[PATCH v14 04/10] KEYS: Move KEY_LOOKUP_ to include/linux/key.h and add flags check function

Jarkko Sakkinen jarkko at kernel.org
Mon Aug 29 12:33:34 UTC 2022


On Mon, Aug 29, 2022 at 09:25:05AM +0200, Roberto Sassu wrote:
> On Sun, 2022-08-28 at 07:03 +0300, Jarkko Sakkinen wrote:
> > On Sun, Aug 28, 2022 at 06:59:41AM +0300, Jarkko Sakkinen wrote:
> > > On Fri, Aug 26, 2022 at 11:22:54AM +0200, Roberto Sassu wrote:
> > > > On Fri, 2022-08-26 at 11:12 +0200, Roberto Sassu wrote:
> > > > > From: Roberto Sassu <roberto.sassu at huawei.com>
> > > > > 
> > > > > In preparation for the patch that introduces the
> > > > > bpf_lookup_user_key() eBPF
> > > > > kfunc, move KEY_LOOKUP_ definitions to include/linux/key.h, to
> > > > > be
> > > > > able to
> > > > > validate the kfunc parameters.
> > > > > 
> > > > > Also, introduce key_lookup_flags_valid() to check if the caller
> > > > > set
> > > > > in the
> > > > > argument only defined flags. Introduce it directly in
> > > > > include/linux/key.h,
> > > > > to reduce the risk that the check is not in sync with currently
> > > > > defined
> > > > > flags.
> > > > > 
> > > > > Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
> > > > > Reviewed-by: KP Singh <kpsingh at kernel.org>
> > > > 
> > > > Jarkko, could you please ack it if it is fine?
> > > 
> > > So, as said I'm not really confident that a function is
> > > even needed in the first place. It's fine if there are
> > > enough call sites to make it legit.
> > 
> > And *if* a named constant is enough, you could probably
> > then just squash to the same patch that uses it, right?
> 
> Yes, the constant seems better. Maybe, I would add in the same patch
> that exports the lookup flags, since we have that.

Yeah, then it would be probably easier to review too
since it is "in the context".

BR, Jarkko



More information about the Linux-security-module-archive mailing list