[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <af2cb126-6697-7439-371a-948958cea891@schaufler-ca.com>
Date: Fri, 27 Dec 2019 07:59:38 -0800
From: Casey Schaufler <casey@...aufler-ca.com>
To: wenhuizhang <wenhui@...ail.gwu.edu>
Cc: James Morris <jmorris@...ei.org>,
Kees Cook <keescook@...omium.org>,
Matthew Garrett <matthewgarrett@...gle.com>,
David Howells <dhowells@...hat.com>,
"Joel Fernandes (Google)" <joel@...lfernandes.org>,
Micah Morton <mortonm@...omium.org>,
Janne Karhunen <janne.karhunen@...il.com>,
Richard Guy Briggs <rgb@...hat.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Signed-off-by: wenhuizhang <wenhui@...ail.gwu.edu>
On 12/26/2019 8:12 PM, wenhuizhang wrote:
> selinux/lsm-common: reorder and format security hooks
> Changes to be committed:
> modified: include/linux/security.h
> Details:
> - add default hook for security_cred_getsecid
What is this for? Who uses it?
> - group hooks with functionalities and get coherent for orders
Clean-ups should be separate from "real" code changes.
> ---
> include/linux/security.h | 46 +++++++++++++++++++---------------------
> 1 file changed, 22 insertions(+), 24 deletions(-)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 3e8d4bacd59d..14f580e37b24 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -462,10 +462,6 @@ static inline int unregister_blocking_lsm_notifier(struct notifier_block *nb)
> return 0;
> }
>
> -static inline void security_free_mnt_opts(void **mnt_opts)
> -{
> -}
> -
> /*
> * This is the default capabilities functionality. Most of these functions
> * are just stubbed out, but a few must call the proper capable code.
> @@ -605,6 +601,9 @@ static inline int security_sb_alloc(struct super_block *sb)
> static inline void security_sb_free(struct super_block *sb)
> { }
>
> +static inline void security_free_mnt_opts(void **mnt_opts)
> +{ }
> +
> static inline int security_sb_eat_lsm_opts(char *options,
> void **mnt_opts)
> {
> @@ -679,20 +678,6 @@ static inline int security_move_mount(const struct path *from_path,
> return 0;
> }
>
> -static inline int security_path_notify(const struct path *path, u64 mask,
> - unsigned int obj_type)
> -{
> - return 0;
> -}
> -
> -static inline int security_inode_alloc(struct inode *inode)
> -{
> - return 0;
> -}
> -
> -static inline void security_inode_free(struct inode *inode)
> -{ }
> -
> static inline int security_dentry_init_security(struct dentry *dentry,
> int mode,
> const struct qstr *name,
> @@ -710,6 +695,19 @@ static inline int security_dentry_create_files_as(struct dentry *dentry,
> return 0;
> }
>
> +static inline int security_path_notify(const struct path *path, u64 mask,
> + unsigned int obj_type)
> +{
> + return 0;
> +}
> +
> +static inline int security_inode_alloc(struct inode *inode)
> +{
> + return 0;
> +}
> +
> +static inline void security_inode_free(struct inode *inode)
> +{ }
>
> static inline int security_inode_init_security(struct inode *inode,
> struct inode *dir,
> @@ -982,8 +980,10 @@ static inline int security_prepare_creds(struct cred *new,
>
> static inline void security_transfer_creds(struct cred *new,
> const struct cred *old)
> -{
> -}
> +{ }
> +
> +static inline void security_cred_getsecid(const struct cred *c, u32 *secid)
> +{ }
>
> static inline int security_kernel_act_as(struct cred *cred, u32 secid)
> {
> @@ -1249,12 +1249,10 @@ static inline int security_secctx_to_secid(const char *secdata,
> }
>
> static inline void security_release_secctx(char *secdata, u32 seclen)
> -{
> -}
> +{ }
>
> static inline void security_inode_invalidate_secctx(struct inode *inode)
> -{
> -}
> +{ }
>
> static inline int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen)
> {
Powered by blists - more mailing lists