[PATCH v1] selftests/landlock: Fix readlink check
Günther Noack
gnoack at google.com
Wed May 28 14:48:54 UTC 2025
On Wed, May 28, 2025 at 04:44:25PM +0200, Mickaël Salaün wrote:
> The audit_init_filter_exe() helper incorrectly checks the readlink(2)
> error because an unsigned integer is used to store the result. Use a
> signed integer for this check.
>
> Cc: Günther Noack <gnoack at google.com>
> Reported-by: Dan Carpenter <dan.carpenter at linaro.org>
> Closes: https://lore.kernel.org/r/aDbFwyZ_fM-IO7sC@stanley.mountain
> Fixes: 6a500b22971c ("selftests/landlock: Add tests for audit flags and domain IDs")
> ---
> tools/testing/selftests/landlock/audit.h | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/tools/testing/selftests/landlock/audit.h b/tools/testing/selftests/landlock/audit.h
> index 18a6014920b5..b16986aa6442 100644
> --- a/tools/testing/selftests/landlock/audit.h
> +++ b/tools/testing/selftests/landlock/audit.h
> @@ -403,11 +403,12 @@ static int audit_init_filter_exe(struct audit_filter *filter, const char *path)
> /* It is assume that there is not already filtering rules. */
> filter->record_type = AUDIT_EXE;
> if (!path) {
> - filter->exe_len = readlink("/proc/self/exe", filter->exe,
> - sizeof(filter->exe) - 1);
> - if (filter->exe_len < 0)
> + int ret = readlink("/proc/self/exe", filter->exe,
> + sizeof(filter->exe) - 1);
> + if (ret < 0)
> return -errno;
>
> + filter->exe_len = ret;
> return 0;
> }
>
> --
> 2.49.0
>
Reviewed-by: Günther Noack <gnoack at google.com>
More information about the Linux-security-module-archive
mailing list