[PATCH 00/22] Move LSM hook comments into security/security.c
Roberto Sassu
roberto.sassu at huaweicloud.com
Tue Mar 7 08:08:52 UTC 2023
On Mon, 2023-03-06 at 13:49 -0500, Paul Moore wrote:
> On Thu, Feb 16, 2023 at 10:26 PM Paul Moore <paul at paul-moore.com> wrote:
> > Hello all,
> >
> > The LSM hook comment blocks are a in a rather sad state; separated from
> > the hook definitions they are often out of mind, and as a result
> > most of them are in varying levels of bit-rot, some severely. This
> > patchset moves all of the comment blocks out of lsm_hooks.c and onto
> > the top of the function definitions as one would normally expect.
> > In the process of moving the comment blocks, they have been massaged
> > into the standard kernel-doc format for the sake of consistency and
> > easier reading. Unfortunately, correcting all of the errors in the
> > comments would have made an extremely long and painful task even worse,
> > so a number of errors remain, but the worst offenders were corrected in
> > the move. Now that the comments are in the proper location, and in the
> > proper format, my hope is that future patch submissions correcting the
> > actual comment contents will be much easier and the comments as a whole
> > will be easier to maintain.
> >
> > There are no code changes in this patchset, although since I was
> > already adding a lot of churn to security.c, the last patch in this
> > patchset (22/22) does take the liberty of fixing some rather ugly
> > style problems.
> >
> > include/linux/lsm_hooks.h | 1624 +++++++++++++++++++++
> > security/security.c | 2702 +---------------------------------------
> > 2 files changed, 1710 insertions(+), 2616 deletions(-)
>
> Seeing no objections, and the ACK from Casey, I've gone ahead and
> merged this patchset into the lsm/next branch. There was some minor
> merge fuzz due to the mount idmap work and some IMA changes, but the
> vast majority of the patchset is exactly as posted.
Oh, I thought it was an intermediate version and didn't report some
issues:
scripts/kernel-doc security/security.c|grep warning
security/security.c:1236: warning: Function parameter or member 'mnt_opts' not described in 'security_free_mnt_opts'
security/security.c:1236: warning: Excess function parameter 'mnt_ops' description in 'security_free_mnt_opts'
security/security.c:1254: warning: Function parameter or member 'mnt_opts' not described in 'security_sb_eat_lsm_opts'
security/security.c:1254: warning: Excess function parameter 'mnt_ops' description in 'security_sb_eat_lsm_opts'
security/security.c:1423: warning: Function parameter or member 'oldsb' not described in 'security_sb_clone_mnt_opts'
security/security.c:1423: warning: Function parameter or member 'newsb' not described in 'security_sb_clone_mnt_opts'
[...]
Roberto
More information about the Linux-security-module-archive
mailing list