Skip to content

Commit 8e5d9f9

Browse files
goongascschaufler
goongas
authored and
cschaufler
committed
smack: deduplicate xattr setting in smack_inode_init_security()
Signed-off-by: Konstantin Andreev <andreev@swemel.ru> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
1 parent 195da3f commit 8e5d9f9

1 file changed

Lines changed: 29 additions & 27 deletions

File tree

security/smack/smack_lsm.c

Lines changed: 29 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -980,6 +980,24 @@ smk_rule_transmutes(struct smack_known *subject,
980980
return (may > 0) && (may & MAY_TRANSMUTE);
981981
}
982982

983+
static int
984+
xattr_dupval(struct xattr *xattrs, int *xattr_count,
985+
const char *name, const void *value, unsigned int vallen)
986+
{
987+
struct xattr * const xattr = lsm_get_xattr_slot(xattrs, xattr_count);
988+
989+
if (!xattr)
990+
return 0;
991+
992+
xattr->value = kmemdup(value, vallen, GFP_NOFS);
993+
if (!xattr->value)
994+
return -ENOMEM;
995+
996+
xattr->value_len = vallen;
997+
xattr->name = name;
998+
return 0;
999+
}
1000+
9831001
/**
9841002
* smack_inode_init_security - copy out the smack from an inode
9851003
* @inode: the newly created inode
@@ -997,7 +1015,6 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
9971015
struct task_smack *tsp = smack_cred(current_cred());
9981016
struct inode_smack * const issp = smack_inode(inode);
9991017
struct smack_known *dsp = smk_of_inode(dir);
1000-
struct xattr *xattr = lsm_get_xattr_slot(xattrs, xattr_count);
10011018
bool trans_cred;
10021019
bool trans_rule;
10031020

@@ -1016,8 +1033,6 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
10161033
* Mark the inode as changed.
10171034
*/
10181035
if (trans_cred || (trans_rule && smk_inode_transmutable(dir))) {
1019-
struct xattr *xattr_transmute;
1020-
10211036
/*
10221037
* The caller of smack_dentry_create_files_as()
10231038
* should have overridden the current cred, so the
@@ -1029,35 +1044,22 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
10291044

10301045
if (S_ISDIR(inode->i_mode)) {
10311046
issp->smk_flags |= SMK_INODE_TRANSMUTE;
1032-
xattr_transmute = lsm_get_xattr_slot(xattrs,
1033-
xattr_count);
1034-
if (xattr_transmute) {
1035-
xattr_transmute->value = kmemdup(TRANS_TRUE,
1036-
TRANS_TRUE_SIZE,
1037-
GFP_NOFS);
1038-
if (!xattr_transmute->value)
1039-
return -ENOMEM;
1040-
1041-
xattr_transmute->value_len = TRANS_TRUE_SIZE;
1042-
xattr_transmute->name = XATTR_SMACK_TRANSMUTE;
1043-
}
1047+
1048+
if (xattr_dupval(xattrs, xattr_count,
1049+
XATTR_SMACK_TRANSMUTE,
1050+
TRANS_TRUE,
1051+
TRANS_TRUE_SIZE
1052+
))
1053+
return -ENOMEM;
10441054
}
10451055
}
10461056

10471057
issp->smk_flags |= SMK_INODE_INSTANT;
10481058

1049-
if (xattr) {
1050-
const char *inode_label = issp->smk_inode->smk_known;
1051-
1052-
xattr->value = kstrdup(inode_label, GFP_NOFS);
1053-
if (!xattr->value)
1054-
return -ENOMEM;
1055-
1056-
xattr->value_len = strlen(inode_label);
1057-
xattr->name = XATTR_SMACK_SUFFIX;
1058-
}
1059-
1060-
return 0;
1059+
return xattr_dupval(xattrs, xattr_count,
1060+
XATTR_SMACK_SUFFIX,
1061+
issp->smk_inode->smk_known,
1062+
strlen(issp->smk_inode->smk_known));
10611063
}
10621064

10631065
/**

0 commit comments

Comments
 (0)