This patch removes some unneeded code for if opt_dentry is null because
that can never happen.
The function dereferences "opt_dentry" earlier when it checks
"if (opt_dentry->d_parent == opt_dentry) {". That code was added in
2008.
This function called from security_d_instantiate(). I checked all the
places which call security_d_instantiate() and dentry is always non-null.
I also checked the selinux version of this hook and there is a comment
which says that dentry should be non-null if called from
d_instantiate().
Signed-off-by: Dan Carpenter <[email protected]>
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 0f2fc48..07abc9c 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2191,7 +2191,7 @@ static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
/**
* smack_d_instantiate - Make sure the blob is correct on an inode
- * @opt_dentry: unused
+ * @opt_dentry: dentry where inode will be attached
* @inode: the object
*
* Set the inode's security blob if it hasn't been done already.
@@ -2310,20 +2310,10 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
/*
* Get the dentry for xattr.
*/
- if (opt_dentry == NULL) {
- dp = d_find_alias(inode);
- if (dp == NULL)
- break;
- } else {
- dp = dget(opt_dentry);
- if (dp == NULL)
- break;
- }
-
+ dp = dget(opt_dentry);
fetched = smk_fetch(inode, dp);
if (fetched != NULL)
final = fetched;
-
dput(dp);
break;
}
Dan Carpenter wrote:
> This patch removes some unneeded code for if opt_dentry is null because
> that can never happen.
>
> The function dereferences "opt_dentry" earlier when it checks
> "if (opt_dentry->d_parent == opt_dentry) {". That code was added in
> 2008.
>
> This function called from security_d_instantiate(). I checked all the
> places which call security_d_instantiate() and dentry is always non-null.
> I also checked the selinux version of this hook and there is a comment
> which says that dentry should be non-null if called from
> d_instantiate().
>
> Signed-off-by: Dan Carpenter <[email protected]>
>
Acked-by: Casey Schaufler <[email protected]>
I have tested the change and not had any issues. I recall struggling
with this particular bit of code, but that was long enough ago that
the circumstances evade my memory. Thank you.
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 0f2fc48..07abc9c 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -2191,7 +2191,7 @@ static void smack_ipc_getsecid(struct kern_ipc_perm *ipp, u32 *secid)
>
> /**
> * smack_d_instantiate - Make sure the blob is correct on an inode
> - * @opt_dentry: unused
> + * @opt_dentry: dentry where inode will be attached
> * @inode: the object
> *
> * Set the inode's security blob if it hasn't been done already.
> @@ -2310,20 +2310,10 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
> /*
> * Get the dentry for xattr.
> */
> - if (opt_dentry == NULL) {
> - dp = d_find_alias(inode);
> - if (dp == NULL)
> - break;
> - } else {
> - dp = dget(opt_dentry);
> - if (dp == NULL)
> - break;
> - }
> -
> + dp = dget(opt_dentry);
> fetched = smk_fetch(inode, dp);
> if (fetched != NULL)
> final = fetched;
> -
> dput(dp);
> break;
> }
>
>
>
On Tue, 1 Jun 2010, Dan Carpenter wrote:
> This patch removes some unneeded code for if opt_dentry is null because
> that can never happen.
>
> The function dereferences "opt_dentry" earlier when it checks
> "if (opt_dentry->d_parent == opt_dentry) {". That code was added in
> 2008.
>
> This function called from security_d_instantiate(). I checked all the
> places which call security_d_instantiate() and dentry is always non-null.
> I also checked the selinux version of this hook and there is a comment
> which says that dentry should be non-null if called from
> d_instantiate().
>
> Signed-off-by: Dan Carpenter <[email protected]>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next
--
James Morris
<[email protected]>