On Wed, 2023-10-11 at 17:43 +0200, Roberto Sassu wrote: > On Wed, 2023-10-11 at 10:51 -0400, Mimi Zohar wrote: > > On Mon, 2023-09-04 at 15:33 +0200, Roberto Sassu wrote: > > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > > > Change ima_file_mprotect() definition, so that it can be registered > > > as implementation of the file_mprotect hook. > > > > > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > Reviewed-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> > > > --- > > > include/linux/ima.h | 5 +++-- > > > security/integrity/ima/ima_main.c | 6 ++++-- > > > security/security.c | 2 +- > > > 3 files changed, 8 insertions(+), 5 deletions(-) > > > > > > diff --git a/include/linux/ima.h b/include/linux/ima.h > > > index 893c3b98b4d0..56e72c0beb96 100644 > > > --- a/include/linux/ima.h > > > +++ b/include/linux/ima.h > > > @@ -24,7 +24,8 @@ extern void ima_post_create_tmpfile(struct mnt_idmap *idmap, > > > extern void ima_file_free(struct file *file); > > > extern int ima_file_mmap(struct file *file, unsigned long reqprot, > > > unsigned long prot, unsigned long flags); > > > -extern int ima_file_mprotect(struct vm_area_struct *vma, unsigned long prot); > > > +int ima_file_mprotect(struct vm_area_struct *vma, unsigned long reqprot, > > > + unsigned long prot); > > > > "extern" is needed here and similarly in 5/25. > > I removed because of a complain from checkpatch.pl --strict. Intermixing with/without "extern" looks weird. I would suggest removing all the externs as a separate patch, but they're being removed in "[PATCH v3 21/25] ima: Move to LSM infrastructure" anyway. For now I would include the "extern". -- thanks, Mimi
