[PATCH v14 04/10] KEYS: Move KEY_LOOKUP_ to include/linux/key.h and add flags check function

Jarkko Sakkinen jarkko at kernel.org
Sun Aug 28 03:59:38 UTC 2022


On Fri, Aug 26, 2022 at 11:22:54AM +0200, Roberto Sassu wrote:
> On Fri, 2022-08-26 at 11:12 +0200, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu at huawei.com>
> > 
> > In preparation for the patch that introduces the
> > bpf_lookup_user_key() eBPF
> > kfunc, move KEY_LOOKUP_ definitions to include/linux/key.h, to be
> > able to
> > validate the kfunc parameters.
> > 
> > Also, introduce key_lookup_flags_valid() to check if the caller set
> > in the
> > argument only defined flags. Introduce it directly in
> > include/linux/key.h,
> > to reduce the risk that the check is not in sync with currently
> > defined
> > flags.
> > 
> > Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
> > Reviewed-by: KP Singh <kpsingh at kernel.org>
> 
> Jarkko, could you please ack it if it is fine?

So, as said I'm not really confident that a function is
even needed in the first place. It's fine if there are
enough call sites to make it legit.

BR, Jarkko



More information about the Linux-security-module-archive mailing list