| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com>
Date: Tue, 04 Mar 2025 10:26:52 +0000
From: Alice Ryhl <aliceryhl@...gle.com>
To: Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>,
"Serge E. Hallyn" <serge@...lyn.com>
Cc: Miguel Ojeda <ojeda@...nel.org>, Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
"Björn Roy Baron" <bjorn3_gh@...tonmail.com>, Benno Lossin <benno.lossin@...ton.me>,
Andreas Hindborg <a.hindborg@...nel.org>, Trevor Gross <tmgross@...ch.edu>,
rust-for-linux@...r.kernel.org, linux-security-module@...r.kernel.org,
linux-kernel@...r.kernel.org, Alice Ryhl <aliceryhl@...gle.com>
Subject: [PATCH v2] lsm: rust: mark SecurityCtx methods inline
When you build the kernel using the llvm-19.1.4-rust-1.83.0-x86_64
toolchain provided by kernel.org with ARCH=arm64, the following symbols
are generated:
$ nm vmlinux | grep ' _R'.*SecurityCtx | rustfilt
ffffffc0808fe8a0 T <kernel::security::SecurityCtx>::from_secid
ffffffc0808fe9a4 T <kernel::security::SecurityCtx as core::ops::drop::Drop>::drop
However, these Rust symbols are trivial wrappers around the functions
security_secid_to_secctx and security_release_secctx respectively. It
doesn't make sense to go through a trivial wrapper for these functions,
so mark them inline. Also mark other trivial methods inline to prevent
similar cases in the future.
After applying this patch, the above command will produce no output.
Reviewed-by: Andreas Hindborg <a.hindborg@...nel.org>
Signed-off-by: Alice Ryhl <aliceryhl@...gle.com>
---
Changes in v2:
- Reword commit message.
- Link to v1: https://lore.kernel.org/r/20250303-inline-securityctx-v1-1-fb7b9b641fdf@google.com
---
I will also reword "destroy"/"free" to "release" as suggested by Casey,
but I'll send a separate patch for that change.
---
rust/kernel/security.rs | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
index 25d2b1ac383355941ecbe86bd3c505eb6517c180..24321105052648e150f2875bcfa5ef29f4249516 100644
--- a/rust/kernel/security.rs
+++ b/rust/kernel/security.rs
@@ -23,6 +23,7 @@ pub struct SecurityCtx {
impl SecurityCtx {
/// Get the security context given its id.
+ #[inline]
pub fn from_secid(secid: u32) -> Result<Self> {
// SAFETY: `struct lsm_context` can be initialized to all zeros.
let mut ctx: bindings::lsm_context = unsafe { core::mem::zeroed() };
@@ -35,16 +36,19 @@ pub fn from_secid(secid: u32) -> Result<Self> {
}
/// Returns whether the security context is empty.
+ #[inline]
pub fn is_empty(&self) -> bool {
self.ctx.len == 0
}
/// Returns the length of this security context.
+ #[inline]
pub fn len(&self) -> usize {
self.ctx.len as usize
}
/// Returns the bytes for this security context.
+ #[inline]
pub fn as_bytes(&self) -> &[u8] {
let ptr = self.ctx.context;
if ptr.is_null() {
@@ -61,6 +65,7 @@ pub fn as_bytes(&self) -> &[u8] {
}
impl Drop for SecurityCtx {
+ #[inline]
fn drop(&mut self) {
// SAFETY: By the invariant of `Self`, this frees a context that came from a successful
// call to `security_secid_to_secctx` and has not yet been destroyed by
---
base-commit: a64dcfb451e254085a7daee5fe51bf22959d52d3
change-id: 20250303-inline-securityctx-6fc1ca669156
Best regards,
--
Alice Ryhl <aliceryhl@...gle.com>
Powered by blists - more mailing lists