Re: [PATCH v2 2/3] sched: add a macro to define bitops for task atomic flags

Zefan Li <lizefan@xxxxxxxxxx> · Tue, 23 Sep 2014 14:52:50 +0800

>> -static inline bool task_no_new_privs(struct task_struct *p)
>> -{
>> -       return test_bit(PFA_NO_NEW_PRIVS, &p->atomic_flags);
>> -}
>> -
>> -static inline void task_set_no_new_privs(struct task_struct *p)
>> -{
>> -       set_bit(PFA_NO_NEW_PRIVS, &p->atomic_flags);
>> -}
>> +#define TASK_PFA_BITOPS(name, func)                            \
>> +static inline bool task_##func(struct task_struct *p)          \
>> +{ return test_bit(PFA_##name, &p->atomic_flags); }             \
>> +                                                               \
>> +static inline void task_set_##func(struct task_struct *p)      \
>> +{ set_bit(PFA_##name, &p->atomic_flags); }                     \
>> +                                                               \
>> +static inline void task_clear_##func(struct task_struct *p)    \
>> +{ clear_bit(PFA_##name, &p->atomic_flags); }
>> +
>> +TASK_PFA_BITOPS(NO_NEW_PRIVS, no_new_privs)
> 
> One thing I don't like about this is that task_clear_no_new_privs()
> ends up getting defined, and it should absolutely never be used. NNP
> should never be cleared or there could be security issues. I realize
> this isn't a very useful nit-pick, but I'd rather the function wasn't
> even available for someone to accidentally use. Maybe break up the
> macro with some kind of "write only" version like:
> 
> #define TASK_PFA_BITOPS_WO(name, func)                            \
> static inline bool task_##func(struct task_struct *p)          \
> { return test_bit(PFA_##name, &p->atomic_flags); }             \
> static inline void task_set_##func(struct task_struct *p)      \
> { set_bit(PFA_##name, &p->atomic_flags); }
> 
> #define TASK_PFA_BITOPS(name, func)                            \
> TASK_PFA_BITOPS_WO(name, func);          \
> static inline void task_clear_##func(struct task_struct *p)    \
> { clear_bit(PFA_##name, &p->atomic_flags); }
> 
> TASK_PFA_BITOPS_WO(NO_NEW_PRIVS, no_new_privs)
> 
> And then all the new users can use TASK_PFA_BITOPS() normally since
> they expect to use "clear"?
> 

Now I'm inclined to do this:

+#define TASK_PFA_TEST(name, func)					\
+	static inline bool task_##func(struct task_struct *p)		\
+	{ return test_bit(PFA_##name, &p->atomic_flags); }
+#define TASK_PFA_SET(name, func)					\
+	static inline void task_set_##func(struct task_struct *p)	\
+	{ set_bit(PFA_##name, &p->atomic_flags); }
+#define TASK_PFA_CLEAR(name, func)					\
+	static inline void task_clear_##func(struct task_struct *p)	\
+	{ clear_bit(PFA_##name, &p->atomic_flags); }
+
+TASK_PFA_TEST(NO_NEW_PRIVS, no_new_privs)
+TASK_PFA_SET(NO_NEW_PRIVS, no_new_privs)

--
To unsubscribe from this list: send the line "unsubscribe cgroups" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html