From: Ben Hutchings <ben@decadent.org.uk>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: akpm@linux-foundation.org, "Paul Moore" <pmoore@redhat.com>,
"Tim Gardner" <tim.gardner@canonical.com>,
"Eric Paris" <eparis@parisplace.org>,
"Stephen Smalley" <sds@tycho.nsa.gov>,
"James Morris" <james.l.morris@oracle.com>
Subject: [PATCH 3.2 017/104] SELinux: security_load_policy: Silence frame-larger-than warning
Date: Mon, 12 Mar 2018 03:03:34 +0000 [thread overview]
Message-ID: <lsq.1520823814.464390522@decadent.org.uk> (raw)
In-Reply-To: <lsq.1520823814.606620518@decadent.org.uk>
3.2.101-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Tim Gardner <tim.gardner@canonical.com>
commit b5495b4217d3fa64deac479db83dbede149af7d8 upstream.
Dynamically allocate a couple of the larger stack variables in order to
reduce the stack footprint below 1024. gcc-4.8
security/selinux/ss/services.c: In function 'security_load_policy':
security/selinux/ss/services.c:1964:1: warning: the frame size of 1104 bytes is larger than 1024 bytes [-Wframe-larger-than=]
}
Also silence a couple of checkpatch warnings at the same time.
WARNING: sizeof policydb should be sizeof(policydb)
+ memcpy(oldpolicydb, &policydb, sizeof policydb);
WARNING: sizeof policydb should be sizeof(policydb)
+ memcpy(&policydb, newpolicydb, sizeof policydb);
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: James Morris <james.l.morris@oracle.com>
Cc: Eric Paris <eparis@parisplace.org>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
security/selinux/ss/services.c | 54 +++++++++++++++++++++++++-----------------
1 file changed, 32 insertions(+), 22 deletions(-)
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1806,7 +1806,7 @@ static int security_preserve_bools(struc
*/
int security_load_policy(void *data, size_t len)
{
- struct policydb oldpolicydb, newpolicydb;
+ struct policydb *oldpolicydb, *newpolicydb;
struct sidtab oldsidtab, newsidtab;
struct selinux_mapping *oldmap, *map = NULL;
struct convert_context_args args;
@@ -1815,12 +1815,19 @@ int security_load_policy(void *data, siz
int rc = 0;
struct policy_file file = { data, len }, *fp = &file;
+ oldpolicydb = kzalloc(2 * sizeof(*oldpolicydb), GFP_KERNEL);
+ if (!oldpolicydb) {
+ rc = -ENOMEM;
+ goto out;
+ }
+ newpolicydb = oldpolicydb + 1;
+
if (!ss_initialized) {
avtab_cache_init();
rc = policydb_read(&policydb, fp);
if (rc) {
avtab_cache_destroy();
- return rc;
+ goto out;
}
policydb.len = len;
@@ -1830,14 +1837,14 @@ int security_load_policy(void *data, siz
if (rc) {
policydb_destroy(&policydb);
avtab_cache_destroy();
- return rc;
+ goto out;
}
rc = policydb_load_isids(&policydb, &sidtab);
if (rc) {
policydb_destroy(&policydb);
avtab_cache_destroy();
- return rc;
+ goto out;
}
security_load_policycaps();
@@ -1849,36 +1856,36 @@ int security_load_policy(void *data, siz
selinux_status_update_policyload(seqno);
selinux_netlbl_cache_invalidate();
selinux_xfrm_notify_policyload();
- return 0;
+ goto out;
}
#if 0
sidtab_hash_eval(&sidtab, "sids");
#endif
- rc = policydb_read(&newpolicydb, fp);
+ rc = policydb_read(newpolicydb, fp);
if (rc)
- return rc;
+ goto out;
- newpolicydb.len = len;
+ newpolicydb->len = len;
/* If switching between different policy types, log MLS status */
- if (policydb.mls_enabled && !newpolicydb.mls_enabled)
+ if (policydb.mls_enabled && !newpolicydb->mls_enabled)
printk(KERN_INFO "SELinux: Disabling MLS support...\n");
- else if (!policydb.mls_enabled && newpolicydb.mls_enabled)
+ else if (!policydb.mls_enabled && newpolicydb->mls_enabled)
printk(KERN_INFO "SELinux: Enabling MLS support...\n");
- rc = policydb_load_isids(&newpolicydb, &newsidtab);
+ rc = policydb_load_isids(newpolicydb, &newsidtab);
if (rc) {
printk(KERN_ERR "SELinux: unable to load the initial SIDs\n");
- policydb_destroy(&newpolicydb);
- return rc;
+ policydb_destroy(newpolicydb);
+ goto out;
}
- rc = selinux_set_mapping(&newpolicydb, secclass_map, &map, &map_size);
+ rc = selinux_set_mapping(newpolicydb, secclass_map, &map, &map_size);
if (rc)
goto err;
- rc = security_preserve_bools(&newpolicydb);
+ rc = security_preserve_bools(newpolicydb);
if (rc) {
printk(KERN_ERR "SELinux: unable to preserve booleans\n");
goto err;
@@ -1896,7 +1903,7 @@ int security_load_policy(void *data, siz
* in the new SID table.
*/
args.oldp = &policydb;
- args.newp = &newpolicydb;
+ args.newp = newpolicydb;
rc = sidtab_map(&newsidtab, convert_context, &args);
if (rc) {
printk(KERN_ERR "SELinux: unable to convert the internal"
@@ -1906,12 +1913,12 @@ int security_load_policy(void *data, siz
}
/* Save the old policydb and SID table to free later. */
- memcpy(&oldpolicydb, &policydb, sizeof policydb);
+ memcpy(oldpolicydb, &policydb, sizeof(policydb));
sidtab_set(&oldsidtab, &sidtab);
/* Install the new policydb and SID table. */
write_lock_irq(&policy_rwlock);
- memcpy(&policydb, &newpolicydb, sizeof policydb);
+ memcpy(&policydb, newpolicydb, sizeof(policydb));
sidtab_set(&sidtab, &newsidtab);
security_load_policycaps();
oldmap = current_mapping;
@@ -1921,7 +1928,7 @@ int security_load_policy(void *data, siz
write_unlock_irq(&policy_rwlock);
/* Free the old policydb and SID table. */
- policydb_destroy(&oldpolicydb);
+ policydb_destroy(oldpolicydb);
sidtab_destroy(&oldsidtab);
kfree(oldmap);
@@ -1931,14 +1938,17 @@ int security_load_policy(void *data, siz
selinux_netlbl_cache_invalidate();
selinux_xfrm_notify_policyload();
- return 0;
+ rc = 0;
+ goto out;
err:
kfree(map);
sidtab_destroy(&newsidtab);
- policydb_destroy(&newpolicydb);
- return rc;
+ policydb_destroy(newpolicydb);
+out:
+ kfree(oldpolicydb);
+ return rc;
}
size_t security_policydb_len(void)
next prev parent reply other threads:[~2018-03-12 3:50 UTC|newest]
Thread overview: 106+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-12 3:03 [PATCH 3.2 000/104] 3.2.101-rc1 review Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 001/104] brcmfmac: work-around gcc 4.7 build issue Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 041/104] x86/cpufeatures: Add X86_BUG_CPU_INSECURE Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 047/104] x86/cpu: Implement CPU vulnerabilites sysfs functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 007/104] rtlwifi: rtl8192c: Fix W=1 warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 016/104] gcov: compile specific gcov implementation based on gcc version Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 025/104] atp: remove set_rx_mode_8012() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 072/104] x86/pti: Document fix wrong index Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 046/104] sysfs/cpu: Add vulnerability folder Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 036/104] x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 073/104] x86/retpoline: Optimize inline assembler for vmexit_fill_RSB Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 044/104] x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] Ben Hutchings
2018-03-12 3:03 ` Ben Hutchings [this message]
2018-03-12 3:03 ` [PATCH 3.2 033/104] x86, asm: Extend definitions of _ASM_* with a raw format Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 008/104] rtlwifi: rtl8192de: Fix W=1 build warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 079/104] x86/bugs: Drop one "mitigation" from dmesg Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 070/104] kprobes/x86: Blacklist indirect thunk functions for kprobes Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 089/104] x86/spectre: Report get_user mitigation for spectre_v1 Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 091/104] x86/paravirt: Remove 'noreplace-paravirt' cmdline option Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 003/104] rtlwifi: rtl8192se: Fix gcc 4.7.x warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 088/104] vfs, fdtable: Prevent bounds-check bypass via speculative execution Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 068/104] x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 101/104] x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 085/104] x86: Introduce barrier_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 056/104] kconfig.h: use __is_defined() to check if MODULE is defined Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 052/104] x86/alternatives: Fix optimize_nops() checking Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 042/104] x86/cpu, x86/pti: Do not enable PTI on AMD processors Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 094/104] x86/spectre: Simplify spectre_v2 command line parsing Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 030/104] KVM: VMX: Make use of asm.h Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 012/104] usb: renesas_usbhs: fixup __usbhs_for_each_pipe 1st pos Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 071/104] kprobes/x86: Disable optimizing on the function jumps to indirect thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 080/104] x86/cpu/bugs: Make retpoline module warning conditional Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 065/104] x86/retpoline/irq32: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 018/104] gcov: add support for GCC 4.9 Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 054/104] x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 009/104] rtl8192c:dm: Properly initialize local array and set value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 075/104] x86/retpoline: Fill RSB on context switch for affected CPUs Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 005/104] ath6kl: fix uninitialized variable in ath6kl_sdio_enable_scatter() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 076/104] x86/retpoline: Remove the esp/rsp thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 092/104] x86/kvm: Update spectre-v1 mitigation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 032/104] x86, cpu: Expand cpufeature facility to include cpu bugs Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 015/104] gcov: add support for gcc 4.7 gcov format Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 024/104] [media] budget-av: only use t_state if initialized Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 051/104] x86/alternatives: Make optimize_nops() interrupt safe and synced Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 098/104] nospec: Move array_index_nospec() parameter checking into separate macro Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 014/104] gcov: move gcov structs definitions to a gcc version specific file Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 087/104] x86/syscall: Sanitize syscall table de-references under speculation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 048/104] sysfs/cpu: Fix typos in vulnerability documentation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 102/104] x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 034/104] bitops: Introduce BIT_ULL Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 049/104] x86/alternatives: Guard NOPs optimization Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 095/104] x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 038/104] x86/Documentation: Add PTI description Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 062/104] x86/retpoline/hyperv: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 074/104] x86/cpu/intel: Introduce macros for Intel family numbers Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 090/104] x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 077/104] module/retpoline: Warn about missing retpoline in module Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 097/104] x86/spectre: Fix an error message Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 050/104] x86/alternatives: Fix ALTERNATIVE_2 padding generation properly Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 069/104] retpoline: Introduce start/end markers of indirect thunk Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 035/104] x86: Add another set of MSR accessor functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 100/104] nospec: Include <asm/barrier.h> dependency Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 082/104] Documentation: Document array_index_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 022/104] fs: namespace: suppress 'may be used uninitialized' warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 040/104] x86/cpufeatures: Make CPU bugs sticky Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 064/104] x86/retpoline/checksum32: Convert assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 031/104] KVM: SVM: Make use of asm.h Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 099/104] nospec: Kill array_index_nospec_mask_check() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 020/104] modpost: reduce visibility of symbols and constify r/o arrays Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 063/104] x86/retpoline/xen: Convert Xen hypercall indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 028/104] x86/bitops: Move BIT_64() for a wider use Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 026/104] staging/wlan-ng: Fix 'Branch condition evaluates to a garbage value' in p80211netdev.c Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 060/104] x86/retpoline/entry: Convert entry assembler indirect jumps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 061/104] x86/retpoline/ftrace: Convert ftrace " Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 002/104] Bluetooth: Remove unused hci_le_ltk_reply() Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 019/104] ath6kl: fix struct hif_scatter_req list handling Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 086/104] x86/get_user: Use pointer masking to limit speculation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 045/104] x86/cpu: Merge bugs.c and bugs_64.c Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 021/104] modpost: don't emit section mismatch warnings for compiler optimizations Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 078/104] x86/nospec: Fix header guards names Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 055/104] x86/asm: Make asm/alternative.h safe from assembly Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 053/104] x86/cpu/AMD: Make LFENCE a serializing instruction Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 027/104] kconfig: fix IS_ENABLED to not require all options to be defined Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 006/104] Turn off -Wmaybe-uninitialized when building with -Os Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 039/104] x86/cpu: Factor out application of forced CPU caps Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 011/104] Removed unused typedef to avoid "unused local typedef" warnings Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 103/104] x86: fix build warnign with 32-bit PAE Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 066/104] x86/retpoline: Fill return stack buffer on vmexit Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 037/104] kvm: vmx: Scrub hardware GPRs at VM-exit Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 093/104] x86/retpoline: Avoid retpolines for built-in __init functions Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 010/104] rtlwifi: initialize local array and set value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 057/104] x86/asm: Use register variable to get stack pointer value Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 059/104] x86/spectre: Add boot time option to select Spectre v2 mitigation Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 058/104] x86/retpoline: Add initial retpoline support Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 013/104] usb: renesas_usbhs: tidyup original usbhsx_for_each_xxx macro Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 004/104] brcm80211: Remove bogus memcpy in ai_detach Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 104/104] cris: Remove old legacy "-traditional" flag from arch-v10/lib/Makefile Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 084/104] x86: Implement array_index_mask_nospec Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 043/104] x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 096/104] x86/cpufeatures: Clean up Spectre v2 related CPUID flags Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 029/104] x86, alternative: Add header guards to <asm/alternative-asm.h> Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 023/104] [media] max2165: trival fix for some -Wuninitialized warning Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 083/104] array_index_nospec: Sanitize speculative array de-references Ben Hutchings
2018-03-12 3:03 ` [PATCH 3.2 067/104] x86/retpoline: Remove compile time warning Ben Hutchings
2018-03-12 14:54 ` [PATCH 3.2 000/104] 3.2.101-rc1 review Guenter Roeck
2018-03-12 19:53 ` Ben Hutchings
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=lsq.1520823814.464390522@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=akpm@linux-foundation.org \
--cc=eparis@parisplace.org \
--cc=james.l.morris@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pmoore@redhat.com \
--cc=sds@tycho.nsa.gov \
--cc=stable@vger.kernel.org \
--cc=tim.gardner@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox