Merge tag 'Smack-for-5.8' of git://github.com/cschaufler/smack-next

Pull smack updates from Casey Schaufler: "Clean out dead code and repair an out-of-bounds warning" * tag 'Smack-for-5.8' of git://github.com/cschaufler/smack-next: Smack: Remove unused inline function smk_ad_setfield_u_fs_path_mnt Smack:- Remove redundant inode_smack cache Smack:- Remove mutex lock "smk_lock" from inode_smack Smack: slab-out-of-bounds in vsscanf smack: remove redundant structure variable from header. smack: avoid unused 'sip' variable warning

Merge tag 'Smack-for-5.8' of git://github.com/cschaufler/smack-next
Pull smack updates from Casey Schaufler: "Clean out dead code and repair an out-of-bounds warning" * tag 'Smack-for-5.8' of git://github.com/cschaufler/smack-next: Smack: Remove unused inline function smk_ad_setfield_u_fs_path_mnt Smack:- Remove redundant inode_smack cache Smack:- Remove mutex lock "smk_lock" from inode_smack Smack: slab-out-of-bounds in vsscanf smack: remove redundant structure variable from header. smack: avoid unused 'sip' variable warning
acf25aa6 · Linus Torvalds · a484a497 · ef26650a · acf25aa6 · acf25aa6
Commit acf25aa6 authored Jun 04, 2020 by Linus Torvalds
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 43 deletions

security/smack/smack.h security/smack/smack.h +0 -12

security/smack/smack_lsm.c security/smack/smack_lsm.c +11 -31

security/smack/smackfs.c security/smack/smackfs.c +10 -0

No files found.
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -109,9 +109,7 @@ struct inode_smack {
 	struct smack_known	*smk_inode;	/* label of the fso */
 	struct smack_known	*smk_task;	/* label of the task */
 	struct smack_known	*smk_mmap;	/* label of the mmap domain */
-	struct mutex		smk_lock;	/* initialization lock */
 	int			smk_flags;	/* smack inode flags */
-	struct rcu_head         smk_rcu;	/* for freeing inode_smack */
 };
 struct task_smack {
@@ -148,7 +146,6 @@ struct smk_net4addr {
 	struct smack_known	*smk_label;	/* label */
 };
-#if IS_ENABLED(CONFIG_IPV6)
 /*
 * An entry in the table identifying IPv6 hosts.
 */
@@ -159,9 +156,7 @@ struct smk_net6addr {
 	int			smk_masks;	/* mask size */
 	struct smack_known	*smk_label;	/* label */
 };
-#endif /* CONFIG_IPV6 */
-#ifdef SMACK_IPV6_PORT_LABELING
 /*
 * An entry in the table identifying ports.
 */
@@ -174,7 +169,6 @@ struct smk_port_label {
 	short			smk_sock_type;	/* Socket type */
 	short			smk_can_reuse;
 };
-#endif /* SMACK_IPV6_PORT_LABELING */
 struct smack_known_list_elem {
 	struct list_head	list;
@@ -335,9 +329,7 @@ extern struct smack_known smack_known_web;
 extern struct mutex	smack_known_lock;
 extern struct list_head smack_known_list;
 extern struct list_head smk_net4addr_list;
-#if IS_ENABLED(CONFIG_IPV6)
 extern struct list_head smk_net6addr_list;
-#endif /* CONFIG_IPV6 */
 extern struct mutex     smack_onlycap_lock;
 extern struct list_head smack_onlycap_list;
@@ -505,10 +497,6 @@ static inline void smk_ad_setfield_u_fs_path_dentry(struct smk_audit_info *a,
 						    struct dentry *d)
 {
 }
-static inline void smk_ad_setfield_u_fs_path_mnt(struct smk_audit_info *a,
-						 struct vfsmount *m)
-{
-}
 static inline void smk_ad_setfield_u_fs_inode(struct smk_audit_info *a,
 					      struct inode *i)
 {

--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -50,11 +50,8 @@
 #define SMK_RECEIVING	1
 #define SMK_SENDING	2
-#ifdef SMACK_IPV6_PORT_LABELING
+static DEFINE_MUTEX(smack_ipv6_lock);
-DEFINE_MUTEX(smack_ipv6_lock);
 static LIST_HEAD(smk_ipv6_port_list);
-#endif
-static struct kmem_cache *smack_inode_cache;
 struct kmem_cache *smack_rule_cache;
 int smack_enabled;
@@ -316,7 +313,6 @@ static void init_inode_smack(struct inode *inode, struct smack_known *skp)
 	isp->smk_inode = skp;
 	isp->smk_flags = 0;
-	mutex_init(&isp->smk_lock);
 }
 /**
@@ -2320,7 +2316,6 @@ static struct smack_known *smack_ipv4host_label(struct sockaddr_in *sip)
 	return NULL;
 }
-#if IS_ENABLED(CONFIG_IPV6)
 /*
 * smk_ipv6_localhost - Check for local ipv6 host address
 * @sip: the address
@@ -2388,7 +2383,6 @@ static struct smack_known *smack_ipv6host_label(struct sockaddr_in6 *sip)
 	return NULL;
 }
-#endif /* CONFIG_IPV6 */
 /**
 * smack_netlabel - Set the secattr on a socket
@@ -2477,7 +2471,6 @@ static int smack_netlabel_send(struct sock *sk, struct sockaddr_in *sap)
 	return smack_netlabel(sk, sk_lbl);
 }
-#if IS_ENABLED(CONFIG_IPV6)
 /**
 * smk_ipv6_check - check Smack access
 * @subject: subject Smack label
@@ -2510,7 +2503,6 @@ static int smk_ipv6_check(struct smack_known *subject,
 	rc = smk_bu_note("IPv6 check", subject, object, MAY_WRITE, rc);
 	return rc;
 }
-#endif /* CONFIG_IPV6 */
 #ifdef SMACK_IPV6_PORT_LABELING
 /**
@@ -2599,6 +2591,7 @@ static void smk_ipv6_port_label(struct socket *sock, struct sockaddr *address)
 	mutex_unlock(&smack_ipv6_lock);
 	return;
 }
+#endif
 /**
 * smk_ipv6_port_check - check Smack port access
@@ -2661,7 +2654,6 @@ static int smk_ipv6_port_check(struct sock *sk, struct sockaddr_in6 *address,
 	return smk_ipv6_check(skp, object, address, act);
 }
-#endif /* SMACK_IPV6_PORT_LABELING */
 /**
 * smack_inode_setsecurity - set smack xattrs
@@ -2836,24 +2828,21 @@ static int smack_socket_connect(struct socket *sock, struct sockaddr *sap,
 		return 0;
 	if (IS_ENABLED(CONFIG_IPV6) && sap->sa_family == AF_INET6) {
 		struct sockaddr_in6 *sip = (struct sockaddr_in6 *)sap;
-#ifdef SMACK_IPV6_SECMARK_LABELING
+		struct smack_known *rsp = NULL;
-		struct smack_known *rsp;
-#endif
 		if (addrlen < SIN6_LEN_RFC2133)
 			return 0;
-#ifdef SMACK_IPV6_SECMARK_LABELING
+		if (__is_defined(SMACK_IPV6_SECMARK_LABELING))
-		rsp = smack_ipv6host_label(sip);
+			rsp = smack_ipv6host_label(sip);
 		if (rsp != NULL) {
 			struct socket_smack *ssp = sock->sk->sk_security;
 			rc = smk_ipv6_check(ssp->smk_out, rsp, sip,
 					    SMK_CONNECTING);
 		}
-#endif
+		if (__is_defined(SMACK_IPV6_PORT_LABELING))
-#ifdef SMACK_IPV6_PORT_LABELING
+			rc = smk_ipv6_port_check(sock->sk, sip, SMK_CONNECTING);
-		rc = smk_ipv6_port_check(sock->sk, sip, SMK_CONNECTING);
-#endif
 		return rc;
 	}
 	if (sap->sa_family != AF_INET || addrlen < sizeof(struct sockaddr_in))
@@ -3273,13 +3262,12 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
 	isp = smack_inode(inode);
-	mutex_lock(&isp->smk_lock);
 	/*
 	 * If the inode is already instantiated
 	 * take the quick way out
 	 */
 	if (isp->smk_flags & SMK_INODE_INSTANT)
-		goto unlockandout;
+		return;
 	sbp = inode->i_sb;
 	sbsp = sbp->s_security;
@@ -3330,7 +3318,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
 			break;
 		}
 		isp->smk_flags |= SMK_INODE_INSTANT;
-		goto unlockandout;
+		return;
 	}
 	/*
@@ -3465,8 +3453,6 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode)
 	isp->smk_flags |= (SMK_INODE_INSTANT | transflag);
-unlockandout:
-	mutex_unlock(&isp->smk_lock);
 	return;
 }
@@ -4760,15 +4746,9 @@ static __init int smack_init(void)
 	struct cred *cred = (struct cred *) current->cred;
 	struct task_smack *tsp;
-	smack_inode_cache = KMEM_CACHE(inode_smack, 0);
-	if (!smack_inode_cache)
-		return -ENOMEM;
 	smack_rule_cache = KMEM_CACHE(smack_rule, 0);
-	if (!smack_rule_cache) {
+	if (!smack_rule_cache)
-		kmem_cache_destroy(smack_inode_cache);
 		return -ENOMEM;
-	}
 	/*
 	 * Set the security state for the initial task.

--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -878,11 +878,21 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
 	else
 		rule += strlen(skp->smk_known) + 1;
+	if (rule > data + count) {
+		rc = -EOVERFLOW;
+		goto out;
+	}
 	ret = sscanf(rule, "%d", &maplevel);
 	if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
 		goto out;
 	rule += SMK_DIGITLEN;
+	if (rule > data + count) {
+		rc = -EOVERFLOW;
+		goto out;
+	}
 	ret = sscanf(rule, "%d", &catlen);
 	if (ret != 1 || catlen > SMACK_CIPSO_MAXCATNUM)
 		goto out;