lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221018141037.zzpfjzutqbutbpiy@wittgenstein> Date: Tue, 18 Oct 2022 16:10:37 +0200 From: Christian Brauner <brauner@...nel.org> To: Kees Cook <keescook@...omium.org> Cc: Mimi Zohar <zohar@...ux.ibm.com>, John Johansen <john.johansen@...onical.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, linux-security-module@...r.kernel.org, Mickaël Salaün <mic@...ikod.net>, KP Singh <kpsingh@...nel.org>, Casey Schaufler <casey@...aufler-ca.com>, linux-kernel@...r.kernel.org, linux-integrity@...r.kernel.org, linux-hardening@...r.kernel.org Subject: Re: [PATCH 6/9] fs: Introduce file_to_perms() helper On Thu, Oct 13, 2022 at 03:36:51PM -0700, Kees Cook wrote: > Extract the logic used by LSM file hooks to be able to reconstruct the > access mode permissions from an open. > > Cc: John Johansen <john.johansen@...onical.com> > Cc: Paul Moore <paul@...l-moore.com> > Cc: James Morris <jmorris@...ei.org> > Cc: "Serge E. Hallyn" <serge@...lyn.com> > Cc: linux-security-module@...r.kernel.org > Signed-off-by: Kees Cook <keescook@...omium.org> > --- > include/linux/fs.h | 22 ++++++++++++++++++++++ > security/apparmor/include/file.h | 18 ++++-------------- > 2 files changed, 26 insertions(+), 14 deletions(-) > > diff --git a/include/linux/fs.h b/include/linux/fs.h > index 9eced4cc286e..814f10d4132e 100644 > --- a/include/linux/fs.h > +++ b/include/linux/fs.h > @@ -993,6 +993,28 @@ static inline struct file *get_file(struct file *f) > #define get_file_rcu(x) atomic_long_inc_not_zero(&(x)->f_count) > #define file_count(x) atomic_long_read(&(x)->f_count) > > +/* Calculate the basic MAY_* flags needed for a given file. */ > +static inline u8 file_to_perms(struct file *file) As long as there aren't multiple users of this and especially none in the vfs proper please don't move this into fs.h. It's overloaded enough as it is and we have vague plans on splitting it further in the future.
Powered by blists - more mailing lists