Received: by 2002:a05:622a:1442:b0:3a5:28ea:c4b9 with SMTP id v2csp737193qtx; Mon, 31 Oct 2022 12:38:36 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7GZV9jJqSzluL7cV0CEmv3P8VxHB78TaKSwGc5qIANWmuMuf7tnnREMaVoy/rZrba6p/H7 X-Received: by 2002:a17:907:2cd8:b0:7ad:c8c0:265e with SMTP id hg24-20020a1709072cd800b007adc8c0265emr8614692ejc.43.1667245116593; Mon, 31 Oct 2022 12:38:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667245116; cv=none; d=google.com; s=arc-20160816; b=gkc+TwUC9JKLejoyqwBlg6TeVqqdmz4B+Cosb6096VDg8DYp0EfVky4feEUgM8ZAAE 9NVjcjplojrcW2kN0B8fBy6O7Efju6+01CFCBXVst2L2whWKynRfq8YOOa6Pn9xJn7a6 ONkrY0Hj5r4L5EZB7G+blzrNanyiBDlVl5KjUYBWL5VtnXu9vZCoIC1AKO0J4/J0F/kI lt+X0PGfAJ/I9BPYDDWIn0wtPUxol1jj9nJ7QdGdvaKAMiCHvPz73wMP383NpPavP8+N g3B5pUhH2psSgAw6nXM84QeIvZ6aba0/QGKU2GGKGr3Xz+QHuNTvinPTJIo0az7xuH6/ uyKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=sciERuMLNoW/sQvWoRQ/tsCXdcXQIXsZ9vYLgBntz0s=; b=0nItlUhiidq9mBmDDaSCLRdsbp/o7BwjHDclqQ4kp3UQBkrnrPcLgjOyoCSfbhPJnB IMRDr0YkAeKIFusweozenevFz34/C1E6+JlYGwVsI5iaNM1HbXg79MKodOwXptJf/6AW 6V8dX5muWNSFHJy0PDEx217Fh1FZ/9y1efepg8QDCgFWe5MBqdUcV35H1AtKJ4yhteyt /CZFTuODWwR5Xnvb3iIcr4wjGhW52gwP98fsvqre4hVvDXAewBDCnHwmLXRQd5raoMq3 fE8pW0BMVAKJ1LhEeba1l6GL4vDqjbWTsSWfzMhSfB2M7wNU1BcNshGraLLP9CfQhOo5 k8QQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="PRwNE+r/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m17-20020a50c191000000b004597671e0ddsi7497714edf.338.2022.10.31.12.38.13; Mon, 31 Oct 2022 12:38:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b="PRwNE+r/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230006AbiJaTWv (ORCPT + 98 others); Mon, 31 Oct 2022 15:22:51 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42056 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229479AbiJaTWs (ORCPT ); Mon, 31 Oct 2022 15:22:48 -0400 Received: from mail-qv1-xf2f.google.com (mail-qv1-xf2f.google.com [IPv6:2607:f8b0:4864:20::f2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01AAB12AD4 for ; Mon, 31 Oct 2022 12:22:47 -0700 (PDT) Received: by mail-qv1-xf2f.google.com with SMTP id j6so8933489qvn.12 for ; Mon, 31 Oct 2022 12:22:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sciERuMLNoW/sQvWoRQ/tsCXdcXQIXsZ9vYLgBntz0s=; b=PRwNE+r/CecIAk6SsdRE0zAYb5VIWHJOUdwJPZGYrHEikyM2x2cWKL19AfuzpMpYah tvlSiLkCpXdKtms6gHrNBQS3dYEs6kJ08xwGpB/o8ZOi2aV7agzVKttckPIAWWGIJsIt eMEEyEXkV3CMMjMCzuTbtiXbV2AAF8rr0FpW8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sciERuMLNoW/sQvWoRQ/tsCXdcXQIXsZ9vYLgBntz0s=; b=cZ8r/7ki6/5gdGMByls/7eD83/K/+T/dKNNz4d/IBjW2JXI/yObkSvd6VB2DhHDK2X +mvLigEU/yZDKdIoH1KJFtPlgWnKasoFRIHnc7j5/ALzugzG6YBNINU1NtqBjlHFNACt sNbTPeVRdUx9iHY7btZjtAhrQReRkcLos3woHRG6W3TjgTYyWTDXqWnPu2R3ikADqj5e ZyKyO0QqLqGZImTecj7WjCu0QRhBn2RNFfKZE2fYj3QYufo0MTbPgWfi2e1VOvsIfpdB 63HydX/1XgNnE2VyzX5/3rQkp0bSz6mrt6lIxtck68PkQQP+nPFvdkmb5SDRLymv8H2M QTgA== X-Gm-Message-State: ACrzQf2eBnYWXb9LlLfs0y1CfyW6h/4lEcQG7e9j3EtL0J18IBGA64ul xLft0O/TY+yKkTav8pFKRnW4Zwyr0+66UA== X-Received: by 2002:a05:6214:20ee:b0:4bb:938a:a0ff with SMTP id 14-20020a05621420ee00b004bb938aa0ffmr12402443qvk.120.1667244166795; Mon, 31 Oct 2022 12:22:46 -0700 (PDT) Received: from mail-yw1-f178.google.com (mail-yw1-f178.google.com. [209.85.128.178]) by smtp.gmail.com with ESMTPSA id bs11-20020ac86f0b000000b0039cc82a319asm4053874qtb.76.2022.10.31.12.22.46 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 31 Oct 2022 12:22:46 -0700 (PDT) Received: by mail-yw1-f178.google.com with SMTP id 00721157ae682-3321c2a8d4cso117152357b3.5 for ; Mon, 31 Oct 2022 12:22:46 -0700 (PDT) X-Received: by 2002:a81:114e:0:b0:36a:fc80:fa62 with SMTP id 75-20020a81114e000000b0036afc80fa62mr15021131ywr.58.1667244165839; Mon, 31 Oct 2022 12:22:45 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Linus Torvalds Date: Mon, 31 Oct 2022 12:22:29 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [GIT PULL] LSM fixes for v6.1 (#1) To: Paul Moore Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 31, 2022 at 4:07 AM Paul Moore wrote: > > A single patch to the capabilities code to fix a potential memory leak > in the xattr allocation error handling. Please apply for v6.1-rcX. Pulled. However, I react to the strange test condition. Sure, it's pre-existing, but does it really make sense? It does + if (ret < 0 || !tmpbuf) { + size = ret; + goto out_free; + } and how the heck can 'tmpbuf' be NULL if vfs_getxattr_alloc() succeeded? I think that's not only impossible in the first place, but if it *was* possible, then that size = ret; goto out_free; would be wrong, because this function would return success even if it wasn't successful. That whole "cast to int, and then cast back to size_t" also smells of some serious confusion in the return value handling. It looks to me like vfs_getxattr_alloc() fundamentally returns an 'int', not a 'ssize_t', just by looking at the ->get function. But it just all looks weird. So this code has all kinds of oddities. Linus