Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 81ea714b authored by Sergio Luis's avatar Sergio Luis Committed by James Morris
Browse files

smackfs: check for allocation failures in smk_set_access() 



smackfs: check for allocation failures in smk_set_access()

 While adding a new subject/object pair to smack_list, smk_set_access()
 didn't check the return of kzalloc().

 This patch changes smk_set_access() to return 0 or -ENOMEM, based on
 kzalloc()'s return. It also updates its caller, smk_write_load(), to
 check for smk_set_access()'s return, given it is no longer a void
 return function.

 Signed-off-by: default avatarSergio Luis <sergio@larces.uece.br>
 To: Casey Schaufler <casey@schaufler-ca.com>
 Cc: Ahmed S. Darwish <darwish.07@gmail.com>
 Cc: LSM <linux-security-module@vger.kernel.org>
 Cc: LKLM <linux-kernel@vger.kernel.org>

Acked-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
parent 74192246

security/smack/smackfs.c

+16 −4
Original line number Diff line number Diff line
@@ -185,11 +185,15 @@ static int smk_open_load(struct inode *inode, struct file *file) 
 * the subject/object pair and replaces the access that was

 * there. If the pair isn't found add it with the specified

 * access.

 *

 * Returns 0 if nothing goes wrong or -ENOMEM if it fails

 * during the allocation of the new pair to add.

 */

static void smk_set_access(struct smack_rule *srp)

static int smk_set_access(struct smack_rule *srp)

{

	struct smk_list_entry *sp;

	struct smk_list_entry *newp;

	int ret = 0;



	mutex_lock(&smack_list_lock);
@@ -202,14 +206,20 @@ static void smk_set_access(struct smack_rule *srp) 


	if (sp == NULL) {

		newp = kzalloc(sizeof(struct smk_list_entry), GFP_KERNEL);

		if (newp == NULL) {

			ret = -ENOMEM;

			goto out;

		}



		newp->smk_rule = *srp;

		newp->smk_next = smack_list;

		smack_list = newp;

	}



out:

	mutex_unlock(&smack_list_lock);



	return;

	return ret;

}



/**
@@ -309,7 +319,9 @@ static ssize_t smk_write_load(struct file *file, const char __user *buf, 
		goto out;

	}



	smk_set_access(&rule);

	rc = smk_set_access(&rule);



	if (!rc)

		rc = count;



out: