* [patch] smack: opt_dentry is never null in in smack_d_instantiate()
@ 2010-06-01 7:14 Dan Carpenter
2010-06-02 0:26 ` Casey Schaufler
2010-06-02 1:56 ` James Morris
0 siblings, 2 replies; 3+ messages in thread
From: Dan Carpenter @ 2010-06-01 7:14 UTC (permalink / raw)
To: James Morris
Cc: Casey Schaufler, David P. Quigley, David Howells, Serge Hallyn,
linux-security-module, linux-kernel, kernel-janitors
This patch removes some unneeded code for if opt_dentry is null because
that can never happen.
The function dereferences "opt_dentry" earlier when it checks
"if (opt_dentry->d_parent == opt_dentry) {". That code was added in
2008.
This function called from security_d_instantiate(). I checked all the
places which call security_d_instantiate() and dentry is always non-null.
I also checked the selinux version of this hook and there is a comment
which says that dentry should be non-null if called from
d_instantiate().
Signed-off-by: Dan Carpenter <error27@gmail.com>
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 0f2fc48..07abc9c 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2191,7 +2191,7 @@ static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
/**
* smack_d_instantiate - Make sure the blob is correct on an inode
- * @opt_dentry: unused
+ * @opt_dentry: dentry where inode will be attached
* @inode: the object
*
* Set the inode's security blob if it hasn't been done already.
@@ -2310,20 +2310,10 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
/*
* Get the dentry for xattr.
*/
- if (opt_dentry == NULL) {
- dp = d_find_alias(inode);
- if (dp == NULL)
- break;
- } else {
- dp = dget(opt_dentry);
- if (dp == NULL)
- break;
- }
-
+ dp = dget(opt_dentry);
fetched = smk_fetch(inode, dp);
if (fetched != NULL)
final = fetched;
-
dput(dp);
break;
}
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [patch] smack: opt_dentry is never null in in smack_d_instantiate()
2010-06-01 7:14 [patch] smack: opt_dentry is never null in in smack_d_instantiate() Dan Carpenter
@ 2010-06-02 0:26 ` Casey Schaufler
2010-06-02 1:56 ` James Morris
1 sibling, 0 replies; 3+ messages in thread
From: Casey Schaufler @ 2010-06-02 0:26 UTC (permalink / raw)
To: Dan Carpenter, James Morris, Casey Schaufler, David P. Quigley,
David Howells, Serge Hallyn, linux-security-module, linux-kernel,
kernel-janitors
Dan Carpenter wrote:
> This patch removes some unneeded code for if opt_dentry is null because
> that can never happen.
>
> The function dereferences "opt_dentry" earlier when it checks
> "if (opt_dentry->d_parent == opt_dentry) {". That code was added in
> 2008.
>
> This function called from security_d_instantiate(). I checked all the
> places which call security_d_instantiate() and dentry is always non-null.
> I also checked the selinux version of this hook and there is a comment
> which says that dentry should be non-null if called from
> d_instantiate().
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
I have tested the change and not had any issues. I recall struggling
with this particular bit of code, but that was long enough ago that
the circumstances evade my memory. Thank you.
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 0f2fc48..07abc9c 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -2191,7 +2191,7 @@ static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
>
> /**
> * smack_d_instantiate - Make sure the blob is correct on an inode
> - * @opt_dentry: unused
> + * @opt_dentry: dentry where inode will be attached
> * @inode: the object
> *
> * Set the inode's security blob if it hasn't been done already.
> @@ -2310,20 +2310,10 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
> /*
> * Get the dentry for xattr.
> */
> - if (opt_dentry == NULL) {
> - dp = d_find_alias(inode);
> - if (dp == NULL)
> - break;
> - } else {
> - dp = dget(opt_dentry);
> - if (dp == NULL)
> - break;
> - }
> -
> + dp = dget(opt_dentry);
> fetched = smk_fetch(inode, dp);
> if (fetched != NULL)
> final = fetched;
> -
> dput(dp);
> break;
> }
>
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [patch] smack: opt_dentry is never null in in smack_d_instantiate()
2010-06-01 7:14 [patch] smack: opt_dentry is never null in in smack_d_instantiate() Dan Carpenter
2010-06-02 0:26 ` Casey Schaufler
@ 2010-06-02 1:56 ` James Morris
1 sibling, 0 replies; 3+ messages in thread
From: James Morris @ 2010-06-02 1:56 UTC (permalink / raw)
To: Dan Carpenter
Cc: Casey Schaufler, David P. Quigley, David Howells, Serge Hallyn,
linux-security-module, linux-kernel, kernel-janitors
On Tue, 1 Jun 2010, Dan Carpenter wrote:
> This patch removes some unneeded code for if opt_dentry is null because
> that can never happen.
>
> The function dereferences "opt_dentry" earlier when it checks
> "if (opt_dentry->d_parent == opt_dentry) {". That code was added in
> 2008.
>
> This function called from security_d_instantiate(). I checked all the
> places which call security_d_instantiate() and dentry is always non-null.
> I also checked the selinux version of this hook and there is a comment
> which says that dentry should be non-null if called from
> d_instantiate().
>
> Signed-off-by: Dan Carpenter <error27@gmail.com>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-06-02 1:56 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-06-01 7:14 [patch] smack: opt_dentry is never null in in smack_d_instantiate() Dan Carpenter
2010-06-02 0:26 ` Casey Schaufler
2010-06-02 1:56 ` James Morris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox