Message ID | 20190315040901.31551-1-kjlu@umn.edu (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | security: inode: fix a missing check for securityfs_create_file | expand |
On Thu, 14 Mar 2019, Kangjie Lu wrote: > securityfs_create_file may fail. The fix checks its status and > returns EFAULT upstream if it fails. > > Signed-off-by: Kangjie Lu <kjlu@umn.edu> > --- > security/inode.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/security/inode.c b/security/inode.c > index b7772a9b315e..11d9a6bc2161 100644 > --- a/security/inode.c > +++ b/security/inode.c > @@ -339,6 +339,11 @@ static int __init securityfs_init(void) > #ifdef CONFIG_SECURITY > lsm_dentry = securityfs_create_file("lsm", 0444, NULL, NULL, > &lsm_ops); > + if (IS_ERR(lsm_dentry)) { > + unregister_filesystem(&fs_type); > + sysfs_remove_mount_point(kernel_kobj, "security"); > + return -EFAULT; > + } > #endif > return 0; > } > Good catch, but you should propagate the error returned from securityfs_create_file().
diff --git a/security/inode.c b/security/inode.c index b7772a9b315e..11d9a6bc2161 100644 --- a/security/inode.c +++ b/security/inode.c @@ -339,6 +339,11 @@ static int __init securityfs_init(void) #ifdef CONFIG_SECURITY lsm_dentry = securityfs_create_file("lsm", 0444, NULL, NULL, &lsm_ops); + if (IS_ERR(lsm_dentry)) { + unregister_filesystem(&fs_type); + sysfs_remove_mount_point(kernel_kobj, "security"); + return -EFAULT; + } #endif return 0; }
securityfs_create_file may fail. The fix checks its status and returns EFAULT upstream if it fails. Signed-off-by: Kangjie Lu <kjlu@umn.edu> --- security/inode.c | 5 +++++ 1 file changed, 5 insertions(+)