On Mon, Feb 21, 2022 at 4:15 PM Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > > From: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> > > Move the SB_NOUSER and IS_PRIVATE dentry check to a standalone > is_nouser_or_private() helper. This will be useful for a following > commit. > > Move get_mode_access() and maybe_remove() to make them usable by new > code provided by a following commit. > > Signed-off-by: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> > Link: https://lore.kernel.org/r/20220221212522.320243-6-mic@xxxxxxxxxxx > --- > security/landlock/fs.c | 87 ++++++++++++++++++++++-------------------- > 1 file changed, 46 insertions(+), 41 deletions(-) One nit-picky comment below, otherwise it looks fine to me. Reviewed-by: Paul Moore <paul@xxxxxxxxxxxxxx> > diff --git a/security/landlock/fs.c b/security/landlock/fs.c > index 9662f9fb3cd0..3886f9ad1a60 100644 > --- a/security/landlock/fs.c > +++ b/security/landlock/fs.c > @@ -257,6 +257,18 @@ static inline bool unmask_layers(const struct landlock_rule *const rule, > return false; > } > > +static inline bool is_nouser_or_private(const struct dentry *dentry) > +{ > + /* > + * Allows access to pseudo filesystems that will never be mountable > + * (e.g. sockfs, pipefs), but can still be reachable through > + * /proc/<pid>/fd/<file-descriptor> . > + */ I might suggest moving this explanation up to a function header comment block. > + return (dentry->d_sb->s_flags & SB_NOUSER) || > + (d_is_positive(dentry) && > + unlikely(IS_PRIVATE(d_backing_inode(dentry)))); > +} > + > static int check_access_path(const struct landlock_ruleset *const domain, > const struct path *const path, > const access_mask_t access_request) -- paul-moore.com
