Received: by 2002:ac0:a874:0:0:0:0:0 with SMTP id c49csp704361ima; Fri, 15 Mar 2019 12:11:20 -0700 (PDT) X-Google-Smtp-Source: APXvYqwdq0Io69Oe+2e6wpY4VRA/pHvoZhuV3jbiz9iO+nrfs8+SU9BemlXWsYNl1AR9cez33FQB X-Received: by 2002:a63:d854:: with SMTP id k20mr5010991pgj.107.1552677079974; Fri, 15 Mar 2019 12:11:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1552677079; cv=none; d=google.com; s=arc-20160816; b=KiudYWaSKvQWT0fhowqF3HYn96g2euvBcpGJsACNz8Es/8OGA5h1n32SO0OZk8FSZC /Ky4gsOCg/1Nllcr/0Z2sAqqNda3fKdQW6ssupRTK10hH2lRwgqDBnw9uryzACzVvkI7 roFWCyVzxkUcZBOiD5n7oOJ8XqO6Gtm1Zj8LiuqYtbpXWcudwwzh1Jm4i6ZWAKtg+uno v8AsTfdx/vpiek8bHf1Iq7JWweks1MBHUUED7fjXpsZ3leYtzrJgzX2ukqqCjdbwpMGp n/lxJsPjhnd2MRyCipdQcl9ucsTJ84QBV9JJ58Q/ToQ/iX1RhzcqUPZ9Gm0izYlMtV/3 j1Vg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=wxl93n/ge86mid8wNM/kMObfA3H46LRP6pN+JN9BHD4=; b=DBEZjWsSZ20kssAMIm3UyK8FgsBlzEFi8pBSRiCviyaDRLs7aJBv13Y/54BDI/Eskv hYLPRsqyyqvXbBk/K8IsQqbIFgrU9qQ2ohoPvrXPERti35gjiUTep+1QrPquV7WAAZRL KAwnQlQdfwM9PAFXTrEBHkwaur+Cib8ro8Dn9z2EYmvHjhTlQvtjI6NA4RYjO5dtN7V3 RsegluylOWm4BTBbK9m/E5y/kS0VrOlAoxJQqEWKnygenY0fPkJjMnerOoNMCM+iMo6U +L7N1Scm5FEOBAhc9DkjhUGMRQjCO8rw90RJn/h9gweq0ZTYrjnXvJRxGZQoYGizVzyX 972w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c22si2382520pls.17.2019.03.15.12.11.04; Fri, 15 Mar 2019 12:11:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726798AbfCOTJF (ORCPT + 99 others); Fri, 15 Mar 2019 15:09:05 -0400 Received: from namei.org ([65.99.196.166]:57212 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726360AbfCOTJF (ORCPT ); Fri, 15 Mar 2019 15:09:05 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id x2FJ8ha0003194; Fri, 15 Mar 2019 19:08:43 GMT Date: Sat, 16 Mar 2019 06:08:43 +1100 (AEDT) From: James Morris To: Kangjie Lu cc: pakki001@umn.edu, "Serge E. Hallyn" , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, Casey Schaufler Subject: Re: [PATCH] security: inode: fix a missing check for securityfs_create_file In-Reply-To: <20190315040901.31551-1-kjlu@umn.edu> Message-ID: References: <20190315040901.31551-1-kjlu@umn.edu> User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 14 Mar 2019, Kangjie Lu wrote: > securityfs_create_file may fail. The fix checks its status and > returns EFAULT upstream if it fails. > > Signed-off-by: Kangjie Lu > --- > security/inode.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/security/inode.c b/security/inode.c > index b7772a9b315e..11d9a6bc2161 100644 > --- a/security/inode.c > +++ b/security/inode.c > @@ -339,6 +339,11 @@ static int __init securityfs_init(void) > #ifdef CONFIG_SECURITY > lsm_dentry = securityfs_create_file("lsm", 0444, NULL, NULL, > &lsm_ops); > + if (IS_ERR(lsm_dentry)) { > + unregister_filesystem(&fs_type); > + sysfs_remove_mount_point(kernel_kobj, "security"); > + return -EFAULT; > + } > #endif > return 0; > } > Good catch, but you should propagate the error returned from securityfs_create_file(). -- James Morris