From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751581AbdAYJcQ (ORCPT ); Wed, 25 Jan 2017 04:32:16 -0500 Received: from mout.web.de ([212.227.15.14]:59446 "EHLO mout.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751549AbdAYJcN (ORCPT ); Wed, 25 Jan 2017 04:32:13 -0500 Subject: [PATCH 1/3] ima_fs: One check less in ima_write_policy() after error detection To: linux-ima-devel@lists.sourceforge.net, linux-ima-user@lists.sourceforge.net, linux-security-module@vger.kernel.org, Dmitry Kasatkin , James Morris , Mimi Zohar , "Serge E. Hallyn" References: Cc: LKML , kernel-janitors@vger.kernel.org From: SF Markus Elfring Message-ID: <28a6918c-5714-cec8-2df7-85bcc37e4d75@users.sourceforge.net> Date: Wed, 25 Jan 2017 10:31:43 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:NwOzwNq/DPjZ8RZs2/GZ868Mf2jh5RbKO0vmz4jp9bAT0exnjSE 8aSfmmD7hup5WxxE4VRBZlJFTXVP4AuAqOmCLxD7ZVl3REIoc0gXPLUoz1ti5GTS9vChPE3 SvLh8uaNClMF2JwQB8gxmMMggfyGGnESXsEQqfyr8Sc658l5311WPcWJhTP4vAveGGmoyGv MZs44Ph4G55zky6hu3HIA== X-UI-Out-Filterresults: notjunk:1;V01:K0:zF1AkEUUV8Y=:4+3cXskWROIks3SHglpWLt 8rkVebT56KZgOBpn0bHLh2eICNHH5hNlkf1dLzuJgbuzPWGb1nI9m/HR8EfprL9cH7ythQAQf nEoLFQqHtd2KXBZ1fkocxJImaxMjuUROmBllsEv4oMJYuCz9hQyXfCnDzd/DBZkCEbOS3Pf2v +B+yGXVDoC+hk5Mp7SazYI/WjENmo5AlKuh3KzctyLllsZz7p3Y1wTp5F/3HJFnmRskaIzsVz OqzFuBWlm09w273mMCLpz5SFVjqeGE5dn6v5DOB+dKlrbB03yckHO+OawUH7vSAQQkXIFCnix X4SgQH8sul5iYt6kcYcJJU0baUlbiKAu+uuLh1aUzpMBx89l7jQezv6SCfRMqPAYtgTIYHfoJ rTPvYDPOo8SSSSEYUHxxzkAS+FlbRWPivTTW9TmQQEdqzPq1E9CmoOGHLuJRqlfQpoo0IfAS8 ypQXqgSOSq7/JauDCeJkbngt+lNHBVhfEWTA1v6wgXZoEbXl+XzKWOBfcTmSoSb006n58U7mZ xYVf2eu9q7emXx2yr56jK9EMG/dHWkoAgVPbsh30NxUnCVy0nV03GPhy2nmQHcaLNOButSu9Q LhTKR1bVPAL3Bs1lx0bzTwGmppvLs8YYip7VFC1VD05V25JEaUBcHm+nrovrWtkvWGjkuaZQ6 +QwGsnX4D/YEI5y4JXE1NZx7DnqP2wLJllSO5ueVePa/mKcmFphHzYQSM+cM89lUhBaWmWfsq +LdrV/PeyrnmKnVsgw7sbBoOQ8VGS8bXXTDyVDrwPuHhXPIwN5sTmf3O/Cb7pyemM6N+O1LNR FhxuwIn Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Markus Elfring Date: Tue, 24 Jan 2017 20:30:55 +0100 Move the jump label directly before the desired assignment for the variable "valid_policy" at the end so that the variable "result" will not be checked once more after it was determined that a received input parameter was not zero or a memory allocation failed. Use the identifier "reset_validity" instead of the label "out". Signed-off-by: Markus Elfring --- security/integrity/ima/ima_fs.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index ca303e5d2b94..c1c8d34d111d 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -321,12 +321,12 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf, /* No partial writes. */ result = -EINVAL; if (*ppos != 0) - goto out; + goto reset_validity; result = -ENOMEM; data = kmalloc(datalen + 1, GFP_KERNEL); if (!data) - goto out; + goto reset_validity; *(data + datalen) = '\0'; @@ -353,8 +353,8 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf, mutex_unlock(&ima_write_mutex); out_free: kfree(data); -out: if (result < 0) +reset_validity: valid_policy = 0; return result; -- 2.11.0