[bug report] landlock: Add AUDIT_LANDLOCK_DOMAIN and log domain status
Mickaël Salaün
mic at digikod.net
Wed Mar 12 10:50:31 UTC 2025
On Wed, Mar 12, 2025 at 11:33:29AM +0300, Dan Carpenter wrote:
> Hello Mickaël Salaün,
>
> Commit 96cc6f48a8e4 ("landlock: Add AUDIT_LANDLOCK_DOMAIN and log
> domain status") from Mar 8, 2025 (linux-next), leads to the following
> Smatch static checker warning:
>
> security/landlock/domain.c:66 get_current_exe()
> warn: 'size' unsigned <= 0
Hi,
Thanks for the report, I'll fix this issue.
I'm using Smatch's kchecker (commit f4f26f80d4f3) but I didn't get this
warning. I tried with and without build_kernel_data.sh but I get the same
result. Which command are you using?
>
> security/landlock/domain.c
> 39 static const void *get_current_exe(const char **const exe_str,
> 40 size_t *const exe_size)
> 41 {
> 42 const size_t buffer_size = LANDLOCK_PATH_MAX_SIZE;
> 43 struct mm_struct *mm = current->mm;
> 44 struct file *file __free(fput) = NULL;
> 45 char *buffer __free(kfree) = NULL;
> 46 const char *exe;
> 47 size_t size;
> 48
> 49 if (!mm)
> 50 return NULL;
> 51
> 52 file = get_mm_exe_file(mm);
> 53 if (!file)
> 54 return NULL;
> 55
> 56 buffer = kmalloc(buffer_size, GFP_KERNEL);
> 57 if (!buffer)
> 58 return ERR_PTR(-ENOMEM);
> 59
> 60 exe = d_path(&file->f_path, buffer, buffer_size);
> 61 if (WARN_ON_ONCE(IS_ERR(exe)))
> 62 /* Should never happen according to LANDLOCK_PATH_MAX_SIZE. */
> 63 return ERR_CAST(exe);
> 64
> 65 size = buffer + buffer_size - exe;
>
> d_path() takes a buffer and returns exe which is a pointer to the
> somewhere in the middle of buffer.
>
> --> 66 if (WARN_ON_ONCE(size <= 0))
>
> So size can't be negative. And also size is declared as unsigned so it
> can't be negative for that reason either.
>
> 67 return ERR_PTR(-ENAMETOOLONG);
> 68
> 69 *exe_size = size;
> 70 *exe_str = exe;
> 71 return no_free_ptr(buffer);
> 72 }
>
> regards,
> dan carpenter
>
More information about the Linux-security-module-archive
mailing list