From: "yanwei.gao" <gaoyanwei.tx@gmail.com>
To: mortonm@chromium.org
Cc: paul@paul-moore.com, linux-security-module@vger.kernel.org,
"yanwei.gao" <gaoyanwei.tx@gmail.com>
Subject: [PATCH v1] security/safesetid: fix comment and error handling
Date: Mon, 2 Mar 2026 21:40:24 -0500 [thread overview]
Message-ID: <20260303024025.37916-1-gaoyanwei.tx@gmail.com> (raw)
- Fix comment in lsm.c: use CAP_SETGID instead of CAP_SETUID in the
GID capability check comment to match the actual logic.
- In handle_policy_update(), set err = -EINVAL and goto out_free_buf
when policy type is neither UID nor GID, so the error is returned
to the caller instead of only logging.
- In safesetid_init_securityfs(), return ret directly when
policy_dir creation fails instead of goto error (no cleanup needed
at that point).
Signed-off-by: yanwei.gao <gaoyanwei.tx@gmail.com>
---
security/safesetid/lsm.c | 2 +-
security/safesetid/securityfs.c | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
index d5fb949050dd..a7b68e65996c 100644
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
@@ -128,7 +128,7 @@ static int safesetid_security_capable(const struct cred *cred,
if (setid_policy_lookup((kid_t){.gid = cred->gid}, INVALID_ID, GID) == SIDPOL_DEFAULT)
return 0;
/*
- * Reject use of CAP_SETUID for functionality other than calling
+ * Reject use of CAP_SETGID for functionality other than calling
* set*gid() (e.g. setting up userns gid mappings).
*/
pr_warn("Operation requires CAP_SETGID, which is not available to GID %u for operations besides approved set*gid transitions\n",
diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c
index a71e548065a9..50682abd342b 100644
--- a/security/safesetid/securityfs.c
+++ b/security/safesetid/securityfs.c
@@ -224,6 +224,8 @@ static ssize_t handle_policy_update(struct file *file,
} else {
/* Error, policy type is neither UID or GID */
pr_warn("error: bad policy type");
+ err = -EINVAL;
+ goto out_free_buf;
}
err = len;
@@ -321,7 +323,7 @@ int __init safesetid_init_securityfs(void)
policy_dir = securityfs_create_dir("safesetid", NULL);
if (IS_ERR(policy_dir)) {
ret = PTR_ERR(policy_dir);
- goto error;
+ return ret;
}
uid_policy_file = securityfs_create_file("uid_allowlist_policy", 0600,
--
2.43.5
next reply other threads:[~2026-03-03 2:40 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-03 2:40 yanwei.gao [this message]
2026-03-18 20:49 ` [PATCH v1] security/safesetid: fix comment and error handling Micah Morton
2026-03-19 3:27 ` Micah Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260303024025.37916-1-gaoyanwei.tx@gmail.com \
--to=gaoyanwei.tx@gmail.com \
--cc=linux-security-module@vger.kernel.org \
--cc=mortonm@chromium.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox