From: Al Viro <viro@zeniv.linux.org.uk>
To: linux-fsdevel@vger.kernel.org
Cc: torvalds@linux-foundation.org, brauner@kernel.org, jack@suse.cz,
raven@themaw.net, miklos@szeredi.hu, neil@brown.name,
a.hindborg@kernel.org, linux-mm@kvack.org,
linux-efi@vger.kernel.org, ocfs2-devel@lists.linux.dev,
kees@kernel.org, rostedt@goodmis.org, gregkh@linuxfoundation.org,
linux-usb@vger.kernel.org, paul@paul-moore.com,
casey@schaufler-ca.com, linuxppc-dev@lists.ozlabs.org,
john.johansen@canonical.com, selinux@vger.kernel.org,
borntraeger@linux.ibm.com, bpf@vger.kernel.org
Subject: [PATCH v3 34/50] selinuxfs: new helper for attaching files to tree
Date: Tue, 11 Nov 2025 06:55:03 +0000 [thread overview]
Message-ID: <20251111065520.2847791-35-viro@zeniv.linux.org.uk> (raw)
In-Reply-To: <20251111065520.2847791-1-viro@zeniv.linux.org.uk>
allocating dentry after the inode has been set up reduces the amount
of boilerplate - "attach this inode under that name and this parent
or drop inode in case of failure" simplifies quite a few places.
Acked-by: Paul Moore <paul@paul-moore.com>
Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Tested-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
security/selinux/selinuxfs.c | 160 +++++++++++++++--------------------
1 file changed, 66 insertions(+), 94 deletions(-)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index b39e919c27b1..f088776dbbd3 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -1197,6 +1197,25 @@ static struct inode *sel_make_inode(struct super_block *sb, umode_t mode)
return ret;
}
+static struct dentry *sel_attach(struct dentry *parent, const char *name,
+ struct inode *inode)
+{
+ struct dentry *dentry = d_alloc_name(parent, name);
+ if (unlikely(!dentry)) {
+ iput(inode);
+ return ERR_PTR(-ENOMEM);
+ }
+ d_add(dentry, inode);
+ return dentry;
+}
+
+static int sel_attach_file(struct dentry *parent, const char *name,
+ struct inode *inode)
+{
+ struct dentry *dentry = sel_attach(parent, name, inode);
+ return PTR_ERR_OR_ZERO(dentry);
+}
+
static ssize_t sel_read_bool(struct file *filep, char __user *buf,
size_t count, loff_t *ppos)
{
@@ -1356,8 +1375,7 @@ static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_
*bool_num = num;
*bool_pending_names = names;
- for (i = 0; i < num; i++) {
- struct dentry *dentry;
+ for (i = 0; !ret && i < num; i++) {
struct inode *inode;
struct inode_security_struct *isec;
ssize_t len;
@@ -1368,15 +1386,9 @@ static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_
ret = -ENAMETOOLONG;
break;
}
- dentry = d_alloc_name(bool_dir, names[i]);
- if (!dentry) {
- ret = -ENOMEM;
- break;
- }
inode = sel_make_inode(bool_dir->d_sb, S_IFREG | S_IRUGO | S_IWUSR);
if (!inode) {
- dput(dentry);
ret = -ENOMEM;
break;
}
@@ -1394,7 +1406,8 @@ static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_
isec->initialized = LABEL_INITIALIZED;
inode->i_fop = &sel_bool_ops;
inode->i_ino = i|SEL_BOOL_INO_OFFSET;
- d_add(dentry, inode);
+
+ ret = sel_attach_file(bool_dir, names[i], inode);
}
out:
free_page((unsigned long)page);
@@ -1579,6 +1592,7 @@ static int sel_make_avc_files(struct dentry *dir)
struct super_block *sb = dir->d_sb;
struct selinux_fs_info *fsi = sb->s_fs_info;
unsigned int i;
+ int err = 0;
static const struct tree_descr files[] = {
{ "cache_threshold",
&sel_avc_cache_threshold_ops, S_IRUGO|S_IWUSR },
@@ -1588,26 +1602,20 @@ static int sel_make_avc_files(struct dentry *dir)
#endif
};
- for (i = 0; i < ARRAY_SIZE(files); i++) {
+ for (i = 0; !err && i < ARRAY_SIZE(files); i++) {
struct inode *inode;
- struct dentry *dentry;
-
- dentry = d_alloc_name(dir, files[i].name);
- if (!dentry)
- return -ENOMEM;
inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
- if (!inode) {
- dput(dentry);
+ if (!inode)
return -ENOMEM;
- }
inode->i_fop = files[i].ops;
inode->i_ino = ++fsi->last_ino;
- d_add(dentry, inode);
+
+ err = sel_attach_file(dir, files[i].name, inode);
}
- return 0;
+ return err;
}
static int sel_make_ss_files(struct dentry *dir)
@@ -1615,30 +1623,25 @@ static int sel_make_ss_files(struct dentry *dir)
struct super_block *sb = dir->d_sb;
struct selinux_fs_info *fsi = sb->s_fs_info;
unsigned int i;
+ int err = 0;
static const struct tree_descr files[] = {
{ "sidtab_hash_stats", &sel_sidtab_hash_stats_ops, S_IRUGO },
};
- for (i = 0; i < ARRAY_SIZE(files); i++) {
+ for (i = 0; !err && i < ARRAY_SIZE(files); i++) {
struct inode *inode;
- struct dentry *dentry;
-
- dentry = d_alloc_name(dir, files[i].name);
- if (!dentry)
- return -ENOMEM;
inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
- if (!inode) {
- dput(dentry);
+ if (!inode)
return -ENOMEM;
- }
inode->i_fop = files[i].ops;
inode->i_ino = ++fsi->last_ino;
- d_add(dentry, inode);
+
+ err = sel_attach_file(dir, files[i].name, inode);
}
- return 0;
+ return err;
}
static ssize_t sel_read_initcon(struct file *file, char __user *buf,
@@ -1666,30 +1669,25 @@ static const struct file_operations sel_initcon_ops = {
static int sel_make_initcon_files(struct dentry *dir)
{
unsigned int i;
+ int err = 0;
- for (i = 1; i <= SECINITSID_NUM; i++) {
- struct inode *inode;
- struct dentry *dentry;
+ for (i = 1; !err && i <= SECINITSID_NUM; i++) {
const char *s = security_get_initial_sid_context(i);
+ struct inode *inode;
if (!s)
continue;
- dentry = d_alloc_name(dir, s);
- if (!dentry)
- return -ENOMEM;
inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
- if (!inode) {
- dput(dentry);
+ if (!inode)
return -ENOMEM;
- }
inode->i_fop = &sel_initcon_ops;
inode->i_ino = i|SEL_INITCON_INO_OFFSET;
- d_add(dentry, inode);
+ err = sel_attach_file(dir, s, inode);
}
- return 0;
+ return err;
}
static inline unsigned long sel_class_to_ino(u16 class)
@@ -1771,29 +1769,21 @@ static int sel_make_perm_files(struct selinux_policy *newpolicy,
if (rc)
return rc;
- for (i = 0; i < nperms; i++) {
+ for (i = 0; !rc && i < nperms; i++) {
struct inode *inode;
- struct dentry *dentry;
- rc = -ENOMEM;
- dentry = d_alloc_name(dir, perms[i]);
- if (!dentry)
- goto out;
-
- rc = -ENOMEM;
inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
if (!inode) {
- dput(dentry);
- goto out;
+ rc = -ENOMEM;
+ break;
}
inode->i_fop = &sel_perm_ops;
/* i+1 since perm values are 1-indexed */
inode->i_ino = sel_perm_to_ino(classvalue, i + 1);
- d_add(dentry, inode);
+
+ rc = sel_attach_file(dir, perms[i], inode);
}
- rc = 0;
-out:
for (i = 0; i < nperms; i++)
kfree(perms[i]);
kfree(perms);
@@ -1808,20 +1798,18 @@ static int sel_make_class_dir_entries(struct selinux_policy *newpolicy,
struct selinux_fs_info *fsi = sb->s_fs_info;
struct dentry *dentry = NULL;
struct inode *inode = NULL;
-
- dentry = d_alloc_name(dir, "index");
- if (!dentry)
- return -ENOMEM;
+ int err;
inode = sel_make_inode(dir->d_sb, S_IFREG|S_IRUGO);
- if (!inode) {
- dput(dentry);
+ if (!inode)
return -ENOMEM;
- }
inode->i_fop = &sel_class_ops;
inode->i_ino = sel_class_to_ino(index);
- d_add(dentry, inode);
+
+ err = sel_attach_file(dir, "index", inode);
+ if (err)
+ return err;
dentry = sel_make_dir(dir, "perms", &fsi->last_class_ino);
if (IS_ERR(dentry))
@@ -1873,58 +1861,47 @@ static int sel_make_policycap(struct dentry *dir)
{
struct super_block *sb = dir->d_sb;
unsigned int iter;
- struct dentry *dentry = NULL;
struct inode *inode = NULL;
+ int err = 0;
+
+ for (iter = 0; !err && iter <= POLICYDB_CAP_MAX; iter++) {
+ const char *name;
- for (iter = 0; iter <= POLICYDB_CAP_MAX; iter++) {
if (iter < ARRAY_SIZE(selinux_policycap_names))
- dentry = d_alloc_name(dir,
- selinux_policycap_names[iter]);
+ name = selinux_policycap_names[iter];
else
- dentry = d_alloc_name(dir, "unknown");
-
- if (dentry == NULL)
- return -ENOMEM;
+ name = "unknown";
inode = sel_make_inode(sb, S_IFREG | 0444);
- if (inode == NULL) {
- dput(dentry);
+ if (!inode)
return -ENOMEM;
- }
inode->i_fop = &sel_policycap_ops;
inode->i_ino = iter | SEL_POLICYCAP_INO_OFFSET;
- d_add(dentry, inode);
+ err = sel_attach_file(dir, name, inode);
}
- return 0;
+ return err;
}
static struct dentry *sel_make_dir(struct dentry *dir, const char *name,
unsigned long *ino)
{
- struct dentry *dentry = d_alloc_name(dir, name);
struct inode *inode;
- if (!dentry)
- return ERR_PTR(-ENOMEM);
-
inode = sel_make_inode(dir->d_sb, S_IFDIR | S_IRUGO | S_IXUGO);
- if (!inode) {
- dput(dentry);
+ if (!inode)
return ERR_PTR(-ENOMEM);
- }
inode->i_op = &simple_dir_inode_operations;
inode->i_fop = &simple_dir_operations;
inode->i_ino = ++(*ino);
/* directory inodes start off with i_nlink == 2 (for "." entry) */
inc_nlink(inode);
- d_add(dentry, inode);
/* bump link count on parent directory, too */
inc_nlink(d_inode(dir));
- return dentry;
+ return sel_attach(dir, name, inode);
}
static int reject_all(struct mnt_idmap *idmap, struct inode *inode, int mask)
@@ -2012,17 +1989,10 @@ static int sel_fill_super(struct super_block *sb, struct fs_context *fc)
goto err;
}
- ret = -ENOMEM;
- dentry = d_alloc_name(sb->s_root, NULL_FILE_NAME);
- if (!dentry)
- goto err;
-
ret = -ENOMEM;
inode = sel_make_inode(sb, S_IFCHR | S_IRUGO | S_IWUGO);
- if (!inode) {
- dput(dentry);
+ if (!inode)
goto err;
- }
inode->i_ino = ++fsi->last_ino;
isec = selinux_inode(inode);
@@ -2031,7 +2001,9 @@ static int sel_fill_super(struct super_block *sb, struct fs_context *fc)
isec->initialized = LABEL_INITIALIZED;
init_special_inode(inode, S_IFCHR | S_IRUGO | S_IWUGO, MKDEV(MEM_MAJOR, 3));
- d_add(dentry, inode);
+ ret = sel_attach_file(sb->s_root, NULL_FILE_NAME, inode);
+ if (ret)
+ goto err;
dentry = sel_make_dir(sb->s_root, "avc", &fsi->last_ino);
if (IS_ERR(dentry)) {
--
2.47.3
next prev parent reply other threads:[~2025-11-11 8:21 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-11 6:54 [PATCH v3 00/50] tree-in-dcache stuff Al Viro
2025-11-11 6:54 ` [PATCH v3 01/50] fuse_ctl_add_conn(): fix nlink breakage in case of early failure Al Viro
2025-11-11 10:22 ` Miklos Szeredi
2025-11-11 6:54 ` [PATCH v3 02/50] tracefs: fix a leak in eventfs_create_events_dir() Al Viro
2025-11-11 6:54 ` [PATCH v3 03/50] new helper: simple_remove_by_name() Al Viro
2025-11-11 10:29 ` Miklos Szeredi
2025-11-11 6:54 ` [PATCH v3 04/50] new helper: simple_done_creating() Al Viro
2025-11-11 6:54 ` [PATCH v3 05/50] introduce a flag for explicitly marking persistently pinned dentries Al Viro
2025-11-11 6:54 ` [PATCH v3 06/50] primitives for maintaining persisitency Al Viro
2025-11-11 6:54 ` [PATCH v3 07/50] convert simple_{link,unlink,rmdir,rename,fill_super}() to new primitives Al Viro
2025-11-11 6:54 ` [PATCH v3 08/50] convert ramfs and tmpfs Al Viro
2025-11-11 6:54 ` [PATCH v3 09/50] procfs: make /self and /thread_self dentries persistent Al Viro
2025-11-11 6:54 ` [PATCH v3 10/50] configfs, securityfs: kill_litter_super() not needed Al Viro
2025-11-11 6:54 ` [PATCH v3 11/50] convert xenfs Al Viro
2025-11-11 6:54 ` [PATCH v3 12/50] convert smackfs Al Viro
2025-11-11 6:54 ` [PATCH v3 13/50] convert hugetlbfs Al Viro
2025-11-11 6:54 ` [PATCH v3 14/50] convert mqueue Al Viro
2025-11-11 6:54 ` [PATCH v3 15/50] convert bpf Al Viro
2025-11-11 6:54 ` [PATCH v3 16/50] convert dlmfs Al Viro
2025-11-11 6:54 ` [PATCH v3 17/50] convert fuse_ctl Al Viro
2025-11-11 10:28 ` Miklos Szeredi
2025-11-11 6:54 ` [PATCH v3 18/50] convert pstore Al Viro
2025-11-11 6:54 ` [PATCH v3 19/50] convert tracefs Al Viro
2025-11-11 6:54 ` [PATCH v3 20/50] convert debugfs Al Viro
2025-11-11 6:54 ` [PATCH v3 21/50] debugfs: remove duplicate checks in callers of start_creating() Al Viro
2025-11-11 6:54 ` [PATCH v3 22/50] convert efivarfs Al Viro
2025-11-11 6:54 ` [PATCH v3 23/50] convert spufs Al Viro
2025-11-11 6:54 ` [PATCH v3 24/50] convert ibmasmfs Al Viro
2025-11-11 6:54 ` [PATCH v3 25/50] ibmasmfs: get rid of ibmasmfs_dir_ops Al Viro
2025-11-11 6:54 ` [PATCH v3 26/50] convert devpts Al Viro
2025-11-11 6:54 ` [PATCH v3 27/50] binderfs: use simple_start_creating() Al Viro
2025-11-11 6:54 ` [PATCH v3 28/50] binderfs_binder_ctl_create(): kill a bogus check Al Viro
2025-11-11 6:54 ` [PATCH v3 29/50] convert binderfs Al Viro
2025-11-11 6:54 ` [PATCH v3 30/50] autofs_{rmdir,unlink}: dentry->d_fsdata->dentry == dentry there Al Viro
2025-11-11 6:55 ` [PATCH v3 31/50] convert autofs Al Viro
2025-11-11 6:55 ` [PATCH v3 32/50] convert binfmt_misc Al Viro
2025-11-11 6:55 ` [PATCH v3 33/50] selinuxfs: don't stash the dentry of /policy_capabilities Al Viro
2025-11-11 6:55 ` Al Viro [this message]
2025-11-11 7:53 ` [PATCH v3 34/50] selinuxfs: new helper for attaching files to tree bot+bpf-ci
2025-11-11 9:49 ` Al Viro
2025-11-12 3:55 ` Chris Mason
2025-11-11 6:55 ` [PATCH v3 35/50] convert selinuxfs Al Viro
2025-11-11 6:55 ` [PATCH v3 36/50] functionfs: switch to simple_remove_by_name() Al Viro
2025-11-11 7:53 ` bot+bpf-ci
2025-11-11 9:22 ` Al Viro
2025-11-11 9:30 ` Christian Brauner
2025-11-11 10:01 ` Al Viro
2025-11-11 14:25 ` Chris Mason
2025-11-12 3:44 ` Chris Mason
2025-11-13 9:26 ` [functionfs] mainline UAF (was Re: [PATCH v3 36/50] functionfs: switch to simple_remove_by_name()) Al Viro
2025-11-13 21:20 ` Greg Kroah-Hartman
2025-11-14 2:16 ` Chris Mason
2025-11-14 7:58 ` Al Viro
2025-11-14 7:46 ` Al Viro
2025-11-14 11:42 ` Christian Brauner
2025-11-15 13:21 ` Greg Kroah-Hartman
2025-11-16 6:30 ` Al Viro
2025-11-17 22:04 ` Al Viro
2025-11-17 22:04 ` [PATCH 1/4] functionfs: don't abuse ffs_data_closed() on fs shutdown Al Viro
2025-11-17 22:05 ` [PATCH 2/4] functionfs: don't bother with ffs->ref in ffs_data_{opened,closed}() Al Viro
2025-11-17 22:06 ` [PATCH 3/4] functionfs: need to cancel ->reset_work in ->kill_sb() Al Viro
2025-11-17 22:06 ` [PATCH 4/4] functionfs: fix the open/removal races Al Viro
2025-11-18 2:35 ` [functionfs] mainline UAF (was Re: [PATCH v3 36/50] functionfs: switch to simple_remove_by_name()) Greg Kroah-Hartman
2025-11-11 6:55 ` [PATCH v3 37/50] convert functionfs Al Viro
2025-11-11 6:55 ` [PATCH v3 38/50] gadgetfs: switch to simple_remove_by_name() Al Viro
2025-11-11 6:55 ` [PATCH v3 39/50] convert gadgetfs Al Viro
2025-11-11 6:55 ` [PATCH v3 40/50] hypfs: don't pin dentries twice Al Viro
2025-11-11 6:55 ` [PATCH v3 41/50] hypfs: switch hypfs_create_str() to returning int Al Viro
2025-11-11 6:55 ` [PATCH v3 42/50] hypfs: swich hypfs_create_u64() " Al Viro
2025-11-11 6:55 ` [PATCH v3 43/50] convert hypfs Al Viro
2025-11-11 6:55 ` [PATCH v3 44/50] convert rpc_pipefs Al Viro
2025-11-11 6:55 ` [PATCH v3 45/50] convert nfsctl Al Viro
2025-11-11 6:55 ` [PATCH v3 46/50] convert rust_binderfs Al Viro
2025-11-11 6:55 ` [PATCH v3 47/50] get rid of kill_litter_super() Al Viro
2025-11-11 6:55 ` [PATCH v3 48/50] convert securityfs Al Viro
2025-11-11 6:55 ` [PATCH v3 49/50] kill securityfs_recursive_remove() Al Viro
2025-11-11 6:55 ` [PATCH v3 50/50] d_make_discardable(): warn if given a non-persistent dentry Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251111065520.2847791-35-viro@zeniv.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=a.hindborg@kernel.org \
--cc=borntraeger@linux.ibm.com \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=casey@schaufler-ca.com \
--cc=gregkh@linuxfoundation.org \
--cc=jack@suse.cz \
--cc=john.johansen@canonical.com \
--cc=kees@kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-usb@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=miklos@szeredi.hu \
--cc=neil@brown.name \
--cc=ocfs2-devel@lists.linux.dev \
--cc=paul@paul-moore.com \
--cc=raven@themaw.net \
--cc=rostedt@goodmis.org \
--cc=selinux@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox