From: elfring@users.sourceforge.net (SF Markus Elfring)
To: linux-security-module@vger.kernel.org
Subject: selinux: Use an other error code for an input validation failure in sidtab_insert()
Date: Tue, 16 May 2017 21:57:36 +0200 [thread overview]
Message-ID: <bd7cc69d-0b1b-010a-0a07-c287d25b8d6c@users.sourceforge.net> (raw)
In-Reply-To: <CAHC9VhQY7-Ls5bX_wbna1S6PjV2Ck_1+AR5R8Pngn1tivXxCdg@mail.gmail.com>
> Have you tested this to determine any impact it may have on the
> SELinux userspace?
Not yet.
> I would agree that EINVAL is probably more appropriate in this case,
Thanks that a part of your view seems to fit also to mine.
> but changing this return code has very little value
I would appreciate if this aspect can clarified a bit more.
> and may disrupt userspace if it assumes EINVAL means something else
> when the policy load fails.
Would you find an other error code better there?
Do you care to distinguish an input validation failure in a specific
function implementation from other error situations?
Regards,
Markus
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2017-05-16 19:57 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <ca34123f-ced6-d2bc-363b-690858618827@users.sourceforge.net>
[not found] ` <68a423a9-2f89-55f9-fb4c-97dd4df4bb1d@users.sourceforge.net>
2017-03-23 20:24 ` [PATCH 01/46] selinux: Use kmalloc_array() in cond_init_bool_indexes() Paul Moore
[not found] ` <86979267-24ac-ce16-a150-43677ac78a0b@users.sourceforge.net>
2017-03-23 20:28 ` [PATCH 02/46] selinux: Delete an unnecessary return statement in cond_compute_av() Paul Moore
[not found] ` <f36c8dc9-0d90-6eee-9229-fb02d6b27708@users.sourceforge.net>
2017-03-23 20:30 ` [PATCH 03/46] selinux: Improve size determinations in four functions Paul Moore
[not found] ` <66451d7e-f9ff-1d53-e919-d237a24ca8a2@users.sourceforge.net>
2017-03-23 20:32 ` [PATCH 04/46] selinux: Use kmalloc_array() in hashtab_create() Paul Moore
[not found] ` <44727e74-99ac-b0bd-2d7b-e5928d77ea75@users.sourceforge.net>
2017-03-23 20:38 ` [PATCH 05/46] selinux: Adjust four checks for null pointers Paul Moore
[not found] ` <2c5e5708-72a3-954f-a773-e5716df174d1@users.sourceforge.net>
2017-03-23 21:15 ` [PATCH 06/46] selinux: Use kcalloc() in policydb_index() Paul Moore
[not found] ` <247c0e27-c442-3408-4f92-492629d61fbf@users.sourceforge.net>
2017-03-23 21:20 ` [PATCH 07/46] selinux: Delete unnecessary variable assignments " Paul Moore
2017-03-27 6:24 ` SF Markus Elfring
2017-03-27 18:20 ` Paul Moore
[not found] ` <1370e095-265d-9ca5-8184-b975fc75ead7@users.sourceforge.net>
2017-03-23 21:22 ` [PATCH 08/46] selinux: Delete an unnecessary return statement in policydb_destroy() Paul Moore
[not found] ` <c589a851-2bf6-c44f-1df7-11f242285a73@users.sourceforge.net>
2017-03-23 21:33 ` [PATCH 09/46] selinux: Delete an error message for a failed memory allocation in policydb_read() Paul Moore
2017-03-24 12:13 ` SF Markus Elfring
2017-03-25 15:44 ` Paul Moore
2017-03-27 5:56 ` SF Markus Elfring
2017-03-27 18:23 ` Paul Moore
[not found] ` <7fdcfc8f-affa-fcf8-adaf-dc8fd9e1b472@users.sourceforge.net>
2017-03-23 21:44 ` [PATCH 10/46] selinux: Move some assignments for the variable "rc" " Paul Moore
2017-03-24 10:09 ` SF Markus Elfring
2017-03-25 15:38 ` Paul Moore
[not found] ` <767b0ef6-2693-2de3-897f-c1989870676f@users.sourceforge.net>
2017-03-23 21:46 ` [PATCH 11/46] selinux: Return directly after a failed next_entry() in genfs_read() Paul Moore
[not found] ` <05e70901-776f-8f3c-f0f3-014a42712dc6@users.sourceforge.net>
2017-03-23 21:48 ` [PATCH 12/46] selinux: Move assignments for two pointers " Paul Moore
[not found] ` <99ebe15e-c30f-d129-82a0-a809769aa5dc@users.sourceforge.net>
2017-03-23 21:50 ` [PATCH 13/46] selinux: Move four assignments for the variable "rc" " Paul Moore
[not found] ` <202d7312-b266-ce9d-8f7a-3e8282c7b0c5@users.sourceforge.net>
2017-03-23 21:54 ` [PATCH 14/46] selinux: One function call less in genfs_read() after null pointer detection Paul Moore
[not found] ` <dbd8e89d-45a1-5785-f2dd-673389ac01a3@users.sourceforge.net>
[not found] ` <a9983d7d-e1f7-8f85-f696-107cf32160ef@schaufler-ca.com>
[not found] ` <60ed4f02-4ff8-2ef2-bcc3-ae62bc61cda9@users.sourceforge.net>
[not found] ` <55f62ee9-9e98-f5e0-67eb-fc7aa5cbe8f8@schaufler-ca.com>
2017-03-23 22:05 ` [PATCH 15/46] selinux: One check and function call less in genfs_read() after error detection Paul Moore
[not found] ` <d7e6f9c9-c6dc-5fd5-5537-85fe1617abb1@users.sourceforge.net>
2017-03-23 22:07 ` [PATCH 16/46] selinux: Move two assignments for the variable "rc" in filename_trans_read() Paul Moore
[not found] ` <71120ef7-6463-6497-f915-fcaf9e54239d@users.sourceforge.net>
2017-03-23 22:09 ` [PATCH 17/46] selinux: Delete an unnecessary variable assignment " Paul Moore
[not found] ` <358b5114-aeb3-d5fa-bcf9-239bd383d3b5@users.sourceforge.net>
2017-03-23 22:10 ` [PATCH 18/46] selinux: One function call less in filename_trans_read() after error detection Paul Moore
[not found] ` <9e75f8b7-1275-b2e6-a01c-d0c5ebac1a44@users.sourceforge.net>
2017-03-23 22:12 ` [PATCH 19/46] selinux: Return directly after a failed next_entry() in range_read() Paul Moore
[not found] ` <196aacb8-6aab-841b-3301-71da75628954@users.sourceforge.net>
2017-03-23 22:13 ` [PATCH 20/46] selinux: Move four assignments for the variable "rc" " Paul Moore
[not found] ` <1e37fe86-2e83-c1f0-f43b-69ed2fb5c7aa@users.sourceforge.net>
[not found] ` <e3fcbcbb-a1fb-ef39-268f-2e79532739b1@schaufler-ca.com>
2017-03-23 22:15 ` [PATCH 21/46] selinux: Two function calls less in range_read() after error detection Paul Moore
[not found] ` <d5af857a-d19d-265a-2378-3e98b176c5ec@users.sourceforge.net>
2017-03-23 22:18 ` [PATCH 22/46] selinux: Delete an unnecessary variable initialisation in range_read() Paul Moore
[not found] ` <668d71a5-d55c-449e-9de8-b5d70d7e11c9@users.sourceforge.net>
2017-03-23 22:18 ` [PATCH 23/46] selinux: Move an assignment for a pointer " Paul Moore
2017-03-23 22:24 ` [PATCH 00/46] SELinux: Fine-tuning for several function implementations Paul Moore
2017-03-27 5:48 ` SF Markus Elfring
2017-03-27 18:19 ` Paul Moore
[not found] ` <04142c87-5826-4796-c461-ec3e80f14928@users.sourceforge.net>
2017-03-29 13:55 ` [PATCH 24/46] selinux: Return directly after a failed kzalloc() in cat_read() Paul Moore
[not found] ` <8f253493-ae7f-ca02-a6f3-333e896eeb7d@users.sourceforge.net>
2017-03-29 13:57 ` [PATCH 25/46] selinux: Return directly after a failed kzalloc() in sens_read() Paul Moore
[not found] ` <6aec69ea-27e6-da3f-8a54-e1f12c78cc2e@users.sourceforge.net>
2017-03-29 14:52 ` [PATCH 26/46] selinux: Improve another size determination " Paul Moore
[not found] ` <6b93ee88-d4c0-b5e3-6f7e-fc74acfddd43@users.sourceforge.net>
2017-03-29 14:53 ` [PATCH 27/46] selinux: Move an assignment for the variable "rc" " Paul Moore
[not found] ` <3582dff5-b96a-dde7-2d1c-bca7ab4aeb0e@users.sourceforge.net>
2017-03-29 15:17 ` [PATCH 28/46] selinux: Return directly after a failed kzalloc() in user_read() Paul Moore
[not found] ` <3719abdd-0551-c567-31f0-94693a83d683@users.sourceforge.net>
2017-03-29 15:21 ` [PATCH 29/46] selinux: Return directly after a failed kzalloc() in type_read() Paul Moore
[not found] ` <c8d230f3-2c13-0384-3a46-343dc5ebe812@users.sourceforge.net>
2017-03-29 15:23 ` [PATCH 30/46] selinux: Return directly after a failed kzalloc() in role_read() Paul Moore
[not found] ` <6ceee0fa-a0ab-fe42-4213-f7985031ddfa@users.sourceforge.net>
2017-03-29 15:25 ` [PATCH 32/46] selinux: Return directly after a failed kzalloc() in class_read() Paul Moore
[not found] ` <d44c1a1e-fced-5dc5-f982-319d99f78b70@users.sourceforge.net>
2017-03-29 15:28 ` [PATCH 33/46] selinux: Move an assignment for the variable "rc" " Paul Moore
[not found] ` <caec05bb-b2ae-eda6-f052-32ed1d7c8c47@users.sourceforge.net>
2017-03-29 15:30 ` [PATCH 34/46] selinux: Return directly after a failed kzalloc() in common_read() Paul Moore
[not found] ` <b7648542-fcd6-6852-ddcd-0b88b842e1a8@users.sourceforge.net>
2017-03-29 15:31 ` [PATCH 35/46] selinux: Return directly after a failed kzalloc() in perm_read() Paul Moore
[not found] ` <02c3392e-3507-4d91-a8c0-6d933a034058@users.sourceforge.net>
2017-03-29 15:32 ` [PATCH 36/46] selinux: Move an assignment for the variable "rc" in mls_read_range_helper() Paul Moore
[not found] ` <9202247d-8f44-8839-cf78-453b6e3b7d1e@users.sourceforge.net>
2017-03-29 15:32 ` [PATCH 37/46] selinux: Move an assignment for the variable "rc" in policydb_load_isids() Paul Moore
[not found] ` <b71e766c-a9a2-cd9c-8f87-7aaeaaf896f0@users.sourceforge.net>
2017-03-29 15:37 ` [PATCH 38/46] selinux: One function call less in five functions after null pointer detection Paul Moore
[not found] ` <1f2cc0bf-0904-0c9d-22f2-ee851214252e@users.sourceforge.net>
2017-03-29 15:38 ` [PATCH 39/46] selinux: Move two assignments for the variable "rc" in ocontext_read() Paul Moore
[not found] ` <2c370330-a80c-9879-2013-3a99a21dc06d@users.sourceforge.net>
2017-03-29 15:40 ` [PATCH 40/46] selinux: Return directly after a failed kzalloc() in roles_init() Paul Moore
[not found] ` <aa7a9b62-1016-2e22-6104-d992d6b556bf@users.sourceforge.net>
2017-03-29 15:40 ` [PATCH 41/46] selinux: Move two assignments for the variable "rc" " Paul Moore
[not found] ` <e26b4b88-b04f-0a82-0396-8b53a80d03a9@users.sourceforge.net>
2017-03-29 15:43 ` [PATCH 42/46] selinux: One function call less in roles_init() after error detection Paul Moore
[not found] ` <9ce64f74-f424-b9c5-605b-a54982888e1a@users.sourceforge.net>
2017-03-29 15:45 ` [PATCH 43/46] selinux: Use kmalloc_array() in sidtab_init() Paul Moore
[not found] ` <e12da517-36fb-2247-e9b4-488708d6cda7@users.sourceforge.net>
2017-03-29 15:48 ` [PATCH 44/46] selinux: Adjust two checks for null pointers Paul Moore
[not found] ` <9c268e0b-a323-5f72-e445-dbf247f274d8@users.sourceforge.net>
2017-03-29 15:53 ` [PATCH 46/46] selinuxfs: Use seq_puts() in sel_avc_stats_seq_show() Paul Moore
2017-04-04 11:10 ` [PATCH 0/3] SELinux: Fine-tuning for two function implementations SF Markus Elfring
2017-04-04 11:12 ` [PATCH 1/3] selinux: Return directly after a failed memory allocation in policydb_index() SF Markus Elfring
2017-05-16 18:28 ` Paul Moore
2017-04-04 11:14 ` [PATCH 2/3] selinux: Return an error code only as a constant in sidtab_insert() SF Markus Elfring
2017-05-16 18:32 ` Paul Moore
2017-04-04 11:16 ` [PATCH 3/3] selinux: Use an other error code for an input validation failure " SF Markus Elfring
2017-05-16 18:41 ` Paul Moore
2017-05-16 19:57 ` SF Markus Elfring [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bd7cc69d-0b1b-010a-0a07-c287d25b8d6c@users.sourceforge.net \
--to=elfring@users.sourceforge.net \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).