From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751060AbdARWQ6 (ORCPT <rfc822;w@1wt.eu>);
        Wed, 18 Jan 2017 17:16:58 -0500
Received: from nm30-vm3.bullet.mail.ne1.yahoo.com ([98.138.91.160]:33298 "EHLO
        nm30-vm3.bullet.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1752697AbdARWQv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 18 Jan 2017 17:16:51 -0500
X-Yahoo-Newman-Id: 744292.12899.bm@smtp223.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: brh80JQVM1lfXl7O5_iKcDyIeRaNWj4o3JTIV3L5GJ8cpz1
 5r0dAL16kVOuI8f6ds5iadqYXzeVzgM.nsCPI081FXuJPYaIS0LSEbA7oLas
 xtRtyH_mu9yu4tRHXSPdcGcVHhZyzYnLRBbB0gtaSnBuaBLipQsfkuPrs1Sv
 0HhofL4ylWvKfxuGY_MfRro4KK_RJ5OA9tV_V6KXoD.xNUo5tjGENEvqvJPl
 cNHGkUDBwBbaNDRsr84ZGw7jptdw.RUUfrOjvl5tuPrcZEX4wrqQxTZwLJnm
 Sg24oEabJXyMo9af8Vs1gti1X.l.cA7dxV_gqWmKjozi12tbsKrBB8W9hsPl
 CUD7ASiHevxKjefdvESSCx7C5HymD8u3xy7B3SP51YuowLUHihilcEyt70q0
 888a8mf8inTLjXD6nE6qvM2Puon.rDuBI1ZlTe8lBJFAgvvK8cVay1WED0zs
 AlpyZGnsaNlOQsi2CrYtqFir7C2DkupF9ThwkkFJwIw3lUNB2g74BEs12Odw
 NMNni3WDg1P96yCZulbl3HhaWFRbQAMPwDi9CgRv34zEETE6hnZ1Mx_M-
X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw--
Subject: Re: [PATCH] LSM: Add a Smack subdirectory in /proc/.../attr
To: Alexey Dobriyan <adobriyan@gmail.com>
References: <b7abb223-4211-adb4-c2fa-39d895cda1bc@schaufler-ca.com>
 <20170118235207.GA17613@avx2>
Cc: LSM <linux-security-module@vger.kernel.org>,
        LKLM <linux-kernel@vger.kernel.org>, James Morris <jmorris@namei.org>,
        Kees Cook <keescook@chromium.org>
From: Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <27283986-6b16-9a07-29c8-f484109eca18@schaufler-ca.com>
Date: Wed, 18 Jan 2017 14:16:33 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <20170118235207.GA17613@avx2>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 1/18/2017 3:52 PM, Alexey Dobriyan wrote:
> On Wed, Jan 18, 2017 at 11:07:19AM -0800, Casey Schaufler wrote:
>
>> -int security_getprocattr(struct task_struct *p, char *name, char **value)
>> +int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
>> +				char **value)
>>  {
>> -	return call_int_hook(getprocattr, -EINVAL, p, name, value);
>> +	struct security_hook_list *hp;
>> +	int rc = -EINVAL;
> This is dead write.

So it is. I will fix and repost after testing.

>
>> +	list_for_each_entry(hp, &security_hook_heads.getprocattr, list) {
>> +		if (lsm != NULL && strcmp(lsm, hp->lsm))
>> +			continue;
>> +		rc = hp->hook.getprocattr(p, name, value);
>> +		if (rc != -ENOENT)
>> +			return rc;
>> +	}
>> +	return -EINVAL;		<-------+
> 					|
>> -int security_setprocattr(struct task_|struct *p, char *name, void *value, size_t size)
>> +int security_setprocattr(struct task_|struct *p, const char *lsm, char *name,
>> +				void *va|lue, size_t size)
>>  {					|
>> -	return call_int_hook(setprocattr|, -EINVAL, p, name, value, size);
>> +	struct security_hook_list *hp;	|
>> +	int rc = -EINVAL;		|
> 					|
> This one is not.			|
> 					|
>> +					|
>> +	list_for_each_entry(hp, &securit|y_hook_heads.setprocattr, list) {
>> +		if (lsm != NULL && strcm|p(lsm, hp->lsm))
>> +			continue;	|
>> +		rc = hp->hook.setprocatt|r(p, name, value, size);
>> +		if (rc != -ENOENT)	|
>> +			break;		|
>> +	}				|
>> +	return rc;		<-------+