[PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it
@ 2012-11-27 15:28 Rafal Krypa
  2012-11-27 17:22 ` Casey Schaufler
  2013-01-09 19:16 ` Casey Schaufler
  0 siblings, 2 replies; 3+ messages in thread
From: Rafal Krypa @ 2012-11-27 15:28 UTC (permalink / raw)
  To: Casey Schaufler; +Cc: linux-security-module, linux-kernel, Rafal Krypa

Special file /smack/revoke-subject will silently accept labels that are not
present on the subject label list. Nothing has to be done for such labels,
as there are no rules for them to revoke.

Targeted for git://git.gitorious.org/smack-next/kernel.git

Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---
 security/smack/smackfs.c |    4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 76a5dca..337e32c 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -2035,10 +2035,8 @@ static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
 	}
 
 	skp = smk_find_entry(cp);
-	if (skp == NULL) {
-		rc = -EINVAL;
+	if (skp == NULL)
 		goto free_out;
-	}
 
 	rule_list = &skp->smk_rules;
 	rule_lock = &skp->smk_rules_lock;
-- 
1.7.10.4


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it
  2012-11-27 15:28 [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it Rafal Krypa
@ 2012-11-27 17:22 ` Casey Schaufler
  2013-01-09 19:16 ` Casey Schaufler
  1 sibling, 0 replies; 3+ messages in thread
From: Casey Schaufler @ 2012-11-27 17:22 UTC (permalink / raw)
  To: Rafal Krypa; +Cc: linux-security-module, linux-kernel, Casey Schaufler

On 11/27/2012 7:28 AM, Rafal Krypa wrote:
> Special file /smack/revoke-subject will silently accept labels that are not
> present on the subject label list. Nothing has to be done for such labels,
> as there are no rules for them to revoke.
>
> Targeted for git://git.gitorious.org/smack-next/kernel.git

I will queue this for 3.9 as I've just submitted the 3.8 Smack
changes.

>
> Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
> ---
>  security/smack/smackfs.c |    4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> index 76a5dca..337e32c 100644
> --- a/security/smack/smackfs.c
> +++ b/security/smack/smackfs.c
> @@ -2035,10 +2035,8 @@ static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
>  	}
>  
>  	skp = smk_find_entry(cp);
> -	if (skp == NULL) {
> -		rc = -EINVAL;
> +	if (skp == NULL)
>  		goto free_out;
> -	}
>  
>  	rule_list = &skp->smk_rules;
>  	rule_lock = &skp->smk_rules_lock;


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it
  2012-11-27 15:28 [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it Rafal Krypa
  2012-11-27 17:22 ` Casey Schaufler
@ 2013-01-09 19:16 ` Casey Schaufler
  1 sibling, 0 replies; 3+ messages in thread
From: Casey Schaufler @ 2013-01-09 19:16 UTC (permalink / raw)
  To: Rafal Krypa; +Cc: linux-security-module, linux-kernel, Casey Schaufler

On 11/27/2012 7:28 AM, Rafal Krypa wrote:
> Special file /smack/revoke-subject will silently accept labels that are not
> present on the subject label list. Nothing has to be done for such labels,
> as there are no rules for them to revoke.
>
> Targeted for git://git.gitorious.org/smack-next/kernel.git
>
> Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

Applied to git://git.gitorious.org/smack-next/kernel.git#stage-for-3.9


> ---
>  security/smack/smackfs.c |    4 +---
>  1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
> index 76a5dca..337e32c 100644
> --- a/security/smack/smackfs.c
> +++ b/security/smack/smackfs.c
> @@ -2035,10 +2035,8 @@ static ssize_t smk_write_revoke_subj(struct file *file, const char __user *buf,
>  	}
>  
>  	skp = smk_find_entry(cp);
> -	if (skp == NULL) {
> -		rc = -EINVAL;
> +	if (skp == NULL)
>  		goto free_out;
> -	}
>  
>  	rule_list = &skp->smk_rules;
>  	rule_lock = &skp->smk_rules_lock;


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2013-01-09 19:16 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-27 15:28 [PATCH] Smack: prevent revoke-subject from failing when unseen label is written to it Rafal Krypa
2012-11-27 17:22 ` Casey Schaufler
2013-01-09 19:16 ` Casey Schaufler

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox