| Message ID | 20250331104709.897062-1-mic@digikod.net (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [v1] landlock: Remove incorrect warning | expand |
On Mon, Mar 31, 2025 at 12:47:07PM +0200, Mickaël Salaün wrote: > landlock_put_hierarchy() can be called when an error occurs in > landlock_merge_ruleset() due to insufficient memory. In this case, the > domain's audit details might not have been allocated yet, which would > cause landlock_free_hierarchy_details() to print a warning (but still > safely handle this case). > > We could keep the WARN_ON_ONCE(!hierarchy) but it's not worth it for > this kind of function, so let's remove it entirely. Reviewed-by: Günther Noack <gnoack@google.com> -Günther
diff --git a/security/landlock/domain.h b/security/landlock/domain.h index ed0d348e214c..7fb70b25f85a 100644 --- a/security/landlock/domain.h +++ b/security/landlock/domain.h @@ -130,7 +130,7 @@ int landlock_init_hierarchy_log(struct landlock_hierarchy *const hierarchy); static inline void landlock_free_hierarchy_details(struct landlock_hierarchy *const hierarchy) { - if (WARN_ON_ONCE(!hierarchy || !hierarchy->details)) + if (!hierarchy || !hierarchy->details) return; put_pid(hierarchy->details->pid);
landlock_put_hierarchy() can be called when an error occurs in landlock_merge_ruleset() due to insufficient memory. In this case, the domain's audit details might not have been allocated yet, which would cause landlock_free_hierarchy_details() to print a warning (but still safely handle this case). We could keep the WARN_ON_ONCE(!hierarchy) but it's not worth it for this kind of function, so let's remove it entirely. Cc: Günther Noack <gnoack@google.com> Cc: Paul Moore <paul@paul-moore.com> Reported-by: syzbot+8bca99e91de7e060e4ea@syzkaller.appspotmail.com Link: https://lore.kernel.org/r/67e919bf.050a0220.1547ec.00a0.GAE@google.com Signed-off-by: Mickaël Salaün <mic@digikod.net> --- security/landlock/domain.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)