lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 11 Nov 2016 15:32:23 +0530
From:   Vivek Gautam <vivek.gautam@...eaurora.org>
To:     Sachin Shukla <sachin.s5@...sung.com>
Cc:     "Eric W. Biederman" <ebiederm@...ssion.com>,
        Kees Cook <keescook@...omium.org>,
        Serge Hallyn <serge@...lyn.com>,
        Andrey Vagin <avagin@...nvz.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        sachiniiitm@...il.com, ravikant.s2@...sung.com,
        p.shailesh@...sung.com, ashish.kalra@...sung.com,
        vidushi.koul@...sung.com
Subject: Re: [PATCH] Kernel: Improvement in code readability when
 memdup_user_nul() fails.

On Fri, Nov 11, 2016 at 2:37 PM, Sachin Shukla <sachin.s5@...sung.com> wrote:
> From: "Sachin Shukla" <sachin.s5@...sung.com>
>
> There is no need to call kfree() if memdup_user_nul() fails, as no memory
> was allocated and the error in the error-valued pointer should be returned.
>
> Signed-off-by: Sachin Shukla <sachin.s5@...sung.com>
> ---
>  kernel/user_namespace.c |   25 ++++++++++++++-----------
>  1 file changed, 14 insertions(+), 11 deletions(-)
>
> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
> index 86b7854..a0ffbf0 100644
> --- a/kernel/user_namespace.c
> +++ b/kernel/user_namespace.c
> @@ -672,28 +672,31 @@ static ssize_t map_write(struct file *file, const char __user *buf,
>          */
>         mutex_lock(&userns_state_mutex);
>
> -       ret = -EPERM;
>         /* Only allow one successful write to the map */
> -       if (map->nr_extents != 0)
> -               goto out;
> +       if (map->nr_extents != 0) {
> +               mutex_unlock(&userns_state_mutex);
> +               return -EPERM;
> +       }
>
>         /*
>          * Adjusting namespace settings requires capabilities on the target.
>          */
> -       if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN))
> -               goto out;
> +       if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN)) {
> +               mutex_unlock(&userns_state_mutex);
> +               return -EPERM;
> +       }
>
>         /* Only allow < page size writes at the beginning of the file */
> -       ret = -EINVAL;
> -       if ((*ppos != 0) || (count >= PAGE_SIZE))
> -               goto out;
> +       if ((*ppos != 0) || (count >= PAGE_SIZE)) {
> +               mutex_unlock(&userns_state_mutex);
> +               return -EINVAL;
> +       }
>
>         /* Slurp in the user data */
>         kbuf = memdup_user_nul(buf, count);
>         if (IS_ERR(kbuf)) {
> -               ret = PTR_ERR(kbuf);
> -               kbuf = NULL;
> -               goto out;
> +               mutex_unlock(&userns_state_mutex);
> +               return PTR_ERR(kbuf);
>         }

you may as well just move kfree() to a new error label, and
let 'out' do only mutex_unlock() and return ret.

Also remove the initialization of ret variable at the time of its
declaration. That doesn't make sense, since ret is initialized to
new values in this function anyways.


Thanks
Vivek

-- 
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ