lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 13 Oct 2010 09:41:44 -0400
From:	Paul Moore <paul.moore@...com>
To:	Eric Paris <eparis@...hat.com>
Cc:	linux-kernel@...r.kernel.org, netfilter-devel@...r.kernel.org,
	netfilter@...r.kernel.org, jmorris@...ei.org,
	selinux@...ho.nsa.gov, sds@...ho.nsa.gov, jengelh@...ozas.de,
	linux-security-module@...r.kernel.org, mr.dash.four@...glemail.com,
	pablo@...filter.org
Subject: Re: [PATCH 4/5] conntrack: export lsm context rather than internal
 secid via netlink

On Tue, 2010-10-12 at 19:24 -0400, Eric Paris wrote:
> On Tue, 2010-10-12 at 19:14 -0400, Paul Moore wrote:
> > > -ctnetlink_dump_secmark(struct sk_buff *skb, const struct nf_conn *ct)
> > > +ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct)
> > >  {
> > > -	NLA_PUT_BE32(skb, CTA_SECMARK, htonl(ct->secmark));
> > > -	return 0;
> > > +	struct nlattr *nest_secctx;
> > > +	int len, ret;
> > > +	char *secctx;
> > > +
> > > +	ret = security_secid_to_secctx(ct->secmark, &secctx, &len);
> > > +	if (ret)
> > > +		return ret;
> > > +
> > > +	ret = -1;
> > > +	nest_secctx = nla_nest_start(skb, CTA_SECCTX | NLA_F_NESTED);
> > > +	if (!nest_secctx)
> > > +		goto nla_put_failure;
> > >  
> > > +	NLA_PUT_STRING(skb, CTA_SECCTX_NAME, secctx);
> > > +	nla_nest_end(skb, nest_secctx);
> > > +
> > > +	ret = 0;
> > >  nla_put_failure:
> > > -	return -1;
> > > +	security_release_secctx(secctx, len);
> > > +	return ret;
> > >  }
> > 
> > All the ret assignments bother me, I also don't think "nla_put_failure"
> > is a good choice since we run this code both on success and failure -
> > how about this:
> 
> #define NLA_PUT(skb, attrtype, attrlen, data) \
>         do { \
>                 if (unlikely(nla_put(skb, attrtype, attrlen, data) < 0)) \
>                         goto nla_put_failure; \
>         } while(0)
> 
> #define NLA_PUT_STRING(skb, attrtype, value) \
>         NLA_PUT(skb, attrtype, strlen(value) + 1, value)
> 
> so we can't get rid of the nla_put_failure tag and it also means your
> ret values aren't quite right, we have to set ret = -1 before the
> NLA_PUT_STRING()....

Ah, yes, forgot about those stupid macros and their pre-defined goto
labels ... I'm sure someone had a good reason for doing it that way, but
I've never been a fan of that approach (case in point).  I'd ask you to
use the "normal" nla_put_*() functions but I see that the rest of the
file uses the macros so it probably isn't worth it ... oh well.

Reviewed-by: Paul Moore <paul.moore@...com>

-- 
paul moore
linux @ hp


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ