On Wed, Oct 25, 2023 at 11:19 AM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > On 10/24/2023 6:43 PM, Paul Moore wrote: > > On Tue, Oct 24, 2023 at 6:23 PM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > >> On 10/24/2023 2:35 PM, Paul Moore wrote: > >>> Zero out all of the size counters in the -E2BIG case (buffer too > >>> small) to help make the current code a bit more robust in the face of > >>> future code changes. > >> I don't see how this change would have the described effect. > >> What it looks like it would do is change the return from -E2BIG > >> to 0, which would not have the desired result. > > When @toobig is true, which it will be when one of the individual LSMs > > return -E2BIG, the return value of security_getselfattr() is fixed to > > -E2BIG (check the if-statements at the end of the function). Setting > > @rc to zero as in this patch simply preserves some sanity in the > > @count variable as we are no longer subtracting the E2BIG errno from > > the @count value. Granted, in the @toobig case, @count doesn't do > > anything meaningful, but I believe this does harden the code against > > future changes. > > > > Look at the discussion between Mickaël and I in the v15 04/11 patch > > for more background. > > > > https://lore.kernel.org/linux-security-module/20230912205658.3432-5-casey@xxxxxxxxxxxxxxxx > > OK. My bad for not looking beyond the patch. No problem, we all get caught out from time to time, thanks for the review/ACK. -- paul-moore.com
