From: "Schaufler, Casey" <casey.schaufler@intel.com>
To: Al Viro <viro@zeniv.linux.org.uk>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
linux-security-module <linux-security-module@vger.kernel.org>
Subject: RE: [PATCH 3/5] ->getprocattr(): attribute name is const char *, TYVM...
Date: Thu, 18 Aug 2022 18:34:17 +0000 [thread overview]
Message-ID: <PH7PR11MB63534293F9BD648D0FD0DB3EFD6D9@PH7PR11MB6353.namprd11.prod.outlook.com> (raw)
In-Reply-To: <Yv2q6/bVtQgB07k4@ZenIV>
> -----Original Message-----
> From: Al Viro <viro@ftp.linux.org.uk> On Behalf Of Al Viro
> Sent: Wednesday, August 17, 2022 7:59 PM
> To: linux-fsdevel@vger.kernel.org
> Cc: linux-kernel@vger.kernel.org
> Subject: [PATCH 3/5] ->getprocattr(): attribute name is const char *, TYVM...
>
> cast of ->d_name.name to char * is completely wrong - nothing is
> allowed to modify its contents.
>
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Could we please have the LSM list included when making changes in
the security sub-system?
Thank you.
> ---
> fs/proc/base.c | 2 +-
> include/linux/lsm_hook_defs.h | 2 +-
> include/linux/security.h | 4 ++--
> security/apparmor/lsm.c | 2 +-
> security/security.c | 4 ++--
> security/selinux/hooks.c | 2 +-
> security/smack/smack_lsm.c | 2 +-
> 7 files changed, 9 insertions(+), 9 deletions(-)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 93f7e3d971e4..e347b8ce140c 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2728,7 +2728,7 @@ static ssize_t proc_pid_attr_read(struct file * file,
> char __user * buf,
> return -ESRCH;
>
> length = security_getprocattr(task, PROC_I(inode)->op.lsm,
> - (char*)file->f_path.dentry-
> >d_name.name,
> + file->f_path.dentry->d_name.name,
> &p);
> put_task_struct(task);
> if (length > 0)
> diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h
> index 806448173033..03360d27bedf 100644
> --- a/include/linux/lsm_hook_defs.h
> +++ b/include/linux/lsm_hook_defs.h
> @@ -253,7 +253,7 @@ LSM_HOOK(int, 0, sem_semop, struct kern_ipc_perm
> *perm, struct sembuf *sops,
> LSM_HOOK(int, 0, netlink_send, struct sock *sk, struct sk_buff *skb)
> LSM_HOOK(void, LSM_RET_VOID, d_instantiate, struct dentry *dentry,
> struct inode *inode)
> -LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, char *name,
> +LSM_HOOK(int, -EINVAL, getprocattr, struct task_struct *p, const char
> *name,
> char **value)
> LSM_HOOK(int, -EINVAL, setprocattr, const char *name, void *value, size_t
> size)
> LSM_HOOK(int, 0, ismaclabel, const char *name)
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 1bc362cb413f..93488c01d9bd 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -461,7 +461,7 @@ int security_sem_semctl(struct kern_ipc_perm *sma,
> int cmd);
> int security_sem_semop(struct kern_ipc_perm *sma, struct sembuf *sops,
> unsigned nsops, int alter);
> void security_d_instantiate(struct dentry *dentry, struct inode *inode);
> -int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
> +int security_getprocattr(struct task_struct *p, const char *lsm, const char
> *name,
> char **value);
> int security_setprocattr(const char *lsm, const char *name, void *value,
> size_t size);
> @@ -1301,7 +1301,7 @@ static inline void security_d_instantiate(struct
> dentry *dentry,
> { }
>
> static inline int security_getprocattr(struct task_struct *p, const char *lsm,
> - char *name, char **value)
> + const char *name, char **value)
> {
> return -EINVAL;
> }
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index e29cade7b662..f56070270c69 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -614,7 +614,7 @@ static int apparmor_sb_pivotroot(const struct path
> *old_path,
> return error;
> }
>
> -static int apparmor_getprocattr(struct task_struct *task, char *name,
> +static int apparmor_getprocattr(struct task_struct *task, const char *name,
> char **value)
> {
> int error = -ENOENT;
> diff --git a/security/security.c b/security/security.c
> index 14d30fec8a00..d8227531e2fd 100644
> --- a/security/security.c
> +++ b/security/security.c
> @@ -2057,8 +2057,8 @@ void security_d_instantiate(struct dentry *dentry,
> struct inode *inode)
> }
> EXPORT_SYMBOL(security_d_instantiate);
>
> -int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
> - char **value)
> +int security_getprocattr(struct task_struct *p, const char *lsm,
> + const char *name, char **value)
> {
> struct security_hook_list *hp;
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 79573504783b..c8168d19fb96 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -6327,7 +6327,7 @@ static void selinux_d_instantiate(struct dentry
> *dentry, struct inode *inode)
> }
>
> static int selinux_getprocattr(struct task_struct *p,
> - char *name, char **value)
> + const char *name, char **value)
> {
> const struct task_security_struct *__tsec;
> u32 sid;
> diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
> index 001831458fa2..434b348d8fcd 100644
> --- a/security/smack/smack_lsm.c
> +++ b/security/smack/smack_lsm.c
> @@ -3479,7 +3479,7 @@ static void smack_d_instantiate(struct dentry
> *opt_dentry, struct inode *inode)
> *
> * Returns the length of the smack label or an error code
> */
> -static int smack_getprocattr(struct task_struct *p, char *name, char
> **value)
> +static int smack_getprocattr(struct task_struct *p, const char *name, char
> **value)
> {
> struct smack_known *skp = smk_of_task_struct_obj(p);
> char *cp;
> --
> 2.30.2
next prev parent reply other threads:[~2022-08-18 18:34 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-18 2:57 [PATCH 1/5] dynamic_dname(): drop unused dentry argument Al Viro
2022-08-18 2:58 ` [PATCH 2/5] ksmbd: don't open-code file_path() Al Viro
2022-08-18 6:19 ` Namjae Jeon
2022-08-18 2:58 ` [PATCH 3/5] ->getprocattr(): attribute name is const char *, TYVM Al Viro
2022-08-18 18:34 ` Schaufler, Casey [this message]
2022-08-26 7:45 ` Christian Brauner
2022-08-18 2:59 ` [PATCH 4/5] ksmbd: don't open-code %pf Al Viro
2022-08-18 6:08 ` Namjae Jeon
2022-08-18 20:35 ` Al Viro
2022-08-18 23:26 ` Namjae Jeon
2022-08-20 3:47 ` Al Viro
2022-08-20 5:44 ` Namjae Jeon
2022-08-20 15:33 ` Al Viro
2022-08-21 2:06 ` Steve French
2022-08-18 2:59 ` [PATCH 5/5] d_path.c: typo fix Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH7PR11MB63534293F9BD648D0FD0DB3EFD6D9@PH7PR11MB6353.namprd11.prod.outlook.com \
--to=casey.schaufler@intel.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).