From: Huaisheng Ye <[email protected]>
selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
do nothing else. And also msg_msg_alloc_security is just used by the
former.
Remove the redundant function to simplify the code.
Signed-off-by: Huaisheng Ye <[email protected]>
---
security/selinux/hooks.c | 17 ++++++-----------
1 file changed, 6 insertions(+), 11 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 9625b99..fb1b9da 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5882,16 +5882,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
isec->sid = current_sid();
}
-static int msg_msg_alloc_security(struct msg_msg *msg)
-{
- struct msg_security_struct *msec;
-
- msec = selinux_msg_msg(msg);
- msec->sid = SECINITSID_UNLABELED;
-
- return 0;
-}
-
static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
u32 perms)
{
@@ -5910,7 +5900,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
{
- return msg_msg_alloc_security(msg);
+ struct msg_security_struct *msec;
+
+ msec = selinux_msg_msg(msg);
+ msec->sid = SECINITSID_UNLABELED;
+
+ return 0;
}
/* message queue security operations */
--
1.8.3.1
On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> From: Huaisheng Ye <[email protected]>
>
> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> do nothing else. And also msg_msg_alloc_security is just used by the
> former.
>
> Remove the redundant function to simplify the code.
This seems to also be true of other _alloc_security functions, probably
due to historical reasons. Further, at least some of these functions no
longer perform any allocation; they are just initialization functions
now that allocation has been taken to the LSM framework, so possibly
could be renamed and made to return void at some point.
>
> Signed-off-by: Huaisheng Ye <[email protected]>
Acked-by: Stephen Smalley <[email protected]>
> ---
> security/selinux/hooks.c | 17 ++++++-----------
> 1 file changed, 6 insertions(+), 11 deletions(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 9625b99..fb1b9da 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -5882,16 +5882,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
> isec->sid = current_sid();
> }
>
> -static int msg_msg_alloc_security(struct msg_msg *msg)
> -{
> - struct msg_security_struct *msec;
> -
> - msec = selinux_msg_msg(msg);
> - msec->sid = SECINITSID_UNLABELED;
> -
> - return 0;
> -}
> -
> static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
> u32 perms)
> {
> @@ -5910,7 +5900,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>
> static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
> {
> - return msg_msg_alloc_security(msg);
> + struct msg_security_struct *msec;
> +
> + msec = selinux_msg_msg(msg);
> + msec->sid = SECINITSID_UNLABELED;
> +
> + return 0;
> }
>
> /* message queue security operations */
>
On Fri, Jan 10, 2020 at 4:59 AM Huaisheng Ye <[email protected]> wrote:
> From: Huaisheng Ye <[email protected]>
>
> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> do nothing else. And also msg_msg_alloc_security is just used by the
> former.
>
> Remove the redundant function to simplify the code.
>
> Signed-off-by: Huaisheng Ye <[email protected]>
> ---
> security/selinux/hooks.c | 17 ++++++-----------
> 1 file changed, 6 insertions(+), 11 deletions(-)
Merged into selinux/next, thanks!
--
paul moore
http://www.paul-moore.com
On 1/10/2020 7:13 AM, Stephen Smalley wrote:
> On 1/10/20 4:58 AM, Huaisheng Ye wrote:
>> From: Huaisheng Ye <[email protected]>
>>
>> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
>> do nothing else. And also msg_msg_alloc_security is just used by the
>> former.
>>
>> Remove the redundant function to simplify the code.
>
> This seems to also be true of other _alloc_security functions, probably due to historical reasons. Further, at least some of these functions no longer perform any allocation; they are just initialization functions now that allocation has been taken to the LSM framework, so possibly could be renamed and made to return void at some point.
That's something I've been eyeing. I'm not 100% sure that no module will
ever fail doing the new style initialization. The int to void and name
change will probably happen after the next round of modules come in and
we can see that failure of initialization isn't a rational situation.
>
>>
>> Signed-off-by: Huaisheng Ye <[email protected]>
>
> Acked-by: Stephen Smalley <[email protected]>
>
>> ---
>> security/selinux/hooks.c | 17 ++++++-----------
>> 1 file changed, 6 insertions(+), 11 deletions(-)
>>
>> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
>> index 9625b99..fb1b9da 100644
>> --- a/security/selinux/hooks.c
>> +++ b/security/selinux/hooks.c
>> @@ -5882,16 +5882,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
>> isec->sid = current_sid();
>> }
>> -static int msg_msg_alloc_security(struct msg_msg *msg)
>> -{
>> - struct msg_security_struct *msec;
>> -
>> - msec = selinux_msg_msg(msg);
>> - msec->sid = SECINITSID_UNLABELED;
>> -
>> - return 0;
>> -}
>> -
>> static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>> u32 perms)
>> {
>> @@ -5910,7 +5900,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>> static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
>> {
>> - return msg_msg_alloc_security(msg);
>> + struct msg_security_struct *msec;
>> +
>> + msec = selinux_msg_msg(msg);
>> + msec->sid = SECINITSID_UNLABELED;
>> +
>> + return 0;
>> }
>> /* message queue security operations */
>>
>
>
> -----Original Message-----
> From: Stephen Smalley <[email protected]>
> Sent: Friday, January 10, 2020 11:14 PM
>
> On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> > From: Huaisheng Ye <[email protected]>
> >
> > selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> > do nothing else. And also msg_msg_alloc_security is just used by the
> > former.
> >
> > Remove the redundant function to simplify the code.
>
> This seems to also be true of other _alloc_security functions, probably due to
> historical reasons. Further, at least some of these functions no longer perform
> any allocation; they are just initialization functions now that allocation has
> been taken to the LSM framework, so possibly could be renamed and made to return
> void at some point.
>
> >
> > Signed-off-by: Huaisheng Ye <[email protected]>
>
> Acked-by: Stephen Smalley <[email protected]>
Many thanks for the Acked-by.
Yes, you are right, selinux_msg_msg_alloc_security only can return 0 in any case.
I think that should be modified to void instead of int.
And also, the fact is no module needs to implement msg_msg_free_security, because
LSM would take the responsibility for freeing msg->security.
I think we could delete the hook call of msg_msg_free_security, but I am cautious
to modify the existing interfaces, that just worry to break traditional rules.
Cheers,
Huaisheng Ye
Lenovo
On Fri, Jan 10, 2020 at 10:13 AM Stephen Smalley <[email protected]> wrote:
> On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> > From: Huaisheng Ye <[email protected]>
> >
> > selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> > do nothing else. And also msg_msg_alloc_security is just used by the
> > former.
> >
> > Remove the redundant function to simplify the code.
>
> This seems to also be true of other _alloc_security functions, probably
> due to historical reasons. Further, at least some of these functions no
> longer perform any allocation; they are just initialization functions
> now that allocation has been taken to the LSM framework, so possibly
> could be renamed and made to return void at some point.
I've noticed the same thing on a few occasions, I've just never
bothered to put the fixes into a patch. We might as well do that now,
at least for the redundant code bits; I'll leave the return code issue
for another time as that would cross LSM boundaries and that really
isn't appropriate in the -rc5 timeframe IMHO.
I'll put something together once I finish up the patch/review backlog
from the past few days. Looking quickly with a regex, it would appear
that inode_alloc_security(), file_alloc_security(), and
superblock_alloc_security() are all candidates. While not an
allocator, we can probably get rid of inode_doinit() as well.
--
paul moore
http://www.paul-moore.com
> -----Original Message-----
> From: Paul Moore <[email protected]>
> Sent: Saturday, January 11, 2020 12:50 AM
> On Fri, Jan 10, 2020 at 10:13 AM Stephen Smalley <[email protected]> wrote:
> > On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> > > From: Huaisheng Ye <[email protected]>
> > >
> > > selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> > > do nothing else. And also msg_msg_alloc_security is just used by the
> > > former.
> > >
> > > Remove the redundant function to simplify the code.
> >
> > This seems to also be true of other _alloc_security functions,
> > probably due to historical reasons. Further, at least some of these
> > functions no longer perform any allocation; they are just
> > initialization functions now that allocation has been taken to the LSM
> > framework, so possibly could be renamed and made to return void at some point.
>
> I've noticed the same thing on a few occasions, I've just never bothered to put
> the fixes into a patch. We might as well do that now, at least for the redundant
> code bits; I'll leave the return code issue for another time as that would cross
> LSM boundaries and that really isn't appropriate in the -rc5 timeframe IMHO.
>
> I'll put something together once I finish up the patch/review backlog from the
> past few days. Looking quickly with a regex, it would appear that
> inode_alloc_security(), file_alloc_security(), and
> superblock_alloc_security() are all candidates. While not an allocator, we can
> probably get rid of inode_doinit() as well.
Besides, it looks like selinux_nlmsg_perm is candidate too.
Just send a patch for this function.
Cheers,
Huaisheng Ye