diff mbox series

[v37,18/33] LSM: Use lsmcontext in security_dentry_init_security

Message ID 20220628005611.13106-19-casey@schaufler-ca.com (mailing list archive)
State Superseded
Delegated to: Paul Moore
Headers show
Series LSM: Module stacking for AppArmor | expand

Commit Message

Casey Schaufler June 28, 2022, 12:55 a.m. UTC 
Replace the (secctx,seclen) pointer pair with a single
lsmcontext pointer to allow return of the LSM identifier
along with the context and context length. This allows
security_release_secctx() to know how to release the
context. Callers have been modified to use or save the
returned data from the new structure.

Special care is taken in the NFS code, which uses the
same data structure for its own copied labels as it does
for the data which comes from security_dentry_init_security().
In the case of copied labels the data has to be freed, not
released.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 fs/ceph/super.h          |  3 +--
 fs/ceph/xattr.c          | 19 ++++++-------------
 fs/fuse/dir.c            | 35 ++++++++++++++++++-----------------
 fs/nfs/dir.c             |  2 +-
 fs/nfs/inode.c           | 17 ++++++++++-------
 fs/nfs/internal.h        |  8 +++++---
 fs/nfs/nfs4proc.c        | 20 ++++++++------------
 fs/nfs/nfs4xdr.c         | 22 ++++++++++++----------
 include/linux/nfs4.h     |  8 ++++----
 include/linux/nfs_fs.h   |  2 +-
 include/linux/security.h | 18 ++++++++++++++----
 security/security.c      | 26 +++++++++++++++++++-------
 12 files changed, 99 insertions(+), 81 deletions(-)

Comments

kernel test robot June 28, 2022, 5:36 a.m. UTC | #1 
Hi Casey,

I love your patch! Perhaps something to improve:

[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on pcmoore-selinux/next linus/master v5.19-rc4 next-20220627]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: i386-defconfig (https://download.01.org/0day-ci/archive/20220628/202206281302.ApiPUdom-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce (this is a W=1 build):
        # https://github.com/intel-lab-lkp/linux/commit/c930a07cebde69363d3633fba8bd4cac46dd1520
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
        git checkout c930a07cebde69363d3633fba8bd4cac46dd1520
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

   security/security.c: In function 'security_setprocattr':
>> security/security.c:2285:21: warning: variable 'slotname' set but not used [-Wunused-but-set-variable]
    2285 |         const char *slotname;
         |                     ^~~~~~~~


vim +/slotname +2285 security/security.c

  2266	
  2267	/**
  2268	 * security_setprocattr - Set process attributes via /proc
  2269	 * @lsm: name of module involved, or NULL
  2270	 * @name: name of the attribute
  2271	 * @value: value to set the attribute to
  2272	 * @size: size of the value
  2273	 *
  2274	 * Set the process attribute for the specified security module
  2275	 * to the specified value. Note that this can only be used to set
  2276	 * the process attributes for the current, or "self" process.
  2277	 * The /proc code has already done this check.
  2278	 *
  2279	 * Returns 0 on success, an appropriate code otherwise.
  2280	 */
  2281	int security_setprocattr(const char *lsm, const char *name, void *value,
  2282				 size_t size)
  2283	{
  2284		struct security_hook_list *hp;
> 2285		const char *slotname;
  2286		char *termed;
  2287		char *copy;
  2288		int *ilsm = current->security;
  2289		int rc = -EINVAL;
  2290		int slot = 0;
  2291	
  2292		if (!strcmp(name, "interface_lsm")) {
  2293			/*
  2294			 * Change the "interface_lsm" value only if all the security
  2295			 * modules that support setting a procattr allow it.
  2296			 * It is assumed that all such security modules will be
  2297			 * cooperative.
  2298			 */
  2299			if (size == 0)
  2300				return -EINVAL;
  2301	
  2302			hlist_for_each_entry(hp, &security_hook_heads.setprocattr,
  2303					     list) {
  2304				rc = hp->hook.setprocattr(name, value, size);
  2305				if (rc < 0 && rc != LSM_RET_DEFAULT(setprocattr))
  2306					return rc;
  2307			}
  2308	
  2309			rc = -EINVAL;
  2310	
  2311			copy = kmemdup_nul(value, size, GFP_KERNEL);
  2312			if (copy == NULL)
  2313				return -ENOMEM;
  2314	
  2315			termed = strsep(&copy, " \n");
  2316	
  2317			for (slot = 0; slot < lsm_slot; slot++) {
  2318				slotname = lsm_slot_to_name(slot);
  2319				if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
  2320					*ilsm = slot;
  2321					rc = size;
  2322					break;
  2323				}
  2324			}
  2325	
  2326			kfree(termed);
  2327			return rc;
  2328		}
  2329	
  2330		hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
  2331			if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm))
  2332				continue;
  2333			if (lsm == NULL && *ilsm != LSMBLOB_INVALID &&
  2334			    *ilsm != hp->lsmid->slot)
  2335				continue;
  2336			return hp->hook.setprocattr(name, value, size);
  2337		}
  2338		return LSM_RET_DEFAULT(setprocattr);
  2339	}
  2340
kernel test robot June 28, 2022, 8:44 a.m. UTC | #2 
Hi Casey,

I love your patch! Yet something to improve:

[auto build test ERROR on pcmoore-audit/next]
[also build test ERROR on pcmoore-selinux/next linus/master v5.19-rc4 next-20220627]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: x86_64-randconfig-r022-20220627 (https://download.01.org/0day-ci/archive/20220628/202206281633.LuFVQ9tq-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce (this is a W=1 build):
        # https://github.com/intel-lab-lkp/linux/commit/c930a07cebde69363d3633fba8bd4cac46dd1520
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
        git checkout c930a07cebde69363d3633fba8bd4cac46dd1520
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All errors (new ones prefixed by >>):

   security/security.c: In function 'security_setprocattr':
>> security/security.c:2319:45: error: 'lsm_slotlist' undeclared (first use in this function); did you mean 'lsm_slot'?
    2319 |                         if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
         |                                             ^~~~~~~~~~~~
         |                                             lsm_slot
   security/security.c:2319:45: note: each undeclared identifier is reported only once for each function it appears in
   security/security.c:2285:21: warning: variable 'slotname' set but not used [-Wunused-but-set-variable]
    2285 |         const char *slotname;
         |                     ^~~~~~~~
   At top level:
   security/security.c:763:12: warning: 'lsm_sock_alloc' defined but not used [-Wunused-function]
     763 | static int lsm_sock_alloc(struct sock *sock, gfp_t priority)
         |            ^~~~~~~~~~~~~~


vim +2319 security/security.c

20510f2f4e2dab James Morris    2007-10-16  2266  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2267  /**
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2268   * security_setprocattr - Set process attributes via /proc
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2269   * @lsm: name of module involved, or NULL
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2270   * @name: name of the attribute
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2271   * @value: value to set the attribute to
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2272   * @size: size of the value
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2273   *
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2274   * Set the process attribute for the specified security module
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2275   * to the specified value. Note that this can only be used to set
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2276   * the process attributes for the current, or "self" process.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2277   * The /proc code has already done this check.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2278   *
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2279   * Returns 0 on success, an appropriate code otherwise.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2280   */
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2281  int security_setprocattr(const char *lsm, const char *name, void *value,
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2282  			 size_t size)
20510f2f4e2dab James Morris    2007-10-16  2283  {
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2284  	struct security_hook_list *hp;
c930a07cebde69 Casey Schaufler 2022-06-27  2285  	const char *slotname;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2286  	char *termed;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2287  	char *copy;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2288  	int *ilsm = current->security;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2289  	int rc = -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2290  	int slot = 0;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2291  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2292  	if (!strcmp(name, "interface_lsm")) {
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2293  		/*
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2294  		 * Change the "interface_lsm" value only if all the security
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2295  		 * modules that support setting a procattr allow it.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2296  		 * It is assumed that all such security modules will be
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2297  		 * cooperative.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2298  		 */
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2299  		if (size == 0)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2300  			return -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2301  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2302  		hlist_for_each_entry(hp, &security_hook_heads.setprocattr,
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2303  				     list) {
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2304  			rc = hp->hook.setprocattr(name, value, size);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2305  			if (rc < 0 && rc != LSM_RET_DEFAULT(setprocattr))
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2306  				return rc;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2307  		}
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2308  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2309  		rc = -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2310  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2311  		copy = kmemdup_nul(value, size, GFP_KERNEL);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2312  		if (copy == NULL)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2313  			return -ENOMEM;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2314  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2315  		termed = strsep(&copy, " \n");
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2316  
c930a07cebde69 Casey Schaufler 2022-06-27  2317  		for (slot = 0; slot < lsm_slot; slot++) {
c930a07cebde69 Casey Schaufler 2022-06-27  2318  			slotname = lsm_slot_to_name(slot);
a87b0b9fe463f0 Casey Schaufler 2022-06-27 @2319  			if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
c930a07cebde69 Casey Schaufler 2022-06-27  2320  				*ilsm = slot;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2321  				rc = size;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2322  				break;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2323  			}
c930a07cebde69 Casey Schaufler 2022-06-27  2324  		}
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2325  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2326  		kfree(termed);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2327  		return rc;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2328  	}
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2329  
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2330  	hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
ac35545bc102bf Casey Schaufler 2022-06-27  2331  		if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm))
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2332  			continue;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2333  		if (lsm == NULL && *ilsm != LSMBLOB_INVALID &&
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2334  		    *ilsm != hp->lsmid->slot)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2335  			continue;
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2336  		return hp->hook.setprocattr(name, value, size);
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2337  	}
98e828a0650f34 KP Singh        2020-03-29  2338  	return LSM_RET_DEFAULT(setprocattr);
20510f2f4e2dab James Morris    2007-10-16  2339  }
20510f2f4e2dab James Morris    2007-10-16  2340
kernel test robot June 28, 2022, 11:24 a.m. UTC | #3 
Hi Casey,

I love your patch! Yet something to improve:

[auto build test ERROR on pcmoore-audit/next]
[also build test ERROR on pcmoore-selinux/next linus/master v5.19-rc4 next-20220628]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: x86_64-randconfig-a002-20220627 (https://download.01.org/0day-ci/archive/20220628/202206281923.PWn0D5ak-lkp@intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project df18167ac56d05f2ab55f9d874aee7ab6d5bc9a2)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/c930a07cebde69363d3633fba8bd4cac46dd1520
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
        git checkout c930a07cebde69363d3633fba8bd4cac46dd1520
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All errors (new ones prefixed by >>):

>> security/security.c:2319:24: error: use of undeclared identifier 'lsm_slotlist'; did you mean 'lsm_slot'?
                           if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
                                               ^~~~~~~~~~~~
                                               lsm_slot
   security/security.c:489:12: note: 'lsm_slot' declared here
   static int lsm_slot __lsm_ro_after_init;
              ^
>> security/security.c:2319:36: error: subscripted value is not an array, pointer, or vector
                           if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
                                               ~~~~~~~~~~~~^~~~~
   2 errors generated.


vim +2319 security/security.c

20510f2f4e2dab James Morris    2007-10-16  2266  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2267  /**
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2268   * security_setprocattr - Set process attributes via /proc
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2269   * @lsm: name of module involved, or NULL
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2270   * @name: name of the attribute
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2271   * @value: value to set the attribute to
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2272   * @size: size of the value
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2273   *
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2274   * Set the process attribute for the specified security module
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2275   * to the specified value. Note that this can only be used to set
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2276   * the process attributes for the current, or "self" process.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2277   * The /proc code has already done this check.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2278   *
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2279   * Returns 0 on success, an appropriate code otherwise.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2280   */
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2281  int security_setprocattr(const char *lsm, const char *name, void *value,
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2282  			 size_t size)
20510f2f4e2dab James Morris    2007-10-16  2283  {
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2284  	struct security_hook_list *hp;
c930a07cebde69 Casey Schaufler 2022-06-27  2285  	const char *slotname;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2286  	char *termed;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2287  	char *copy;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2288  	int *ilsm = current->security;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2289  	int rc = -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2290  	int slot = 0;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2291  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2292  	if (!strcmp(name, "interface_lsm")) {
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2293  		/*
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2294  		 * Change the "interface_lsm" value only if all the security
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2295  		 * modules that support setting a procattr allow it.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2296  		 * It is assumed that all such security modules will be
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2297  		 * cooperative.
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2298  		 */
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2299  		if (size == 0)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2300  			return -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2301  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2302  		hlist_for_each_entry(hp, &security_hook_heads.setprocattr,
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2303  				     list) {
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2304  			rc = hp->hook.setprocattr(name, value, size);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2305  			if (rc < 0 && rc != LSM_RET_DEFAULT(setprocattr))
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2306  				return rc;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2307  		}
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2308  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2309  		rc = -EINVAL;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2310  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2311  		copy = kmemdup_nul(value, size, GFP_KERNEL);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2312  		if (copy == NULL)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2313  			return -ENOMEM;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2314  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2315  		termed = strsep(&copy, " \n");
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2316  
c930a07cebde69 Casey Schaufler 2022-06-27  2317  		for (slot = 0; slot < lsm_slot; slot++) {
c930a07cebde69 Casey Schaufler 2022-06-27  2318  			slotname = lsm_slot_to_name(slot);
a87b0b9fe463f0 Casey Schaufler 2022-06-27 @2319  			if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
c930a07cebde69 Casey Schaufler 2022-06-27  2320  				*ilsm = slot;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2321  				rc = size;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2322  				break;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2323  			}
c930a07cebde69 Casey Schaufler 2022-06-27  2324  		}
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2325  
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2326  		kfree(termed);
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2327  		return rc;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2328  	}
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2329  
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2330  	hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
ac35545bc102bf Casey Schaufler 2022-06-27  2331  		if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm))
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2332  			continue;
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2333  		if (lsm == NULL && *ilsm != LSMBLOB_INVALID &&
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2334  		    *ilsm != hp->lsmid->slot)
a87b0b9fe463f0 Casey Schaufler 2022-06-27  2335  			continue;
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2336  		return hp->hook.setprocattr(name, value, size);
6d9c939dbe4d0b Casey Schaufler 2018-09-21  2337  	}
98e828a0650f34 KP Singh        2020-03-29  2338  	return LSM_RET_DEFAULT(setprocattr);
20510f2f4e2dab James Morris    2007-10-16  2339  }
20510f2f4e2dab James Morris    2007-10-16  2340
diff mbox series

Patch

diff --git a/fs/ceph/super.h b/fs/ceph/super.h
index f59dac66955b..e76967c7b69c 100644
--- a/fs/ceph/super.h
+++ b/fs/ceph/super.h
@@ -1059,8 +1059,7 @@  struct ceph_acl_sec_ctx {
 	void *acl;
 #endif
 #ifdef CONFIG_CEPH_FS_SECURITY_LABEL
-	void *sec_ctx;
-	u32 sec_ctxlen;
+	struct lsmcontext lsmctx;
 #endif
 	struct ceph_pagelist *pagelist;
 };
diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c
index 4c4dad4713b6..0068ee3bd13a 100644
--- a/fs/ceph/xattr.c
+++ b/fs/ceph/xattr.c
@@ -1328,8 +1328,7 @@  int ceph_security_init_secctx(struct dentry *dentry, umode_t mode,
 	int err;
 
 	err = security_dentry_init_security(dentry, mode, &dentry->d_name,
-					    &name, &as_ctx->sec_ctx,
-					    &as_ctx->sec_ctxlen);
+					    &name, &as_ctx->lsmctx);
 	if (err < 0) {
 		WARN_ON_ONCE(err != -EOPNOTSUPP);
 		err = 0; /* do nothing */
@@ -1354,7 +1353,7 @@  int ceph_security_init_secctx(struct dentry *dentry, umode_t mode,
 	 */
 	name_len = strlen(name);
 	err = ceph_pagelist_reserve(pagelist,
-				    4 * 2 + name_len + as_ctx->sec_ctxlen);
+				    4 * 2 + name_len + as_ctx->lsmctx.len);
 	if (err)
 		goto out;
 
@@ -1374,11 +1373,9 @@  int ceph_security_init_secctx(struct dentry *dentry, umode_t mode,
 		as_ctx->pagelist = pagelist;
 	}
 
-	ceph_pagelist_encode_32(pagelist, name_len);
-	ceph_pagelist_append(pagelist, name, name_len);
-
-	ceph_pagelist_encode_32(pagelist, as_ctx->sec_ctxlen);
-	ceph_pagelist_append(pagelist, as_ctx->sec_ctx, as_ctx->sec_ctxlen);
+	ceph_pagelist_encode_32(pagelist, as_ctx->lsmctx.len);
+	ceph_pagelist_append(pagelist, as_ctx->lsmctx.context,
+			     as_ctx->lsmctx.len);
 
 	err = 0;
 out:
@@ -1391,16 +1388,12 @@  int ceph_security_init_secctx(struct dentry *dentry, umode_t mode,
 
 void ceph_release_acl_sec_ctx(struct ceph_acl_sec_ctx *as_ctx)
 {
-#ifdef CONFIG_CEPH_FS_SECURITY_LABEL
-	struct lsmcontext scaff; /* scaffolding */
-#endif
 #ifdef CONFIG_CEPH_FS_POSIX_ACL
 	posix_acl_release(as_ctx->acl);
 	posix_acl_release(as_ctx->default_acl);
 #endif
 #ifdef CONFIG_CEPH_FS_SECURITY_LABEL
-	lsmcontext_init(&scaff, as_ctx->sec_ctx, as_ctx->sec_ctxlen, 0);
-	security_release_secctx(&scaff);
+	security_release_secctx(&as_ctx->lsmctx);
 #endif
 	if (as_ctx->pagelist)
 		ceph_pagelist_release(as_ctx->pagelist);
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 74303d6e987b..ede296af6898 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -464,29 +464,29 @@  static int get_security_context(struct dentry *entry, umode_t mode,
 {
 	struct fuse_secctx *fctx;
 	struct fuse_secctx_header *header;
-	void *ctx = NULL, *ptr;
-	u32 ctxlen, total_len = sizeof(*header);
+	struct lsmcontext lsmctx = { };
+	void *ptr;
+	u32 total_len = sizeof(*header);
 	int err, nr_ctx = 0;
-	const char *name;
+	const char *name = NULL;
 	size_t namelen;
 
 	err = security_dentry_init_security(entry, mode, &entry->d_name,
-					    &name, &ctx, &ctxlen);
-	if (err) {
-		if (err != -EOPNOTSUPP)
-			goto out_err;
-		/* No LSM is supporting this security hook. Ignore error */
-		ctxlen = 0;
-		ctx = NULL;
-	}
+					    &name, &lsmctx);
+
+	/* If no LSM is supporting this security hook ignore error */
+	if (err && err != -EOPNOTSUPP)
+		goto out_err;
 
-	if (ctxlen) {
+	if (lsmctx.len) {
 		nr_ctx = 1;
 		namelen = strlen(name) + 1;
 		err = -EIO;
-		if (WARN_ON(namelen > XATTR_NAME_MAX + 1 || ctxlen > S32_MAX))
+		if (WARN_ON(namelen > XATTR_NAME_MAX + 1 ||
+		    lsmctx.len > S32_MAX))
 			goto out_err;
-		total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen + ctxlen);
+		total_len += FUSE_REC_ALIGN(sizeof(*fctx) + namelen +
+					    lsmctx.len);
 	}
 
 	err = -ENOMEM;
@@ -499,19 +499,20 @@  static int get_security_context(struct dentry *entry, umode_t mode,
 	ptr += sizeof(*header);
 	if (nr_ctx) {
 		fctx = ptr;
-		fctx->size = ctxlen;
+		fctx->size = lsmctx.len;
 		ptr += sizeof(*fctx);
 
 		strcpy(ptr, name);
 		ptr += namelen;
 
-		memcpy(ptr, ctx, ctxlen);
+		memcpy(ptr, lsmctx.context, lsmctx.len);
 	}
 	*security_ctxlen = total_len;
 	*security_ctx = header;
 	err = 0;
 out_err:
-	kfree(ctx);
+	if (nr_ctx)
+		security_release_secctx(&lsmctx);
 	return err;
 }
 
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index 0c4e8dd6aa96..861d23eeac6e 100644
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -810,7 +810,7 @@  static int nfs_readdir_entry_decode(struct nfs_readdir_descriptor *desc,
 	int ret;
 
 	if (entry->fattr->label)
-		entry->fattr->label->len = NFS4_MAXLABELLEN;
+		entry->fattr->label->lsmctx.len = NFS4_MAXLABELLEN;
 	ret = xdr_decode(desc, entry, stream);
 	if (ret || !desc->plus)
 		return ret;
diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c
index b4e46b0ffa2d..d3132f4626d0 100644
--- a/fs/nfs/inode.c
+++ b/fs/nfs/inode.c
@@ -361,14 +361,15 @@  void nfs_setsecurity(struct inode *inode, struct nfs_fattr *fattr)
 		return;
 
 	if ((fattr->valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL) && inode->i_security) {
-		error = security_inode_notifysecctx(inode, fattr->label->label,
-				fattr->label->len);
+		error = security_inode_notifysecctx(inode,
+						fattr->label->lsmctx.context,
+						fattr->label->lsmctx.len);
 		if (error)
 			printk(KERN_ERR "%s() %s %d "
 					"security_inode_notifysecctx() %d\n",
 					__func__,
-					(char *)fattr->label->label,
-					fattr->label->len, error);
+					(char *)fattr->label->lsmctx.context,
+					fattr->label->lsmctx.len, error);
 		nfs_clear_label_invalid(inode);
 	}
 }
@@ -384,12 +385,14 @@  struct nfs4_label *nfs4_label_alloc(struct nfs_server *server, gfp_t flags)
 	if (label == NULL)
 		return ERR_PTR(-ENOMEM);
 
-	label->label = kzalloc(NFS4_MAXLABELLEN, flags);
-	if (label->label == NULL) {
+	label->lsmctx.context = kzalloc(NFS4_MAXLABELLEN, flags);
+	if (label->lsmctx.context == NULL) {
 		kfree(label);
 		return ERR_PTR(-ENOMEM);
 	}
-	label->len = NFS4_MAXLABELLEN;
+	label->lsmctx.len = NFS4_MAXLABELLEN;
+	/* Use an invalid LSM slot as this should never be "released". */
+	label->lsmctx.slot = -1;
 
 	return label;
 }
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 8f8cd6e2d4db..b97b66b8b7d0 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -342,13 +342,15 @@  nfs4_label_copy(struct nfs4_label *dst, struct nfs4_label *src)
 	if (!dst || !src)
 		return NULL;
 
-	if (src->len > NFS4_MAXLABELLEN)
+	if (src->lsmctx.len > NFS4_MAXLABELLEN)
 		return NULL;
 
 	dst->lfs = src->lfs;
 	dst->pi = src->pi;
-	dst->len = src->len;
-	memcpy(dst->label, src->label, src->len);
+	/* Use an invalid LSM slot as lsmctx should never be "released" */
+	dst->lsmctx.slot = -1;
+	dst->lsmctx.len = src->lsmctx.len;
+	memcpy(dst->lsmctx.context, src->lsmctx.context, src->lsmctx.len);
 
 	return dst;
 }
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index d6bdb0868729..dca0d5c84337 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -123,8 +123,7 @@  nfs4_label_init_security(struct inode *dir, struct dentry *dentry,
 		return NULL;
 
 	err = security_dentry_init_security(dentry, sattr->ia_mode,
-				&dentry->d_name, NULL,
-				(void **)&label->label, &label->len);
+				&dentry->d_name, NULL, &label->lsmctx);
 	if (err == 0)
 		return label;
 
@@ -133,12 +132,8 @@  nfs4_label_init_security(struct inode *dir, struct dentry *dentry,
 static inline void
 nfs4_label_release_security(struct nfs4_label *label)
 {
-	struct lsmcontext scaff; /* scaffolding */
-
-	if (label) {
-		lsmcontext_init(&scaff, label->label, label->len, 0);
-		security_release_secctx(&scaff);
-	}
+	if (label)
+		security_release_secctx(&label->lsmctx);
 }
 static inline u32 *nfs4_bitmask(struct nfs_server *server, struct nfs4_label *label)
 {
@@ -3800,7 +3795,7 @@  nfs4_atomic_open(struct inode *dir, struct nfs_open_context *ctx,
 		int open_flags, struct iattr *attr, int *opened)
 {
 	struct nfs4_state *state;
-	struct nfs4_label l = {0, 0, 0, NULL}, *label = NULL;
+	struct nfs4_label l = { }, *label = NULL;
 
 	label = nfs4_label_init_security(dir, ctx->dentry, attr, &l);
 
@@ -6108,7 +6103,7 @@  static int _nfs4_get_security_label(struct inode *inode, void *buf,
 					size_t buflen)
 {
 	struct nfs_server *server = NFS_SERVER(inode);
-	struct nfs4_label label = {0, 0, buflen, buf};
+	struct nfs4_label label = {0, 0, {buf, buflen, -1} };
 
 	u32 bitmask[3] = { 0, 0, FATTR4_WORD2_SECURITY_LABEL };
 	struct nfs_fattr fattr = {
@@ -6136,7 +6131,7 @@  static int _nfs4_get_security_label(struct inode *inode, void *buf,
 		return ret;
 	if (!(fattr.valid & NFS_ATTR_FATTR_V4_SECURITY_LABEL))
 		return -ENOENT;
-	return label.len;
+	return label.lsmctx.len;
 }
 
 static int nfs4_get_security_label(struct inode *inode, void *buf,
@@ -6213,7 +6208,8 @@  static int nfs4_do_set_security_label(struct inode *inode,
 static int
 nfs4_set_security_label(struct inode *inode, const void *buf, size_t buflen)
 {
-	struct nfs4_label ilabel = {0, 0, buflen, (char *)buf };
+	struct nfs4_label ilabel = {0, 0,
+				    {(char *)buf, buflen, -1}};
 	struct nfs_fattr *fattr;
 	int status;
 
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index acfe5f4bda48..9f1a376fb92c 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -1154,7 +1154,7 @@  static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap,
 	}
 
 	if (label && (attrmask[2] & FATTR4_WORD2_SECURITY_LABEL)) {
-		len += 4 + 4 + 4 + (XDR_QUADLEN(label->len) << 2);
+		len += 4 + 4 + 4 + (XDR_QUADLEN(label->lsmctx.len) << 2);
 		bmval[2] |= FATTR4_WORD2_SECURITY_LABEL;
 	}
 
@@ -1186,8 +1186,9 @@  static void encode_attrs(struct xdr_stream *xdr, const struct iattr *iap,
 	if (label && (bmval[2] & FATTR4_WORD2_SECURITY_LABEL)) {
 		*p++ = cpu_to_be32(label->lfs);
 		*p++ = cpu_to_be32(label->pi);
-		*p++ = cpu_to_be32(label->len);
-		p = xdr_encode_opaque_fixed(p, label->label, label->len);
+		*p++ = cpu_to_be32(label->lsmctx.len);
+		p = xdr_encode_opaque_fixed(p, label->lsmctx.context,
+					    label->lsmctx.len);
 	}
 	if (bmval[2] & FATTR4_WORD2_MODE_UMASK) {
 		*p++ = cpu_to_be32(iap->ia_mode & S_IALLUGO);
@@ -4236,12 +4237,12 @@  static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap,
 			return -EIO;
 		if (len < NFS4_MAXLABELLEN) {
 			if (label) {
-				if (label->len) {
-					if (label->len < len)
+				if (label->lsmctx.len) {
+					if (label->lsmctx.len < len)
 						return -ERANGE;
-					memcpy(label->label, p, len);
+					memcpy(label->lsmctx.context, p, len);
 				}
-				label->len = len;
+				label->lsmctx.len = len;
 				label->pi = pi;
 				label->lfs = lfs;
 				status = NFS_ATTR_FATTR_V4_SECURITY_LABEL;
@@ -4250,10 +4251,11 @@  static int decode_attr_security_label(struct xdr_stream *xdr, uint32_t *bitmap,
 		} else
 			printk(KERN_WARNING "%s: label too long (%u)!\n",
 					__func__, len);
-		if (label && label->label)
+		if (label && label->lsmctx.context)
 			dprintk("%s: label=%.*s, len=%d, PI=%d, LFS=%d\n",
-				__func__, label->len, (char *)label->label,
-				label->len, label->pi, label->lfs);
+				__func__, label->lsmctx.len,
+				(char *)label->lsmctx.context,
+				label->lsmctx.len, label->pi, label->lfs);
 	}
 	return status;
 }
diff --git a/include/linux/nfs4.h b/include/linux/nfs4.h
index 8d04b6a5964c..5c2d69cf609a 100644
--- a/include/linux/nfs4.h
+++ b/include/linux/nfs4.h
@@ -15,6 +15,7 @@ 
 
 #include <linux/list.h>
 #include <linux/uidgid.h>
+#include <linux/security.h>
 #include <uapi/linux/nfs4.h>
 #include <linux/sunrpc/msg_prot.h>
 
@@ -44,10 +45,9 @@  struct nfs4_acl {
 #define NFS4_MAXLABELLEN	2048
 
 struct nfs4_label {
-	uint32_t	lfs;
-	uint32_t	pi;
-	u32		len;
-	char	*label;
+	uint32_t		lfs;
+	uint32_t		pi;
+	struct lsmcontext	lsmctx;
 };
 
 typedef struct { char data[NFS4_VERIFIER_SIZE]; } nfs4_verifier;
diff --git a/include/linux/nfs_fs.h b/include/linux/nfs_fs.h
index a17c337dbdf1..a838d4a45c1b 100644
--- a/include/linux/nfs_fs.h
+++ b/include/linux/nfs_fs.h
@@ -428,7 +428,7 @@  static inline void nfs4_label_free(struct nfs4_label *label)
 {
 #ifdef CONFIG_NFS_V4_SECURITY_LABEL
 	if (label) {
-		kfree(label->label);
+		kfree(label->lsmctx.context);
 		kfree(label);
 	}
 #endif
diff --git a/include/linux/security.h b/include/linux/security.h
index ca2ed1909608..a4d08b47cbc3 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -229,8 +229,19 @@  static inline bool lsmblob_equal(const struct lsmblob *bloba,
 }
 
 /* Map lsm names to blob slot numbers */
+#if LSMBLOB_ENTRIES > 0
 extern int lsm_name_to_slot(char *name);
 extern const char *lsm_slot_to_name(int slot);
+#else
+static inline int lsm_name_to_slot(char *name)
+{
+	return LSMBLOB_INVALID;
+}
+static inline const char *lsm_slot_to_name(int slot)
+{
+	return NULL;
+}
+#endif
 
 /**
  * lsmblob_value - find the first non-zero value in an lsmblob structure.
@@ -470,8 +481,8 @@  int security_sb_clone_mnt_opts(const struct super_block *oldsb,
 int security_move_mount(const struct path *from_path, const struct path *to_path);
 int security_dentry_init_security(struct dentry *dentry, int mode,
 				  const struct qstr *name,
-				  const char **xattr_name, void **ctx,
-				  u32 *ctxlen);
+				  const char **xattr_name,
+				  struct lsmcontext *lsmcxt);
 int security_dentry_create_files_as(struct dentry *dentry, int mode,
 					struct qstr *name,
 					const struct cred *old,
@@ -888,8 +899,7 @@  static inline int security_dentry_init_security(struct dentry *dentry,
 						 int mode,
 						 const struct qstr *name,
 						 const char **xattr_name,
-						 void **ctx,
-						 u32 *ctxlen)
+						 struct lsmcontext *lsmcxt)
 {
 	return -EOPNOTSUPP;
 }
diff --git a/security/security.c b/security/security.c
index 72df3d0cd233..96a89fd5802b 100644
--- a/security/security.c
+++ b/security/security.c
@@ -487,6 +487,8 @@  static int lsm_append(const char *new, char **result)
  * Current index to use while initializing the lsmblob secid list.
  */
 static int lsm_slot __lsm_ro_after_init;
+
+#if LSMBLOB_ENTRIES > 0
 static struct lsm_id *lsm_slotlist[LSMBLOB_ENTRIES] __lsm_ro_after_init;
 
 /**
@@ -531,6 +533,7 @@  const char *lsm_slot_to_name(int slot)
 		return NULL;
 	return lsm_slotlist[slot]->lsm;
 }
+#endif /* LSMBLOB_ENTRIES > 0 */
 
 /**
  * security_add_hooks - Add a modules hooks to the hook lists.
@@ -549,6 +552,7 @@  void __init security_add_hooks(struct security_hook_list *hooks, int count,
 
 	WARN_ON(!lsmid->slot || !lsmid->lsm);
 
+#if LSMBLOB_ENTRIES > 0
 	if (lsmid->slot == LSMBLOB_NEEDED) {
 		if (lsm_slot >= LSMBLOB_ENTRIES)
 			panic("%s Too many LSMs registered.\n", __func__);
@@ -557,6 +561,7 @@  void __init security_add_hooks(struct security_hook_list *hooks, int count,
 		init_debug("%s assigned lsmblob slot %d\n", lsmid->lsm,
 			   lsmid->slot);
 	}
+#endif /* LSMBLOB_ENTRIES > 0 */
 
 	for (i = 0; i < count; i++) {
 		hooks[i].lsmid = lsmid;
@@ -1167,8 +1172,8 @@  void security_inode_free(struct inode *inode)
 
 int security_dentry_init_security(struct dentry *dentry, int mode,
 				  const struct qstr *name,
-				  const char **xattr_name, void **ctx,
-				  u32 *ctxlen)
+				  const char **xattr_name,
+				  struct lsmcontext *lsmctx)
 {
 	struct security_hook_list *hp;
 	int rc;
@@ -1176,9 +1181,13 @@  int security_dentry_init_security(struct dentry *dentry, int mode,
 	/*
 	 * Only one module will provide a security context.
 	 */
-	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security, list) {
+	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security,
+			     list) {
 		rc = hp->hook.dentry_init_security(dentry, mode, name,
-						   xattr_name, ctx, ctxlen);
+						   xattr_name,
+						   (void **)&lsmctx->context,
+						   &lsmctx->len);
+		lsmctx->slot = hp->lsmid->slot;
 		if (rc != LSM_RET_DEFAULT(dentry_init_security))
 			return rc;
 	}
@@ -2238,7 +2247,7 @@  int security_getprocattr(struct task_struct *p, const char *lsm, char *name,
 		ilsm = lsm_task_ilsm(p);
 		if (ilsm != LSMBLOB_INVALID)
 			slot = ilsm;
-		*value = kstrdup(lsm_slotlist[slot]->lsm, GFP_KERNEL);
+		*value = kstrdup(lsm_slot_to_name(slot), GFP_KERNEL);
 		if (*value)
 			return strlen(*value);
 		return -ENOMEM;
@@ -2273,6 +2282,7 @@  int security_setprocattr(const char *lsm, const char *name, void *value,
 			 size_t size)
 {
 	struct security_hook_list *hp;
+	const char *slotname;
 	char *termed;
 	char *copy;
 	int *ilsm = current->security;
@@ -2304,12 +2314,14 @@  int security_setprocattr(const char *lsm, const char *name, void *value,
 
 		termed = strsep(&copy, " \n");
 
-		for (slot = 0; slot < lsm_slot; slot++)
+		for (slot = 0; slot < lsm_slot; slot++) {
+			slotname = lsm_slot_to_name(slot);
 			if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
-				*ilsm = lsm_slotlist[slot]->slot;
+				*ilsm = slot;
 				rc = size;
 				break;
 			}
+		}
 
 		kfree(termed);
 		return rc;