smackfs: check for allocation failures in smk_set_access()

smackfs: check for allocation failures in smk_set_access() While adding a new subject/object pair to smack_list, smk_set_access() didn't check the return of kzalloc(). This patch changes smk_set_access() to return 0 or -ENOMEM, based on kzalloc()'s return. It also updates its caller, smk_write_load(), to check for smk_set_access()'s return, given it is no longer a void return function. Signed-off-by: Sergio Luis <sergio@larces.uece.br> To: Casey Schaufler <casey@schaufler-ca.com> Cc: Ahmed S. Darwish <darwish.07@gmail.com> Cc: LSM <linux-security-module@vger.kernel.org> Cc: LKLM <linux-kernel@vger.kernel.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com>

smackfs: check for allocation failures in smk_set_access()
smackfs: check for allocation failures in smk_set_access() While adding a new subject/object pair to smack_list, smk_set_access() didn't check the return of kzalloc(). This patch changes smk_set_access() to return 0 or -ENOMEM, based on kzalloc()'s return. It also updates its caller, smk_write_load(), to check for smk_set_access()'s return, given it is no longer a void return function. Signed-off-by: Sergio Luis <sergio@larces.uece.br> To: Casey Schaufler <casey@schaufler-ca.com> Cc: Ahmed S. Darwish <darwish.07@gmail.com> Cc: LSM <linux-security-module@vger.kernel.org> Cc: LKLM <linux-kernel@vger.kernel.org> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Sergio Luis · James Morris
1 parent 7419224691
Showing 1 changed file with 16 additions and 4 deletions Side-by-side Diff
security/smack/smackfs.c
@@ -185,11 +185,15 @@
  * the subject/object pair and replaces the access that was
  * there. If the pair isn't found add it with the specified
  * access.
+ *
+ * Returns 0 if nothing goes wrong or -ENOMEM if it fails
+ * during the allocation of the new pair to add.
  */
-static void smk_set_access(struct smack_rule *srp)
+static int smk_set_access(struct smack_rule *srp)
 {
 	struct smk_list_entry *sp;
 	struct smk_list_entry *newp;
+	int ret = 0;
  
 	mutex_lock(&smack_list_lock);
  
  
  
@@ -202,14 +206,20 @@
  
 	if (sp == NULL) {
 		newp = kzalloc(sizeof(struct smk_list_entry), GFP_KERNEL);
+		if (newp == NULL) {
+			ret = -ENOMEM;
+			goto out;
+		}
+
 		newp->smk_rule = *srp;
 		newp->smk_next = smack_list;
 		smack_list = newp;
 	}
  
+out:
 	mutex_unlock(&smack_list_lock);
  
-	return;
+	return ret;
 }
  
 /**
@@ -309,8 +319,10 @@
 		goto out;
 	}
  
-	smk_set_access(&rule);
-	rc = count;
+	rc = smk_set_access(&rule);
+
+	if (!rc)
+		rc = count;
  
 out:
 	kfree(data);
...	...	@@ -185,11 +185,15 @@
185	185	* the subject/object pair and replaces the access that was
186	186	* there. If the pair isn't found add it with the specified
187	187	* access.
	188	+ *
	189	+ * Returns 0 if nothing goes wrong or -ENOMEM if it fails
	190	+ * during the allocation of the new pair to add.
188	191	*/
189		-static void smk_set_access(struct smack_rule *srp)
	192	+static int smk_set_access(struct smack_rule *srp)
190	193	{
191	194	struct smk_list_entry *sp;
192	195	struct smk_list_entry *newp;
	196	+ int ret = 0;
193	197
194	198	mutex_lock(&smack_list_lock);
195	199
196	200
197	201
...	...	@@ -202,14 +206,20 @@
202	206
203	207	if (sp == NULL) {
204	208	newp = kzalloc(sizeof(struct smk_list_entry), GFP_KERNEL);
	209	+ if (newp == NULL) {
	210	+ ret = -ENOMEM;
	211	+ goto out;
	212	+ }
	213	+
205	214	newp->smk_rule = *srp;
206	215	newp->smk_next = smack_list;
207	216	smack_list = newp;
208	217	}
209	218
	219	+out:
210	220	mutex_unlock(&smack_list_lock);
211	221
212		- return;
	222	+ return ret;
213	223	}
214	224
215	225	/**
...	...	@@ -309,8 +319,10 @@
309	319	goto out;
310	320	}
311	321
312		- smk_set_access(&rule);
313		- rc = count;
	322	+ rc = smk_set_access(&rule);
	323	+
	324	+ if (!rc)
	325	+ rc = count;
314	326
315	327	out:
316	328	kfree(data);