From: Dan Carpenter <dan.carpenter@linaro.org>
To: "Mickaël Salaün" <mic@digikod.net>
Cc: linux-security-module@vger.kernel.org
Subject: [bug report] landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status
Date: Wed, 12 Mar 2025 11:33:29 +0300 [thread overview]
Message-ID: <2425110b-b5ca-4b33-bf75-e6fca0b0de63@stanley.mountain> (raw)
Hello Mickaël Salaün,
Commit 96cc6f48a8e4 ("landlock: Add AUDIT_LANDLOCK_DOMAIN and log
domain status") from Mar 8, 2025 (linux-next), leads to the following
Smatch static checker warning:
security/landlock/domain.c:66 get_current_exe()
warn: 'size' unsigned <= 0
security/landlock/domain.c
39 static const void *get_current_exe(const char **const exe_str,
40 size_t *const exe_size)
41 {
42 const size_t buffer_size = LANDLOCK_PATH_MAX_SIZE;
43 struct mm_struct *mm = current->mm;
44 struct file *file __free(fput) = NULL;
45 char *buffer __free(kfree) = NULL;
46 const char *exe;
47 size_t size;
48
49 if (!mm)
50 return NULL;
51
52 file = get_mm_exe_file(mm);
53 if (!file)
54 return NULL;
55
56 buffer = kmalloc(buffer_size, GFP_KERNEL);
57 if (!buffer)
58 return ERR_PTR(-ENOMEM);
59
60 exe = d_path(&file->f_path, buffer, buffer_size);
61 if (WARN_ON_ONCE(IS_ERR(exe)))
62 /* Should never happen according to LANDLOCK_PATH_MAX_SIZE. */
63 return ERR_CAST(exe);
64
65 size = buffer + buffer_size - exe;
d_path() takes a buffer and returns exe which is a pointer to the
somewhere in the middle of buffer.
--> 66 if (WARN_ON_ONCE(size <= 0))
So size can't be negative. And also size is declared as unsigned so it
can't be negative for that reason either.
67 return ERR_PTR(-ENAMETOOLONG);
68
69 *exe_size = size;
70 *exe_str = exe;
71 return no_free_ptr(buffer);
72 }
regards,
dan carpenter
next reply other threads:[~2025-03-12 8:33 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-12 8:33 Dan Carpenter [this message]
2025-03-12 10:50 ` [bug report] landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status Mickaël Salaün
2025-03-12 11:32 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2425110b-b5ca-4b33-bf75-e6fca0b0de63@stanley.mountain \
--to=dan.carpenter@linaro.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox