Re: [PATCH] security: inode: fix a missing check for securityfs_create_file

From: Tetsuo Handa
Date: Fri Mar 15 2019 - 18:35:29 EST

Next message: Paul Burton: "Re: [PATCH] MIPS: Remove custom MIPS32 __kernel_fsid_t type"
Previous message: David Miller: "Re: [PATCH net] net: phy: meson-gxl: fix interrupt support"
In reply to: Kangjie Lu: "[PATCH] security: inode: fix a missing check for securityfs_create_file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2019/03/16 6:00, Kangjie Lu wrote:
> securityfs_create_file may fail. The fix checks its status and
> returns the error code upstream if it fails.

Failure in __init functions of vmlinux means that the system failed
before the global /sbin/init process starts. There is little value
with continuing the boot process. Calling panic() or BUG_ON() will
be OK, for the userspace will be get confused by lack of that file
even if we continued without securityfs entry in /proc/filesystems .

>
> Signed-off-by: Kangjie Lu <kjlu@xxxxxxx>
>
> ---
> Return the exact error code upstream.
> ---
> security/inode.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/security/inode.c b/security/inode.c
> index b7772a9b315e..667f8b15027d 100644
> --- a/security/inode.c
> +++ b/security/inode.c
> @@ -339,6 +339,11 @@ static int __init securityfs_init(void)
> #ifdef CONFIG_SECURITY
> lsm_dentry = securityfs_create_file("lsm", 0444, NULL, NULL,
> &lsm_ops);
> + if (IS_ERR(lsm_dentry)) {
> + unregister_filesystem(&fs_type);
> + sysfs_remove_mount_point(kernel_kobj, "security");
> + return PTR_ERR(lsm_dentry);
> + }
> #endif
> return 0;
> }
>

Next message: Paul Burton: "Re: [PATCH] MIPS: Remove custom MIPS32 __kernel_fsid_t type"
Previous message: David Miller: "Re: [PATCH net] net: phy: meson-gxl: fix interrupt support"
In reply to: Kangjie Lu: "[PATCH] security: inode: fix a missing check for securityfs_create_file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]