Skip to content

Commit 878cf96

Browse files
torvaldstorvalds
committed
Merge tag 'fs.vfsuid.ima.v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping
Pull vfsuid cleanup from Christian Brauner: "This moves the ima specific vfs{g,u}id_t comparison helpers out of the header and into the one file in ima where they are used. We shouldn't incentivize people to use them by placing them into the header. As discussed and suggested by Linus in [1] let's just define them locally in the one file in ima where they are used" Link: https://lore.kernel.org/lkml/CAHk-=wj4BpEwUd=OkTv1F9uykvSrsBNZJVHMp+p_+e2kiV71_A@mail.gmail.com [1] * tag 'fs.vfsuid.ima.v6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping: mnt_idmapping: move ima-only helpers to ima
2 parents 222882c + 2c05bf3 commit 878cf96

File tree

2 files changed

+24
-20
lines changed

2 files changed

+24
-20
lines changed

include/linux/mnt_idmapping.h

Lines changed: 0 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -96,26 +96,6 @@ static inline bool vfsgid_eq_kgid(vfsgid_t vfsgid, kgid_t kgid)
9696
return vfsgid_valid(vfsgid) && __vfsgid_val(vfsgid) == __kgid_val(kgid);
9797
}
9898

99-
static inline bool vfsuid_gt_kuid(vfsuid_t vfsuid, kuid_t kuid)
100-
{
101-
return __vfsuid_val(vfsuid) > __kuid_val(kuid);
102-
}
103-
104-
static inline bool vfsgid_gt_kgid(vfsgid_t vfsgid, kgid_t kgid)
105-
{
106-
return __vfsgid_val(vfsgid) > __kgid_val(kgid);
107-
}
108-
109-
static inline bool vfsuid_lt_kuid(vfsuid_t vfsuid, kuid_t kuid)
110-
{
111-
return __vfsuid_val(vfsuid) < __kuid_val(kuid);
112-
}
113-
114-
static inline bool vfsgid_lt_kgid(vfsgid_t vfsgid, kgid_t kgid)
115-
{
116-
return __vfsgid_val(vfsgid) < __kgid_val(kgid);
117-
}
118-
11999
/*
120100
* vfs{g,u}ids are created from k{g,u}ids.
121101
* We don't allow them to be created from regular {u,g}id.

security/integrity/ima/ima_policy.c

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,30 @@ struct ima_rule_opt_list {
7171
char *items[];
7272
};
7373

74+
/*
75+
* These comparators are needed nowhere outside of ima so just define them here.
76+
* This pattern should hopefully never be needed outside of ima.
77+
*/
78+
static inline bool vfsuid_gt_kuid(vfsuid_t vfsuid, kuid_t kuid)
79+
{
80+
return __vfsuid_val(vfsuid) > __kuid_val(kuid);
81+
}
82+
83+
static inline bool vfsgid_gt_kgid(vfsgid_t vfsgid, kgid_t kgid)
84+
{
85+
return __vfsgid_val(vfsgid) > __kgid_val(kgid);
86+
}
87+
88+
static inline bool vfsuid_lt_kuid(vfsuid_t vfsuid, kuid_t kuid)
89+
{
90+
return __vfsuid_val(vfsuid) < __kuid_val(kuid);
91+
}
92+
93+
static inline bool vfsgid_lt_kgid(vfsgid_t vfsgid, kgid_t kgid)
94+
{
95+
return __vfsgid_val(vfsgid) < __kgid_val(kgid);
96+
}
97+
7498
struct ima_rule_entry {
7599
struct list_head list;
76100
int action;

0 commit comments

Comments
 (0)