From: Trond Myklebust <trondmy@hammerspace.com>
To: "dan.carpenter@oracle.com" <dan.carpenter@oracle.com>,
"olga.kornievskaia@gmail.com" <olga.kornievskaia@gmail.com>,
"schumaker.anna@gmail.com" <schumaker.anna@gmail.com>
Cc: "kbuild-all@lists.01.org" <kbuild-all@lists.01.org>,
"selinux@vger.kernel.org" <selinux@vger.kernel.org>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"kbuild@lists.01.org" <kbuild@lists.01.org>,
"lkp@intel.com" <lkp@intel.com>
Subject: Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock
Date: Fri, 19 Feb 2021 20:07:19 +0000 [thread overview]
Message-ID: <9fa77d94ac515e4318877607ec9e65a4eee2856c.camel@hammerspace.com> (raw)
In-Reply-To: <CAN-5tyGrDtfLBXg42XLzp2med482QWPKN_KGXwNH_SP3V5buew@mail.gmail.com>
On Fri, 2021-02-19 at 12:20 -0500, Olga Kornievskaia wrote:
> Trond/Anna,
>
> I'd like your opinion here. Some static checking flags a "ctx"
> assignment in nfs_fill_super() in the new patch. In an existing code
> there is a check for it is NULL before dereferencing. However, "ctx"
> can never be null. nfs_get_tree_common() which calls nfs_fill_super()
> and passes in "ctx" gets it from the passed in "fs_context". If the
> passed in arg can be null then we are dereferencing in var assignment
> so things would blow up there. So "ctx" can never be null.
>
> Should I create another clean up patch to remove the check for null
> ctx in nfs_fill_super() to make static analyzers happy?
>
Yes, at this point, nfs_fill_super() is only called from
nfs_get_tree_common(), which would crash and burn well before if ctx
were an invalid pointer.
So please go ahead, and remove the check for ctx being NULL in
nfs_fill_super().
--
Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust@hammerspace.com
next prev parent reply other threads:[~2021-02-19 20:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-18 19:50 [PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount Olga Kornievskaia
2021-02-18 19:50 ` [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock Olga Kornievskaia
2021-02-18 22:07 ` Casey Schaufler
2021-02-18 22:39 ` Olga Kornievskaia
2021-02-18 23:17 ` Casey Schaufler
2021-02-19 17:11 ` Olga Kornievskaia
2021-02-19 8:19 ` Dan Carpenter
2021-02-19 17:20 ` Olga Kornievskaia
2021-02-19 20:07 ` Trond Myklebust [this message]
2021-02-18 21:57 ` [PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount Casey Schaufler
2021-02-19 16:25 ` Olga Kornievskaia
2021-02-19 16:45 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9fa77d94ac515e4318877607ec9e65a4eee2856c.camel@hammerspace.com \
--to=trondmy@hammerspace.com \
--cc=dan.carpenter@oracle.com \
--cc=kbuild-all@lists.01.org \
--cc=kbuild@lists.01.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=lkp@intel.com \
--cc=olga.kornievskaia@gmail.com \
--cc=schumaker.anna@gmail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).