diff mbox

[-next] EVM: fix return value check in evm_write_xattrs()

Message ID 1531315720-4191-1-git-send-email-weiyongjun1@huawei.com (mailing list archive)
State New, archived
Headers show

Commit Message

Wei Yongjun July 11, 2018, 1:28 p.m. UTC
In case of error, the function audit_log_start() returns NULL pointer
not ERR_PTR(). The IS_ERR() test in the return value check should be
replaced with NULL test.

Fixes: fa516b66a1bf ("EVM: Allow runtime modification of the set of verified xattrs")
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
---
 security/integrity/evm/evm_secfs.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)


--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Serge Hallyn July 11, 2018, 3:15 p.m. UTC | #1
Quoting Wei Yongjun (weiyongjun1@huawei.com):
> In case of error, the function audit_log_start() returns NULL pointer
> not ERR_PTR(). The IS_ERR() test in the return value check should be
> replaced with NULL test.
> 
> Fixes: fa516b66a1bf ("EVM: Allow runtime modification of the set of verified xattrs")
> Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>

Acked-by: Serge Hallyn <serge@hallyn.com>

> ---
>  security/integrity/evm/evm_secfs.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
> index 637eb99..77de71b 100644
> --- a/security/integrity/evm/evm_secfs.c
> +++ b/security/integrity/evm/evm_secfs.c
> @@ -193,8 +193,8 @@ static ssize_t evm_write_xattrs(struct file *file, const char __user *buf,
>  		return -E2BIG;
>  
>  	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_EVM_XATTR);
> -	if (IS_ERR(ab))
> -		return PTR_ERR(ab);
> +	if (!ab)
> +		return -ENOMEM;
>  
>  	xattr = kmalloc(sizeof(struct xattr_list), GFP_KERNEL);
>  	if (!xattr) {
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Mimi Zohar July 22, 2018, 11:38 p.m. UTC | #2
On Wed, 2018-07-11 at 10:15 -0500, Serge E. Hallyn wrote:
> Quoting Wei Yongjun (weiyongjun1@huawei.com):
> > In case of error, the function audit_log_start() returns NULL pointer
> > not ERR_PTR(). The IS_ERR() test in the return value check should be
> > replaced with NULL test.
> > 
> > Fixes: fa516b66a1bf ("EVM: Allow runtime modification of the set of verified xattrs")
> > Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
> 
> Acked-by: Serge Hallyn <serge@hallyn.com>

Thanks, this patch is now queued in the next-integrity branch of the
linux-integrity tree.

Mimi

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
index 637eb99..77de71b 100644
--- a/security/integrity/evm/evm_secfs.c
+++ b/security/integrity/evm/evm_secfs.c
@@ -193,8 +193,8 @@  static ssize_t evm_write_xattrs(struct file *file, const char __user *buf,
 		return -E2BIG;
 
 	ab = audit_log_start(NULL, GFP_KERNEL, AUDIT_INTEGRITY_EVM_XATTR);
-	if (IS_ERR(ab))
-		return PTR_ERR(ab);
+	if (!ab)
+		return -ENOMEM;
 
 	xattr = kmalloc(sizeof(struct xattr_list), GFP_KERNEL);
 	if (!xattr) {