Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp779075ybi; Fri, 31 May 2019 08:47:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqwdPjFnpFsYWftOsRD4XWFFUUDyKtEYjzqy3esGtu1gwAYHn+zTfmylOBmHbU+muwYqDGW5 X-Received: by 2002:a65:5605:: with SMTP id l5mr6350959pgs.124.1559317628796; Fri, 31 May 2019 08:47:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559317628; cv=none; d=google.com; s=arc-20160816; b=nFFGMpMsnXeWrK6Ke/cEmsmocnGs5yQJ5vQW1Hq8P055cYHd/oeVRmzQHqoJQ2yJTK yQluT/v/D59luy29DIBB4v9fYHsjK3QvW56lubQChIhuAL7k7ZzNuVUdoIRccIi56gp0 7k/Oom/GCkW/P9/buj7HgaXUptuomwKtUCk0HL2+EXgXz9w2kKNOJK8oOg60h3zoZhno HZ+dYMASwPq4eUqOAHi5AthG9gFUPFCIy3udY0hFwpOw9pCxZ8Vkd9L7EkCaUqrUxdaB nMQJoJOKpUxpc654+yK5QQRF0WpgkY+Vd78L5msKeegzGk6Mkb+ZZoWu7gfrgUIU28Dy 6+Tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=/DZt8luZx8AZd+g3OwucXhV/souOkAqU6IAlufN+JIw=; b=qx5Xw1CHiMY9myR64Yg+TMd9p8aaf/XNaASgP2/Tm8DhPr9lB/4ralefK+K6nqJmrd a1ciTbN9Hl1aG3Rbkim/uqfzDcmzuDl0nOBeLg9p7uM6ZRHl60pUbmUDt3KYARKz9UvH PCy3l5J3zaorEGYimfrY8jJL4O0MylCm9nIeLXgvGXml+b3DngYM6W0WebBxNK2y56hv vl3vByMT0z91SJK1j/JiRcoFyrQxknirXQpVJyeci93IROa5BkeSF+hecuaw/xgC2S7O uJR8nycueR5ZeU3S77Hps+NqUhIdGBiAN6gnDzfeKMKKrgJezJKsF5jZrWEZkeN6p9wu qHUw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=fRr515es; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f1si6482957pln.23.2019.05.31.08.46.52; Fri, 31 May 2019 08:47:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=fRr515es; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726695AbfEaPpn (ORCPT + 99 others); Fri, 31 May 2019 11:45:43 -0400 Received: from mail-lf1-f66.google.com ([209.85.167.66]:37584 "EHLO mail-lf1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726601AbfEaPpn (ORCPT ); Fri, 31 May 2019 11:45:43 -0400 Received: by mail-lf1-f66.google.com with SMTP id m15so8283941lfh.4 for ; Fri, 31 May 2019 08:45:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/DZt8luZx8AZd+g3OwucXhV/souOkAqU6IAlufN+JIw=; b=fRr515esaIOr8mkEww0IKDtMKmNftE282RImc1BVF4NJkoyzWycXVzqJGvuIhA4tRg yGD98Ugj6GLQCyZr2JaDPuomsu1bWjRPzuDOz5QxW4SEF/qpmGwOeTDYHxJmmhOgcpvh YTD8txi1NP7Tf93arKTMnQTYJzJOeBgEcuaR9Nk9UIfApiKPLOM9OKvKzoFI65b+en8G mqoQU8m/U/4AUlvwyEhuXXJiWSMQGVpS8baWkvBUint97bO4se4HJHQ4vXPI0pA6nHPM QiOQRZe0fXT8C240IXihy/Ku1XNTcuFvmFzZNCsaPzcfS7NIiVdploSAO975KD9bFmyl O+bA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/DZt8luZx8AZd+g3OwucXhV/souOkAqU6IAlufN+JIw=; b=mvTx2sm2zSdMJBf3837iuKvlxZCLbZqFr2D7/+QiX5VrWA2t83IN2+4oT4RhNnn5NE n9oANd1kVSi+ZwqPF0VS+T3M508wc9sndQa4X5wdIXlQnhZXOkVYYxmuzzDtwjlnxmCb yJ9GllEYl639YVOt5ifMXYkoNa/qMRGP8QK19jAqSgZ71UgcURwzBO/oCDEAuSXS7oRS MzCiJSJA0hoNNMPXhqNM4dxJC7Caup1uyOtaERZuCcA8ajxR78wYX5Hkq8tO90UYdp5T kioHZEJPVeeF0eXkQwCv6ZbUHjjfU+uaKK9q9yVwvdxdEja1ygsElyXMcdmjBVuqkKzP WSKA== X-Gm-Message-State: APjAAAWfQ8rdn/v0iwnx+hcaQ/iyBOiLNzN7y2F44Y3a+yiOoZBqbq8B 8L+uSnOFmdkcZy/+dmmlSo4lsqA08jkdEemMRfmU X-Received: by 2002:a19:c301:: with SMTP id t1mr6164138lff.137.1559317540060; Fri, 31 May 2019 08:45:40 -0700 (PDT) MIME-Version: 1.0 References: <20190531013350.GA4642@zhanggen-UX430UQ> In-Reply-To: <20190531013350.GA4642@zhanggen-UX430UQ> From: Paul Moore Date: Fri, 31 May 2019 11:45:28 -0400 Message-ID: Subject: Re: [PATCH v2] hooks: fix a missing-check bug in selinux_sb_eat_lsm_opts() To: Gen Zhang Cc: Stephen Smalley , Eric Paris , selinux@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org, omosnace@redhat.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 30, 2019 at 9:34 PM Gen Zhang wrote: > > In selinux_sb_eat_lsm_opts(), 'arg' is allocated by kmemdup_nul(). It > returns NULL when fails. So 'arg' should be checked. > > Signed-off-by: Gen Zhang > Reviewed-by: Ondrej Mosnacek > Fixes: 99dbbb593fe6 ("selinux: rewrite selinux_sb_eat_lsm_opts()") One quick note about the subject line, instead of using "hooks:" you should use "selinux:" since this is specific to SELinux. If the patch did apply to the LSM framework as a whole, I would suggest using "lsm:" instead of "hooks:" as "hooks" is too ambiguous of a prefix. > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index 3ec702c..5a9e959 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -2635,6 +2635,8 @@ static int selinux_sb_eat_lsm_opts(char *options, void **mnt_opts) > *q++ = c; > } > arg = kmemdup_nul(arg, q - arg, GFP_KERNEL); > + if (!arg) > + return -ENOMEM; It seems like we should also check for, and potentially free *mnt_opts as the selinux_add_opt() error handling does just below this change, yes? If that is the case we might want to move that error handling code to the bottom of the function and jump there on error. > } > rc = selinux_add_opt(token, arg, mnt_opts); > if (unlikely(rc)) { -- paul moore www.paul-moore.com