summaryrefslogtreecommitdiffstats
path: root/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch
diff options
context:
space:
mode:
authorYannick GICQUEL <yannick.gicquel@iot.bzh>2015-10-19 15:57:07 +0200
committerGerrit Code Review <gerrit@172.30.200.200>2015-11-06 15:23:36 +0000
commitede19ea0c47fb23f3fc779833d1e57cf76f3371e (patch)
tree47d6fae2283c54def1871aaf2a73828ac68b1b34 /meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch
parent1cd8ab18abca96e4ee108f80225058d875b28347 (diff)
kernel: smack security backport from kernel 4
Here is the backport of all patches relating to smack support on kernel side. For more details, see file: meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/README Please note that patches are applied only if "smack" is in the ditro features. Here are the 2 lines to add in the local.conf OVERRIDES .= ":smack" DISTRO_FEATURES_append = " smack" Change-Id: I147a3532aec531f977d6ec34c576261835711f1e Signed-off-by: Yannick GICQUEL <yannick.gicquel@iot.bzh> Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch')
-rw-r--r--meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch239
1 files changed, 239 insertions, 0 deletions
diff --git a/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch
new file mode 100644
index 0000000..01e1e95
--- /dev/null
+++ b/meta-rcar-gen2/recipes-kernel/linux/linux-renesas/smack/0007-xattr-Constify-name-member-of-struct-xattr.patch
@@ -0,0 +1,239 @@
+From fe82cc13962e6dbf81dec4093e7dc947b296a988 Mon Sep 17 00:00:00 2001
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Date: Thu, 25 Jul 2013 05:44:02 +0900
+Subject: [PATCH 07/54] xattr: Constify ->name member of "struct xattr".
+
+Since everybody sets kstrdup()ed constant string to "struct xattr"->name but
+nobody modifies "struct xattr"->name , we can omit kstrdup() and its failure
+checking by constifying ->name member of "struct xattr".
+
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Reviewed-by: Joel Becker <jlbec@evilplan.org> [ocfs2]
+Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
+Acked-by: Casey Schaufler <casey@schaufler-ca.com>
+Acked-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
+Reviewed-by: Paul Moore <paul@paul-moore.com>
+Tested-by: Paul Moore <paul@paul-moore.com>
+Acked-by: Eric Paris <eparis@redhat.com>
+Signed-off-by: James Morris <james.l.morris@oracle.com>
+---
+ fs/ocfs2/xattr.h | 2 +-
+ include/linux/security.h | 8 ++++----
+ include/linux/xattr.h | 2 +-
+ include/uapi/linux/reiserfs_xattr.h | 2 +-
+ security/capability.c | 2 +-
+ security/integrity/evm/evm_main.c | 2 +-
+ security/security.c | 8 +++-----
+ security/selinux/hooks.c | 17 ++++++-----------
+ security/smack/smack_lsm.c | 9 +++------
+ 9 files changed, 21 insertions(+), 31 deletions(-)
+
+diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h
+index e5c7f15..19f134e 100644
+--- a/fs/ocfs2/xattr.h
++++ b/fs/ocfs2/xattr.h
+@@ -32,7 +32,7 @@ enum ocfs2_xattr_type {
+
+ struct ocfs2_security_xattr_info {
+ int enable;
+- char *name;
++ const char *name;
+ void *value;
+ size_t value_len;
+ };
+diff --git a/include/linux/security.h b/include/linux/security.h
+index 1d8fe3c..0f246d4 100644
+--- a/include/linux/security.h
++++ b/include/linux/security.h
+@@ -1472,7 +1472,7 @@ struct security_operations {
+ int (*inode_alloc_security) (struct inode *inode);
+ void (*inode_free_security) (struct inode *inode);
+ int (*inode_init_security) (struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr, const char **name,
+ void **value, size_t *len);
+ int (*inode_create) (struct inode *dir,
+ struct dentry *dentry, umode_t mode);
+@@ -1744,7 +1744,7 @@ int security_inode_init_security(struct inode *inode, struct inode *dir,
+ const struct qstr *qstr,
+ initxattrs initxattrs, void *fs_data);
+ int security_old_inode_init_security(struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr, const char **name,
+ void **value, size_t *len);
+ int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode);
+ int security_inode_link(struct dentry *old_dentry, struct inode *dir,
+@@ -2056,8 +2056,8 @@ static inline int security_inode_init_security(struct inode *inode,
+ static inline int security_old_inode_init_security(struct inode *inode,
+ struct inode *dir,
+ const struct qstr *qstr,
+- char **name, void **value,
+- size_t *len)
++ const char **name,
++ void **value, size_t *len)
+ {
+ return -EOPNOTSUPP;
+ }
+diff --git a/include/linux/xattr.h b/include/linux/xattr.h
+index fdbafc6..91b0a68 100644
+--- a/include/linux/xattr.h
++++ b/include/linux/xattr.h
+@@ -31,7 +31,7 @@ struct xattr_handler {
+ };
+
+ struct xattr {
+- char *name;
++ const char *name;
+ void *value;
+ size_t value_len;
+ };
+diff --git a/include/uapi/linux/reiserfs_xattr.h b/include/uapi/linux/reiserfs_xattr.h
+index d8ce17c..38fdd64 100644
+--- a/include/uapi/linux/reiserfs_xattr.h
++++ b/include/uapi/linux/reiserfs_xattr.h
+@@ -16,7 +16,7 @@ struct reiserfs_xattr_header {
+ };
+
+ struct reiserfs_security_handle {
+- char *name;
++ const char *name;
+ void *value;
+ size_t length;
+ };
+diff --git a/security/capability.c b/security/capability.c
+index 26e0d3d..432e8af 100644
+--- a/security/capability.c
++++ b/security/capability.c
+@@ -119,7 +119,7 @@ static void cap_inode_free_security(struct inode *inode)
+ }
+
+ static int cap_inode_init_security(struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr, const char **name,
+ void **value, size_t *len)
+ {
+ return -EOPNOTSUPP;
+diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
+index cdbde17..2787080 100644
+--- a/security/integrity/evm/evm_main.c
++++ b/security/integrity/evm/evm_main.c
+@@ -405,7 +405,7 @@ int evm_inode_init_security(struct inode *inode,
+
+ evm_xattr->value = xattr_data;
+ evm_xattr->value_len = sizeof(*xattr_data);
+- evm_xattr->name = kstrdup(XATTR_EVM_SUFFIX, GFP_NOFS);
++ evm_xattr->name = XATTR_EVM_SUFFIX;
+ return 0;
+ out:
+ kfree(xattr_data);
+diff --git a/security/security.c b/security/security.c
+index bf919ce..7813fd8 100644
+--- a/security/security.c
++++ b/security/security.c
+@@ -335,10 +335,10 @@ int security_inode_init_security(struct inode *inode, struct inode *dir,
+ if (unlikely(IS_PRIVATE(inode)))
+ return 0;
+
+- memset(new_xattrs, 0, sizeof new_xattrs);
+ if (!initxattrs)
+ return security_ops->inode_init_security(inode, dir, qstr,
+ NULL, NULL, NULL);
++ memset(new_xattrs, 0, sizeof(new_xattrs));
+ lsm_xattr = new_xattrs;
+ ret = security_ops->inode_init_security(inode, dir, qstr,
+ &lsm_xattr->name,
+@@ -353,16 +353,14 @@ int security_inode_init_security(struct inode *inode, struct inode *dir,
+ goto out;
+ ret = initxattrs(inode, new_xattrs, fs_data);
+ out:
+- for (xattr = new_xattrs; xattr->name != NULL; xattr++) {
+- kfree(xattr->name);
++ for (xattr = new_xattrs; xattr->value != NULL; xattr++)
+ kfree(xattr->value);
+- }
+ return (ret == -EOPNOTSUPP) ? 0 : ret;
+ }
+ EXPORT_SYMBOL(security_inode_init_security);
+
+ int security_old_inode_init_security(struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr, const char **name,
+ void **value, size_t *len)
+ {
+ if (unlikely(IS_PRIVATE(inode)))
+diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
+index d2f4381..0c47e2c 100644
+--- a/security/selinux/hooks.c
++++ b/security/selinux/hooks.c
+@@ -2533,7 +2533,8 @@ static void selinux_inode_free_security(struct inode *inode)
+ }
+
+ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr,
++ const char **name,
+ void **value, size_t *len)
+ {
+ const struct task_security_struct *tsec = current_security();
+@@ -2541,7 +2542,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
+ struct superblock_security_struct *sbsec;
+ u32 sid, newsid, clen;
+ int rc;
+- char *namep = NULL, *context;
++ char *context;
+
+ dsec = dir->i_security;
+ sbsec = dir->i_sb->s_security;
+@@ -2577,19 +2578,13 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
+ if (!ss_initialized || !(sbsec->flags & SE_SBLABELSUPP))
+ return -EOPNOTSUPP;
+
+- if (name) {
+- namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS);
+- if (!namep)
+- return -ENOMEM;
+- *name = namep;
+- }
++ if (name)
++ *name = XATTR_SELINUX_SUFFIX;
+
+ if (value && len) {
+ rc = security_sid_to_context_force(newsid, &context, &clen);
+- if (rc) {
+- kfree(namep);
++ if (rc)
+ return rc;
+- }
+ *value = context;
+ *len = clen;
+ }
+diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
+index 3f7682a..a113a77 100644
+--- a/security/smack/smack_lsm.c
++++ b/security/smack/smack_lsm.c
+@@ -582,7 +582,7 @@ static void smack_inode_free_security(struct inode *inode)
+ * Returns 0 if it all works out, -ENOMEM if there's no memory
+ */
+ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
+- const struct qstr *qstr, char **name,
++ const struct qstr *qstr, const char **name,
+ void **value, size_t *len)
+ {
+ struct inode_smack *issp = inode->i_security;
+@@ -591,11 +591,8 @@ static int smack_inode_init_security(struct inode *inode, struct inode *dir,
+ char *dsp = smk_of_inode(dir);
+ int may;
+
+- if (name) {
+- *name = kstrdup(XATTR_SMACK_SUFFIX, GFP_NOFS);
+- if (*name == NULL)
+- return -ENOMEM;
+- }
++ if (name)
++ *name = XATTR_SMACK_SUFFIX;
+
+ if (value) {
+ rcu_read_lock();
+--
+2.1.4
+