Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp893060ybi; Thu, 30 May 2019 08:19:24 -0700 (PDT) X-Google-Smtp-Source: APXvYqzrAwCgXP0NZa26HBWeKXwo30MK3WB/i5S23mC7qdjKASqW6OR+zB22+y4oAQx3OoXXieb3 X-Received: by 2002:a17:902:c7:: with SMTP id a65mr4180059pla.182.1559229564840; Thu, 30 May 2019 08:19:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559229564; cv=none; d=google.com; s=arc-20160816; b=WplgIptEFXdVP0rk6qT8eW7wAwbwc7vlaD4iIT+j4muryeYKnyd6YTap/g3cY6NFa4 0Wo29C9uisrUGHA1eVtrHpUYpjVXohTZlHiYh8UZMtnAqg0mnxFhf7LJumcUd0TVHbGB IcCIad0VEsCk7hhU15mapK9tpEPoeAkUqKkvmFZG67GW5vb68xUOEA++4lt63jx/z/Ea EuEWYOXtpDWqdJzxlGVXqwGwObGlzCLY/7Qe4Yub/eqgZs8+wVgw+BJqp5QyFo33GwQi UQ2FMvsiSWUMO89be3xEiV9Cf6XARE0AT6xszloaqhCivBFLVz6RyBiGHl+m84kefuSi wZMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=doj4IenzvkfWML5SzqtumJTZIFAZxiRbmcpcN5zKAZ4=; b=O9JjGb8XTWnu56DTK6XQ/Pezc0JvoI9jiepsPOA2gUvoW7rInKovkiE1A1h+r57DV9 Do3kN/9EHmsi/we1UGNEl774DEaQ2LDkibCoHsP8iJt1D+dw8QKMB7w3Tvbtj2mBfRam buIyImnonlsjszP+qkYLNzATMU9aiEbhnP4iGMd9pNPq1UQ2Gvu5pPQz8JIhDzNdeI9i ctxzgGT1nQYgEex8Wk5pHpJYRSgucP1xFk3Jd+omAeQMEEm+QfT+LvtEbJPOW2crRbqe TAi+Txrf8Ym4zEAHryP3UHsNpl0IUYD90tdzu/vb1PUnPd4UBbfrd5A8sQC3MALDJSPo 6I3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=p+i9hild; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q28si2954605pgm.545.2019.05.30.08.19.07; Thu, 30 May 2019 08:19:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=p+i9hild; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726694AbfE3PQv (ORCPT + 99 others); Thu, 30 May 2019 11:16:51 -0400 Received: from mail-oi1-f195.google.com ([209.85.167.195]:37180 "EHLO mail-oi1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725961AbfE3PQu (ORCPT ); Thu, 30 May 2019 11:16:50 -0400 Received: by mail-oi1-f195.google.com with SMTP id i4so4838758oih.4; Thu, 30 May 2019 08:16:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=doj4IenzvkfWML5SzqtumJTZIFAZxiRbmcpcN5zKAZ4=; b=p+i9hildaNu7ZwZqAZm4SxIdnxeld89mgtaKkYql/hwiBmxkwvCkJvkyfwaSd1STOY cYz3gUYDPJW9WckbtAChfhlS4R+VlqJLETLZnWu6vqn9LSmqnLSUAqXh7HcfdlB3UB/d /38MB49Vo7PfBnn1wNpyCCgLotzlxKoE97/X3rJ5+tqyT0dCIjdN2Aeeb9EbDiXSNe50 uAC7Yo0mPz+WzxD3JmuwoJfuzT0707fuX2YBz3ushN+Vixav47djmprqcVjt6+Kmtsyn Wo82gOToZPmrlnLWBb/uP9GfwASMMSYZeRF70jr/B/mpbTqrokZd3fNNDm7R9Yn6gyTN xcbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=doj4IenzvkfWML5SzqtumJTZIFAZxiRbmcpcN5zKAZ4=; b=i3YuAGo4TtRTa17cu7bDfZXXGKFXQAy6UdMgwGedSEgWMtEwrGl2upjGRgyV1EknBI diW/y2QTyf+jSHBdMquSzP8KZ4U1GHtfI6eKSQANaOAQMdaDF7cTZSu/Z8Dtir0JUXTv KHOZX9CK2g85j8HcAZSGDdEr75pwslOoeEpuKDf10YPDb2RIIi0frkQBtkVAAcHi8NxU ehiiz4yVe0qnBXB3Q5TcZG+5/Qb/HFo+2QWui7d2u99+3TKsPMNd+73EsBlNnoOzRrXg hdnSaT0n7imwgpXfd+Wkl3E1I/XAO+Zm9e9VKBz1QgXvl+aYuTCTPZDuqJOxGYZF5Fq5 onOw== X-Gm-Message-State: APjAAAXohrH6FTlmpxaidbzrwMT1OxOIRMBO3+6zudvpOcDEusa+U9NE LIVqMBTPzo00lCLwoqW1Il6OUO9Kv7981joE/CI= X-Received: by 2002:aca:eb4a:: with SMTP id j71mr1562553oih.69.1559229409571; Thu, 30 May 2019 08:16:49 -0700 (PDT) MIME-Version: 1.0 References: <20190530035310.GA9127@zhanggen-UX430UQ> <20190530085106.GA2711@zhanggen-UX430UQ> In-Reply-To: From: William Roberts Date: Thu, 30 May 2019 08:16:36 -0700 Message-ID: Subject: Re: [PATCH v2] hooks: fix a missing-check bug in selinux_sb_eat_lsm_opts() To: Ondrej Mosnacek Cc: Gen Zhang , Paul Moore , tony.luck@intel.com, Stephen Smalley , Eric Paris , selinux@vger.kernel.org, Linux kernel mailing list , bpf@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 30, 2019 at 4:52 AM Ondrej Mosnacek wrote: > > On Thu, May 30, 2019 at 10:51 AM Gen Zhang wrote: > > In selinux_sb_eat_lsm_opts(), 'arg' is allocated by kmemdup_nul(). It > > returns NULL when fails. So 'arg' should be checked. > > > > Signed-off-by: Gen Zhang > > Fixes: 99dbbb593fe6 ("selinux: rewrite selinux_sb_eat_lsm_opts()") > > --- > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > > index 3ec702c..5a9e959 100644 > > --- a/security/selinux/hooks.c > > +++ b/security/selinux/hooks.c > > @@ -2635,6 +2635,8 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) > > *q++ = c; > > } > > arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); > > + if (!arg) > > + return -ENOMEM; Yeah -ENOMEM is correct here. Ack by me. > > } > > rc = selinux_add_opt(token, arg, mnt_opts); > > if (unlikely(rc)) { > > Looking at the callers of security_sb_eat_lsm_opts() (which is the > function that eventually calls the selinux_sb_eat_lsm_opts() hook), > -ENOMEM should be appropriate here. > > Reviewed-by: Ondrej Mosnacek > > -- > Ondrej Mosnacek > Software Engineer, Security Technologies > Red Hat, Inc.