2022-05-09 05:40:51

by Casey Schaufler

[permalink] [raw]
Subject: Re: [PATCH 1/3] securityfs: Append line feed to /sys/kernel/security/lsm

On 5/5/2022 6:22 AM, Wang Weiyang wrote:
> There is no LF in /sys/kerne/security/lsm output. It is a little weird,
> so append LF to it.

NAK: The existing behavior is consistent with long standing LSM convention.

>
> Example:
>
> / # cat /sys/kernel/security/lsm
> capability,selinux/ #
>
> Signed-off-by: Wang Weiyang <[email protected]>
> ---
> security/inode.c | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/security/inode.c b/security/inode.c
> index 6c326939750d..bfd5550fa129 100644
> --- a/security/inode.c
> +++ b/security/inode.c
> @@ -318,8 +318,20 @@ static struct dentry *lsm_dentry;
> static ssize_t lsm_read(struct file *filp, char __user *buf, size_t count,
> loff_t *ppos)
> {
> - return simple_read_from_buffer(buf, count, ppos, lsm_names,
> - strlen(lsm_names));
> + char *tmp;
> + ssize_t len = strlen(lsm_names);
> + ssize_t rc;
> +
> + tmp = kmalloc(len + 2, GFP_KERNEL);
> + if (!tmp)
> + return -ENOMEM;
> +
> + scnprintf(tmp, len + 2, "%s\n", lsm_names);
> + rc = simple_read_from_buffer(buf, count, ppos, tmp, strlen(tmp));
> +
> + kfree(tmp);
> +
> + return rc;
> }
>
> static const struct file_operations lsm_ops = {