The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
they will never return NULL, and elsewhere users don't do the check
as well, so remove the check here.
Signed-off-by: Xiu Jianfeng <[email protected]>
---
security/lsm_audit.c | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 78a278f28e49..75cc3f8d2a42 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -44,9 +44,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
struct iphdr *ih;
ih = ip_hdr(skb);
- if (ih == NULL)
- return -EINVAL;
-
ad->u.net->v4info.saddr = ih->saddr;
ad->u.net->v4info.daddr = ih->daddr;
@@ -59,8 +56,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
switch (ih->protocol) {
case IPPROTO_TCP: {
struct tcphdr *th = tcp_hdr(skb);
- if (th == NULL)
- break;
ad->u.net->sport = th->source;
ad->u.net->dport = th->dest;
@@ -68,8 +63,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_UDP: {
struct udphdr *uh = udp_hdr(skb);
- if (uh == NULL)
- break;
ad->u.net->sport = uh->source;
ad->u.net->dport = uh->dest;
@@ -77,8 +70,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_DCCP: {
struct dccp_hdr *dh = dccp_hdr(skb);
- if (dh == NULL)
- break;
ad->u.net->sport = dh->dccph_sport;
ad->u.net->dport = dh->dccph_dport;
@@ -86,8 +77,7 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_SCTP: {
struct sctphdr *sh = sctp_hdr(skb);
- if (sh == NULL)
- break;
+
ad->u.net->sport = sh->source;
ad->u.net->dport = sh->dest;
break;
@@ -115,8 +105,6 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb,
__be16 frag_off;
ip6 = ipv6_hdr(skb);
- if (ip6 == NULL)
- return -EINVAL;
ad->u.net->v6info.saddr = ip6->saddr;
ad->u.net->v6info.daddr = ip6->daddr;
/* IPv6 can have several extension header before the Transport header
--
2.17.1
On Wed, Jul 13, 2022 at 9:27 PM Xiu Jianfeng <[email protected]> wrote:
>
> The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
> they will never return NULL, and elsewhere users don't do the check
> as well, so remove the check here.
>
> Signed-off-by: Xiu Jianfeng <[email protected]>
> ---
> security/lsm_audit.c | 14 +-------------
> 1 file changed, 1 insertion(+), 13 deletions(-)
Hi Xiu Jianfeng,
We just changed LSM maintainers earlier this week, and while I haven't
forgotten about your patch (I reviewed it previously), it is too late
in this current release cycle (-rc6) to merge non-critical fixes.
This would go into the LSM tree after the upcoming merge window.
Thank you for your patience and understanding.
--
paul-moore.com
在 2022/7/14 10:33, Paul Moore 写道:
> On Wed, Jul 13, 2022 at 9:27 PM Xiu Jianfeng <[email protected]> wrote:
>> The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
>> they will never return NULL, and elsewhere users don't do the check
>> as well, so remove the check here.
>>
>> Signed-off-by: Xiu Jianfeng <[email protected]>
>> ---
>> security/lsm_audit.c | 14 +-------------
>> 1 file changed, 1 insertion(+), 13 deletions(-)
> Hi Xiu Jianfeng,
>
> We just changed LSM maintainers earlier this week, and while I haven't
> forgotten about your patch (I reviewed it previously), it is too late
> in this current release cycle (-rc6) to merge non-critical fixes.
> This would go into the LSM tree after the upcoming merge window.
>
> Thank you for your patience and understanding.
Hi, paul, I get it, thanks very much :)
>
On Wed, Jul 13, 2022 at 10:49 PM xiujianfeng <[email protected]> wrote:
> 在 2022/7/14 10:33, Paul Moore 写道:
> > On Wed, Jul 13, 2022 at 9:27 PM Xiu Jianfeng <[email protected]> wrote:
> >> The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
> >> they will never return NULL, and elsewhere users don't do the check
> >> as well, so remove the check here.
> >>
> >> Signed-off-by: Xiu Jianfeng <[email protected]>
> >> ---
> >> security/lsm_audit.c | 14 +-------------
> >> 1 file changed, 1 insertion(+), 13 deletions(-)
> > Hi Xiu Jianfeng,
> >
> > We just changed LSM maintainers earlier this week, and while I haven't
> > forgotten about your patch (I reviewed it previously), it is too late
> > in this current release cycle (-rc6) to merge non-critical fixes.
> > This would go into the LSM tree after the upcoming merge window.
> >
> > Thank you for your patience and understanding.
>
> Hi, paul, I get it, thanks very much :)
I just merged this into the lsm/next branch, thanks for your patience.
--
paul-moore.com