Message ID | 20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Paul Moore |
Headers | show |
Series | [v2] lsm: rust: mark SecurityCtx methods inline | expand |
Alice Ryhl <aliceryhl@google.com> writes: > When you build the kernel using the llvm-19.1.4-rust-1.83.0-x86_64 > toolchain provided by kernel.org with ARCH=arm64, the following symbols > are generated: > > $ nm vmlinux | grep ' _R'.*SecurityCtx | rustfilt > ffffffc0808fe8a0 T <kernel::security::SecurityCtx>::from_secid > ffffffc0808fe9a4 T <kernel::security::SecurityCtx as core::ops::drop::Drop>::drop > > However, these Rust symbols are trivial wrappers around the functions > security_secid_to_secctx and security_release_secctx respectively. It > doesn't make sense to go through a trivial wrapper for these functions, > so mark them inline. Also mark other trivial methods inline to prevent > similar cases in the future. > > After applying this patch, the above command will produce no output. > > Reviewed-by: Andreas Hindborg <a.hindborg@kernel.org> > Signed-off-by: Alice Ryhl <aliceryhl@google.com> Reviewed-by: Fiona Behrens <me@kloenk.dev> > --- > Changes in v2: > - Reword commit message. > - Link to v1: https://lore.kernel.org/r/20250303-inline-securityctx-v1-1-fb7b9b641fdf@google.com > --- > I will also reword "destroy"/"free" to "release" as suggested by Casey, > but I'll send a separate patch for that change. > --- > rust/kernel/security.rs | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs > index 25d2b1ac383355941ecbe86bd3c505eb6517c180..24321105052648e150f2875bcfa5ef29f4249516 100644 > --- a/rust/kernel/security.rs > +++ b/rust/kernel/security.rs > @@ -23,6 +23,7 @@ pub struct SecurityCtx { > > impl SecurityCtx { > /// Get the security context given its id. > + #[inline] > pub fn from_secid(secid: u32) -> Result<Self> { > // SAFETY: `struct lsm_context` can be initialized to all zeros. > let mut ctx: bindings::lsm_context = unsafe { core::mem::zeroed() }; > @@ -35,16 +36,19 @@ pub fn from_secid(secid: u32) -> Result<Self> { > } > > /// Returns whether the security context is empty. > + #[inline] > pub fn is_empty(&self) -> bool { > self.ctx.len == 0 > } > > /// Returns the length of this security context. > + #[inline] > pub fn len(&self) -> usize { > self.ctx.len as usize > } > > /// Returns the bytes for this security context. > + #[inline] > pub fn as_bytes(&self) -> &[u8] { > let ptr = self.ctx.context; > if ptr.is_null() { > @@ -61,6 +65,7 @@ pub fn as_bytes(&self) -> &[u8] { > } > > impl Drop for SecurityCtx { > + #[inline] > fn drop(&mut self) { > // SAFETY: By the invariant of `Self`, this frees a context that came from a successful > // call to `security_secid_to_secctx` and has not yet been destroyed by > > --- > base-commit: a64dcfb451e254085a7daee5fe51bf22959d52d3 > change-id: 20250303-inline-securityctx-6fc1ca669156 > > Best regards,
On Mar 4, 2025 Alice Ryhl <aliceryhl@google.com> wrote: > > When you build the kernel using the llvm-19.1.4-rust-1.83.0-x86_64 > toolchain provided by kernel.org with ARCH=arm64, the following symbols > are generated: > > $ nm vmlinux | grep ' _R'.*SecurityCtx | rustfilt > ffffffc0808fe8a0 T <kernel::security::SecurityCtx>::from_secid > ffffffc0808fe9a4 T <kernel::security::SecurityCtx as core::ops::drop::Drop>::drop > > However, these Rust symbols are trivial wrappers around the functions > security_secid_to_secctx and security_release_secctx respectively. It > doesn't make sense to go through a trivial wrapper for these functions, > so mark them inline. Also mark other trivial methods inline to prevent > similar cases in the future. > > After applying this patch, the above command will produce no output. > > Reviewed-by: Andreas Hindborg <a.hindborg@kernel.org> > Signed-off-by: Alice Ryhl <aliceryhl@google.com> > Reviewed-by: Fiona Behrens <me@kloenk.dev> > --- > Changes in v2: > - Reword commit message. > - Link to v1: https://lore.kernel.org/r/20250303-inline-securityctx-v1-1-fb7b9b641fdf@google.com > --- > I will also reword "destroy"/"free" to "release" as suggested by Casey, > but I'll send a separate patch for that change. > --- > rust/kernel/security.rs | 5 +++++ > 1 file changed, 5 insertions(+) Merged into lsm/dev, thanks everyone! -- paul-moore.com
diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs index 25d2b1ac383355941ecbe86bd3c505eb6517c180..24321105052648e150f2875bcfa5ef29f4249516 100644 --- a/rust/kernel/security.rs +++ b/rust/kernel/security.rs @@ -23,6 +23,7 @@ pub struct SecurityCtx { impl SecurityCtx { /// Get the security context given its id. + #[inline] pub fn from_secid(secid: u32) -> Result<Self> { // SAFETY: `struct lsm_context` can be initialized to all zeros. let mut ctx: bindings::lsm_context = unsafe { core::mem::zeroed() }; @@ -35,16 +36,19 @@ pub fn from_secid(secid: u32) -> Result<Self> { } /// Returns whether the security context is empty. + #[inline] pub fn is_empty(&self) -> bool { self.ctx.len == 0 } /// Returns the length of this security context. + #[inline] pub fn len(&self) -> usize { self.ctx.len as usize } /// Returns the bytes for this security context. + #[inline] pub fn as_bytes(&self) -> &[u8] { let ptr = self.ctx.context; if ptr.is_null() { @@ -61,6 +65,7 @@ pub fn as_bytes(&self) -> &[u8] { } impl Drop for SecurityCtx { + #[inline] fn drop(&mut self) { // SAFETY: By the invariant of `Self`, this frees a context that came from a successful // call to `security_secid_to_secctx` and has not yet been destroyed by