[PATCH v5 04/15] landlock: helper functions refactoring
Konstantin Meskhidze
konstantin.meskhidze at huawei.com
Wed May 18 09:14:35 UTC 2022
5/16/2022 9:28 PM, Mickaël Salaün пишет:
>
> On 16/05/2022 19:43, Konstantin Meskhidze wrote:
>>
>>
>> 5/16/2022 8:14 PM, Mickaël Salaün пишет:
>>>
>>> On 16/05/2022 17:20, Konstantin Meskhidze wrote:
>>>> Unmask_layers(), init_layer_masks() and
>>>> get_handled_accesses() helper functions move to
>>>> ruleset.c and rule_type argument is added.
>>>> This modification supports implementing new rule
>>>> types into next landlock versions.
>>>>
>>>> Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze at huawei.com>
>
> [...]
>
>>>> -/*
>>>> - * @layer_masks is read and may be updated according to the access
>>>> request and
>>>> - * the matching rule.
>>>> - *
>>>> - * Returns true if the request is allowed (i.e. relevant layer
>>>> masks for the
>>>> - * request are empty).
>>>> - */
>>>> -static inline bool
>>>> -unmask_layers(const struct landlock_rule *const rule,
>>>> - const access_mask_t access_request,
>>>> - layer_mask_t (*const layer_masks)[LANDLOCK_NUM_ACCESS_FS])
>>>
>>> Moving these entire blocks of code make the review/diff impossible.
>>> Why moving these helpers?
>>
>> Cause these helpers are going to be used both for filesystem and
>> network. I moved them into ruleset.c/h
>
> Right. Please create a commit which only moves these helpers without
> modifying them, and explain in the commit message that this removes
> inlined code. We'll see later if this adds a visible performance impact.
>
Ok. I will create towo commits - the first one moves helpers to
ruleset.c/h and the second one changes helpers to support network.
> [...]
>
>>>> @@ -519,17 +413,25 @@ static int check_access_path_dual(
>>>>
>>>> if (unlikely(dentry_child1)) {
>>>> unmask_layers(find_rule(domain, dentry_child1),
>>>> - init_layer_masks(domain, LANDLOCK_MASK_ACCESS_FS,
>>>> - &_layer_masks_child1),
>>>> - &_layer_masks_child1);
>>>> + init_layer_masks(domain,
>>>> + LANDLOCK_MASK_ACCESS_FS,
>>>> + &_layer_masks_child1,
>>>> + sizeof(_layer_masks_child1),
>>>> + LANDLOCK_RULE_PATH_BENEATH),
>>>> + &_layer_masks_child1,
>>>> + ARRAY_SIZE(_layer_masks_child1));
>>>
>>> There is a lot of formatting diff and that makes the review
>>> difficult. Please format everything with clang-format-14.
>>
>> Ok. Do you have some tool that helps you with editing code with
>> clang format?
>
> I just run `clang-format-14 -i` on files before each commit. Some
> editors such as VSCode can handle the clang-format configuration (which
> is in the Linux source tree).
>
Ok. I have updated installed cloang-format-14 executable and setup my
VSCode to use .clang-format file.
>
>>>
>>>> layer_masks_child1 = &_layer_masks_child1;
>>>> child1_is_directory = d_is_dir(dentry_child1);
>>>> }
>>>> if (unlikely(dentry_child2)) {
>>>> unmask_layers(find_rule(domain, dentry_child2),
>>>> - init_layer_masks(domain, LANDLOCK_MASK_ACCESS_FS,
>>>> - &_layer_masks_child2),
>>>> - &_layer_masks_child2);
>>>> + init_layer_masks(domain,
>>>> + LANDLOCK_MASK_ACCESS_FS,
>>>> + &_layer_masks_child2,
>>>> + sizeof(_layer_masks_child2),
>>>> + LANDLOCK_RULE_PATH_BENEATH),
>>>> + &_layer_masks_child2,
>>>> + ARRAY_SIZE(_layer_masks_child2));
>>>> layer_masks_child2 = &_layer_masks_child2;
>>>> child2_is_directory = d_is_dir(dentry_child2);
>>>> }
>>>> @@ -582,14 +484,15 @@ static int check_access_path_dual(
>>>>
>>>> rule = find_rule(domain, walker_path.dentry);
>>>> allowed_parent1 = unmask_layers(rule, access_masked_parent1,
>>>> - layer_masks_parent1);
>>>> + layer_masks_parent1,
>>>> + ARRAY_SIZE(*layer_masks_parent1));
>>>> allowed_parent2 = unmask_layers(rule, access_masked_parent2,
>>>> - layer_masks_parent2);
>>>> + layer_masks_parent2,
>>>> + ARRAY_SIZE(*layer_masks_parent2));
>>>>
>>>> /* Stops when a rule from each layer grants access. */
>>>> if (allowed_parent1 && allowed_parent2)
>>>> break;
>>>> -
>>>
>>> There is no place for such formatting/whitespace patches.
>>>
>> I missed that. scripts/checkpatch.pl did not show any problem here.
>
> checkpatch.pl doesn't warn about whitespace changes.
yep. I will use Vscode clang plugin to follow the required code style.
>
>
>> I will fix it. Thanks.
>>>
>>>> jump_up:
>>>> if (walker_path.dentry == walker_path.mnt->mnt_root) {
>>>> if (follow_up(&walker_path)) {
>>>> @@ -645,7 +548,9 @@ static inline int check_access_path(const struct
>>>> landlock_ruleset *const domain,
>>>> {
>>>> layer_mask_t layer_masks[LANDLOCK_NUM_ACCESS_FS] = {};
>>>>
>>>> - access_request = init_layer_masks(domain, access_request,
>>>> &layer_masks);
>>>> + access_request = init_layer_masks(domain, access_request,
>>>> + &layer_masks, sizeof(layer_masks),
>>>> + LANDLOCK_RULE_PATH_BENEATH);
>>>> return check_access_path_dual(domain, path, access_request,
>>>> &layer_masks, NULL, 0, NULL, NULL);
>>>> }
>>>> @@ -729,7 +634,8 @@ static bool collect_domain_accesses(
>>>> return true;
>>>>
>>>> access_dom = init_layer_masks(domain, LANDLOCK_MASK_ACCESS_FS,
>>>> - layer_masks_dom);
>>>> + layer_masks_dom, sizeof(*layer_masks_dom),
>>>> + LANDLOCK_RULE_PATH_BENEATH);
>>>>
>>>> dget(dir);
>>>> while (true) {
>>>> @@ -737,7 +643,8 @@ static bool collect_domain_accesses(
>>>>
>>>> /* Gets all layers allowing all domain accesses. */
>>>> if (unmask_layers(find_rule(domain, dir), access_dom,
>>>> - layer_masks_dom)) {
>>>> + layer_masks_dom,
>>>> + ARRAY_SIZE(*layer_masks_dom))) {
>>>> /*
>>>> * Stops when all handled accesses are allowed by at
>>>> * least one rule in each layer.
>>>> @@ -851,9 +758,10 @@ static int current_check_refer_path(struct
>>>> dentry *const old_dentry,
>>>> * The LANDLOCK_ACCESS_FS_REFER access right is not required
>>>> * for same-directory referer (i.e. no reparenting).
>>>> */
>>>> - access_request_parent1 = init_layer_masks(
>>>> - dom, access_request_parent1 | access_request_parent2,
>>>> - &layer_masks_parent1);
>>>> + access_request_parent1 = init_layer_masks(dom,
>>>> + access_request_parent1 | access_request_parent2,
>>>> + &layer_masks_parent1, sizeof(layer_masks_parent1),
>>>> + LANDLOCK_RULE_PATH_BENEATH);
>>>> return check_access_path_dual(dom, new_dir,
>>>> access_request_parent1,
>>>> &layer_masks_parent1, NULL, 0,
>>>> @@ -861,7 +769,9 @@ static int current_check_refer_path(struct
>>>> dentry *const old_dentry,
>>>> }
>>>>
>>>> /* Backward compatibility: no reparenting support. */
>>>> - if (!(get_handled_accesses(dom) & LANDLOCK_ACCESS_FS_REFER))
>>>> + if (!(get_handled_accesses(dom, LANDLOCK_RULE_PATH_BENEATH,
>>>> + LANDLOCK_NUM_ACCESS_FS) &
>>>> + LANDLOCK_ACCESS_FS_REFER))
>>>> return -EXDEV;
>>>>
>>>> access_request_parent1 |= LANDLOCK_ACCESS_FS_REFER;
>>>> diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c
>>>> index 4b4c9953bb32..c4ed783d655b 100644
>>>> --- a/security/landlock/ruleset.c
>>>> +++ b/security/landlock/ruleset.c
>>>> @@ -233,7 +233,8 @@ static int insert_rule(struct landlock_ruleset
>>>> *const ruleset,
>>>> &(*layers)[0]);
>>>> if (IS_ERR(new_rule))
>>>> return PTR_ERR(new_rule);
>>>> - rb_replace_node(&this->node, &new_rule->node,
>>>> &ruleset->root_inode);
>>>> + rb_replace_node(&this->node, &new_rule->node,
>>>> + &ruleset->root_inode);
>>>
>>> This is a pure formatting hunk. :/
>>>
>> Thats strange, cause in my editor I have normal aligment of arguments.
>> Could please share clang-format-14 tab size and other format
>> parameters?
>
> They are in the .clang-format file. It would be much easier to just run
> clang-format-14 -i on your changed files. I guess you had different
> changes between consecutive commits.
Yep. Thnank you for help here.
> .
More information about the Linux-security-module-archive
mailing list