Smack: Fix wrong semantics in smk_access_entry()
authorTianjia Zhang <tianjia.zhang@linux.alibaba.com>
Thu, 15 Jul 2021 09:17:24 +0000 (17:17 +0800)
committerCasey Schaufler <casey@schaufler-ca.com>
Tue, 20 Jul 2021 16:17:36 +0000 (09:17 -0700)
In the smk_access_entry() function, if no matching rule is found
in the rust_list, a negative error code will be used to perform bit
operations with the MAY_ enumeration value. This is semantically
wrong. This patch fixes this issue.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
security/smack/smack_access.c

index 1f391f6..d2186e2 100644 (file)
@@ -81,23 +81,22 @@ int log_policy = SMACK_AUDIT_DENIED;
 int smk_access_entry(char *subject_label, char *object_label,
                        struct list_head *rule_list)
 {
-       int may = -ENOENT;
        struct smack_rule *srp;
 
        list_for_each_entry_rcu(srp, rule_list, list) {
                if (srp->smk_object->smk_known == object_label &&
                    srp->smk_subject->smk_known == subject_label) {
-                       may = srp->smk_access;
-                       break;
+                       int may = srp->smk_access;
+                       /*
+                        * MAY_WRITE implies MAY_LOCK.
+                        */
+                       if ((may & MAY_WRITE) == MAY_WRITE)
+                               may |= MAY_LOCK;
+                       return may;
                }
        }
 
-       /*
-        * MAY_WRITE implies MAY_LOCK.
-        */
-       if ((may & MAY_WRITE) == MAY_WRITE)
-               may |= MAY_LOCK;
-       return may;
+       return -ENOENT;
 }
 
 /**