM, Gustavo A. R. Silva wrote:

thank you for the patch, but a fix for this issue was pushed to apparmor-next yesterday

> Due to commit fb5841091f28 ("apparmor: remove no-op permission check
> in policy_unpack"), there is some leftover code.
> 
> Coverity reports this issue as Structurally dead code. Fix this by
> removing such code.
> 
> Addresses-Coverity-ID: 1472998 ("Structurally dead code")
> Fixes: fb5841091f28 ("apparmor: remove no-op permission check in policy_unpack")
> Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
> ---
>  security/apparmor/policy_unpack.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
> index 3647b58..21cb384 100644
> --- a/security/apparmor/policy_unpack.c
> +++ b/security/apparmor/policy_unpack.c
> @@ -422,10 +422,6 @@ static struct aa_dfa *unpack_dfa(struct aa_ext *e)
>  	}
>  
>  	return dfa;
> -
> -fail:
> -	aa_put_dfa(dfa);
> -	return ERR_PTR(-EPROTO);
>  }
>  
>  /**
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] apparmor: remove dead code
  2018-08-23 18:21 ` John Johansen
@ 2018-08-23 18:33   ` Gustavo A. R. Silva
  0 siblings, 0 replies; 4+ messages in thread
From: Gustavo A. R. Silva @ 2018-08-23 18:33 UTC (permalink / raw)
  To: linux-security-module



On 8/23/18 1:21 PM, John Johansen wrote:
> On 08/23/2018 06:42 AM, Gustavo A. R. Silva wrote:
> 
> thank you for the patch, but a fix for this issue was pushed to apparmor-next yesterday
> 

That's great. Good to know.

Thanks
--
Gustavo

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] apparmor: remove dead code
  2018-08-23 13:42 [PATCH] apparmor: remove dead code Gustavo A. R. Silva
  2018-08-23 18:21 ` John Johansen
@ 2018-08-23 18:35 ` kbuild test robot
  1 sibling, 0 replies; 4+ messages in thread
From: kbuild test robot @ 2018-08-23 18:35 UTC (permalink / raw)
  To: linux-security-module

Hi Gustavo,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on security/next]
[also build test ERROR on v4.18 next-20180822]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Gustavo-A-R-Silva/apparmor-remove-dead-code/20180824-005627
base:   https://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next
config: i386-randconfig-x079-201833 (attached as .config)
compiler: gcc-7 (Debian 7.3.0-16) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=i386 

All errors (new ones prefixed by >>):

   security//apparmor/policy_unpack.c: In function 'unpack_dfa':
>> security//apparmor/policy_unpack.c:445:4: error: label 'fail' used but not defined
       goto fail;
       ^~~~

vim +/fail +445 security//apparmor/policy_unpack.c

736ec752d John Johansen 2010-07-29  414  
736ec752d John Johansen 2010-07-29  415  /**
736ec752d John Johansen 2010-07-29  416   * unpack_dfa - unpack a file rule dfa
736ec752d John Johansen 2010-07-29  417   * @e: serialized data extent information (NOT NULL)
736ec752d John Johansen 2010-07-29  418   *
736ec752d John Johansen 2010-07-29  419   * returns dfa or ERR_PTR or NULL if no dfa
736ec752d John Johansen 2010-07-29  420   */
736ec752d John Johansen 2010-07-29  421  static struct aa_dfa *unpack_dfa(struct aa_ext *e)
736ec752d John Johansen 2010-07-29  422  {
736ec752d John Johansen 2010-07-29  423  	char *blob = NULL;
736ec752d John Johansen 2010-07-29  424  	size_t size;
736ec752d John Johansen 2010-07-29  425  	struct aa_dfa *dfa = NULL;
736ec752d John Johansen 2010-07-29  426  
736ec752d John Johansen 2010-07-29  427  	size = unpack_blob(e, &blob, "aadfa");
736ec752d John Johansen 2010-07-29  428  	if (size) {
736ec752d John Johansen 2010-07-29  429  		/*
736ec752d John Johansen 2010-07-29  430  		 * The dfa is aligned with in the blob to 8 bytes
736ec752d John Johansen 2010-07-29  431  		 * from the beginning of the stream.
dd51c8485 John Johansen 2013-07-10  432  		 * alignment adjust needed by dfa unpack
736ec752d John Johansen 2010-07-29  433  		 */
dd51c8485 John Johansen 2013-07-10  434  		size_t sz = blob - (char *) e->start -
dd51c8485 John Johansen 2013-07-10  435  			((e->pos - e->start) & 7);
736ec752d John Johansen 2010-07-29  436  		size_t pad = ALIGN(sz, 8) - sz;
736ec752d John Johansen 2010-07-29  437  		int flags = TO_ACCEPT1_FLAG(YYTD_DATA32) |
abbf87340 John Johansen 2017-01-16  438  			TO_ACCEPT2_FLAG(YYTD_DATA32) | DFA_FLAG_VERIFY_STATES;
736ec752d John Johansen 2010-07-29  439  		dfa = aa_dfa_unpack(blob + pad, size - pad, flags);
736ec752d John Johansen 2010-07-29  440  
736ec752d John Johansen 2010-07-29  441  		if (IS_ERR(dfa))
736ec752d John Johansen 2010-07-29  442  			return dfa;
736ec752d John Johansen 2010-07-29  443  
736ec752d John Johansen 2010-07-29  444  		if (!verify_accept(dfa, flags))
736ec752d John Johansen 2010-07-29 @445  			goto fail;
736ec752d John Johansen 2010-07-29  446  	}
736ec752d John Johansen 2010-07-29  447  
736ec752d John Johansen 2010-07-29  448  	return dfa;
736ec752d John Johansen 2010-07-29  449  }
736ec752d John Johansen 2010-07-29  450  

:::::: The code at line 445 was first introduced by commit
:::::: 736ec752d95e91e77cc0e8c97c057ab076ac2f51 AppArmor: policy routines for loading and unpacking policy

:::::: TO: John Johansen <john.johansen@canonical.com>
:::::: CC: James Morris <jmorris@namei.org>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2018-08-23 18:35 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-23 13:42 [PATCH] apparmor: remove dead code Gustavo A. R. Silva
2018-08-23 18:21 ` John Johansen
2018-08-23 18:33   ` Gustavo A. R. Silva
2018-08-23 18:35 ` kbuild test robot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).