selinux: remove redundant msg_msg_alloc_security

Message ID	20200110095856.76612-1-yehs2007@zoho.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=H0F3=27=vger.kernel.org=linux-security-module-owner@kernel.org> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=zapps768; d=zoho.com; h=from:to:cc:subject:date:message-id; b=ejW7ZWQ5OyE9/795JUKXZ6EzmelpS/1GJpbI1mGTt6CO4wZHYu0QoblwEPkYIaERRiuRU91QqmlJ U9DjHv4BALJHW7XObKvsXgjcjNLKGF2c56dOG/a5M8a7ymfizR8F From: Huaisheng Ye <yehs2007@zoho.com> To: paul@paul-moore.com, sds@tycho.nsa.gov, eparis@parisplace.org, jmorris@namei.org, serge@hallyn.com Cc: tyu1@lenovo.com, linux-security-module@vger.kernel.org, selinux@vger.kernel.org, linux-kernel@vger.kernel.org, Huaisheng Ye <yehs1@lenovo.com> Subject: [PATCH] selinux: remove redundant msg_msg_alloc_security Date: Fri, 10 Jan 2020 17:58:56 +0800 Message-Id: <20200110095856.76612-1-yehs2007@zoho.com> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk
Series	selinux: remove redundant msg_msg_alloc_security \| expand selinux: remove redundant msg_msg_alloc_security

Huaisheng Ye Jan. 10, 2020, 9:58 a.m. UTC

From: Huaisheng Ye <yehs1@lenovo.com>

selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
do nothing else. And also msg_msg_alloc_security is just used by the
former.

Remove the redundant function to simplify the code.

Signed-off-by: Huaisheng Ye <yehs1@lenovo.com>
---
 security/selinux/hooks.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

Stephen Smalley Jan. 10, 2020, 3:13 p.m. UTC | #1

On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> From: Huaisheng Ye <yehs1@lenovo.com>
> 
> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> do nothing else. And also msg_msg_alloc_security is just used by the
> former.
> 
> Remove the redundant function to simplify the code.

This seems to also be true of other _alloc_security functions, probably 
due to historical reasons.  Further, at least some of these functions no 
longer perform any allocation; they are just initialization functions 
now that allocation has been taken to the LSM framework, so possibly 
could be renamed and made to return void at some point.

> 
> Signed-off-by: Huaisheng Ye <yehs1@lenovo.com>

Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

> ---
>   security/selinux/hooks.c | 17 ++++++-----------
>   1 file changed, 6 insertions(+), 11 deletions(-)
> 
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 9625b99..fb1b9da 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -5882,16 +5882,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
>   	isec->sid = current_sid();
>   }
>   
> -static int msg_msg_alloc_security(struct msg_msg *msg)
> -{
> -	struct msg_security_struct *msec;
> -
> -	msec = selinux_msg_msg(msg);
> -	msec->sid = SECINITSID_UNLABELED;
> -
> -	return 0;
> -}
> -
>   static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>   			u32 perms)
>   {
> @@ -5910,7 +5900,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>   
>   static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
>   {
> -	return msg_msg_alloc_security(msg);
> +	struct msg_security_struct *msec;
> +
> +	msec = selinux_msg_msg(msg);
> +	msec->sid = SECINITSID_UNLABELED;
> +
> +	return 0;
>   }
>   
>   /* message queue security operations */
>

Paul Moore Jan. 10, 2020, 4:43 p.m. UTC | #2

On Fri, Jan 10, 2020 at 4:59 AM Huaisheng Ye <yehs2007@zoho.com> wrote:
> From: Huaisheng Ye <yehs1@lenovo.com>
>
> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> do nothing else. And also msg_msg_alloc_security is just used by the
> former.
>
> Remove the redundant function to simplify the code.
>
> Signed-off-by: Huaisheng Ye <yehs1@lenovo.com>
> ---
>  security/selinux/hooks.c | 17 ++++++-----------
>  1 file changed, 6 insertions(+), 11 deletions(-)

Merged into selinux/next, thanks!

Casey Schaufler Jan. 10, 2020, 4:44 p.m. UTC | #3

On 1/10/2020 7:13 AM, Stephen Smalley wrote:
> On 1/10/20 4:58 AM, Huaisheng Ye wrote:
>> From: Huaisheng Ye <yehs1@lenovo.com>
>>
>> selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
>> do nothing else. And also msg_msg_alloc_security is just used by the
>> former.
>>
>> Remove the redundant function to simplify the code.
>
> This seems to also be true of other _alloc_security functions, probably due to historical reasons.  Further, at least some of these functions no longer perform any allocation; they are just initialization functions now that allocation has been taken to the LSM framework, so possibly could be renamed and made to return void at some point.

That's something I've been eyeing. I'm not 100% sure that no module will
ever fail doing the new style initialization. The int to void and name
change will probably happen after the next round of modules come in and
we can see that failure of initialization isn't a rational situation.

>
>>
>> Signed-off-by: Huaisheng Ye <yehs1@lenovo.com>
>
> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
>
>> ---
>>   security/selinux/hooks.c | 17 ++++++-----------
>>   1 file changed, 6 insertions(+), 11 deletions(-)
>>
>> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
>> index 9625b99..fb1b9da 100644
>> --- a/security/selinux/hooks.c
>> +++ b/security/selinux/hooks.c
>> @@ -5882,16 +5882,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass)
>>       isec->sid = current_sid();
>>   }
>>   -static int msg_msg_alloc_security(struct msg_msg *msg)
>> -{
>> -    struct msg_security_struct *msec;
>> -
>> -    msec = selinux_msg_msg(msg);
>> -    msec->sid = SECINITSID_UNLABELED;
>> -
>> -    return 0;
>> -}
>> -
>>   static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>>               u32 perms)
>>   {
>> @@ -5910,7 +5900,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms,
>>     static int selinux_msg_msg_alloc_security(struct msg_msg *msg)
>>   {
>> -    return msg_msg_alloc_security(msg);
>> +    struct msg_security_struct *msec;
>> +
>> +    msec = selinux_msg_msg(msg);
>> +    msec->sid = SECINITSID_UNLABELED;
>> +
>> +    return 0;
>>   }
>>     /* message queue security operations */
>>
>
>

Paul Moore Jan. 10, 2020, 4:50 p.m. UTC | #4

On Fri, Jan 10, 2020 at 10:13 AM Stephen Smalley <sds@tycho.nsa.gov> wrote:
> On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> > From: Huaisheng Ye <yehs1@lenovo.com>
> >
> > selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> > do nothing else. And also msg_msg_alloc_security is just used by the
> > former.
> >
> > Remove the redundant function to simplify the code.
>
> This seems to also be true of other _alloc_security functions, probably
> due to historical reasons.  Further, at least some of these functions no
> longer perform any allocation; they are just initialization functions
> now that allocation has been taken to the LSM framework, so possibly
> could be renamed and made to return void at some point.

I've noticed the same thing on a few occasions, I've just never
bothered to put the fixes into a patch.  We might as well do that now,
at least for the redundant code bits; I'll leave the return code issue
for another time as that would cross LSM boundaries and that really
isn't appropriate in the -rc5 timeframe IMHO.

I'll put something together once I finish up the patch/review backlog
from the past few days.  Looking quickly with a regex, it would appear
that inode_alloc_security(), file_alloc_security(), and
superblock_alloc_security() are all candidates.  While not an
allocator, we can probably get rid of inode_doinit() as well.

Huaisheng HS1 Ye Jan. 12, 2020, 3:45 p.m. UTC | #5

> -----Original Message-----
> From: Paul Moore <paul@paul-moore.com>
> Sent: Saturday, January 11, 2020 12:50 AM
> On Fri, Jan 10, 2020 at 10:13 AM Stephen Smalley <sds@tycho.nsa.gov> wrote:
> > On 1/10/20 4:58 AM, Huaisheng Ye wrote:
> > > From: Huaisheng Ye <yehs1@lenovo.com>
> > >
> > > selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but
> > > do nothing else. And also msg_msg_alloc_security is just used by the
> > > former.
> > >
> > > Remove the redundant function to simplify the code.
> >
> > This seems to also be true of other _alloc_security functions,
> > probably due to historical reasons.  Further, at least some of these
> > functions no longer perform any allocation; they are just
> > initialization functions now that allocation has been taken to the LSM
> > framework, so possibly could be renamed and made to return void at some point.
> 
> I've noticed the same thing on a few occasions, I've just never bothered to put
> the fixes into a patch.  We might as well do that now, at least for the redundant
> code bits; I'll leave the return code issue for another time as that would cross
> LSM boundaries and that really isn't appropriate in the -rc5 timeframe IMHO.
> 
> I'll put something together once I finish up the patch/review backlog from the
> past few days.  Looking quickly with a regex, it would appear that
> inode_alloc_security(), file_alloc_security(), and
> superblock_alloc_security() are all candidates.  While not an allocator, we can
> probably get rid of inode_doinit() as well.

Besides, it looks like selinux_nlmsg_perm is candidate too.
Just send a patch for this function.

Cheers,
Huaisheng Ye

selinux: remove redundant msg_msg_alloc_security

Commit Message

Comments

Patch