Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp662596ybi; Thu, 30 May 2019 04:54:46 -0700 (PDT) X-Google-Smtp-Source: APXvYqzVzCNf+PigOU338bAp0DVsW1/+5o8P2xvGETNJ2tDDGoSRLtEOpKE5dIxj9NLjjw4KSquk X-Received: by 2002:a62:582:: with SMTP id 124mr3351675pff.209.1559217285926; Thu, 30 May 2019 04:54:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559217285; cv=none; d=google.com; s=arc-20160816; b=EvAAGdG3HxBmgNjq6JjH1V5EeGpY1LPEX+sQRGjHEsVFIL5IEazuoUdWs9flllkylh mvh6ZKeWW/08I24M0q+5Yqg2Ii8pI2OMvtGbRo0mpfJn2+49Mpg0/aKIeFw3ebP1bHz8 VqCn5mp3f+ezRqSlU3sCKmoBBPkt2w5JCnWqsDbAkQD8l8czcc6UdDj+kfX47iScJvCK 9ppxIxcT/MNpiUxIAzQlVS260ePEMwKxTU00NuAP1N3TJXB8ve2jQmmk7ITVUzUsBRzW GVKwTTwFuJHMPu93vkgEDbBSxEo/+TZUizRJZuKVsXL1IT8nYPZg1dwgWwTaix5cZGWE qxKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version; bh=vAN+W8HMPR+e2EfUykPuPve3XAe6lmTzwXCfaLwdSz8=; b=zwAoDR3cfBc6tb/SIE4lkUhqLO1rBBmcHPPRCn3QPz/3ZR0BYO7kzOTJtIt9gaskgw 3g7YIiDb7EiHXeqov/HhmCOLlgG6w/TUanFKfoc2SdkEvCh/AjxcO6HnaiDpnXagFo62 5QKmgE10hEce07T+Zu2XXo51zp7WcsYACa7+w9jNqWVQzDrB+HSOCdZBItSlHuH6F+4R cShqlEUaz1e64taBsweWOuvyKZt4ZWqbGUSlKOnsPdNTczOPvxS6XX9c96L21LCbtHN5 xOfgyA62CU0j9x9DN6wKLxbVj2xomxdMk2GJ0TxIFtMWP7VJyct6h9GMY++wF9zMJTFq bnvA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j9si3014811pfr.277.2019.05.30.04.54.29; Thu, 30 May 2019 04:54:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727029AbfE3LwY (ORCPT + 99 others); Thu, 30 May 2019 07:52:24 -0400 Received: from mail-ot1-f68.google.com ([209.85.210.68]:32857 "EHLO mail-ot1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726792AbfE3LwX (ORCPT ); Thu, 30 May 2019 07:52:23 -0400 Received: by mail-ot1-f68.google.com with SMTP id n18so5337850otq.0 for ; Thu, 30 May 2019 04:52:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vAN+W8HMPR+e2EfUykPuPve3XAe6lmTzwXCfaLwdSz8=; b=oJJMIqM9fr+0cj0NekXfaW+ebhsDKaSx9gg6NMJg9jM3jFRVQTUdal/GKKqxbcaEKB OcZFNUrSA8sL9sBH9cDTMTCv+6FZyecNt52/VyDppfzGxRZqAJe51dgfJNNUWF7REW+s CusJ1wyiVaK9t0Ax+447kmXdAm66gpTHnnNzTGuAaN3Zi15S0zouw1hvfLdrY9i90vQI i4xH4PVa2jmdXsZPuEHLI0fhlypwlnhfgAoFVmRFz3qn1I0Mrb3vTv/Q8OJ6vKLhu5yo 4lyHodcQTA+xsQJ/Rcb9E0FttM8pr0/mdJOR+C2v5Tai93oDjye8GBsTydRxS5/W/cnz 5DEQ== X-Gm-Message-State: APjAAAXz5MIOfQmlrMI6qL+Pd+9+q2H+r5DR3dHZ7jFBQ/dfEDO4CwTg KcbK++xXqOtg6B0SFV2aLvL9FsnJ0BHgY/PbRwc/4w== X-Received: by 2002:a05:6830:154c:: with SMTP id l12mr2235146otp.66.1559217143019; Thu, 30 May 2019 04:52:23 -0700 (PDT) MIME-Version: 1.0 References: <20190530035310.GA9127@zhanggen-UX430UQ> <20190530085106.GA2711@zhanggen-UX430UQ> In-Reply-To: <20190530085106.GA2711@zhanggen-UX430UQ> From: Ondrej Mosnacek Date: Thu, 30 May 2019 13:52:12 +0200 Message-ID: Subject: Re: [PATCH v2] hooks: fix a missing-check bug in selinux_sb_eat_lsm_opts() To: Gen Zhang Cc: Paul Moore , tony.luck@intel.com, Stephen Smalley , Eric Paris , selinux@vger.kernel.org, Linux kernel mailing list , bpf@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 30, 2019 at 10:51 AM Gen Zhang wrote: > In selinux_sb_eat_lsm_opts(), 'arg' is allocated by kmemdup_nul(). It > returns NULL when fails. So 'arg' should be checked. > > Signed-off-by: Gen Zhang > Fixes: 99dbbb593fe6 ("selinux: rewrite selinux_sb_eat_lsm_opts()") > --- > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index 3ec702c..5a9e959 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -2635,6 +2635,8 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) > *q++ = c; > } > arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); > + if (!arg) > + return -ENOMEM; > } > rc = selinux_add_opt(token, arg, mnt_opts); > if (unlikely(rc)) { Looking at the callers of security_sb_eat_lsm_opts() (which is the function that eventually calls the selinux_sb_eat_lsm_opts() hook), -ENOMEM should be appropriate here. Reviewed-by: Ondrej Mosnacek -- Ondrej Mosnacek Software Engineer, Security Technologies Red Hat, Inc.