Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp4664065ybi; Mon, 3 Jun 2019 15:05:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqyaBt/jOGpOp0556bBEwDq55bCEZPiurcObkAHKV/wQ5PrVashh3fJhmuwG0Ceksf5SNPsc X-Received: by 2002:a63:364f:: with SMTP id d76mr31488139pga.100.1559599537063; Mon, 03 Jun 2019 15:05:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1559599537; cv=none; d=google.com; s=arc-20160816; b=cbhhxSsZD7J2AZXwYElk+yTlPuIV6tUiJ1GuG9lbx3v9AMue3IuPzX5g3RvB0XICVK TClG7Zq/zWjgjW1PaM8b8UyvXlbmU5DtK+TjeI920G/M4cW1hz8ShcMSdHrI48zNHsyq /u5kLjbBf5OFFlei3lnl299XFrQ9Z/CbyhSxqhb8cGKDDAqq0MiCXNWdi2XBZWBKbx5C MBrJp8d8NK3JPFvwlesOsZzwjB6NkhdyxcKoW7t3uoCwNlDRFkw04x7s7y/+bsew5vHd CI+qUu6bXEvCi8x/xWhrSZPlwIX6OsHSVbz42jn+Yj24FoI3eYJ59qH6/OH2f1EIwoXe CwSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=9i0fLB3ctHjhbMv4GYPOBusi0dAWBcq7kpoGxU/5uy0=; b=lcTpWb4A430zHPnmWULlnU2MkO170qgDhg9Qy5h0lrbbf4NpuOfQH4XHFhZiwqQmDI iKjliJEN7q4bwaxPwv95k35jpCMko/eQ4lTsdKNZlajycmcSZHYU2MHNdZcM3rZHkhK3 BwHf8VKOkAKnD2Xo+t64nH2iisY4X89Qer+vrS50scshd0g/78GOBXLpaHbFpPE7wfBU ExGV1VEIdnv9cuaVaxIzM8pqFtViqmiqSfc2gpBGH7CjuUZvFi2U4k/O6PiUf1TMtAqP PxYplcmWKHDEKT1aXt3oWrnBgfT0y7WlxzczoI/2jOELL5YxPTX0aiVH0HbykzMChwCu WxVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=ONMCeqFi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f12si1510274pgr.419.2019.06.03.15.05.20; Mon, 03 Jun 2019 15:05:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=ONMCeqFi; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726681AbfFCWDD (ORCPT + 99 others); Mon, 3 Jun 2019 18:03:03 -0400 Received: from mail-lj1-f194.google.com ([209.85.208.194]:45624 "EHLO mail-lj1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726241AbfFCWDD (ORCPT ); Mon, 3 Jun 2019 18:03:03 -0400 Received: by mail-lj1-f194.google.com with SMTP id r76so17720746lja.12 for ; Mon, 03 Jun 2019 15:03:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9i0fLB3ctHjhbMv4GYPOBusi0dAWBcq7kpoGxU/5uy0=; b=ONMCeqFi2tN4KQtO8Da4s9yG59tc8l/KfFqoS1qMjM18ZALi+QRdNvLyvmqjblfODX AEDDqvyyVbhpxg/VK23dTgeYdOCNfUAeN9FMKxPHyN0oOgeZXok+ZdnjAU71ZRwhjRcZ RKItIQEhhsnBqu68xNOZ4kGcM7U88snPqRtDsLUEx8rf3Yhzq0Qic4T7B76sFqZf00i7 AElPiJoLHOF+jb7bESf1g+jcZihky+tgr51oHeOGb6U4JSkGjP+rWTQfsGba+S3nPimu AO4tBX9I8ylLnCTVAKVNnUMY5lmasvu4gqpdI4OdGfoDFbNCBNxdy/VApJOD7Zps4aJo qZmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9i0fLB3ctHjhbMv4GYPOBusi0dAWBcq7kpoGxU/5uy0=; b=tc/DcvpVEWs/+XK9/41WE02qbgX2nGqCKtjXcz7KTvYugd2qgHm5KQ25IV4EERwV/U CfZS6T4GNBr1PmQ4K9W3OiAmRdiugyZd7vdPNeq+lRANtfEWeHTuwyiLypF7BQqvKMEz bxIZT1DCGBosvRlxiTTQrBAcvhskZ25N+1WLL/OAeDd72NsUtk/y2fKkWwRYbNsrfMdn UU4pOBmCXUz8QC0snZTJo5SswEFXoddNg1zaduPbGNvdbOY8h9i4DfTL59cMaKZ0u90y OGYAZfq2CUaxenMzOMkGHPZzMgoeKUTc8jw1UEr/8G6uEEFHD52bKHIEtG4BBh+mtRte mLRA== X-Gm-Message-State: APjAAAXxFJifEcpexTYfzQPs6fx1DfOK+AB9CFlfccpqpcOGI/aDj07r OGgqxFs7kBp/UwAeJmBmR4vTGm4MQaxYcXD+BDjO X-Received: by 2002:a2e:900e:: with SMTP id h14mr14762142ljg.77.1559595589392; Mon, 03 Jun 2019 13:59:49 -0700 (PDT) MIME-Version: 1.0 References: <20190601021526.GA8264@zhanggen-UX430UQ> <20190601022527.GR17978@ZenIV.linux.org.uk> <20190601024459.GA8563@zhanggen-UX430UQ> In-Reply-To: <20190601024459.GA8563@zhanggen-UX430UQ> From: Paul Moore Date: Mon, 3 Jun 2019 16:59:38 -0400 Message-ID: Subject: Re: [PATCH v3] selinux: lsm: fix a missing-check bug in selinux_sb_eat_lsm_opts() To: Gen Zhang Cc: Al Viro , Stephen Smalley , Eric Paris , omosnace@redhat.com, selinux@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, bpf@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 31, 2019 at 10:45 PM Gen Zhang wrote: > On Sat, Jun 01, 2019 at 03:25:27AM +0100, Al Viro wrote: > > On Sat, Jun 01, 2019 at 10:15:26AM +0800, Gen Zhang wrote: > > > In selinux_sb_eat_lsm_opts(), 'arg' is allocated by kmemdup_nul(). It > > > returns NULL when fails. So 'arg' should be checked. And 'mnt_opts' > > > should be freed when error. > > > > What's the latter one for? On failure we'll get to put_fs_context() > > pretty soon, so > > security_free_mnt_opts(&fc->security); > > will be called just fine. Leaving it allocated on failure is fine... > Paul Moore wrote: > >It seems like we should also check for, and potentially free *mnt_opts > >as the selinux_add_opt() error handling does just below this change, > >yes? If that is the case we might want to move that error handling > >code to the bottom of the function and jump there on error. > I am not familiar with this part. So could you please show the function > call sequence? I'm not sure I understand your question above, but I did review your latest patch and agree with Ondrej's comment regarding the ret/rc variable. If you make that change I think we can merge this into selinux/stable-5.2. -- paul moore www.paul-moore.com