[PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock

Trond Myklebust trondmy at hammerspace.com
Fri Feb 19 20:07:19 UTC 2021

On Fri, 2021-02-19 at 12:20 -0500, Olga Kornievskaia wrote:
> Trond/Anna,
> I'd like your opinion here. Some static checking flags a "ctx"
> assignment in nfs_fill_super() in the new patch. In an existing code
> there is a check for it is NULL before dereferencing. However, "ctx"
> can never be null. nfs_get_tree_common() which calls nfs_fill_super()
> and passes in "ctx" gets it from the passed in "fs_context". If the
> passed in arg can be null then we are dereferencing in var assignment
> so things would blow up there. So "ctx" can never be null.
> Should I create another clean up patch to remove the check for null
> ctx in nfs_fill_super() to make static analyzers happy?

Yes, at this point, nfs_fill_super() is only called from
nfs_get_tree_common(), which would crash and burn well before if ctx
were an invalid pointer.

So please go ahead, and remove the check for ctx being NULL in

Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust at hammerspace.com

More information about the Linux-security-module-archive mailing list