[PATCH v14 04/10] KEYS: Move KEY_LOOKUP_ to include/linux/key.h and add flags check function
Roberto Sassu
roberto.sassu at huaweicloud.com
Mon Aug 29 07:25:05 UTC 2022
On Sun, 2022-08-28 at 07:03 +0300, Jarkko Sakkinen wrote:
> On Sun, Aug 28, 2022 at 06:59:41AM +0300, Jarkko Sakkinen wrote:
> > On Fri, Aug 26, 2022 at 11:22:54AM +0200, Roberto Sassu wrote:
> > > On Fri, 2022-08-26 at 11:12 +0200, Roberto Sassu wrote:
> > > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > > >
> > > > In preparation for the patch that introduces the
> > > > bpf_lookup_user_key() eBPF
> > > > kfunc, move KEY_LOOKUP_ definitions to include/linux/key.h, to
> > > > be
> > > > able to
> > > > validate the kfunc parameters.
> > > >
> > > > Also, introduce key_lookup_flags_valid() to check if the caller
> > > > set
> > > > in the
> > > > argument only defined flags. Introduce it directly in
> > > > include/linux/key.h,
> > > > to reduce the risk that the check is not in sync with currently
> > > > defined
> > > > flags.
> > > >
> > > > Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
> > > > Reviewed-by: KP Singh <kpsingh at kernel.org>
> > >
> > > Jarkko, could you please ack it if it is fine?
> >
> > So, as said I'm not really confident that a function is
> > even needed in the first place. It's fine if there are
> > enough call sites to make it legit.
>
> And *if* a named constant is enough, you could probably
> then just squash to the same patch that uses it, right?
Yes, the constant seems better. Maybe, I would add in the same patch
that exports the lookup flags, since we have that.
Thanks
Roberto
More information about the Linux-security-module-archive
mailing list