[PATCH v10 1/9] fs: move kernel_read_file* to its own include file
Kees Cook
keescook at chromium.org
Tue Jul 7 23:40:57 UTC 2020
On Mon, Jul 06, 2020 at 04:23:01PM -0700, Scott Branden wrote:
> Move kernel_read_file* out of linux/fs.h to its own linux/kernel_read_file.h
> include file. That header gets pulled in just about everywhere
> and doesn't really need functions not related to the general fs interface.
>
> Suggested-by: Christoph Hellwig <hch at lst.de>
> Signed-off-by: Scott Branden <scott.branden at broadcom.com>
> Reviewed-by: Christoph Hellwig <hch at lst.de>
> Acked-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
> ---
> drivers/base/firmware_loader/main.c | 1 +
> fs/exec.c | 1 +
> include/linux/fs.h | 39 ----------------------
> include/linux/ima.h | 1 +
> include/linux/kernel_read_file.h | 52 +++++++++++++++++++++++++++++
> include/linux/security.h | 1 +
> kernel/kexec_file.c | 1 +
> kernel/module.c | 1 +
> security/integrity/digsig.c | 1 +
> security/integrity/ima/ima_fs.c | 1 +
> security/integrity/ima/ima_main.c | 1 +
> security/integrity/ima/ima_policy.c | 1 +
> security/loadpin/loadpin.c | 1 +
> security/security.c | 1 +
> security/selinux/hooks.c | 1 +
> 15 files changed, 65 insertions(+), 39 deletions(-)
> create mode 100644 include/linux/kernel_read_file.h
This looks like too many files are getting touched. If it got added to
security.h, very few of the above .c files will need it explicitly
added (maybe none). You can test future versions of this change with an
allmodconfig build and make sure you have a matching .o for each .c
file that calls kernel_read_file(). :)
But otherwise, sure, seems good.
--
Kees Cook
More information about the Linux-security-module-archive
mailing list