lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 7 Aug 2014 12:31:15 +0200
From:	Geert Uytterhoeven <geert@...ux-m68k.org>
To:	Paul Moore <pmoore@...hat.com>
Cc:	linux-security-module@...r.kernel.org,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: sel_netif_init: 'err' is used uninitialized (was: Re: selinux: reduce
 the number of calls to synchronize_net() when flushing caches)

On Wed, Aug 6, 2014 at 6:27 PM, Linux Kernel Mailing List
<linux-kernel@...r.kernel.org> wrote:
> Gitweb:     http://git.kernel.org/linus/;a=commit;h=615e51fdda6f274e94b1e905fcaf6111e0d9aa20
> Commit:     615e51fdda6f274e94b1e905fcaf6111e0d9aa20
> Parent:     f31e799459659ae88c341aeac16a8a5efb1271d4
> Refname:    refs/heads/master
> Author:     Paul Moore <pmoore@...hat.com>
> AuthorDate: Thu Jun 26 14:33:56 2014 -0400
> Committer:  Paul Moore <pmoore@...hat.com>
> CommitDate: Thu Jun 26 14:33:56 2014 -0400
>
>     selinux: reduce the number of calls to synchronize_net() when flushing caches
>
>     When flushing the AVC, such as during a policy load, the various
>     network caches are also flushed, with each making a call to
>     synchronize_net() which has shown to be expensive in some cases.
>     This patch consolidates the network cache flushes into a single AVC
>     callback which only calls synchronize_net() once for each AVC cache
>     flush.

> --- a/security/selinux/netif.c
> +++ b/security/selinux/netif.c

> @@ -291,10 +282,6 @@ static __init int sel_netif_init(void)
>
>         register_netdevice_notifier(&sel_netif_netdev_notifier);
>
> -       err = avc_add_callback(sel_netif_avc_callback, AVC_CALLBACK_RESET);
> -       if (err)
> -               panic("avc_add_callback() failed, error %d\n", err);
> -
>         return err;

security/selinux/netif.c: In function ‘sel_netif_init’:
/scratch/geert/linux/linux-m68k/security/selinux/netif.c:285: warning:
‘err’ is used uninitialized in this function

Should it just return 0, like before?
Or should it return the return value of register_netdevice_notifier() instead,
which also returns an error code? Or is that failure non-critical?

>  }

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists