From 59438b46471ae6cdfb761afc8c9beaf1e428a331 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Wed, 27 Nov 2019 12:04:36 -0500 Subject: security,lockdown,selinux: implement SELinux lockdown Implement a SELinux hook for lockdown. If the lockdown module is also enabled, then a denial by the lockdown module will take precedence over SELinux, so SELinux can only further restrict lockdown decisions. The SELinux hook only distinguishes at the granularity of integrity versus confidentiality similar to the lockdown module, but includes the full lockdown reason as part of the audit record as a hint in diagnosing what triggered the denial. To support this auditing, move the lockdown_reasons[] string array from being private to the lockdown module to the security framework so that it can be used by the lsm audit code and so that it is always available even when the lockdown module is disabled. Note that the SELinux implementation allows the integrity and confidentiality reasons to be controlled independently from one another. Thus, in an SELinux policy, one could allow operations that specify an integrity reason while blocking operations that specify a confidentiality reason. The SELinux hook implementation is stricter than the lockdown module in validating the provided reason value. Sample AVC audit output from denials: avc: denied { integrity } for pid=3402 comm="fwupd" lockdown_reason="/dev/mem,kmem,port" scontext=system_u:system_r:fwupd_t:s0 tcontext=system_u:system_r:fwupd_t:s0 tclass=lockdown permissive=0 avc: denied { confidentiality } for pid=4628 comm="cp" lockdown_reason="/proc/kcore access" scontext=unconfined_u:unconfined_r:test_lockdown_integrity_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:test_lockdown_integrity_t:s0-s0:c0.c1023 tclass=lockdown permissive=0 Signed-off-by: Stephen Smalley Reviewed-by: James Morris [PM: some merge fuzz do the the perf hooks] Signed-off-by: Paul Moore --- security/selinux/hooks.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 116b4d644f68..9e1c4780dc20 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6795,6 +6795,34 @@ static void selinux_bpf_prog_free(struct bpf_prog_aux *aux) } #endif +static int selinux_lockdown(enum lockdown_reason what) +{ + struct common_audit_data ad; + u32 sid = current_sid(); + int invalid_reason = (what <= LOCKDOWN_NONE) || + (what == LOCKDOWN_INTEGRITY_MAX) || + (what >= LOCKDOWN_CONFIDENTIALITY_MAX); + + if (WARN(invalid_reason, "Invalid lockdown reason")) { + audit_log(audit_context(), + GFP_ATOMIC, AUDIT_SELINUX_ERR, + "lockdown_reason=invalid"); + return -EINVAL; + } + + ad.type = LSM_AUDIT_DATA_LOCKDOWN; + ad.u.reason = what; + + if (what <= LOCKDOWN_INTEGRITY_MAX) + return avc_has_perm(&selinux_state, + sid, sid, SECCLASS_LOCKDOWN, + LOCKDOWN__INTEGRITY, &ad); + else + return avc_has_perm(&selinux_state, + sid, sid, SECCLASS_LOCKDOWN, + LOCKDOWN__CONFIDENTIALITY, &ad); +} + struct lsm_blob_sizes selinux_blob_sizes __lsm_ro_after_init = { .lbs_cred = sizeof(struct task_security_struct), .lbs_file = sizeof(struct file_security_struct), @@ -7107,6 +7135,8 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(perf_event_read, selinux_perf_event_read), LSM_HOOK_INIT(perf_event_write, selinux_perf_event_write), #endif + + LSM_HOOK_INIT(locked_down, selinux_lockdown), }; static __init int selinux_init(void) -- cgit v1.2.3 From 1a37079c236d55fb31ebbf4b59945dab8ec8764c Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Fri, 22 Nov 2019 12:22:44 -0500 Subject: selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" This reverts commit e46e01eebbbc ("selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link"). The correct fix is to instead fall back to ref-walk if audit is required irrespective of the specific audit data type. This is done in the next commit. Fixes: e46e01eebbbc ("selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link") Reported-by: Will Deacon Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/avc.c | 24 ++++++++++++++++++++++-- security/selinux/hooks.c | 5 +++-- security/selinux/include/avc.h | 5 +++++ 3 files changed, 30 insertions(+), 4 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/avc.c b/security/selinux/avc.c index ecd3829996aa..74c43ebe34bb 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -862,8 +862,9 @@ static int avc_update_node(struct selinux_avc *avc, * permissive mode that only appear when in enforcing mode. * * See the corresponding handling in slow_avc_audit(), and the - * logic in selinux_inode_permission for the MAY_NOT_BLOCK flag, - * which is transliterated into AVC_NONBLOCKING. + * logic in selinux_inode_follow_link and selinux_inode_permission + * for the VFS MAY_NOT_BLOCK flag, which is transliterated into + * AVC_NONBLOCKING for avc_has_perm_noaudit(). */ if (flags & AVC_NONBLOCKING) return 0; @@ -1205,6 +1206,25 @@ int avc_has_perm(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, return rc; } +int avc_has_perm_flags(struct selinux_state *state, + u32 ssid, u32 tsid, u16 tclass, u32 requested, + struct common_audit_data *auditdata, + int flags) +{ + struct av_decision avd; + int rc, rc2; + + rc = avc_has_perm_noaudit(state, ssid, tsid, tclass, requested, + (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0, + &avd); + + rc2 = avc_audit(state, ssid, tsid, tclass, requested, &avd, rc, + auditdata, flags); + if (rc2) + return rc2; + return rc; +} + u32 avc_policy_seqno(struct selinux_state *state) { return state->avc->avc_cache.latest_notif; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 9e1c4780dc20..ed64cb4cd4c5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3004,8 +3004,9 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct inode *inode, if (IS_ERR(isec)) return PTR_ERR(isec); - return avc_has_perm(&selinux_state, - sid, isec->sid, isec->sclass, FILE__READ, &ad); + return avc_has_perm_flags(&selinux_state, + sid, isec->sid, isec->sclass, FILE__READ, &ad, + rcu ? MAY_NOT_BLOCK : 0); } static noinline int audit_inode_permission(struct inode *inode, diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 7be0e1e90e8b..74ea50977c20 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -153,6 +153,11 @@ int avc_has_perm(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, u32 requested, struct common_audit_data *auditdata); +int avc_has_perm_flags(struct selinux_state *state, + u32 ssid, u32 tsid, + u16 tclass, u32 requested, + struct common_audit_data *auditdata, + int flags); int avc_has_extended_perms(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, u32 requested, -- cgit v1.2.3 From 0188d5c025ca8fe756ba3193bd7d150139af5a88 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Fri, 22 Nov 2019 12:22:45 -0500 Subject: selinux: fall back to ref-walk if audit is required commit bda0be7ad994 ("security: make inode_follow_link RCU-walk aware") passed down the rcu flag to the SELinux AVC, but failed to adjust the test in slow_avc_audit() to also return -ECHILD on LSM_AUDIT_DATA_DENTRY. Previously, we only returned -ECHILD if generating an audit record with LSM_AUDIT_DATA_INODE since this was only relevant from inode_permission. Move the handling of MAY_NOT_BLOCK to avc_audit() and its inlined equivalent in selinux_inode_permission() immediately after we determine that audit is required, and always fall back to ref-walk in this case. Fixes: bda0be7ad994 ("security: make inode_follow_link RCU-walk aware") Reported-by: Will Deacon Suggested-by: Al Viro Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/avc.c | 24 +++++------------------- security/selinux/hooks.c | 11 +++++++---- security/selinux/include/avc.h | 8 +++++--- 3 files changed, 17 insertions(+), 26 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 74c43ebe34bb..23dc888ae305 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -424,7 +424,7 @@ static inline int avc_xperms_audit(struct selinux_state *state, if (likely(!audited)) return 0; return slow_avc_audit(state, ssid, tsid, tclass, requested, - audited, denied, result, ad, 0); + audited, denied, result, ad); } static void avc_node_free(struct rcu_head *rhead) @@ -758,8 +758,7 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a) noinline int slow_avc_audit(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, u32 requested, u32 audited, u32 denied, int result, - struct common_audit_data *a, - unsigned int flags) + struct common_audit_data *a) { struct common_audit_data stack_data; struct selinux_audit_data sad; @@ -772,17 +771,6 @@ noinline int slow_avc_audit(struct selinux_state *state, a->type = LSM_AUDIT_DATA_NONE; } - /* - * When in a RCU walk do the audit on the RCU retry. This is because - * the collection of the dname in an inode audit message is not RCU - * safe. Note this may drop some audits when the situation changes - * during retry. However this is logically just as if the operation - * happened a little later. - */ - if ((a->type == LSM_AUDIT_DATA_INODE) && - (flags & MAY_NOT_BLOCK)) - return -ECHILD; - sad.tclass = tclass; sad.requested = requested; sad.ssid = ssid; @@ -855,16 +843,14 @@ static int avc_update_node(struct selinux_avc *avc, /* * If we are in a non-blocking code path, e.g. VFS RCU walk, * then we must not add permissions to a cache entry - * because we cannot safely audit the denial. Otherwise, + * because we will not audit the denial. Otherwise, * during the subsequent blocking retry (e.g. VFS ref walk), we * will find the permissions already granted in the cache entry * and won't audit anything at all, leading to silent denials in * permissive mode that only appear when in enforcing mode. * - * See the corresponding handling in slow_avc_audit(), and the - * logic in selinux_inode_follow_link and selinux_inode_permission - * for the VFS MAY_NOT_BLOCK flag, which is transliterated into - * AVC_NONBLOCKING for avc_has_perm_noaudit(). + * See the corresponding handling of MAY_NOT_BLOCK in avc_audit() + * and selinux_inode_permission(). */ if (flags & AVC_NONBLOCKING) return 0; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ed64cb4cd4c5..328d455ec293 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3011,8 +3011,7 @@ static int selinux_inode_follow_link(struct dentry *dentry, struct inode *inode, static noinline int audit_inode_permission(struct inode *inode, u32 perms, u32 audited, u32 denied, - int result, - unsigned flags) + int result) { struct common_audit_data ad; struct inode_security_struct *isec = selinux_inode(inode); @@ -3023,7 +3022,7 @@ static noinline int audit_inode_permission(struct inode *inode, rc = slow_avc_audit(&selinux_state, current_sid(), isec->sid, isec->sclass, perms, - audited, denied, result, &ad, flags); + audited, denied, result, &ad); if (rc) return rc; return 0; @@ -3070,7 +3069,11 @@ static int selinux_inode_permission(struct inode *inode, int mask) if (likely(!audited)) return rc; - rc2 = audit_inode_permission(inode, perms, audited, denied, rc, flags); + /* fall back to ref-walk if we have to generate audit */ + if (flags & MAY_NOT_BLOCK) + return -ECHILD; + + rc2 = audit_inode_permission(inode, perms, audited, denied, rc); if (rc2) return rc2; return rc; diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h index 74ea50977c20..cf4cc3ef959b 100644 --- a/security/selinux/include/avc.h +++ b/security/selinux/include/avc.h @@ -100,8 +100,7 @@ static inline u32 avc_audit_required(u32 requested, int slow_avc_audit(struct selinux_state *state, u32 ssid, u32 tsid, u16 tclass, u32 requested, u32 audited, u32 denied, int result, - struct common_audit_data *a, - unsigned flags); + struct common_audit_data *a); /** * avc_audit - Audit the granting or denial of permissions. @@ -135,9 +134,12 @@ static inline int avc_audit(struct selinux_state *state, audited = avc_audit_required(requested, avd, result, 0, &denied); if (likely(!audited)) return 0; + /* fall back to ref-walk if we have to generate audit */ + if (flags & MAY_NOT_BLOCK) + return -ECHILD; return slow_avc_audit(state, ssid, tsid, tclass, requested, audited, denied, result, - a, flags); + a); } #define AVC_STRICT 1 /* Ignore permissive mode. */ -- cgit v1.2.3 From 5298d0b9b98089f5af406f7e05a41a53f9a15c11 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Fri, 22 Nov 2019 16:16:56 -0500 Subject: selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests Through a somewhat convoluted series of changes, we have ended up with multiple unnecessary occurrences of (flags & MAY_NOT_BLOCK) tests in selinux_inode_permission(). Clean it up and simplify. No functional change. Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 328d455ec293..47626342b6e5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3033,7 +3033,7 @@ static int selinux_inode_permission(struct inode *inode, int mask) const struct cred *cred = current_cred(); u32 perms; bool from_access; - unsigned flags = mask & MAY_NOT_BLOCK; + bool no_block = mask & MAY_NOT_BLOCK; struct inode_security_struct *isec; u32 sid; struct av_decision avd; @@ -3055,13 +3055,13 @@ static int selinux_inode_permission(struct inode *inode, int mask) perms = file_mask_to_av(inode->i_mode, mask); sid = cred_sid(cred); - isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK); + isec = inode_security_rcu(inode, no_block); if (IS_ERR(isec)) return PTR_ERR(isec); rc = avc_has_perm_noaudit(&selinux_state, sid, isec->sid, isec->sclass, perms, - (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0, + no_block ? AVC_NONBLOCKING : 0, &avd); audited = avc_audit_required(perms, &avd, rc, from_access ? FILE__AUDIT_ACCESS : 0, @@ -3070,7 +3070,7 @@ static int selinux_inode_permission(struct inode *inode, int mask) return rc; /* fall back to ref-walk if we have to generate audit */ - if (flags & MAY_NOT_BLOCK) + if (no_block) return -ECHILD; rc2 = audit_inode_permission(inode, perms, audited, denied, rc); -- cgit v1.2.3 From 210a292874517782bed2e2220c7beb1608d3b05d Mon Sep 17 00:00:00 2001 From: Yang Guo Date: Thu, 12 Dec 2019 10:02:24 +0800 Subject: selinux: remove unnecessary selinux cred request task_security_struct was obtained at the beginning of may_create and selinux_inode_init_security, no need to obtain again. may_create will be called very frequently when create dir and file. Cc: Paul Moore Cc: Stephen Smalley Cc: Eric Paris Signed-off-by: Yang Guo Signed-off-by: Shaokun Zhang Signed-off-by: Paul Moore --- security/selinux/hooks.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 47626342b6e5..40ec866e48da 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1833,8 +1833,8 @@ static int may_create(struct inode *dir, if (rc) return rc; - rc = selinux_determine_inode_label(selinux_cred(current_cred()), dir, - &dentry->d_name, tclass, &newsid); + rc = selinux_determine_inode_label(tsec, dir, &dentry->d_name, tclass, + &newsid); if (rc) return rc; @@ -2906,8 +2906,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, newsid = tsec->create_sid; - rc = selinux_determine_inode_label(selinux_cred(current_cred()), - dir, qstr, + rc = selinux_determine_inode_label(tsec, dir, qstr, inode_mode_to_security_class(inode->i_mode), &newsid); if (rc) -- cgit v1.2.3 From 6c5a682e6497cb1f7a67303ce098462a36bed362 Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Tue, 17 Dec 2019 09:15:10 -0500 Subject: selinux: clean up selinux_enabled/disabled/enforcing_boot Rename selinux_enabled to selinux_enabled_boot to make it clear that it only reflects whether SELinux was enabled at boot. Replace the references to it in the MAC_STATUS audit log in sel_write_enforce() with hardcoded "1" values because this code is only reachable if SELinux is enabled and does not change its value, and update the corresponding MAC_STATUS audit log in sel_write_disable(). Stop clearing selinux_enabled in selinux_disable() since it is not used outside of initialization code that runs before selinux_disable() can be reached. Mark both selinux_enabled_boot and selinux_enforcing_boot as __initdata since they are only used in initialization code. Wrap the disabled field in the struct selinux_state with CONFIG_SECURITY_SELINUX_DISABLE since it is only used for runtime disable. Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 12 +++++------- security/selinux/ibpkey.c | 2 +- security/selinux/include/security.h | 4 +++- security/selinux/netif.c | 2 +- security/selinux/netnode.c | 2 +- security/selinux/netport.c | 2 +- security/selinux/selinuxfs.c | 11 +++++------ 7 files changed, 17 insertions(+), 18 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 40ec866e48da..659c4a81e897 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -109,7 +109,7 @@ struct selinux_state selinux_state; static atomic_t selinux_secmark_refcount = ATOMIC_INIT(0); #ifdef CONFIG_SECURITY_SELINUX_DEVELOP -static int selinux_enforcing_boot; +static int selinux_enforcing_boot __initdata; static int __init enforcing_setup(char *str) { @@ -123,13 +123,13 @@ __setup("enforcing=", enforcing_setup); #define selinux_enforcing_boot 1 #endif -int selinux_enabled __lsm_ro_after_init = 1; +int selinux_enabled_boot __initdata = 1; #ifdef CONFIG_SECURITY_SELINUX_BOOTPARAM static int __init selinux_enabled_setup(char *str) { unsigned long enabled; if (!kstrtoul(str, 0, &enabled)) - selinux_enabled = enabled ? 1 : 0; + selinux_enabled_boot = enabled ? 1 : 0; return 1; } __setup("selinux=", selinux_enabled_setup); @@ -7202,7 +7202,7 @@ void selinux_complete_init(void) DEFINE_LSM(selinux) = { .name = "selinux", .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, - .enabled = &selinux_enabled, + .enabled = &selinux_enabled_boot, .blobs = &selinux_blob_sizes, .init = selinux_init, }; @@ -7271,7 +7271,7 @@ static int __init selinux_nf_ip_init(void) { int err; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; pr_debug("SELinux: Registering netfilter hooks\n"); @@ -7318,8 +7318,6 @@ int selinux_disable(struct selinux_state *state) pr_info("SELinux: Disabled at runtime.\n"); - selinux_enabled = 0; - security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks)); /* Try to destroy the avc node cache */ diff --git a/security/selinux/ibpkey.c b/security/selinux/ibpkey.c index de92365e4324..f68a7617cfb9 100644 --- a/security/selinux/ibpkey.c +++ b/security/selinux/ibpkey.c @@ -222,7 +222,7 @@ static __init int sel_ib_pkey_init(void) { int iter; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; for (iter = 0; iter < SEL_PKEY_HASH_SIZE; iter++) { diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 8c0dbbd076c6..af623f03922c 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -69,7 +69,7 @@ struct netlbl_lsm_secattr; -extern int selinux_enabled; +extern int selinux_enabled_boot; /* Policy capabilities */ enum { @@ -99,7 +99,9 @@ struct selinux_avc; struct selinux_ss; struct selinux_state { +#ifdef CONFIG_SECURITY_SELINUX_DISABLE bool disabled; +#endif #ifdef CONFIG_SECURITY_SELINUX_DEVELOP bool enforcing; #endif diff --git a/security/selinux/netif.c b/security/selinux/netif.c index e40fecd73752..15b8c1bcd7d0 100644 --- a/security/selinux/netif.c +++ b/security/selinux/netif.c @@ -266,7 +266,7 @@ static __init int sel_netif_init(void) { int i; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; for (i = 0; i < SEL_NETIF_HASH_SIZE; i++) diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c index 9ab84efa46c7..dff587d1e164 100644 --- a/security/selinux/netnode.c +++ b/security/selinux/netnode.c @@ -291,7 +291,7 @@ static __init int sel_netnode_init(void) { int iter; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; for (iter = 0; iter < SEL_NETNODE_HASH_SIZE; iter++) { diff --git a/security/selinux/netport.c b/security/selinux/netport.c index 3f8b2c0458c8..de727f7489b7 100644 --- a/security/selinux/netport.c +++ b/security/selinux/netport.c @@ -225,7 +225,7 @@ static __init int sel_netport_init(void) { int iter; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; for (iter = 0; iter < SEL_NETPORT_HASH_SIZE; iter++) { diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index dd7bb1f1dc99..278417e67b4c 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -168,11 +168,10 @@ static ssize_t sel_write_enforce(struct file *file, const char __user *buf, goto out; audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS, "enforcing=%d old_enforcing=%d auid=%u ses=%u" - " enabled=%d old-enabled=%d lsm=selinux res=1", + " enabled=1 old-enabled=1 lsm=selinux res=1", new_value, old_value, from_kuid(&init_user_ns, audit_get_loginuid(current)), - audit_get_sessionid(current), - selinux_enabled, selinux_enabled); + audit_get_sessionid(current)); enforcing_set(state, new_value); if (new_value) avc_ss_reset(state->avc, 0); @@ -304,10 +303,10 @@ static ssize_t sel_write_disable(struct file *file, const char __user *buf, goto out; audit_log(audit_context(), GFP_KERNEL, AUDIT_MAC_STATUS, "enforcing=%d old_enforcing=%d auid=%u ses=%u" - " enabled=%d old-enabled=%d lsm=selinux res=1", + " enabled=0 old-enabled=1 lsm=selinux res=1", enforcing, enforcing, from_kuid(&init_user_ns, audit_get_loginuid(current)), - audit_get_sessionid(current), 0, 1); + audit_get_sessionid(current)); } length = count; @@ -2105,7 +2104,7 @@ static int __init init_sel_fs(void) sizeof(NULL_FILE_NAME)-1); int err; - if (!selinux_enabled) + if (!selinux_enabled_boot) return 0; err = sysfs_create_mount_point(fs_kobj, "selinux"); -- cgit v1.2.3 From 7a4b51947475a7f67e2bd06c4a4c768e2e64a975 Mon Sep 17 00:00:00 2001 From: Hridya Valsaraju Date: Mon, 6 Jan 2020 10:13:29 -0800 Subject: selinux: allow per-file labelling for binderfs This patch allows genfscon per-file labeling for binderfs. This is required to have separate permissions to allow access to binder, hwbinder and vndbinder devices which are relocating to binderfs. Acked-by: Jeff Vander Stoep Acked-by: Mark Salyzyn Signed-off-by: Hridya Valsaraju Acked-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 1 + 1 file changed, 1 insertion(+) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 659c4a81e897..63a6e36abe9f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -752,6 +752,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, if (!strcmp(sb->s_type->name, "debugfs") || !strcmp(sb->s_type->name, "tracefs") || + !strcmp(sb->s_type->name, "binderfs") || !strcmp(sb->s_type->name, "pstore")) sbsec->flags |= SE_SBGENFS; -- cgit v1.2.3 From b82f3f6894ec68dfada736bdf87997b1e0d3b53f Mon Sep 17 00:00:00 2001 From: Huaisheng Ye Date: Fri, 10 Jan 2020 17:58:56 +0800 Subject: selinux: remove redundant msg_msg_alloc_security selinux_msg_msg_alloc_security only calls msg_msg_alloc_security but do nothing else. And also msg_msg_alloc_security is just used by the former. Remove the redundant function to simplify the code. Signed-off-by: Huaisheng Ye Acked-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 63a6e36abe9f..81f570cffee5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5894,16 +5894,6 @@ static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) isec->sid = current_sid(); } -static int msg_msg_alloc_security(struct msg_msg *msg) -{ - struct msg_security_struct *msec; - - msec = selinux_msg_msg(msg); - msec->sid = SECINITSID_UNLABELED; - - return 0; -} - static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, u32 perms) { @@ -5922,7 +5912,12 @@ static int ipc_has_perm(struct kern_ipc_perm *ipc_perms, static int selinux_msg_msg_alloc_security(struct msg_msg *msg) { - return msg_msg_alloc_security(msg); + struct msg_security_struct *msec; + + msec = selinux_msg_msg(msg); + msec->sid = SECINITSID_UNLABELED; + + return 0; } /* message queue security operations */ -- cgit v1.2.3 From b78b7d59bdbe6028ab362c2551dc684872f2052a Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Wed, 8 Jan 2020 12:23:56 -0500 Subject: selinux: make default_noexec read-only after init SELinux checks whether VM_EXEC is set in the VM_DATA_DEFAULT_FLAGS during initialization and saves the result in default_noexec for use in its mmap and mprotect hook function implementations to decide whether to apply EXECMEM, EXECHEAP, EXECSTACK, and EXECMOD checks. Mark default_noexec as ro_after_init to prevent later clearing it and thereby disabling these checks. It is only set legitimately from init code. Signed-off-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 81f570cffee5..921283f47862 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3647,7 +3647,7 @@ static int selinux_file_ioctl(struct file *file, unsigned int cmd, return error; } -static int default_noexec; +static int default_noexec __ro_after_init; static int file_map_prot_check(struct file *file, unsigned long prot, int shared) { -- cgit v1.2.3 From 65cddd50980be8c9c27ad7518a0dc812eccb25d5 Mon Sep 17 00:00:00 2001 From: Ondrej Mosnacek Date: Tue, 7 Jan 2020 14:31:53 +0100 Subject: selinux: treat atomic flags more carefully The disabled/enforcing/initialized flags are all accessed concurrently by threads so use the appropriate accessors that ensure atomicity and document that it is expected. Use smp_load/acquire...() helpers (with memory barriers) for the initialized flag, since it gates access to the rest of the state structures. Note that the disabled flag is currently not used for anything other than avoiding double disable, but it will be used for bailing out of hooks once security_delete_hooks() is removed. Signed-off-by: Ondrej Mosnacek Acked-by: Stephen Smalley Reviewed-by: Kees Cook Reviewed-by: James Morris Signed-off-by: Paul Moore --- security/selinux/hooks.c | 21 ++++++++++---------- security/selinux/include/security.h | 33 ++++++++++++++++++++++++++++++-- security/selinux/ss/services.c | 38 ++++++++++++++++++------------------- 3 files changed, 61 insertions(+), 31 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 921283f47862..a81631f8cc5d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -272,7 +272,7 @@ static int __inode_security_revalidate(struct inode *inode, might_sleep_if(may_sleep); - if (selinux_state.initialized && + if (selinux_initialized(&selinux_state) && isec->initialized != LABEL_INITIALIZED) { if (!may_sleep) return -ECHILD; @@ -659,7 +659,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, mutex_lock(&sbsec->lock); - if (!selinux_state.initialized) { + if (!selinux_initialized(&selinux_state)) { if (!opts) { /* Defer initialization until selinux_complete_init, after the initial policy is loaded and the security @@ -929,7 +929,7 @@ static int selinux_sb_clone_mnt_opts(const struct super_block *oldsb, * if the parent was able to be mounted it clearly had no special lsm * mount options. thus we can safely deal with this superblock later */ - if (!selinux_state.initialized) + if (!selinux_initialized(&selinux_state)) return 0; /* @@ -1104,7 +1104,7 @@ static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb) if (!(sbsec->flags & SE_SBINITIALIZED)) return 0; - if (!selinux_state.initialized) + if (!selinux_initialized(&selinux_state)) return 0; if (sbsec->flags & FSCONTEXT_MNT) { @@ -2921,7 +2921,8 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, isec->initialized = LABEL_INITIALIZED; } - if (!selinux_state.initialized || !(sbsec->flags & SBLABEL_MNT)) + if (!selinux_initialized(&selinux_state) || + !(sbsec->flags & SBLABEL_MNT)) return -EOPNOTSUPP; if (name) @@ -3144,7 +3145,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); } - if (!selinux_state.initialized) + if (!selinux_initialized(&selinux_state)) return (inode_owner_or_capable(inode) ? 0 : -EPERM); sbsec = inode->i_sb->s_security; @@ -3230,7 +3231,7 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name, return; } - if (!selinux_state.initialized) { + if (!selinux_initialized(&selinux_state)) { /* If we haven't even been initialized, then we can't validate * against a policy, so leave the label as invalid. It may * resolve to a valid label on the next revalidation try if @@ -7300,17 +7301,17 @@ static void selinux_nf_ip_exit(void) #ifdef CONFIG_SECURITY_SELINUX_DISABLE int selinux_disable(struct selinux_state *state) { - if (state->initialized) { + if (selinux_initialized(state)) { /* Not permitted after initial policy load. */ return -EINVAL; } - if (state->disabled) { + if (selinux_disabled(state)) { /* Only do this once. */ return -EINVAL; } - state->disabled = 1; + selinux_mark_disabled(state); pr_info("SELinux: Disabled at runtime.\n"); diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index ecdd610e6449..a39f9565d80b 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -117,15 +117,27 @@ void selinux_avc_init(struct selinux_avc **avc); extern struct selinux_state selinux_state; +static inline bool selinux_initialized(const struct selinux_state *state) +{ + /* do a synchronized load to avoid race conditions */ + return smp_load_acquire(&state->initialized); +} + +static inline void selinux_mark_initialized(struct selinux_state *state) +{ + /* do a synchronized write to avoid race conditions */ + smp_store_release(&state->initialized, true); +} + #ifdef CONFIG_SECURITY_SELINUX_DEVELOP static inline bool enforcing_enabled(struct selinux_state *state) { - return state->enforcing; + return READ_ONCE(state->enforcing); } static inline void enforcing_set(struct selinux_state *state, bool value) { - state->enforcing = value; + WRITE_ONCE(state->enforcing, value); } #else static inline bool enforcing_enabled(struct selinux_state *state) @@ -138,6 +150,23 @@ static inline void enforcing_set(struct selinux_state *state, bool value) } #endif +#ifdef CONFIG_SECURITY_SELINUX_DISABLE +static inline bool selinux_disabled(struct selinux_state *state) +{ + return READ_ONCE(state->disabled); +} + +static inline void selinux_mark_disabled(struct selinux_state *state) +{ + WRITE_ONCE(state->disabled, true); +} +#else +static inline bool selinux_disabled(struct selinux_state *state) +{ + return false; +} +#endif + static inline bool selinux_policycap_netpeer(void) { struct selinux_state *state = &selinux_state; diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 55cf42945cba..0e8b94e8e156 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -767,7 +767,7 @@ static int security_compute_validatetrans(struct selinux_state *state, int rc = 0; - if (!state->initialized) + if (!selinux_initialized(state)) return 0; read_lock(&state->ss->policy_rwlock); @@ -868,7 +868,7 @@ int security_bounded_transition(struct selinux_state *state, int index; int rc; - if (!state->initialized) + if (!selinux_initialized(state)) return 0; read_lock(&state->ss->policy_rwlock); @@ -1027,7 +1027,7 @@ void security_compute_xperms_decision(struct selinux_state *state, memset(xpermd->dontaudit->p, 0, sizeof(xpermd->dontaudit->p)); read_lock(&state->ss->policy_rwlock); - if (!state->initialized) + if (!selinux_initialized(state)) goto allow; policydb = &state->ss->policydb; @@ -1112,7 +1112,7 @@ void security_compute_av(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); avd_init(state, avd); xperms->len = 0; - if (!state->initialized) + if (!selinux_initialized(state)) goto allow; policydb = &state->ss->policydb; @@ -1166,7 +1166,7 @@ void security_compute_av_user(struct selinux_state *state, read_lock(&state->ss->policy_rwlock); avd_init(state, avd); - if (!state->initialized) + if (!selinux_initialized(state)) goto allow; policydb = &state->ss->policydb; @@ -1286,7 +1286,7 @@ int security_sidtab_hash_stats(struct selinux_state *state, char *page) { int rc; - if (!state->initialized) { + if (!selinux_initialized(state)) { pr_err("SELinux: %s: called before initial load_policy\n", __func__); return -EINVAL; @@ -1320,7 +1320,7 @@ static int security_sid_to_context_core(struct selinux_state *state, *scontext = NULL; *scontext_len = 0; - if (!state->initialized) { + if (!selinux_initialized(state)) { if (sid <= SECINITSID_NUM) { char *scontextp; @@ -1549,7 +1549,7 @@ static int security_context_to_sid_core(struct selinux_state *state, if (!scontext2) return -ENOMEM; - if (!state->initialized) { + if (!selinux_initialized(state)) { int i; for (i = 1; i < SECINITSID_NUM; i++) { @@ -1736,7 +1736,7 @@ static int security_compute_sid(struct selinux_state *state, int rc = 0; bool sock; - if (!state->initialized) { + if (!selinux_initialized(state)) { switch (orig_tclass) { case SECCLASS_PROCESS: /* kernel value */ *out_sid = ssid; @@ -2198,7 +2198,7 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) goto out; } - if (!state->initialized) { + if (!selinux_initialized(state)) { rc = policydb_read(policydb, fp); if (rc) { kfree(newsidtab); @@ -2223,7 +2223,7 @@ int security_load_policy(struct selinux_state *state, void *data, size_t len) state->ss->sidtab = newsidtab; security_load_policycaps(state); - state->initialized = 1; + selinux_mark_initialized(state); seqno = ++state->ss->latest_granting; selinux_complete_init(); avc_ss_reset(state->avc, seqno); @@ -2639,7 +2639,7 @@ int security_get_user_sids(struct selinux_state *state, *sids = NULL; *nel = 0; - if (!state->initialized) + if (!selinux_initialized(state)) goto out; read_lock(&state->ss->policy_rwlock); @@ -2875,7 +2875,7 @@ int security_get_bools(struct selinux_state *state, struct policydb *policydb; int i, rc; - if (!state->initialized) { + if (!selinux_initialized(state)) { *len = 0; *names = NULL; *values = NULL; @@ -3050,7 +3050,7 @@ int security_sid_mls_copy(struct selinux_state *state, int rc; rc = 0; - if (!state->initialized || !policydb->mls_enabled) { + if (!selinux_initialized(state) || !policydb->mls_enabled) { *new_sid = sid; goto out; } @@ -3217,7 +3217,7 @@ int security_get_classes(struct selinux_state *state, struct policydb *policydb = &state->ss->policydb; int rc; - if (!state->initialized) { + if (!selinux_initialized(state)) { *nclasses = 0; *classes = NULL; return 0; @@ -3366,7 +3366,7 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule) *rule = NULL; - if (!state->initialized) + if (!selinux_initialized(state)) return -EOPNOTSUPP; switch (field) { @@ -3665,7 +3665,7 @@ int security_netlbl_secattr_to_sid(struct selinux_state *state, struct context *ctx; struct context ctx_new; - if (!state->initialized) { + if (!selinux_initialized(state)) { *sid = SECSID_NULL; return 0; } @@ -3732,7 +3732,7 @@ int security_netlbl_sid_to_secattr(struct selinux_state *state, int rc; struct context *ctx; - if (!state->initialized) + if (!selinux_initialized(state)) return 0; read_lock(&state->ss->policy_rwlock); @@ -3771,7 +3771,7 @@ int security_read_policy(struct selinux_state *state, int rc; struct policy_file fp; - if (!state->initialized) + if (!selinux_initialized(state)) return -EINVAL; *len = security_policydb_len(state); -- cgit v1.2.3 From cfff75d8973ae4a90b3df3ae7fbba1ce9af9c8f0 Mon Sep 17 00:00:00 2001 From: Ondrej Mosnacek Date: Wed, 8 Jan 2020 15:09:58 +0100 Subject: selinux: reorder hooks to make runtime disable less broken Commit b1d9e6b0646d ("LSM: Switch to lists of hooks") switched the LSM infrastructure to use per-hook lists, which meant that removing the hooks for a given module was no longer atomic. Even though the commit clearly documents that modules implementing runtime revmoval of hooks (only SELinux attempts this madness) need to take special precautions to avoid race conditions, SELinux has never addressed this. By inserting an artificial delay between the loop iterations of security_delete_hooks() (I used 100 ms), booting to a state where SELinux is enabled, but policy is not yet loaded, and running these commands: while true; do ping -c 1 ; done & echo -n 1 >/sys/fs/selinux/disable kill %1 wait ...I was able to trigger NULL pointer dereferences in various places. I also have a report of someone getting panics on a stock RHEL-8 kernel after setting SELINUX=disabled in /etc/selinux/config and rebooting (without adding "selinux=0" to kernel command-line). Reordering the SELinux hooks such that those that allocate structures are removed last seems to prevent these panics. It is very much possible that this doesn't make the runtime disable completely race-free, but at least it makes the operation much less fragile. Cc: stable@vger.kernel.org Fixes: b1d9e6b0646d ("LSM: Switch to lists of hooks") Signed-off-by: Ondrej Mosnacek Reviewed-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 101 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 70 insertions(+), 31 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a81631f8cc5d..2c84b12d50bc 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6892,6 +6892,21 @@ static int selinux_perf_event_write(struct perf_event *event) } #endif +/* + * IMPORTANT NOTE: When adding new hooks, please be careful to keep this order: + * 1. any hooks that don't belong to (2.) or (3.) below, + * 2. hooks that both access structures allocated by other hooks, and allocate + * structures that can be later accessed by other hooks (mostly "cloning" + * hooks), + * 3. hooks that only allocate structures that can be later accessed by other + * hooks ("allocating" hooks). + * + * Please follow block comment delimiters in the list to keep this order. + * + * This ordering is needed for SELinux runtime disable to work at least somewhat + * safely. Breaking the ordering rules above might lead to NULL pointer derefs + * when disabling SELinux at runtime. + */ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(binder_set_context_mgr, selinux_binder_set_context_mgr), LSM_HOOK_INIT(binder_transaction, selinux_binder_transaction), @@ -6914,12 +6929,7 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(bprm_committing_creds, selinux_bprm_committing_creds), LSM_HOOK_INIT(bprm_committed_creds, selinux_bprm_committed_creds), - LSM_HOOK_INIT(fs_context_dup, selinux_fs_context_dup), - LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param), - - LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), LSM_HOOK_INIT(sb_free_security, selinux_sb_free_security), - LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts), LSM_HOOK_INIT(sb_free_mnt_opts, selinux_free_mnt_opts), LSM_HOOK_INIT(sb_remount, selinux_sb_remount), LSM_HOOK_INIT(sb_kern_mount, selinux_sb_kern_mount), @@ -6929,12 +6939,10 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_umount, selinux_umount), LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), - LSM_HOOK_INIT(sb_add_mnt_opt, selinux_add_mnt_opt), LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as), - LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), LSM_HOOK_INIT(inode_free_security, selinux_inode_free_security), LSM_HOOK_INIT(inode_init_security, selinux_inode_init_security), LSM_HOOK_INIT(inode_create, selinux_inode_create), @@ -7006,21 +7014,15 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), - LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), - - LSM_HOOK_INIT(msg_queue_alloc_security, - selinux_msg_queue_alloc_security), LSM_HOOK_INIT(msg_queue_associate, selinux_msg_queue_associate), LSM_HOOK_INIT(msg_queue_msgctl, selinux_msg_queue_msgctl), LSM_HOOK_INIT(msg_queue_msgsnd, selinux_msg_queue_msgsnd), LSM_HOOK_INIT(msg_queue_msgrcv, selinux_msg_queue_msgrcv), - LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), LSM_HOOK_INIT(shm_associate, selinux_shm_associate), LSM_HOOK_INIT(shm_shmctl, selinux_shm_shmctl), LSM_HOOK_INIT(shm_shmat, selinux_shm_shmat), - LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), LSM_HOOK_INIT(sem_associate, selinux_sem_associate), LSM_HOOK_INIT(sem_semctl, selinux_sem_semctl), LSM_HOOK_INIT(sem_semop, selinux_sem_semop), @@ -7031,13 +7033,11 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(setprocattr, selinux_setprocattr), LSM_HOOK_INIT(ismaclabel, selinux_ismaclabel), - LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), LSM_HOOK_INIT(secctx_to_secid, selinux_secctx_to_secid), LSM_HOOK_INIT(release_secctx, selinux_release_secctx), LSM_HOOK_INIT(inode_invalidate_secctx, selinux_inode_invalidate_secctx), LSM_HOOK_INIT(inode_notifysecctx, selinux_inode_notifysecctx), LSM_HOOK_INIT(inode_setsecctx, selinux_inode_setsecctx), - LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), LSM_HOOK_INIT(unix_stream_connect, selinux_socket_unix_stream_connect), LSM_HOOK_INIT(unix_may_send, selinux_socket_unix_may_send), @@ -7060,7 +7060,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(socket_getpeersec_stream, selinux_socket_getpeersec_stream), LSM_HOOK_INIT(socket_getpeersec_dgram, selinux_socket_getpeersec_dgram), - LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), LSM_HOOK_INIT(sk_free_security, selinux_sk_free_security), LSM_HOOK_INIT(sk_clone_security, selinux_sk_clone_security), LSM_HOOK_INIT(sk_getsecid, selinux_sk_getsecid), @@ -7075,7 +7074,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(secmark_refcount_inc, selinux_secmark_refcount_inc), LSM_HOOK_INIT(secmark_refcount_dec, selinux_secmark_refcount_dec), LSM_HOOK_INIT(req_classify_flow, selinux_req_classify_flow), - LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), LSM_HOOK_INIT(tun_dev_free_security, selinux_tun_dev_free_security), LSM_HOOK_INIT(tun_dev_create, selinux_tun_dev_create), LSM_HOOK_INIT(tun_dev_attach_queue, selinux_tun_dev_attach_queue), @@ -7085,17 +7083,11 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(ib_pkey_access, selinux_ib_pkey_access), LSM_HOOK_INIT(ib_endport_manage_subnet, selinux_ib_endport_manage_subnet), - LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), LSM_HOOK_INIT(ib_free_security, selinux_ib_free_security), #endif #ifdef CONFIG_SECURITY_NETWORK_XFRM - LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), - LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), LSM_HOOK_INIT(xfrm_policy_free_security, selinux_xfrm_policy_free), LSM_HOOK_INIT(xfrm_policy_delete_security, selinux_xfrm_policy_delete), - LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), - LSM_HOOK_INIT(xfrm_state_alloc_acquire, - selinux_xfrm_state_alloc_acquire), LSM_HOOK_INIT(xfrm_state_free_security, selinux_xfrm_state_free), LSM_HOOK_INIT(xfrm_state_delete_security, selinux_xfrm_state_delete), LSM_HOOK_INIT(xfrm_policy_lookup, selinux_xfrm_policy_lookup), @@ -7105,14 +7097,12 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { #endif #ifdef CONFIG_KEYS - LSM_HOOK_INIT(key_alloc, selinux_key_alloc), LSM_HOOK_INIT(key_free, selinux_key_free), LSM_HOOK_INIT(key_permission, selinux_key_permission), LSM_HOOK_INIT(key_getsecurity, selinux_key_getsecurity), #endif #ifdef CONFIG_AUDIT - LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), LSM_HOOK_INIT(audit_rule_known, selinux_audit_rule_known), LSM_HOOK_INIT(audit_rule_match, selinux_audit_rule_match), LSM_HOOK_INIT(audit_rule_free, selinux_audit_rule_free), @@ -7122,21 +7112,66 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(bpf, selinux_bpf), LSM_HOOK_INIT(bpf_map, selinux_bpf_map), LSM_HOOK_INIT(bpf_prog, selinux_bpf_prog), - LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), - LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free), LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free), #endif #ifdef CONFIG_PERF_EVENTS LSM_HOOK_INIT(perf_event_open, selinux_perf_event_open), - LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc), LSM_HOOK_INIT(perf_event_free, selinux_perf_event_free), LSM_HOOK_INIT(perf_event_read, selinux_perf_event_read), LSM_HOOK_INIT(perf_event_write, selinux_perf_event_write), #endif LSM_HOOK_INIT(locked_down, selinux_lockdown), + + /* + * PUT "CLONING" (ACCESSING + ALLOCATING) HOOKS HERE + */ + LSM_HOOK_INIT(fs_context_dup, selinux_fs_context_dup), + LSM_HOOK_INIT(fs_context_parse_param, selinux_fs_context_parse_param), + LSM_HOOK_INIT(sb_eat_lsm_opts, selinux_sb_eat_lsm_opts), + LSM_HOOK_INIT(sb_add_mnt_opt, selinux_add_mnt_opt), +#ifdef CONFIG_SECURITY_NETWORK_XFRM + LSM_HOOK_INIT(xfrm_policy_clone_security, selinux_xfrm_policy_clone), +#endif + + /* + * PUT "ALLOCATING" HOOKS HERE + */ + LSM_HOOK_INIT(msg_msg_alloc_security, selinux_msg_msg_alloc_security), + LSM_HOOK_INIT(msg_queue_alloc_security, + selinux_msg_queue_alloc_security), + LSM_HOOK_INIT(shm_alloc_security, selinux_shm_alloc_security), + LSM_HOOK_INIT(sb_alloc_security, selinux_sb_alloc_security), + LSM_HOOK_INIT(inode_alloc_security, selinux_inode_alloc_security), + LSM_HOOK_INIT(sem_alloc_security, selinux_sem_alloc_security), + LSM_HOOK_INIT(secid_to_secctx, selinux_secid_to_secctx), + LSM_HOOK_INIT(inode_getsecctx, selinux_inode_getsecctx), + LSM_HOOK_INIT(sk_alloc_security, selinux_sk_alloc_security), + LSM_HOOK_INIT(tun_dev_alloc_security, selinux_tun_dev_alloc_security), +#ifdef CONFIG_SECURITY_INFINIBAND + LSM_HOOK_INIT(ib_alloc_security, selinux_ib_alloc_security), +#endif +#ifdef CONFIG_SECURITY_NETWORK_XFRM + LSM_HOOK_INIT(xfrm_policy_alloc_security, selinux_xfrm_policy_alloc), + LSM_HOOK_INIT(xfrm_state_alloc, selinux_xfrm_state_alloc), + LSM_HOOK_INIT(xfrm_state_alloc_acquire, + selinux_xfrm_state_alloc_acquire), +#endif +#ifdef CONFIG_KEYS + LSM_HOOK_INIT(key_alloc, selinux_key_alloc), +#endif +#ifdef CONFIG_AUDIT + LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init), +#endif +#ifdef CONFIG_BPF_SYSCALL + LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc), + LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc), +#endif +#ifdef CONFIG_PERF_EVENTS + LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc), +#endif }; static __init int selinux_init(void) @@ -7315,14 +7350,18 @@ int selinux_disable(struct selinux_state *state) pr_info("SELinux: Disabled at runtime.\n"); + /* + * Unregister netfilter hooks. + * Must be done before security_delete_hooks() to avoid breaking + * runtime disable. + */ + selinux_nf_ip_exit(); + security_delete_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks)); /* Try to destroy the avc node cache */ avc_disable(); - /* Unregister netfilter hooks. */ - selinux_nf_ip_exit(); - /* Unregister selinuxfs. */ exit_sel_fs(); -- cgit v1.2.3 From df4779b5d2732eb7550fe35249e82db1b3d4fb95 Mon Sep 17 00:00:00 2001 From: Huaisheng Ye Date: Mon, 13 Jan 2020 23:03:31 +0800 Subject: selinux: remove redundant selinux_nlmsg_perm selinux_nlmsg_perm is used for only by selinux_netlink_send. Remove the redundant function to simplify the code. Fix a typo by suggestion from Stephen. Signed-off-by: Huaisheng Ye Acked-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 73 ++++++++++++++++++++++-------------------------- 1 file changed, 34 insertions(+), 39 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2c84b12d50bc..2d5352d35b5d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5520,44 +5520,6 @@ static int selinux_tun_dev_open(void *security) return 0; } -static int selinux_nlmsg_perm(struct sock *sk, struct sk_buff *skb) -{ - int err = 0; - u32 perm; - struct nlmsghdr *nlh; - struct sk_security_struct *sksec = sk->sk_security; - - if (skb->len < NLMSG_HDRLEN) { - err = -EINVAL; - goto out; - } - nlh = nlmsg_hdr(skb); - - err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm); - if (err) { - if (err == -EINVAL) { - pr_warn_ratelimited("SELinux: unrecognized netlink" - " message: protocol=%hu nlmsg_type=%hu sclass=%s" - " pig=%d comm=%s\n", - sk->sk_protocol, nlh->nlmsg_type, - secclass_map[sksec->sclass - 1].name, - task_pid_nr(current), current->comm); - if (!enforcing_enabled(&selinux_state) || - security_get_allow_unknown(&selinux_state)) - err = 0; - } - - /* Ignore */ - if (err == -ENOENT) - err = 0; - goto out; - } - - err = sock_has_perm(sk, perm); -out: - return err; -} - #ifdef CONFIG_NETFILTER static unsigned int selinux_ip_forward(struct sk_buff *skb, @@ -5886,7 +5848,40 @@ static unsigned int selinux_ipv6_postroute(void *priv, static int selinux_netlink_send(struct sock *sk, struct sk_buff *skb) { - return selinux_nlmsg_perm(sk, skb); + int err = 0; + u32 perm; + struct nlmsghdr *nlh; + struct sk_security_struct *sksec = sk->sk_security; + + if (skb->len < NLMSG_HDRLEN) { + err = -EINVAL; + goto out; + } + nlh = nlmsg_hdr(skb); + + err = selinux_nlmsg_lookup(sksec->sclass, nlh->nlmsg_type, &perm); + if (err) { + if (err == -EINVAL) { + pr_warn_ratelimited("SELinux: unrecognized netlink" + " message: protocol=%hu nlmsg_type=%hu sclass=%s" + " pid=%d comm=%s\n", + sk->sk_protocol, nlh->nlmsg_type, + secclass_map[sksec->sclass - 1].name, + task_pid_nr(current), current->comm); + if (!enforcing_enabled(&selinux_state) || + security_get_allow_unknown(&selinux_state)) + err = 0; + } + + /* Ignore */ + if (err == -ENOENT) + err = 0; + goto out; + } + + err = sock_has_perm(sk, perm); +out: + return err; } static void ipc_init_security(struct ipc_security_struct *isec, u16 sclass) -- cgit v1.2.3 From cb89e2465896f30d4247ac9ff47d30522e39745a Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Fri, 10 Jan 2020 16:32:10 -0500 Subject: selinux: remove redundant allocation and helper functions This patch removes the inode, file, and superblock security blob allocation functions and moves the associated code into the respective LSM hooks. This patch also removes the inode_doinit() function as it was a trivial wrapper around inode_doinit_with_dentry() and called from one location in the code. Reviewed-by: Casey Schaufler Acked-by: Stephen Smalley Signed-off-by: Paul Moore --- security/selinux/hooks.c | 94 +++++++++++++++++++----------------------------- 1 file changed, 36 insertions(+), 58 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 2d5352d35b5d..61085eb3cd24 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -238,24 +238,6 @@ static inline u32 task_sid(const struct task_struct *task) return sid; } -/* Allocate and free functions for each kind of security blob. */ - -static int inode_alloc_security(struct inode *inode) -{ - struct inode_security_struct *isec = selinux_inode(inode); - u32 sid = current_sid(); - - spin_lock_init(&isec->lock); - INIT_LIST_HEAD(&isec->list); - isec->inode = inode; - isec->sid = SECINITSID_UNLABELED; - isec->sclass = SECCLASS_FILE; - isec->task_sid = sid; - isec->initialized = LABEL_INVALID; - - return 0; -} - static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry); /* @@ -354,37 +336,6 @@ static void inode_free_security(struct inode *inode) } } -static int file_alloc_security(struct file *file) -{ - struct file_security_struct *fsec = selinux_file(file); - u32 sid = current_sid(); - - fsec->sid = sid; - fsec->fown_sid = sid; - - return 0; -} - -static int superblock_alloc_security(struct super_block *sb) -{ - struct superblock_security_struct *sbsec; - - sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); - if (!sbsec) - return -ENOMEM; - - mutex_init(&sbsec->lock); - INIT_LIST_HEAD(&sbsec->isec_head); - spin_lock_init(&sbsec->isec_lock); - sbsec->sb = sb; - sbsec->sid = SECINITSID_UNLABELED; - sbsec->def_sid = SECINITSID_FILE; - sbsec->mntpoint_sid = SECINITSID_UNLABELED; - sb->s_security = sbsec; - - return 0; -} - static void superblock_free_security(struct super_block *sb) { struct superblock_security_struct *sbsec = sb->s_security; @@ -406,11 +357,6 @@ static void selinux_free_mnt_opts(void *mnt_opts) kfree(opts); } -static inline int inode_doinit(struct inode *inode) -{ - return inode_doinit_with_dentry(inode, NULL); -} - enum { Opt_error = -1, Opt_context = 0, @@ -598,7 +544,7 @@ static int sb_finish_set_opts(struct super_block *sb) inode = igrab(inode); if (inode) { if (!IS_PRIVATE(inode)) - inode_doinit(inode); + inode_doinit_with_dentry(inode, NULL); iput(inode); } spin_lock(&sbsec->isec_lock); @@ -2593,7 +2539,22 @@ static void selinux_bprm_committed_creds(struct linux_binprm *bprm) static int selinux_sb_alloc_security(struct super_block *sb) { - return superblock_alloc_security(sb); + struct superblock_security_struct *sbsec; + + sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL); + if (!sbsec) + return -ENOMEM; + + mutex_init(&sbsec->lock); + INIT_LIST_HEAD(&sbsec->isec_head); + spin_lock_init(&sbsec->isec_lock); + sbsec->sb = sb; + sbsec->sid = SECINITSID_UNLABELED; + sbsec->def_sid = SECINITSID_FILE; + sbsec->mntpoint_sid = SECINITSID_UNLABELED; + sb->s_security = sbsec; + + return 0; } static void selinux_sb_free_security(struct super_block *sb) @@ -2845,7 +2806,18 @@ static int selinux_fs_context_parse_param(struct fs_context *fc, static int selinux_inode_alloc_security(struct inode *inode) { - return inode_alloc_security(inode); + struct inode_security_struct *isec = selinux_inode(inode); + u32 sid = current_sid(); + + spin_lock_init(&isec->lock); + INIT_LIST_HEAD(&isec->list); + isec->inode = inode; + isec->sid = SECINITSID_UNLABELED; + isec->sclass = SECCLASS_FILE; + isec->task_sid = sid; + isec->initialized = LABEL_INVALID; + + return 0; } static void selinux_inode_free_security(struct inode *inode) @@ -3555,7 +3527,13 @@ static int selinux_file_permission(struct file *file, int mask) static int selinux_file_alloc_security(struct file *file) { - return file_alloc_security(file); + struct file_security_struct *fsec = selinux_file(file); + u32 sid = current_sid(); + + fsec->sid = sid; + fsec->fown_sid = sid; + + return 0; } /* -- cgit v1.2.3 From 98aa00345de54b8340dc2ddcd87f446d33387b5e Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Fri, 17 Jan 2020 15:24:07 -0500 Subject: selinux: fix regression introduced by move_mount(2) syscall commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around") introduced a new move_mount(2) system call and a corresponding new LSM security_move_mount hook but did not implement this hook for any existing LSM. This creates a regression for SELinux with respect to consistent checking of mounts; the existing selinux_mount hook checks mounton permission to the mount point path. Provide a SELinux hook implementation for move_mount that applies this same check for consistency. In the future we may wish to add a new move_mount filesystem permission and check as well, but this addresses the immediate regression. Fixes: 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around") Signed-off-by: Stephen Smalley Reviewed-by: Ondrej Mosnacek Signed-off-by: Paul Moore --- security/selinux/hooks.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 61085eb3cd24..d9e8b2131a65 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2724,6 +2724,14 @@ static int selinux_mount(const char *dev_name, return path_has_perm(cred, path, FILE__MOUNTON); } +static int selinux_move_mount(const struct path *from_path, + const struct path *to_path) +{ + const struct cred *cred = current_cred(); + + return path_has_perm(cred, to_path, FILE__MOUNTON); +} + static int selinux_umount(struct vfsmount *mnt, int flags) { const struct cred *cred = current_cred(); @@ -6913,6 +6921,8 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = { LSM_HOOK_INIT(sb_set_mnt_opts, selinux_set_mnt_opts), LSM_HOOK_INIT(sb_clone_mnt_opts, selinux_sb_clone_mnt_opts), + LSM_HOOK_INIT(move_mount, selinux_move_mount), + LSM_HOOK_INIT(dentry_init_security, selinux_dentry_init_security), LSM_HOOK_INIT(dentry_create_files_as, selinux_dentry_create_files_as), -- cgit v1.2.3 From a20456aef80fa6dda500b46c4bd04e39135097c6 Mon Sep 17 00:00:00 2001 From: Hridya Valsaraju Date: Sat, 1 Feb 2020 17:46:23 -0800 Subject: selinux: fix typo in filesystem name Correct the filesystem name to "binder" to enable genfscon per-file labelling for binderfs. Fixes: 7a4b5194747 ("selinux: allow per-file labelling for binderfs") Signed-off-by: Hridya Valsaraju Acked-by: Stephen Smalley [PM: slight style changes to the subj/description] Signed-off-by: Paul Moore --- security/selinux/hooks.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/selinux/hooks.c') diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index d9e8b2131a65..6ef606a3c7f9 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -698,7 +698,7 @@ static int selinux_set_mnt_opts(struct super_block *sb, if (!strcmp(sb->s_type->name, "debugfs") || !strcmp(sb->s_type->name, "tracefs") || - !strcmp(sb->s_type->name, "binderfs") || + !strcmp(sb->s_type->name, "binder") || !strcmp(sb->s_type->name, "pstore")) sbsec->flags |= SE_SBGENFS; -- cgit v1.2.3 From 96cafb9ccb153f6a82ff2c9bde68916d9d65501e Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Fri, 6 Dec 2019 10:45:01 -0600 Subject: fs_parser: remove fs_parameter_description name field Unused now. Signed-off-by: Eric Sandeen Acked-by: David Howells Signed-off-by: Al Viro --- Documentation/filesystems/mount_api.txt | 11 ++--------- arch/powerpc/platforms/cell/spufs/inode.c | 1 - arch/s390/hypfs/inode.c | 1 - arch/x86/kernel/cpu/resctrl/rdtgroup.c | 1 - drivers/block/rbd.c | 1 - drivers/usb/gadget/function/f_fs.c | 1 - fs/afs/super.c | 1 - fs/ceph/super.c | 1 - fs/filesystems.c | 3 ++- fs/fs_parser.c | 10 ++-------- fs/fuse/inode.c | 1 - fs/gfs2/ops_fstype.c | 1 - fs/hugetlbfs/inode.c | 1 - fs/jffs2/super.c | 1 - fs/nfs/fs_context.c | 1 - fs/proc/root.c | 1 - fs/ramfs/inode.c | 1 - fs/xfs/xfs_super.c | 1 - include/linux/fs_parser.h | 7 ++++--- kernel/bpf/inode.c | 1 - kernel/cgroup/cgroup-v1.c | 1 - kernel/cgroup/cgroup.c | 1 - mm/shmem.c | 1 - net/ceph/ceph_common.c | 1 - security/selinux/hooks.c | 3 +-- security/smack/smack_lsm.c | 1 - 26 files changed, 11 insertions(+), 44 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/Documentation/filesystems/mount_api.txt b/Documentation/filesystems/mount_api.txt index b96e73591327..87c14bbb2b35 100644 --- a/Documentation/filesystems/mount_api.txt +++ b/Documentation/filesystems/mount_api.txt @@ -518,7 +518,6 @@ Parameters are described using structures defined in linux/fs_parser.h. There's a core description struct that links everything together: struct fs_parameter_description { - const char name[16]; const struct fs_parameter_spec *specs; const struct fs_parameter_enum *enums; }; @@ -534,19 +533,13 @@ For example: }; static const struct fs_parameter_description afs_fs_parameters = { - .name = "kAFS", .specs = afs_param_specs, .enums = afs_param_enums, }; The members are as follows: - (1) const char name[16]; - - The name to be used in error messages generated by the parse helper - functions. - - (2) const struct fs_parameter_specification *specs; + (1) const struct fs_parameter_specification *specs; Table of parameter specifications, terminated with a null entry, where the entries are of type: @@ -625,7 +618,7 @@ The members are as follows: of arguments to specify the type and the flags for anything that doesn't match one of the above macros. - (6) const struct fs_parameter_enum *enums; + (2) const struct fs_parameter_enum *enums; Table of enum value names to integer mappings, terminated with a null entry. This is of type: diff --git a/arch/powerpc/platforms/cell/spufs/inode.c b/arch/powerpc/platforms/cell/spufs/inode.c index 9b1586b85152..36ce5d0ac675 100644 --- a/arch/powerpc/platforms/cell/spufs/inode.c +++ b/arch/powerpc/platforms/cell/spufs/inode.c @@ -592,7 +592,6 @@ static const struct fs_parameter_spec spufs_param_specs[] = { }; static const struct fs_parameter_description spufs_fs_parameters = { - .name = "spufs", .specs = spufs_param_specs, }; diff --git a/arch/s390/hypfs/inode.c b/arch/s390/hypfs/inode.c index 70139d0791b6..b3a6d13a63bf 100644 --- a/arch/s390/hypfs/inode.c +++ b/arch/s390/hypfs/inode.c @@ -216,7 +216,6 @@ static const struct fs_parameter_spec hypfs_param_specs[] = { }; static const struct fs_parameter_description hypfs_fs_parameters = { - .name = "hypfs", .specs = hypfs_param_specs, }; diff --git a/arch/x86/kernel/cpu/resctrl/rdtgroup.c b/arch/x86/kernel/cpu/resctrl/rdtgroup.c index 2e3b06d6bbc6..f145594e4d6a 100644 --- a/arch/x86/kernel/cpu/resctrl/rdtgroup.c +++ b/arch/x86/kernel/cpu/resctrl/rdtgroup.c @@ -2045,7 +2045,6 @@ static const struct fs_parameter_spec rdt_param_specs[] = { }; static const struct fs_parameter_description rdt_fs_parameters = { - .name = "rdt", .specs = rdt_param_specs, }; diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c index 47e82f076a12..e87486920382 100644 --- a/drivers/block/rbd.c +++ b/drivers/block/rbd.c @@ -864,7 +864,6 @@ static const struct fs_parameter_spec rbd_param_specs[] = { }; static const struct fs_parameter_description rbd_parameters = { - .name = "rbd", .specs = rbd_param_specs, }; diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c index 0bbccac94d6c..eda1972b70eb 100644 --- a/drivers/usb/gadget/function/f_fs.c +++ b/drivers/usb/gadget/function/f_fs.c @@ -1497,7 +1497,6 @@ static const struct fs_parameter_spec ffs_fs_param_specs[] = { }; static const struct fs_parameter_description ffs_fs_fs_parameters = { - .name = "kAFS", .specs = ffs_fs_param_specs, }; diff --git a/fs/afs/super.c b/fs/afs/super.c index 8d71d10761b7..862c806bc22f 100644 --- a/fs/afs/super.c +++ b/fs/afs/super.c @@ -90,7 +90,6 @@ static const struct fs_parameter_spec afs_param_specs[] = { }; static const struct fs_parameter_description afs_fs_parameters = { - .name = "kAFS", .specs = afs_param_specs, }; diff --git a/fs/ceph/super.c b/fs/ceph/super.c index 4125de07221b..497469149e4b 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c @@ -199,7 +199,6 @@ static const struct fs_parameter_spec ceph_mount_param_specs[] = { }; static const struct fs_parameter_description ceph_mount_parameters = { - .name = "ceph", .specs = ceph_mount_param_specs, }; diff --git a/fs/filesystems.c b/fs/filesystems.c index 9135646e41ac..77bf5f95362d 100644 --- a/fs/filesystems.c +++ b/fs/filesystems.c @@ -74,7 +74,8 @@ int register_filesystem(struct file_system_type * fs) int res = 0; struct file_system_type ** p; - if (fs->parameters && !fs_validate_description(fs->parameters)) + if (fs->parameters && + !fs_validate_description(fs->name, fs->parameters)) return -EINVAL; BUG_ON(strchr(fs->name, '.')); diff --git a/fs/fs_parser.c b/fs/fs_parser.c index 4c410eef0173..3ed1e49d8267 100644 --- a/fs/fs_parser.c +++ b/fs/fs_parser.c @@ -354,20 +354,14 @@ bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, * fs_validate_description - Validate a parameter description * @desc: The parameter description to validate. */ -bool fs_validate_description(const struct fs_parameter_description *desc) +bool fs_validate_description(const char *name, + const struct fs_parameter_description *desc) { const struct fs_parameter_spec *param, *p2; - const char *name = desc->name; bool good = true; pr_notice("*** VALIDATE %s ***\n", name); - if (!name[0]) { - pr_err("VALIDATE Parser: No name\n"); - name = "Unknown"; - good = false; - } - if (desc->specs) { for (param = desc->specs; param->name; param++) { enum fs_parameter_type t = param->type; diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 16aec32f7f3d..5a01daadee7e 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -463,7 +463,6 @@ static const struct fs_parameter_spec fuse_param_specs[] = { }; static const struct fs_parameter_description fuse_fs_parameters = { - .name = "fuse", .specs = fuse_param_specs, }; diff --git a/fs/gfs2/ops_fstype.c b/fs/gfs2/ops_fstype.c index 16230e496fdb..8bc20425a830 100644 --- a/fs/gfs2/ops_fstype.c +++ b/fs/gfs2/ops_fstype.c @@ -1337,7 +1337,6 @@ static const struct fs_parameter_spec gfs2_param_specs[] = { }; static const struct fs_parameter_description gfs2_fs_parameters = { - .name = "gfs2", .specs = gfs2_param_specs, }; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index a66e425884d1..c073f76478af 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -85,7 +85,6 @@ static const struct fs_parameter_spec hugetlb_param_specs[] = { }; static const struct fs_parameter_description hugetlb_fs_parameters = { - .name = "hugetlbfs", .specs = hugetlb_param_specs, }; diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c index 1e54f736865d..f6fda79e98cf 100644 --- a/fs/jffs2/super.c +++ b/fs/jffs2/super.c @@ -185,7 +185,6 @@ static const struct fs_parameter_spec jffs2_param_specs[] = { }; const struct fs_parameter_description jffs2_fs_parameters = { - .name = "jffs2", .specs = jffs2_param_specs, }; diff --git a/fs/nfs/fs_context.c b/fs/nfs/fs_context.c index c0ddeecadfac..5f45e637e62a 100644 --- a/fs/nfs/fs_context.c +++ b/fs/nfs/fs_context.c @@ -174,7 +174,6 @@ static const struct fs_parameter_spec nfs_param_specs[] = { }; static const struct fs_parameter_description nfs_fs_parameters = { - .name = "nfs", .specs = nfs_param_specs, }; diff --git a/fs/proc/root.c b/fs/proc/root.c index 0b7c8dffc9ae..c44765447d05 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -48,7 +48,6 @@ static const struct fs_parameter_spec proc_param_specs[] = { }; static const struct fs_parameter_description proc_fs_parameters = { - .name = "proc", .specs = proc_param_specs, }; diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index d82636e8eb65..bb7ab562ff4d 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -187,7 +187,6 @@ static const struct fs_parameter_spec ramfs_param_specs[] = { }; const struct fs_parameter_description ramfs_fs_parameters = { - .name = "ramfs", .specs = ramfs_param_specs, }; diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index d9ae27ddf253..ee23a2bf1a81 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -107,7 +107,6 @@ static const struct fs_parameter_spec xfs_param_specs[] = { }; static const struct fs_parameter_description xfs_fs_parameters = { - .name = "xfs", .specs = xfs_param_specs, }; diff --git a/include/linux/fs_parser.h b/include/linux/fs_parser.h index 37459124c1c1..ac439ee50aab 100644 --- a/include/linux/fs_parser.h +++ b/include/linux/fs_parser.h @@ -57,7 +57,6 @@ struct fs_parameter_spec { }; struct fs_parameter_description { - const char name[16]; /* Name for logging purposes */ const struct fs_parameter_spec *specs; /* List of param specifications */ }; @@ -97,12 +96,14 @@ extern int lookup_constant(const struct constant_table tbl[], const char *name, #ifdef CONFIG_VALIDATE_FS_PARSER extern bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, int low, int high, int special); -extern bool fs_validate_description(const struct fs_parameter_description *desc); +extern bool fs_validate_description(const char *name, + const struct fs_parameter_description *desc); #else static inline bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, int low, int high, int special) { return true; } -static inline bool fs_validate_description(const struct fs_parameter_description *desc) +static inline bool fs_validate_description(const char *name, + const struct fs_parameter_description *desc) { return true; } #endif diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c index ecf42bec38c0..9608aa48128d 100644 --- a/kernel/bpf/inode.c +++ b/kernel/bpf/inode.c @@ -593,7 +593,6 @@ static const struct fs_parameter_spec bpf_param_specs[] = { }; static const struct fs_parameter_description bpf_fs_parameters = { - .name = "bpf", .specs = bpf_param_specs, }; diff --git a/kernel/cgroup/cgroup-v1.c b/kernel/cgroup/cgroup-v1.c index 77eb72b704a6..c7b526f33621 100644 --- a/kernel/cgroup/cgroup-v1.c +++ b/kernel/cgroup/cgroup-v1.c @@ -898,7 +898,6 @@ static const struct fs_parameter_spec cgroup1_param_specs[] = { }; const struct fs_parameter_description cgroup1_fs_parameters = { - .name = "cgroup1", .specs = cgroup1_param_specs, }; diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 735af8f15f95..d86d441d93ca 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -1823,7 +1823,6 @@ static const struct fs_parameter_spec cgroup2_param_specs[] = { }; static const struct fs_parameter_description cgroup2_fs_parameters = { - .name = "cgroup2", .specs = cgroup2_param_specs, }; diff --git a/mm/shmem.c b/mm/shmem.c index 90c7737bcce2..445d038a54b9 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -3404,7 +3404,6 @@ static const struct fs_parameter_spec shmem_param_specs[] = { }; const struct fs_parameter_description shmem_fs_parameters = { - .name = "tmpfs", .specs = shmem_param_specs, }; diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index d435d22999f5..f639e04d9c63 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c @@ -291,7 +291,6 @@ static const struct fs_parameter_spec ceph_param_specs[] = { }; static const struct fs_parameter_description ceph_parameters = { - .name = "libceph", .specs = ceph_param_specs, }; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 116b4d644f68..54f34631bc16 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2818,7 +2818,6 @@ static const struct fs_parameter_spec selinux_param_specs[] = { }; static const struct fs_parameter_description selinux_fs_parameters = { - .name = "SELinux", .specs = selinux_param_specs, }; @@ -7145,7 +7144,7 @@ static __init int selinux_init(void) else pr_debug("SELinux: Starting in permissive mode\n"); - fs_validate_description(&selinux_fs_parameters); + fs_validate_description("selinux", &selinux_fs_parameters); return 0; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index ecea41ce919b..646c0b4aa8c4 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -689,7 +689,6 @@ static const struct fs_parameter_spec smack_param_specs[] = { }; static const struct fs_parameter_description smack_fs_parameters = { - .name = "smack", .specs = smack_param_specs, }; -- cgit v1.2.3 From d7167b149943e38ad610191ecbb0800c78bbced9 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 7 Sep 2019 07:23:15 -0400 Subject: fs_parse: fold fs_parameter_desc/fs_parameter_spec The former contains nothing but a pointer to an array of the latter... Signed-off-by: Al Viro --- arch/powerpc/platforms/cell/spufs/inode.c | 10 ++---- arch/s390/hypfs/inode.c | 10 ++---- arch/x86/kernel/cpu/resctrl/rdtgroup.c | 10 ++---- drivers/base/devtmpfs.c | 4 +-- drivers/block/rbd.c | 8 ++--- drivers/usb/gadget/function/f_fs.c | 10 ++---- fs/afs/super.c | 12 +++---- fs/ceph/super.c | 8 ++--- fs/fs_parser.c | 53 +++++++++++++++---------------- fs/fuse/inode.c | 12 +++---- fs/gfs2/ops_fstype.c | 10 ++---- fs/hugetlbfs/inode.c | 10 ++---- fs/jffs2/super.c | 10 ++---- fs/nfs/fs_context.c | 12 +++---- fs/proc/root.c | 10 ++---- fs/ramfs/inode.c | 10 ++---- fs/xfs/xfs_super.c | 10 ++---- include/linux/fs.h | 4 +-- include/linux/fs_parser.h | 12 +++---- include/linux/ramfs.h | 4 ++- include/linux/shmem_fs.h | 3 +- kernel/bpf/inode.c | 10 ++---- kernel/cgroup/cgroup-internal.h | 4 +-- kernel/cgroup/cgroup-v1.c | 8 ++--- kernel/cgroup/cgroup.c | 12 +++---- mm/shmem.c | 12 +++---- net/ceph/ceph_common.c | 8 ++--- security/selinux/hooks.c | 10 ++---- security/smack/smack_lsm.c | 8 ++--- 29 files changed, 106 insertions(+), 198 deletions(-) (limited to 'security/selinux/hooks.c') diff --git a/arch/powerpc/platforms/cell/spufs/inode.c b/arch/powerpc/platforms/cell/spufs/inode.c index 36ce5d0ac675..25390569e24c 100644 --- a/arch/powerpc/platforms/cell/spufs/inode.c +++ b/arch/powerpc/platforms/cell/spufs/inode.c @@ -583,7 +583,7 @@ enum { Opt_uid, Opt_gid, Opt_mode, Opt_debug, }; -static const struct fs_parameter_spec spufs_param_specs[] = { +static const struct fs_parameter_spec spufs_fs_parameters[] = { fsparam_u32 ("gid", Opt_gid), fsparam_u32oct ("mode", Opt_mode), fsparam_u32 ("uid", Opt_uid), @@ -591,10 +591,6 @@ static const struct fs_parameter_spec spufs_param_specs[] = { {} }; -static const struct fs_parameter_description spufs_fs_parameters = { - .specs = spufs_param_specs, -}; - static int spufs_show_options(struct seq_file *m, struct dentry *root) { struct spufs_sb_info *sbi = spufs_get_sb_info(root->d_sb); @@ -622,7 +618,7 @@ static int spufs_parse_param(struct fs_context *fc, struct fs_parameter *param) kgid_t gid; int opt; - opt = fs_parse(fc, &spufs_fs_parameters, param, &result); + opt = fs_parse(fc, spufs_fs_parameters, param, &result); if (opt < 0) return opt; @@ -773,7 +769,7 @@ static struct file_system_type spufs_type = { .owner = THIS_MODULE, .name = "spufs", .init_fs_context = spufs_init_fs_context, - .parameters = &spufs_fs_parameters, + .parameters = spufs_fs_parameters, .kill_sb = kill_litter_super, }; MODULE_ALIAS_FS("spufs"); diff --git a/arch/s390/hypfs/inode.c b/arch/s390/hypfs/inode.c index b3a6d13a63bf..5c97f48cea91 100644 --- a/arch/s390/hypfs/inode.c +++ b/arch/s390/hypfs/inode.c @@ -209,16 +209,12 @@ static int hypfs_release(struct inode *inode, struct file *filp) enum { Opt_uid, Opt_gid, }; -static const struct fs_parameter_spec hypfs_param_specs[] = { +static const struct fs_parameter_spec hypfs_fs_parameters[] = { fsparam_u32("gid", Opt_gid), fsparam_u32("uid", Opt_uid), {} }; -static const struct fs_parameter_description hypfs_fs_parameters = { - .specs = hypfs_param_specs, -}; - static int hypfs_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct hypfs_sb_info *hypfs_info = fc->s_fs_info; @@ -227,7 +223,7 @@ static int hypfs_parse_param(struct fs_context *fc, struct fs_parameter *param) kgid_t gid; int opt; - opt = fs_parse(fc, &hypfs_fs_parameters, param, &result); + opt = fs_parse(fc, hypfs_fs_parameters, param, &result); if (opt < 0) return opt; @@ -454,7 +450,7 @@ static struct file_system_type hypfs_type = { .owner = THIS_MODULE, .name = "s390_hypfs", .init_fs_context = hypfs_init_fs_context, - .parameters = &hypfs_fs_parameters, + .parameters = hypfs_fs_parameters, .kill_sb = hypfs_kill_super }; diff --git a/arch/x86/kernel/cpu/resctrl/rdtgroup.c b/arch/x86/kernel/cpu/resctrl/rdtgroup.c index f145594e4d6a..9891b4648de4 100644 --- a/arch/x86/kernel/cpu/resctrl/rdtgroup.c +++ b/arch/x86/kernel/cpu/resctrl/rdtgroup.c @@ -2037,24 +2037,20 @@ enum rdt_param { nr__rdt_params }; -static const struct fs_parameter_spec rdt_param_specs[] = { +static const struct fs_parameter_spec rdt_fs_parameters[] = { fsparam_flag("cdp", Opt_cdp), fsparam_flag("cdpl2", Opt_cdpl2), fsparam_flag("mba_MBps", Opt_mba_mbps), {} }; -static const struct fs_parameter_description rdt_fs_parameters = { - .specs = rdt_param_specs, -}; - static int rdt_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct rdt_fs_context *ctx = rdt_fc2context(fc); struct fs_parse_result result; int opt; - opt = fs_parse(fc, &rdt_fs_parameters, param, &result); + opt = fs_parse(fc, rdt_fs_parameters, param, &result); if (opt < 0) return opt; @@ -2279,7 +2275,7 @@ static void rdt_kill_sb(struct super_block *sb) static struct file_system_type rdt_fs_type = { .name = "resctrl", .init_fs_context = rdt_init_fs_context, - .parameters = &rdt_fs_parameters, + .parameters = rdt_fs_parameters, .kill_sb = rdt_kill_sb, }; diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c index 6cdbf1531238..3db9e4df1aff 100644 --- a/drivers/base/devtmpfs.c +++ b/drivers/base/devtmpfs.c @@ -71,10 +71,10 @@ static struct file_system_type internal_fs_type = { .name = "devtmpfs", #ifdef CONFIG_TMPFS .init_fs_context = shmem_init_fs_context, - .parameters = &shmem_fs_parameters, + .parameters = shmem_fs_parameters, #else .init_fs_context = ramfs_init_fs_context, - .parameters = &ramfs_fs_parameters, + .parameters = ramfs_fs_parameters, #endif .kill_sb = kill_litter_super, }; diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c index e87486920382..d0437b5fc023 100644 --- a/drivers/block/rbd.c +++ b/drivers/block/rbd.c @@ -848,7 +848,7 @@ enum { Opt_notrim, }; -static const struct fs_parameter_spec rbd_param_specs[] = { +static const struct fs_parameter_spec rbd_parameters[] = { fsparam_u32 ("alloc_size", Opt_alloc_size), fsparam_flag ("exclusive", Opt_exclusive), fsparam_flag ("lock_on_read", Opt_lock_on_read), @@ -863,10 +863,6 @@ static const struct fs_parameter_spec rbd_param_specs[] = { {} }; -static const struct fs_parameter_description rbd_parameters = { - .specs = rbd_param_specs, -}; - struct rbd_options { int queue_depth; int alloc_size; @@ -6359,7 +6355,7 @@ static int rbd_parse_param(struct fs_parameter *param, if (ret != -ENOPARAM) return ret; - token = __fs_parse(&log, &rbd_parameters, param, &result); + token = __fs_parse(&log, rbd_parameters, param, &result); dout("%s fs_parse '%s' token %d\n", __func__, param->key, token); if (token < 0) { if (token == -ENOPARAM) diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c index eda1972b70eb..997e2c914901 100644 --- a/drivers/usb/gadget/function/f_fs.c +++ b/drivers/usb/gadget/function/f_fs.c @@ -1486,7 +1486,7 @@ enum { Opt_gid, }; -static const struct fs_parameter_spec ffs_fs_param_specs[] = { +static const struct fs_parameter_spec ffs_fs_fs_parameters[] = { fsparam_bool ("no_disconnect", Opt_no_disconnect), fsparam_u32 ("rmode", Opt_rmode), fsparam_u32 ("fmode", Opt_fmode), @@ -1496,10 +1496,6 @@ static const struct fs_parameter_spec ffs_fs_param_specs[] = { {} }; -static const struct fs_parameter_description ffs_fs_fs_parameters = { - .specs = ffs_fs_param_specs, -}; - static int ffs_fs_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct ffs_sb_fill_data *data = fc->fs_private; @@ -1508,7 +1504,7 @@ static int ffs_fs_parse_param(struct fs_context *fc, struct fs_parameter *param) ENTER(); - opt = fs_parse(fc, &ffs_fs_fs_parameters, param, &result); + opt = fs_parse(fc, ffs_fs_fs_parameters, param, &result); if (opt < 0) return opt; @@ -1640,7 +1636,7 @@ static struct file_system_type ffs_fs_type = { .owner = THIS_MODULE, .name = "functionfs", .init_fs_context = ffs_fs_init_fs_context, - .parameters = &ffs_fs_fs_parameters, + .parameters = ffs_fs_fs_parameters, .kill_sb = ffs_fs_kill_sb, }; MODULE_ALIAS_FS("functionfs"); diff --git a/fs/afs/super.c b/fs/afs/super.c index 862c806bc22f..dda7a9a66848 100644 --- a/fs/afs/super.c +++ b/fs/afs/super.c @@ -38,13 +38,13 @@ static int afs_statfs(struct dentry *dentry, struct kstatfs *buf); static int afs_show_devname(struct seq_file *m, struct dentry *root); static int afs_show_options(struct seq_file *m, struct dentry *root); static int afs_init_fs_context(struct fs_context *fc); -static const struct fs_parameter_description afs_fs_parameters; +static const struct fs_parameter_spec afs_fs_parameters[]; struct file_system_type afs_fs_type = { .owner = THIS_MODULE, .name = "afs", .init_fs_context = afs_init_fs_context, - .parameters = &afs_fs_parameters, + .parameters = afs_fs_parameters, .kill_sb = afs_kill_super, .fs_flags = FS_RENAME_DOES_D_MOVE, }; @@ -81,7 +81,7 @@ static const struct constant_table afs_param_flock[] = { {} }; -static const struct fs_parameter_spec afs_param_specs[] = { +static const struct fs_parameter_spec afs_fs_parameters[] = { fsparam_flag ("autocell", Opt_autocell), fsparam_flag ("dyn", Opt_dyn), fsparam_enum ("flock", Opt_flock, afs_param_flock), @@ -89,10 +89,6 @@ static const struct fs_parameter_spec afs_param_specs[] = { {} }; -static const struct fs_parameter_description afs_fs_parameters = { - .specs = afs_param_specs, -}; - /* * initialise the filesystem */ @@ -321,7 +317,7 @@ static int afs_parse_param(struct fs_context *fc, struct fs_parameter *param) struct afs_fs_context *ctx = fc->fs_private; int opt; - opt = fs_parse(fc, &afs_fs_parameters, param, &result); + opt = fs_parse(fc, afs_fs_parameters, param, &result); if (opt < 0) return opt; diff --git a/fs/ceph/super.c b/fs/ceph/super.c index 497469149e4b..d52eb3edb45d 100644 --- a/fs/ceph/super.c +++ b/fs/ceph/super.c @@ -169,7 +169,7 @@ static const struct constant_table ceph_param_recover[] = { {} }; -static const struct fs_parameter_spec ceph_mount_param_specs[] = { +static const struct fs_parameter_spec ceph_mount_parameters[] = { fsparam_flag_no ("acl", Opt_acl), fsparam_flag_no ("asyncreaddir", Opt_asyncreaddir), fsparam_s32 ("caps_max", Opt_caps_max), @@ -198,10 +198,6 @@ static const struct fs_parameter_spec ceph_mount_param_specs[] = { {} }; -static const struct fs_parameter_description ceph_mount_parameters = { - .specs = ceph_mount_param_specs, -}; - struct ceph_parse_opts_ctx { struct ceph_options *copts; struct ceph_mount_options *opts; @@ -271,7 +267,7 @@ static int ceph_parse_mount_param(struct fs_context *fc, if (ret != -ENOPARAM) return ret; - token = fs_parse(fc, &ceph_mount_parameters, param, &result); + token = fs_parse(fc, ceph_mount_parameters, param, &result); dout("%s fs_parse '%s' token %d\n", __func__, param->key, token); if (token < 0) return token; diff --git a/fs/fs_parser.c b/fs/fs_parser.c index 3ed1e49d8267..5f8c06a1fb93 100644 --- a/fs/fs_parser.c +++ b/fs/fs_parser.c @@ -47,15 +47,14 @@ int lookup_constant(const struct constant_table *tbl, const char *name, int not_ EXPORT_SYMBOL(lookup_constant); static const struct fs_parameter_spec *fs_lookup_key( - const struct fs_parameter_description *desc, + const struct fs_parameter_spec *desc, const char *name) { const struct fs_parameter_spec *p; - - if (!desc->specs) + if (!desc) return NULL; - for (p = desc->specs; p->name; p++) + for (p = desc; p->name; p++) if (strcmp(p->name, name) == 0) return p; @@ -81,7 +80,7 @@ static const struct fs_parameter_spec *fs_lookup_key( * the parameter wasn't recognised and unknowns aren't okay. */ int __fs_parse(struct p_log *log, - const struct fs_parameter_description *desc, + const struct fs_parameter_spec *desc, struct fs_parameter *param, struct fs_parse_result *result) { @@ -355,39 +354,37 @@ bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, * @desc: The parameter description to validate. */ bool fs_validate_description(const char *name, - const struct fs_parameter_description *desc) + const struct fs_parameter_spec *desc) { const struct fs_parameter_spec *param, *p2; bool good = true; pr_notice("*** VALIDATE %s ***\n", name); - if (desc->specs) { - for (param = desc->specs; param->name; param++) { - enum fs_parameter_type t = param->type; + for (param = desc; param->name; param++) { + enum fs_parameter_type t = param->type; - /* Check that the type is in range */ - if (t == __fs_param_wasnt_defined || - t >= nr__fs_parameter_type) { - pr_err("VALIDATE %s: PARAM[%s] Bad type %u\n", - name, param->name, t); + /* Check that the type is in range */ + if (t == __fs_param_wasnt_defined || + t >= nr__fs_parameter_type) { + pr_err("VALIDATE %s: PARAM[%s] Bad type %u\n", + name, param->name, t); + good = false; + } else if (t == fs_param_is_enum) { + const struct constant_table *e = param->data; + if (!e || !e->name) { + pr_err("VALIDATE %s: PARAM[%s] enum with no values\n", + name, param->name); good = false; - } else if (t == fs_param_is_enum) { - const struct constant_table *e = param->data; - if (!e || !e->name) { - pr_err("VALIDATE %s: PARAM[%s] enum with no values\n", - name, param->name); - good = false; - } } + } - /* Check for duplicate parameter names */ - for (p2 = desc->specs; p2 < param; p2++) { - if (strcmp(param->name, p2->name) == 0) { - pr_err("VALIDATE %s: PARAM[%s]: Duplicate\n", - name, param->name); - good = false; - } + /* Check for duplicate parameter names */ + for (p2 = desc; p2 < param; p2++) { + if (strcmp(param->name, p2->name) == 0) { + pr_err("VALIDATE %s: PARAM[%s]: Duplicate\n", + name, param->name); + good = false; } } } diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 5a01daadee7e..f22bc344d161 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -448,7 +448,7 @@ enum { OPT_ERR }; -static const struct fs_parameter_spec fuse_param_specs[] = { +static const struct fs_parameter_spec fuse_fs_parameters[] = { fsparam_string ("source", OPT_SOURCE), fsparam_u32 ("fd", OPT_FD), fsparam_u32oct ("rootmode", OPT_ROOTMODE), @@ -462,17 +462,13 @@ static const struct fs_parameter_spec fuse_param_specs[] = { {} }; -static const struct fs_parameter_description fuse_fs_parameters = { - .specs = fuse_param_specs, -}; - static int fuse_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct fs_parse_result result; struct fuse_fs_context *ctx = fc->fs_private; int opt; - opt = fs_parse(fc, &fuse_fs_parameters, param, &result); + opt = fs_parse(fc, fuse_fs_parameters, param, &result); if (opt < 0) return opt; @@ -1346,7 +1342,7 @@ static struct file_system_type fuse_fs_type = { .name = "fuse", .fs_flags = FS_HAS_SUBTYPE | FS_USERNS_MOUNT, .init_fs_context = fuse_init_fs_context, - .parameters = &fuse_fs_parameters, + .parameters = fuse_fs_parameters, .kill_sb = fuse_kill_sb_anon, }; MODULE_ALIAS_FS("fuse"); @@ -1362,7 +1358,7 @@ static struct file_system_type fuseblk_fs_type = { .owner = THIS_MODULE, .name = "fuseblk", .init_fs_context = fuse_init_fs_context, - .parameters = &fuse_fs_parameters, + .parameters = fuse_fs_parameters, .kill_sb = fuse_kill_sb_blk, .fs_flags = FS_REQUIRES_DEV | FS_HAS_SUBTYPE, }; diff --git a/fs/gfs2/ops_fstype.c b/fs/gfs2/ops_fstype.c index 8bc20425a830..32623d28612b 100644 --- a/fs/gfs2/ops_fstype.c +++ b/fs/gfs2/ops_fstype.c @@ -1306,7 +1306,7 @@ static const struct constant_table gfs2_param_errors[] = { {} }; -static const struct fs_parameter_spec gfs2_param_specs[] = { +static const struct fs_parameter_spec gfs2_fs_parameters[] = { fsparam_string ("lockproto", Opt_lockproto), fsparam_string ("locktable", Opt_locktable), fsparam_string ("hostdata", Opt_hostdata), @@ -1336,10 +1336,6 @@ static const struct fs_parameter_spec gfs2_param_specs[] = { {} }; -static const struct fs_parameter_description gfs2_fs_parameters = { - .specs = gfs2_param_specs, -}; - /* Parse a single mount parameter */ static int gfs2_parse_param(struct fs_context *fc, struct fs_parameter *param) { @@ -1347,7 +1343,7 @@ static int gfs2_parse_param(struct fs_context *fc, struct fs_parameter *param) struct fs_parse_result result; int o; - o = fs_parse(fc, &gfs2_fs_parameters, param, &result); + o = fs_parse(fc, gfs2_fs_parameters, param, &result); if (o < 0) return o; @@ -1649,7 +1645,7 @@ struct file_system_type gfs2_fs_type = { .name = "gfs2", .fs_flags = FS_REQUIRES_DEV, .init_fs_context = gfs2_init_fs_context, - .parameters = &gfs2_fs_parameters, + .parameters = gfs2_fs_parameters, .kill_sb = gfs2_kill_sb, .owner = THIS_MODULE, }; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index c073f76478af..84d445e8b5bc 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -73,7 +73,7 @@ enum hugetlb_param { Opt_uid, }; -static const struct fs_parameter_spec hugetlb_param_specs[] = { +static const struct fs_parameter_spec hugetlb_fs_parameters[] = { fsparam_u32 ("gid", Opt_gid), fsparam_string("min_size", Opt_min_size), fsparam_u32 ("mode", Opt_mode), @@ -84,10 +84,6 @@ static const struct fs_parameter_spec hugetlb_param_specs[] = { {} }; -static const struct fs_parameter_description hugetlb_fs_parameters = { - .specs = hugetlb_param_specs, -}; - #ifdef CONFIG_NUMA static inline void hugetlb_set_vma_policy(struct vm_area_struct *vma, struct inode *inode, pgoff_t index) @@ -1170,7 +1166,7 @@ static int hugetlbfs_parse_param(struct fs_context *fc, struct fs_parameter *par unsigned long ps; int opt; - opt = fs_parse(fc, &hugetlb_fs_parameters, param, &result); + opt = fs_parse(fc, hugetlb_fs_parameters, param, &result); if (opt < 0) return opt; @@ -1357,7 +1353,7 @@ static int hugetlbfs_init_fs_context(struct fs_context *fc) static struct file_system_type hugetlbfs_fs_type = { .name = "hugetlbfs", .init_fs_context = hugetlbfs_init_fs_context, - .parameters = &hugetlb_fs_parameters, + .parameters = hugetlb_fs_parameters, .kill_sb = kill_litter_super, }; diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c index f6fda79e98cf..05d7878dfad1 100644 --- a/fs/jffs2/super.c +++ b/fs/jffs2/super.c @@ -178,23 +178,19 @@ static const struct constant_table jffs2_param_compr[] = { {} }; -static const struct fs_parameter_spec jffs2_param_specs[] = { +static const struct fs_parameter_spec jffs2_fs_parameters[] = { fsparam_enum ("compr", Opt_override_compr, jffs2_param_compr), fsparam_u32 ("rp_size", Opt_rp_size), {} }; -const struct fs_parameter_description jffs2_fs_parameters = { - .specs = jffs2_param_specs, -}; - static int jffs2_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct fs_parse_result result; struct jffs2_sb_info *c = fc->s_fs_info; int opt; - opt = fs_parse(fc, &jffs2_fs_parameters, param, &result); + opt = fs_parse(fc, jffs2_fs_parameters, param, &result); if (opt < 0) return opt; @@ -337,7 +333,7 @@ static struct file_system_type jffs2_fs_type = { .owner = THIS_MODULE, .name = "jffs2", .init_fs_context = jffs2_init_fs_context, - .parameters = &jffs2_fs_parameters, + .parameters = jffs2_fs_parameters, .kill_sb = jffs2_kill_sb, }; MODULE_ALIAS_FS("jffs2"); diff --git a/fs/nfs/fs_context.c b/fs/nfs/fs_context.c index 5f45e637e62a..39f980a0ee48 100644 --- a/fs/nfs/fs_context.c +++ b/fs/nfs/fs_context.c @@ -111,7 +111,7 @@ static const struct constant_table nfs_param_enums_lookupcache[] = { {} }; -static const struct fs_parameter_spec nfs_param_specs[] = { +static const struct fs_parameter_spec nfs_fs_parameters[] = { fsparam_flag_no("ac", Opt_ac), fsparam_u32 ("acdirmax", Opt_acdirmax), fsparam_u32 ("acdirmin", Opt_acdirmin), @@ -173,10 +173,6 @@ static const struct fs_parameter_spec nfs_param_specs[] = { {} }; -static const struct fs_parameter_description nfs_fs_parameters = { - .specs = nfs_param_specs, -}; - enum { Opt_vers_2, Opt_vers_3, @@ -443,7 +439,7 @@ static int nfs_fs_context_parse_param(struct fs_context *fc, dfprintk(MOUNT, "NFS: parsing nfs mount option '%s'\n", param->key); - opt = fs_parse(fc, &nfs_fs_parameters, param, &result); + opt = fs_parse(fc, nfs_fs_parameters, param, &result); if (opt < 0) return ctx->sloppy ? 1 : opt; @@ -1416,7 +1412,7 @@ struct file_system_type nfs_fs_type = { .owner = THIS_MODULE, .name = "nfs", .init_fs_context = nfs_init_fs_context, - .parameters = &nfs_fs_parameters, + .parameters = nfs_fs_parameters, .kill_sb = nfs_kill_super, .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, }; @@ -1428,7 +1424,7 @@ struct file_system_type nfs4_fs_type = { .owner = THIS_MODULE, .name = "nfs4", .init_fs_context = nfs_init_fs_context, - .parameters = &nfs_fs_parameters, + .parameters = nfs_fs_parameters, .kill_sb = nfs_kill_super, .fs_flags = FS_RENAME_DOES_D_MOVE|FS_BINARY_MOUNTDATA, }; diff --git a/fs/proc/root.c b/fs/proc/root.c index c44765447d05..6a5825e12bc9 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -41,23 +41,19 @@ enum proc_param { Opt_hidepid, }; -static const struct fs_parameter_spec proc_param_specs[] = { +static const struct fs_parameter_spec proc_fs_parameters[] = { fsparam_u32("gid", Opt_gid), fsparam_u32("hidepid", Opt_hidepid), {} }; -static const struct fs_parameter_description proc_fs_parameters = { - .specs = proc_param_specs, -}; - static int proc_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct proc_fs_context *ctx = fc->fs_private; struct fs_parse_result result; int opt; - opt = fs_parse(fc, &proc_fs_parameters, param, &result); + opt = fs_parse(fc, proc_fs_parameters, param, &result); if (opt < 0) return opt; @@ -206,7 +202,7 @@ static void proc_kill_sb(struct super_block *sb) static struct file_system_type proc_fs_type = { .name = "proc", .init_fs_context = proc_init_fs_context, - .parameters = &proc_fs_parameters, + .parameters = proc_fs_parameters, .kill_sb = proc_kill_sb, .fs_flags = FS_USERNS_MOUNT | FS_DISALLOW_NOTIFY_PERM, }; diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index bb7ab562ff4d..ee179a81b3da 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -181,22 +181,18 @@ enum ramfs_param { Opt_mode, }; -static const struct fs_parameter_spec ramfs_param_specs[] = { +const struct fs_parameter_spec ramfs_fs_parameters[] = { fsparam_u32oct("mode", Opt_mode), {} }; -const struct fs_parameter_description ramfs_fs_parameters = { - .specs = ramfs_param_specs, -}; - static int ramfs_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct fs_parse_result result; struct ramfs_fs_info *fsi = fc->s_fs_info; int opt; - opt = fs_parse(fc, &ramfs_fs_parameters, param, &result); + opt = fs_parse(fc, ramfs_fs_parameters, param, &result); if (opt < 0) { /* * We might like to report bad mount options here; @@ -277,7 +273,7 @@ static void ramfs_kill_sb(struct super_block *sb) static struct file_system_type ramfs_fs_type = { .name = "ramfs", .init_fs_context = ramfs_init_fs_context, - .parameters = &ramfs_fs_parameters, + .parameters = ramfs_fs_parameters, .kill_sb = ramfs_kill_sb, .fs_flags = FS_USERNS_MOUNT, }; diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c index ee23a2bf1a81..b03d82fcf011 100644 --- a/fs/xfs/xfs_super.c +++ b/fs/xfs/xfs_super.c @@ -62,7 +62,7 @@ enum { Opt_discard, Opt_nodiscard, Opt_dax, }; -static const struct fs_parameter_spec xfs_param_specs[] = { +static const struct fs_parameter_spec xfs_fs_parameters[] = { fsparam_u32("logbufs", Opt_logbufs), fsparam_string("logbsize", Opt_logbsize), fsparam_string("logdev", Opt_logdev), @@ -106,10 +106,6 @@ static const struct fs_parameter_spec xfs_param_specs[] = { {} }; -static const struct fs_parameter_description xfs_fs_parameters = { - .specs = xfs_param_specs, -}; - struct proc_xfs_info { uint64_t flag; char *str; @@ -1145,7 +1141,7 @@ xfs_fc_parse_param( int size = 0; int opt; - opt = fs_parse(fc, &xfs_fs_parameters, param, &result); + opt = fs_parse(fc, xfs_fs_parameters, param, &result); if (opt < 0) return opt; @@ -1787,7 +1783,7 @@ static struct file_system_type xfs_fs_type = { .owner = THIS_MODULE, .name = "xfs", .init_fs_context = xfs_init_fs_context, - .parameters = &xfs_fs_parameters, + .parameters = xfs_fs_parameters, .kill_sb = kill_block_super, .fs_flags = FS_REQUIRES_DEV, }; diff --git a/include/linux/fs.h b/include/linux/fs.h index 98e0349adb52..5ace552a2a23 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -67,7 +67,7 @@ struct fscrypt_operations; struct fsverity_info; struct fsverity_operations; struct fs_context; -struct fs_parameter_description; +struct fs_parameter_spec; extern void __init inode_init(void); extern void __init inode_init_early(void); @@ -2224,7 +2224,7 @@ struct file_system_type { #define FS_DISALLOW_NOTIFY_PERM 16 /* Disable fanotify permission events */ #define FS_RENAME_DOES_D_MOVE 32768 /* FS will handle d_move() during rename() internally. */ int (*init_fs_context)(struct fs_context *); - const struct fs_parameter_description *parameters; + const struct fs_parameter_spec *parameters; struct dentry *(*mount) (struct file_system_type *, int, const char *, void *); void (*kill_sb) (struct super_block *); diff --git a/include/linux/fs_parser.h b/include/linux/fs_parser.h index ac439ee50aab..dcbac245e7a3 100644 --- a/include/linux/fs_parser.h +++ b/include/linux/fs_parser.h @@ -56,10 +56,6 @@ struct fs_parameter_spec { const void *data; }; -struct fs_parameter_description { - const struct fs_parameter_spec *specs; /* List of param specifications */ -}; - /* * Result of parse. */ @@ -74,12 +70,12 @@ struct fs_parse_result { }; extern int __fs_parse(struct p_log *log, - const struct fs_parameter_description *desc, + const struct fs_parameter_spec *desc, struct fs_parameter *value, struct fs_parse_result *result); static inline int fs_parse(struct fs_context *fc, - const struct fs_parameter_description *desc, + const struct fs_parameter_spec *desc, struct fs_parameter *param, struct fs_parse_result *result) { @@ -97,13 +93,13 @@ extern int lookup_constant(const struct constant_table tbl[], const char *name, extern bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, int low, int high, int special); extern bool fs_validate_description(const char *name, - const struct fs_parameter_description *desc); + const struct fs_parameter_spec *desc); #else static inline bool validate_constant_table(const struct constant_table *tbl, size_t tbl_size, int low, int high, int special) { return true; } static inline bool fs_validate_description(const char *name, - const struct fs_parameter_description *desc) + const struct fs_parameter_spec *desc) { return true; } #endif diff --git a/include/linux/ramfs.h b/include/linux/ramfs.h index b806a0ff6554..917528d102c4 100644 --- a/include/linux/ramfs.h +++ b/include/linux/ramfs.h @@ -2,6 +2,8 @@ #ifndef _LINUX_RAMFS_H #define _LINUX_RAMFS_H +#include // bleh... + struct inode *ramfs_get_inode(struct super_block *sb, const struct inode *dir, umode_t mode, dev_t dev); extern int ramfs_init_fs_context(struct fs_context *fc); @@ -16,7 +18,7 @@ ramfs_nommu_expand_for_mapping(struct inode *inode, size_t newsize) extern int ramfs_nommu_expand_for_mapping(struct inode *inode, size_t newsize); #endif -extern const struct fs_parameter_description ramfs_fs_parameters; +extern const struct fs_parameter_spec ramfs_fs_parameters[]; extern const struct file_operations ramfs_file_operations; extern const struct vm_operations_struct generic_file_vm_ops; diff --git a/include/linux/shmem_fs.h b/include/linux/shmem_fs.h index de8e4b71e3ba..d56fefef8905 100644 --- a/include/linux/shmem_fs.h +++ b/include/linux/shmem_fs.h @@ -8,6 +8,7 @@ #include #include #include +#include /* inode in-kernel data */ @@ -49,7 +50,7 @@ static inline struct shmem_inode_info *SHMEM_I(struct inode *inode) /* * Functions in mm/shmem.c called directly from elsewhere: */ -extern const struct fs_parameter_description shmem_fs_parameters; +extern const struct fs_parameter_spec shmem_fs_parameters[]; extern int shmem_init(void); extern int shmem_init_fs_context(struct fs_context *fc); extern struct file *shmem_file_setup(const char *name, diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c index 9608aa48128d..f4b2ef72e265 100644 --- a/kernel/bpf/inode.c +++ b/kernel/bpf/inode.c @@ -587,15 +587,11 @@ enum { OPT_MODE, }; -static const struct fs_parameter_spec bpf_param_specs[] = { +static const struct fs_parameter_spec bpf_fs_parameters[] = { fsparam_u32oct ("mode", OPT_MODE), {} }; -static const struct fs_parameter_description bpf_fs_parameters = { - .specs = bpf_param_specs, -}; - struct bpf_mount_opts { umode_t mode; }; @@ -606,7 +602,7 @@ static int bpf_parse_param(struct fs_context *fc, struct fs_parameter *param) struct fs_parse_result result; int opt; - opt = fs_parse(fc, &bpf_fs_parameters, param, &result); + opt = fs_parse(fc, bpf_fs_parameters, param, &result); if (opt < 0) /* We might like to report bad mount options here, but * traditionally we've ignored all mount options, so we'd @@ -682,7 +678,7 @@ static struct file_system_type bpf_fs_type = { .owner = THIS_MODULE, .name = "bpf", .init_fs_context = bpf_init_fs_context, - .parameters = &bpf_fs_parameters, + .parameters = bpf_fs_parameters, .kill_sb = kill_litter_super, }; diff --git a/kernel/cgroup/cgroup-internal.h b/kernel/cgroup/cgroup-internal.h index 90d1710fef6c..bfbeabc17a9d 100644 --- a/kernel/cgroup/cgroup-internal.h +++ b/kernel/cgroup/cgroup-internal.h @@ -7,7 +7,7 @@ #include #include #include -#include +#include #define TRACE_CGROUP_PATH_LEN 1024 extern spinlock_t trace_cgroup_path_lock; @@ -265,7 +265,7 @@ extern const struct proc_ns_operations cgroupns_operations; */ extern struct cftype cgroup1_base_files[]; extern struct kernfs_syscall_ops cgroup1_kf_syscall_ops; -extern const struct fs_parameter_description cgroup1_fs_parameters; +extern const struct fs_parameter_spec cgroup1_fs_parameters[]; int proc_cgroupstats_show(struct seq_file *m, void *v); bool cgroup1_ssid_disabled(int ssid); diff --git a/kernel/cgroup/cgroup-v1.c b/kernel/cgroup/cgroup-v1.c index c7b526f33621..408545620dad 100644 --- a/kernel/cgroup/cgroup-v1.c +++ b/kernel/cgroup/cgroup-v1.c @@ -885,7 +885,7 @@ enum cgroup1_param { Opt_xattr, }; -static const struct fs_parameter_spec cgroup1_param_specs[] = { +const struct fs_parameter_spec cgroup1_fs_parameters[] = { fsparam_flag ("all", Opt_all), fsparam_flag ("clone_children", Opt_clone_children), fsparam_flag ("cpuset_v2_mode", Opt_cpuset_v2_mode), @@ -897,10 +897,6 @@ static const struct fs_parameter_spec cgroup1_param_specs[] = { {} }; -const struct fs_parameter_description cgroup1_fs_parameters = { - .specs = cgroup1_param_specs, -}; - int cgroup1_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct cgroup_fs_context *ctx = cgroup_fc2context(fc); @@ -908,7 +904,7 @@ int cgroup1_parse_param(struct fs_context *fc, struct fs_parameter *param) struct fs_parse_result result; int opt, i; - opt = fs_parse(fc, &cgroup1_fs_parameters, param, &result); + opt = fs_parse(fc, cgroup1_fs_parameters, param, &result); if (opt == -ENOPARAM) { if (strcmp(param->key, "source") == 0) { fc->source = param->string; diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index d86d441d93ca..a70a37e85d11 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -1816,23 +1816,19 @@ enum cgroup2_param { nr__cgroup2_params }; -static const struct fs_parameter_spec cgroup2_param_specs[] = { +static const struct fs_parameter_spec cgroup2_fs_parameters[] = { fsparam_flag("nsdelegate", Opt_nsdelegate), fsparam_flag("memory_localevents", Opt_memory_localevents), {} }; -static const struct fs_parameter_description cgroup2_fs_parameters = { - .specs = cgroup2_param_specs, -}; - static int cgroup2_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct cgroup_fs_context *ctx = cgroup_fc2context(fc); struct fs_parse_result result; int opt; - opt = fs_parse(fc, &cgroup2_fs_parameters, param, &result); + opt = fs_parse(fc, cgroup2_fs_parameters, param, &result); if (opt < 0) return opt; @@ -2155,7 +2151,7 @@ static void cgroup_kill_sb(struct super_block *sb) struct file_system_type cgroup_fs_type = { .name = "cgroup", .init_fs_context = cgroup_init_fs_context, - .parameters = &cgroup1_fs_parameters, + .parameters = cgroup1_fs_parameters, .kill_sb = cgroup_kill_sb, .fs_flags = FS_USERNS_MOUNT, }; @@ -2163,7 +2159,7 @@ struct file_system_type cgroup_fs_type = { static struct file_system_type cgroup2_fs_type = { .name = "cgroup2", .init_fs_context = cgroup_init_fs_context, - .parameters = &cgroup2_fs_parameters, + .parameters = cgroup2_fs_parameters, .kill_sb = cgroup_kill_sb, .fs_flags = FS_USERNS_MOUNT, }; diff --git a/mm/shmem.c b/mm/shmem.c index 445d038a54b9..efbbf2bc68fb 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -3391,7 +3391,7 @@ static const struct constant_table shmem_param_enums_huge[] = { {} }; -static const struct fs_parameter_spec shmem_param_specs[] = { +const struct fs_parameter_spec shmem_fs_parameters[] = { fsparam_u32 ("gid", Opt_gid), fsparam_enum ("huge", Opt_huge, shmem_param_enums_huge), fsparam_u32oct("mode", Opt_mode), @@ -3403,10 +3403,6 @@ static const struct fs_parameter_spec shmem_param_specs[] = { {} }; -const struct fs_parameter_description shmem_fs_parameters = { - .specs = shmem_param_specs, -}; - static int shmem_parse_one(struct fs_context *fc, struct fs_parameter *param) { struct shmem_options *ctx = fc->fs_private; @@ -3415,7 +3411,7 @@ static int shmem_parse_one(struct fs_context *fc, struct fs_parameter *param) char *rest; int opt; - opt = fs_parse(fc, &shmem_fs_parameters, param, &result); + opt = fs_parse(fc, shmem_fs_parameters, param, &result); if (opt < 0) return opt; @@ -3889,7 +3885,7 @@ static struct file_system_type shmem_fs_type = { .name = "tmpfs", .init_fs_context = shmem_init_fs_context, #ifdef CONFIG_TMPFS - .parameters = &shmem_fs_parameters, + .parameters = shmem_fs_parameters, #endif .kill_sb = kill_litter_super, .fs_flags = FS_USERNS_MOUNT, @@ -4035,7 +4031,7 @@ bool shmem_huge_enabled(struct vm_area_struct *vma) static struct file_system_type shmem_fs_type = { .name = "tmpfs", .init_fs_context = ramfs_init_fs_context, - .parameters = &ramfs_fs_parameters, + .parameters = ramfs_fs_parameters, .kill_sb = kill_litter_super, .fs_flags = FS_USERNS_MOUNT, }; diff --git a/net/ceph/ceph_common.c b/net/ceph/ceph_common.c index f639e04d9c63..a0e97f6c1072 100644 --- a/net/ceph/ceph_common.c +++ b/net/ceph/ceph_common.c @@ -269,7 +269,7 @@ enum { Opt_abort_on_full, }; -static const struct fs_parameter_spec ceph_param_specs[] = { +static const struct fs_parameter_spec ceph_parameters[] = { fsparam_flag ("abort_on_full", Opt_abort_on_full), fsparam_flag_no ("cephx_require_signatures", Opt_cephx_require_signatures), fsparam_flag_no ("cephx_sign_messages", Opt_cephx_sign_messages), @@ -290,10 +290,6 @@ static const struct fs_parameter_spec ceph_param_specs[] = { {} }; -static const struct fs_parameter_description ceph_parameters = { - .specs = ceph_param_specs, -}; - struct ceph_options *ceph_alloc_options(void) { struct ceph_options *opt; @@ -406,7 +402,7 @@ int ceph_parse_param(struct fs_parameter *param, struct ceph_options *opt, int token, err; struct p_log log = {.prefix = "libceph", .log = l}; - token = __fs_parse(&log, &ceph_parameters, param, &result); + token = __fs_parse(&log, ceph_parameters, param, &result); dout("%s fs_parse '%s' token %d\n", __func__, param->key, token); if (token < 0) return token; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 54f34631bc16..d085569fd426 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2808,7 +2808,7 @@ static int selinux_fs_context_dup(struct fs_context *fc, return 0; } -static const struct fs_parameter_spec selinux_param_specs[] = { +static const struct fs_parameter_spec selinux_fs_parameters[] = { fsparam_string(CONTEXT_STR, Opt_context), fsparam_string(DEFCONTEXT_STR, Opt_defcontext), fsparam_string(FSCONTEXT_STR, Opt_fscontext), @@ -2817,17 +2817,13 @@ static const struct fs_parameter_spec selinux_param_specs[] = { {} }; -static const struct fs_parameter_description selinux_fs_parameters = { - .specs = selinux_param_specs, -}; - static int selinux_fs_context_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct fs_parse_result result; int opt, rc; - opt = fs_parse(fc, &selinux_fs_parameters, param, &result); + opt = fs_parse(fc, selinux_fs_parameters, param, &result); if (opt < 0) return opt; @@ -7144,7 +7140,7 @@ static __init int selinux_init(void) else pr_debug("SELinux: Starting in permissive mode\n"); - fs_validate_description("selinux", &selinux_fs_parameters); + fs_validate_description("selinux", selinux_fs_parameters); return 0; } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 646c0b4aa8c4..ed17049d39d5 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -678,7 +678,7 @@ static int smack_fs_context_dup(struct fs_context *fc, return 0; } -static const struct fs_parameter_spec smack_param_specs[] = { +static const struct fs_parameter_spec smack_fs_parameters[] = { fsparam_string("smackfsdef", Opt_fsdefault), fsparam_string("smackfsdefault", Opt_fsdefault), fsparam_string("smackfsfloor", Opt_fsfloor), @@ -688,10 +688,6 @@ static const struct fs_parameter_spec smack_param_specs[] = { {} }; -static const struct fs_parameter_description smack_fs_parameters = { - .specs = smack_param_specs, -}; - /** * smack_fs_context_parse_param - Parse a single mount parameter * @fc: The new filesystem context being constructed. @@ -706,7 +702,7 @@ static int smack_fs_context_parse_param(struct fs_context *fc, struct fs_parse_result result; int opt, rc; - opt = fs_parse(fc, &smack_fs_parameters, param, &result); + opt = fs_parse(fc, smack_fs_parameters, param, &result); if (opt < 0) return opt; -- cgit v1.2.3