Re: [PATCH v1 06/11] landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 17/03/2022 13:04, Mickaël Salaün wrote:

On 17/03/2022 02:26, Paul Moore wrote:

[...]

@@ -269,16 +270,188 @@ static inline bool is_nouser_or_private(const struct dentry *dentry) unlikely(IS_PRIVATE(d_backing_inode(dentry))));
  }

-static int check_access_path(const struct landlock_ruleset *const domain,
-               const struct path *const path,
+static inline access_mask_t get_handled_accesses(
+               const struct landlock_ruleset *const domain)
+{
+       access_mask_t access_dom = 0;
+       unsigned long access_bit;

Would it be better to declare @access_bit as an access_mask_t type?
You're not using any macros like for_each_set_bit() in this function
so I believe it should be safe.

Right, I'll change that.

Well, thinking about it again, access_bit is not an access mask but an index in such mask. access_mask_t gives enough space for such index but it is definitely not the right semantic. The best type should be size_t, but I prefer to stick to unsigned long (used for size_t anyway) for consistency with the other access_bit variable types. There is no need to use for_each_set_bit() here now but that could change, and I prefer to do my best to prevent future issues. ;)
Anyway, I guess the compiler can optimize such code.



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux