| Message ID | 20240729215702.318099-2-paul@paul-moore.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | lsm: cleanup lsm_hooks.h | expand |
On 7/29/2024 2:57 PM, Paul Moore wrote: > Some cleanup and style corrections for lsm_hooks.h. > > * Drop the lsm_inode_alloc() extern declaration, it is not needed. > * Relocate lsm_get_xattr_slot() and extern variables in the file to > improve grouping of related objects. > * Don't use tabs to needlessly align structure fields. > > Signed-off-by: Paul Moore <paul@paul-moore.com> Sense of aesthetics aside, Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> > --- > include/linux/lsm_hooks.h | 82 +++++++++++++++++++-------------------- > security/security.c | 2 +- > 2 files changed, 41 insertions(+), 43 deletions(-) > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h > index 845457f0eeb7..f0dd453b39d5 100644 > --- a/include/linux/lsm_hooks.h > +++ b/include/linux/lsm_hooks.h > @@ -79,8 +79,8 @@ struct lsm_static_calls_table { > * Contains the information that identifies the LSM. > */ > struct lsm_id { > - const char *name; > - u64 id; > + const char *name; > + u64 id; > }; > > /* > @@ -93,48 +93,30 @@ struct lsm_id { > * @lsm: The name of the lsm that owns this hook. > */ > struct security_hook_list { > - struct lsm_static_call *scalls; > - union security_list_options hook; > - const struct lsm_id *lsmid; > + struct lsm_static_call *scalls; > + union security_list_options hook; > + const struct lsm_id *lsmid; > } __randomize_layout; > > /* > * Security blob size or offset data. > */ > struct lsm_blob_sizes { > - int lbs_cred; > - int lbs_file; > - int lbs_ib; > - int lbs_inode; > - int lbs_sock; > - int lbs_superblock; > - int lbs_ipc; > - int lbs_key; > - int lbs_msg_msg; > - int lbs_perf_event; > - int lbs_task; > - int lbs_xattr_count; /* number of xattr slots in new_xattrs array */ > - int lbs_tun_dev; > + int lbs_cred; > + int lbs_file; > + int lbs_ib; > + int lbs_inode; > + int lbs_sock; > + int lbs_superblock; > + int lbs_ipc; > + int lbs_key; > + int lbs_msg_msg; > + int lbs_perf_event; > + int lbs_task; > + int lbs_xattr_count; /* number of xattr slots in new_xattrs array */ > + int lbs_tun_dev; > }; > > -/** > - * lsm_get_xattr_slot - Return the next available slot and increment the index > - * @xattrs: array storing LSM-provided xattrs > - * @xattr_count: number of already stored xattrs (updated) > - * > - * Retrieve the first available slot in the @xattrs array to fill with an xattr, > - * and increment @xattr_count. > - * > - * Return: The slot to fill in @xattrs if non-NULL, NULL otherwise. > - */ > -static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, > - int *xattr_count) > -{ > - if (unlikely(!xattrs)) > - return NULL; > - return &xattrs[(*xattr_count)++]; > -} > - > /* > * LSM_RET_VOID is used as the default value in LSM_HOOK definitions for void > * LSM hooks (in include/linux/lsm_hook_defs.h). > @@ -153,8 +135,6 @@ static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, > .hook = { .NAME = HOOK } \ > } > > -extern char *lsm_names; > - > extern void security_add_hooks(struct security_hook_list *hooks, int count, > const struct lsm_id *lsmid); > > @@ -176,9 +156,6 @@ struct lsm_info { > struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */ > }; > > -extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; > -extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; > - > #define DEFINE_LSM(lsm) \ > static struct lsm_info __lsm_##lsm \ > __used __section(".lsm_info.init") \ > @@ -189,7 +166,28 @@ extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; > __used __section(".early_lsm_info.init") \ > __aligned(sizeof(unsigned long)) > > -extern int lsm_inode_alloc(struct inode *inode); > +/* DO NOT tamper with these variables outside of the LSM framework */ > +extern char *lsm_names; > extern struct lsm_static_calls_table static_calls_table __ro_after_init; > +extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; > +extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; > + > +/** > + * lsm_get_xattr_slot - Return the next available slot and increment the index > + * @xattrs: array storing LSM-provided xattrs > + * @xattr_count: number of already stored xattrs (updated) > + * > + * Retrieve the first available slot in the @xattrs array to fill with an xattr, > + * and increment @xattr_count. > + * > + * Return: The slot to fill in @xattrs if non-NULL, NULL otherwise. > + */ > +static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, > + int *xattr_count) > +{ > + if (unlikely(!xattrs)) > + return NULL; > + return &xattrs[(*xattr_count)++]; > +} > > #endif /* ! __LINUX_LSM_HOOKS_H */ > diff --git a/security/security.c b/security/security.c > index 780b84f5d09c..7ac6765f9260 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -764,7 +764,7 @@ static int lsm_file_alloc(struct file *file) > * > * Returns 0, or -ENOMEM if memory can't be allocated. > */ > -int lsm_inode_alloc(struct inode *inode) > +static int lsm_inode_alloc(struct inode *inode) > { > if (!lsm_inode_cache) { > inode->i_security = NULL;
On Mon, Jul 29, 2024 at 5:57 PM Paul Moore <paul@paul-moore.com> wrote: > > Some cleanup and style corrections for lsm_hooks.h. > > * Drop the lsm_inode_alloc() extern declaration, it is not needed. > * Relocate lsm_get_xattr_slot() and extern variables in the file to > improve grouping of related objects. > * Don't use tabs to needlessly align structure fields. > > Signed-off-by: Paul Moore <paul@paul-moore.com> > --- > include/linux/lsm_hooks.h | 82 +++++++++++++++++++-------------------- > security/security.c | 2 +- > 2 files changed, 41 insertions(+), 43 deletions(-) Merged into lsm/dev.
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 845457f0eeb7..f0dd453b39d5 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -79,8 +79,8 @@ struct lsm_static_calls_table { * Contains the information that identifies the LSM. */ struct lsm_id { - const char *name; - u64 id; + const char *name; + u64 id; }; /* @@ -93,48 +93,30 @@ struct lsm_id { * @lsm: The name of the lsm that owns this hook. */ struct security_hook_list { - struct lsm_static_call *scalls; - union security_list_options hook; - const struct lsm_id *lsmid; + struct lsm_static_call *scalls; + union security_list_options hook; + const struct lsm_id *lsmid; } __randomize_layout; /* * Security blob size or offset data. */ struct lsm_blob_sizes { - int lbs_cred; - int lbs_file; - int lbs_ib; - int lbs_inode; - int lbs_sock; - int lbs_superblock; - int lbs_ipc; - int lbs_key; - int lbs_msg_msg; - int lbs_perf_event; - int lbs_task; - int lbs_xattr_count; /* number of xattr slots in new_xattrs array */ - int lbs_tun_dev; + int lbs_cred; + int lbs_file; + int lbs_ib; + int lbs_inode; + int lbs_sock; + int lbs_superblock; + int lbs_ipc; + int lbs_key; + int lbs_msg_msg; + int lbs_perf_event; + int lbs_task; + int lbs_xattr_count; /* number of xattr slots in new_xattrs array */ + int lbs_tun_dev; }; -/** - * lsm_get_xattr_slot - Return the next available slot and increment the index - * @xattrs: array storing LSM-provided xattrs - * @xattr_count: number of already stored xattrs (updated) - * - * Retrieve the first available slot in the @xattrs array to fill with an xattr, - * and increment @xattr_count. - * - * Return: The slot to fill in @xattrs if non-NULL, NULL otherwise. - */ -static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, - int *xattr_count) -{ - if (unlikely(!xattrs)) - return NULL; - return &xattrs[(*xattr_count)++]; -} - /* * LSM_RET_VOID is used as the default value in LSM_HOOK definitions for void * LSM hooks (in include/linux/lsm_hook_defs.h). @@ -153,8 +135,6 @@ static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, .hook = { .NAME = HOOK } \ } -extern char *lsm_names; - extern void security_add_hooks(struct security_hook_list *hooks, int count, const struct lsm_id *lsmid); @@ -176,9 +156,6 @@ struct lsm_info { struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */ }; -extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; -extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; - #define DEFINE_LSM(lsm) \ static struct lsm_info __lsm_##lsm \ __used __section(".lsm_info.init") \ @@ -189,7 +166,28 @@ extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; __used __section(".early_lsm_info.init") \ __aligned(sizeof(unsigned long)) -extern int lsm_inode_alloc(struct inode *inode); +/* DO NOT tamper with these variables outside of the LSM framework */ +extern char *lsm_names; extern struct lsm_static_calls_table static_calls_table __ro_after_init; +extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; +extern struct lsm_info __start_early_lsm_info[], __end_early_lsm_info[]; + +/** + * lsm_get_xattr_slot - Return the next available slot and increment the index + * @xattrs: array storing LSM-provided xattrs + * @xattr_count: number of already stored xattrs (updated) + * + * Retrieve the first available slot in the @xattrs array to fill with an xattr, + * and increment @xattr_count. + * + * Return: The slot to fill in @xattrs if non-NULL, NULL otherwise. + */ +static inline struct xattr *lsm_get_xattr_slot(struct xattr *xattrs, + int *xattr_count) +{ + if (unlikely(!xattrs)) + return NULL; + return &xattrs[(*xattr_count)++]; +} #endif /* ! __LINUX_LSM_HOOKS_H */ diff --git a/security/security.c b/security/security.c index 780b84f5d09c..7ac6765f9260 100644 --- a/security/security.c +++ b/security/security.c @@ -764,7 +764,7 @@ static int lsm_file_alloc(struct file *file) * * Returns 0, or -ENOMEM if memory can't be allocated. */ -int lsm_inode_alloc(struct inode *inode) +static int lsm_inode_alloc(struct inode *inode) { if (!lsm_inode_cache) { inode->i_security = NULL;
Some cleanup and style corrections for lsm_hooks.h. * Drop the lsm_inode_alloc() extern declaration, it is not needed. * Relocate lsm_get_xattr_slot() and extern variables in the file to improve grouping of related objects. * Don't use tabs to needlessly align structure fields. Signed-off-by: Paul Moore <paul@paul-moore.com> --- include/linux/lsm_hooks.h | 82 +++++++++++++++++++-------------------- security/security.c | 2 +- 2 files changed, 41 insertions(+), 43 deletions(-)