Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp457042imj; Thu, 7 Feb 2019 06:56:58 -0800 (PST) X-Google-Smtp-Source: AHgI3IYkrCSqY2IfyJUr+ozJ8r2RAM0kTgGP2E3CeilenXFHhUQ1IA7sjl6Jm3l1skgODU4X5NIQ X-Received: by 2002:a62:c28e:: with SMTP id w14mr16532221pfk.115.1549551418530; Thu, 07 Feb 2019 06:56:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549551418; cv=none; d=google.com; s=arc-20160816; b=XLSm6ZRHchGN4FXg5ojwGrI+KhCqW8lZtw1RlO4YW7tC5PCtCPjZJu/seXjqAQKLDi NL5L6fH/xJDb7EPkR07Hfhy9YSftvbr7QUfBpkEtVRYjNsjGzxf4aHy+tmuroD5rEeY1 MSBNa63hBzOzqLEA9ZJvyPa0uu2quZUqDw63lxsrqIiI4uBuqJQ3z9SjjxpgcbMOZDKY 6D6FC1MaeIAsRApDjiI5NgRq+X1s7QoQb3Lt1P/jbMhnkvxTs6+QscS4Zt5/1BpbXtzs NAqxuPfiysWHm6Mdz6zTVIY/VHD0jlI5GwUC0eRGUHjn2FWjGbRmH8TtuYv7v4cY7wxz B+KA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:from:subject:ironport-phdr :dkim-signature; bh=l2hiMp4694M7ieD3yYmuzpmRAlsYJ6BBma/1fkfYV7E=; b=YjbpoZSc2Su+a4JonAxYa50j96vAVv5LKkO6JX+Oss2X9ITvYnaeol+Yrxky17Vv3y Tg67LmxqYfrovvvrca02o1i7jPtMroeItZyRGM1JZqm5aYFqfVOoq6GmsU89vKcHebmP zmaQ6lB1Nsr1MsmNQCUyovfCYJCnLpjgTWnrFvUPBuyqW4Q+mNa0PYnDWycOoF/beYgv tfREAptJRLovXfQbxm4oWsXQ1o9m7AneWLyrXxWFjvJPEASTaTsAc4HcQqOoGTNFk9e/ kU/wu+wbawMAXRDijXBabGx2H3hXOknIDYAC7I4DAhGlqVUJJQo7Sfk/3CkDxKm2oeQ4 09Sw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@tycho.nsa.gov header.s=tycho.nsa.gov header.b=kzZlq0pk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tycho.nsa.gov Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x32si9283610pld.316.2019.02.07.06.56.42; Thu, 07 Feb 2019 06:56:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@tycho.nsa.gov header.s=tycho.nsa.gov header.b=kzZlq0pk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=tycho.nsa.gov Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726718AbfBGO4a (ORCPT + 99 others); Thu, 7 Feb 2019 09:56:30 -0500 Received: from ucol19pa10.eemsg.mail.mil ([214.24.24.83]:14124 "EHLO UCOL19PA10.eemsg.mail.mil" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726171AbfBGO43 (ORCPT ); Thu, 7 Feb 2019 09:56:29 -0500 X-EEMSG-check-017: 641604655|UCOL19PA10_EEMSG_MP8.csd.disa.mil X-IronPort-AV: E=Sophos;i="5.58,344,1544486400"; d="scan'208";a="641604655" Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by UCOL19PA10.eemsg.mail.mil with ESMTP/TLS/DHE-RSA-AES256-SHA256; 07 Feb 2019 14:55:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=tycho.nsa.gov; i=@tycho.nsa.gov; q=dns/txt; s=tycho.nsa.gov; t=1549551341; x=1581087341; h=subject:from:to:cc:references:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=Xt6OZPWWc3DBnB+zhlhY3RXMktlKFyt7CkHIttAL/lU=; b=kzZlq0pku+fnZ4mXvuzd51NPuM9sFdxTwwmJC2lFvvDHQU0G2lhaaWTH lvVFaU9yw02Yn1zCyEdPb7hImocF/eEKdQ0tmQLkrHE5Du2Zns35PjIxX ctzbUZnMNHOrBmQEmx7oujOj7iKBAeKU52WxxKCMH9IWSXYPD5rD4EVb1 MgBA/Kql3OOgSazHt5rXpU+gK199/jt8sj73LuXqS8UXYADHtVZbp4Bnu T8QYfL+EGzVuVnxDF5YB+FUyOBSIB98JWV3M0FrRTLPzLan0J9cohbPyH bkUOoixslpV3IPJvnx7QnKA2hTHXyqHAX4Rd5LJNzvaPtIOjCSYhP/sOq g==; X-IronPort-AV: E=Sophos;i="5.58,344,1544486400"; d="scan'208";a="20300758" IronPort-PHdr: =?us-ascii?q?9a23=3Am+NMvxxizFSXyv/XCy+O+j09IxM/srCxBDY+r6?= =?us-ascii?q?Qd0uwRKvad9pjvdHbS+e9qxAeQG9mDu7Qc06L/iOPJYSQ4+5GPsXQPItRndi?= =?us-ascii?q?QuroEopTEmG9OPEkbhLfTnPGQQFcVGU0J5rTngaRAGUMnxaEfPrXKs8DUcBg?= =?us-ascii?q?vwNRZvJuTyB4Xek9m72/q99pHPYAhEniaxba9vJxiqsAvdsdUbj5F/Iagr0B?= =?us-ascii?q?vJpXVIe+VSxWx2IF+Yggjx6MSt8pN96ipco/0u+dJOXqX8ZKQ4UKdXDC86PG?= =?us-ascii?q?Av5c3krgfMQA2S7XYBSGoWkx5IAw/Y7BHmW5r6ryX3uvZh1CScIMb7Vq4/Vy?= =?us-ascii?q?i84Kh3SR/okCYHOCA/8GHLkcx7kaZXrAu8qxBj34LYZYeYO/RkfqPZYNgUW2?= =?us-ascii?q?xPUMhMXCBFG4+wcZcDA+8HMO1FrYfyukEOoAOjCwesGu3vxDxGiHH40qI10e?= =?us-ascii?q?suDQ7I0Rc8H98NqnnYsMn5OakQXO2z0aLGzS/Db/RT2Trl9YbIbg4uoemMXb?= =?us-ascii?q?1ud8ra1FQhFwbfgVWUrYzqITOU3fkKvmiA8uVgTvmii3Inqg5tojivwd0gio?= =?us-ascii?q?/Sho0P0FzE+iJ5wJgsKNC+VUV1YsakHYNNuyyVOIZ6WMMvT3xytCokxbAKp4?= =?us-ascii?q?S3cDUMxZ863RDQceaHfJKN4h/7UeaRJip3i2x9dbKkghay7VCgyurhVsmoyF?= =?us-ascii?q?pKrjRKkt3Ltn0Vyxzc8NKHSvpg/ke6wzqPywDS5f1EIUAzj6bbLYIuwqUsmZ?= =?us-ascii?q?YJtETDHyv2lF33jK+QaEok5vCl5/nob7jpvJORN5J4hhvgPqkhhMCzG/k0Ph?= =?us-ascii?q?ALX2eB+OS80LPj/Vf+QLVPlvA2ibTWsIvBKMQHpq+2Hw9V0oE55xa5FDepys?= =?us-ascii?q?4UnXYALFJbYB6HlZTmO0nSIPDkCveym0qjnyplxvDHOL3sGYvBImXenLfkZ7?= =?us-ascii?q?l96khcyBEvzdBF+Z1bFK0BLOj1WkDvqNzSFgU5PBCsw+b7FNV90ZsTWXyOAq?= =?us-ascii?q?+DN6Pfql6J6fwpI+mNeo8ZojL9K/kj5/7zgn41g1gdfbOm3ZcNdXC4HexsI1?= =?us-ascii?q?+Fbnr0ntcBDWAKsxIgQ+zkkl2NTztTZ3GsX68n5zE7E5qmDZ3ZSYC2mrCBxj?= =?us-ascii?q?q7FIVMZm9aElCMDWvod4KcVvgQci2SOdFukzwfWLi6V4Ah1QuhtBL0y7pjMO?= =?us-ascii?q?XU4DQUuo7529Rv++LTkhQy/yRuD8uBy2GNU310nmQQSjAox69/oFJyxUqd3q?= =?us-ascii?q?hihvxVDtNS5/ZIUgchLp7czut6C9boVg3dedeJTU6sQs+6DjEpUtIx39gObl?= =?us-ascii?q?5jFNW6lB/DxSuqA6QOmryTHpM06KPc32PpJ8Z50XnJyLcug0MhQstVOm2snr?= =?us-ascii?q?R/+BTLB47Vj0WZkL6ndacC0yHT72eM0W2OvEZbUANrTarFXWofZkzTrdT4+0?= =?us-ascii?q?PCSqWiCbM9MgtO0cSCMLdFasX1jVVaQ/fuINbeY2Wxm2e2HxqIxLSMbIrwdG?= =?us-ascii?q?UbxyXSFk4EnhsP8nmcMwg+ASGho2PCAzN0EVLjeV/j8e57qHmjVE870xmKb1?= =?us-ascii?q?F917qy4hMVh/mcS/QJ3rIeuSchsC55HFCn0NLTFdWAphBtfKJGYdMy+F1Hz3?= =?us-ascii?q?7WtxRhPpy8KKBvnkUefBptv0PhyRp6EYVAntIurHMuzAtyL7iU309GdzOdxZ?= =?us-ascii?q?rwIKHYKnHu/BCzbK7bwkne38yL+qcL8/k4s0/svBytFkY79nVn1N5V02GC6Z?= =?us-ascii?q?nQEAUSVpfxWF4t9xdmv7HafjU954TM2H1wK6a0sSHN1M8zC+smzBatZNFfML?= =?us-ascii?q?+YFADvCcIaG9KhJPY2lFiudB4EPvhS/rYuP8y6b/uGxLKrPOF4kTKijGRH5p?= =?us-ascii?q?19002V+ypnVOHHw4sFw+uZ3gubVzbwlVKhssfqloBZYTEdAHGyyTbrBIFPfK?= =?us-ascii?q?1+Z4ULBnm0I82x2Np+g4ThW3lC9F6sH1kGwtOmeQKOb1zh2g1dzUAXoX2hmS?= =?us-ascii?q?ulwD14ijIpobSF3CzI3evicAEKOnBERGZ8l1fgO4u0gM4AXEiucQcpkAGp5U?= =?us-ascii?q?Hgx6hU9+xDKDz+TVhJeWDELmRnX7G1v7zKN8ND95IumX8OCeG1YFaBVqTwrg?= =?us-ascii?q?dc1S7/SS8Wjn8Sc3mUu4/+0FYy3HycNnFbvnffeN82wRbZ+cyaQuRemCcFEm?= =?us-ascii?q?0ww3b7C169JJGE88+ZkpDd/ar2A2+vTJBWdjfDzJiYriKgo3d3V06Rhfe2z+?= =?us-ascii?q?b7HBA63Cmz7NxjUSHFvV6oeYXw/7irOuJgOE9zDRnz7NQsSdI2qZc5mJxFgS?= =?us-ascii?q?tSvZ6S53dS1D6padg=3D?= X-IPAS-Result: =?us-ascii?q?A2BhAADPRVxc/wHyM5BjGwEBAQEDAQEBBwMBAQGBVAMBA?= =?us-ascii?q?QELAYFaKYE4MieEA2KTJ1IGgQgtiTaOb4FnOAGEQAKDKCI3Bg0BAwEBAQEBA?= =?us-ascii?q?QIBbCiCOikBgmcBBSMPAQVBEAsYAgImAgJXBgEMBgIBAYJhP4F1Dax9gS+KK?= =?us-ascii?q?YELh0yDbBd4gQeBOIJrhGmDIYI1IgKLf4U8hVkTi2kJkj8GGYwqhistigCTU?= =?us-ascii?q?iKBVisIAhgIIQ+DJ4M/AQKNOSEDMIEFAQGNcwEB?= Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 07 Feb 2019 14:55:39 +0000 Received: from moss-pluto.infosec.tycho.ncsc.mil (moss-pluto.infosec.tycho.ncsc.mil [192.168.25.131]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id x17EtY0F000477; Thu, 7 Feb 2019 09:55:34 -0500 Subject: Re: [PATCH 06/10] security: fix documentation for the path_chmod hook From: Stephen Smalley To: Edwin Zimmerman , "'Al Viro'" , "'Denis Efremov'" Cc: "'Casey Schaufler'" , "'Eric W. Biederman'" , "'Eric Paris'" , "'Kees Cook'" , "'John Johansen'" , "'James Morris'" , "'Serge E. Hallyn'" , "'Paul Moore'" , "'Kentaro Takeda'" , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org References: <0275d06334cdb1d2a87384d7971924a70776b3cb.1549540487.git.efremov@ispras.ru> <20190207134939.GA2217@ZenIV.linux.org.uk> <000001d4beee$caa8eff0$5ffacfd0$@211mainstreet.net> <71ce1b98-a69c-470c-d887-6f7405886aca@tycho.nsa.gov> Message-ID: Date: Thu, 7 Feb 2019 09:55:34 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <71ce1b98-a69c-470c-d887-6f7405886aca@tycho.nsa.gov> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2/7/19 9:32 AM, Stephen Smalley wrote: > On 2/7/19 9:09 AM, Edwin Zimmerman wrote: >> On Thursday, February 07, 2019 8:50 AM Al Viro wrote: >>> On Thu, Feb 07, 2019 at 03:44:54PM +0300, Denis Efremov wrote: >>>> The path_chmod hook was changed in the commit >>>> "switch security_path_chmod() to struct path *" (cdcf116d44e7). >>>> The argument @mnt was removed from the hook, @dentry was changed >>>> to @path. This patch updates the documentation accordingly. >>>> >>>> Signed-off-by: Denis Efremov >>>> --- >>>>   include/linux/lsm_hooks.h | 3 +-- >>>>   1 file changed, 1 insertion(+), 2 deletions(-) >>>> >>>> diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h >>>> index cb93972257be..5d6428d0027b 100644 >>>> --- a/include/linux/lsm_hooks.h >>>> +++ b/include/linux/lsm_hooks.h >>>> @@ -304,8 +304,7 @@ >>>>    *    Return 0 if permission is granted. >>>>    * @path_chmod: >>>>    *    Check for permission to change DAC's permission of a file or >>>> directory. >>>> - *    @dentry contains the dentry structure. >>>> - *    @mnt contains the vfsmnt structure. >>>> + *    @path contains the path structure. >>> >>> May I politely inquire about the value of these comments?  How much >>> information >>> is provided by refering to an argument as "the dentry structure" or >>> "the path >>> structure", especially when there's nothing immediately above that >>> would introduce >>> either.  "Type of 'dentry' argument is somehow related to struct dentry, >>> try and guess what the value might be - we don't care, we just need >>> every >>> argument commented"? >>> >>> Who needs that crap in the first place? >> >> The comments fill a valuable place to folks like me who are new to the >> linux security modules. >> In my spare time, I'm writing a new LSM specifically geared for >> parental controls uses, and the >> comments in lsm_hooks.h have helped me out more than once.  Perhaps >> the comments could >> be inproved by changing them to something like this: >> "@[arg] contains the [type] structure, defined in linux/[?].h" > > I don't think so.  The point is not what type of structure but what > object is being passed and why is it relevant to the hook, e.g. > > + @path contains the path structure for the file whose permissions are > being modified > > or similar. It would probably be better to amend the description too to refer to the argument in context, e.g. * @path_chmod: * Check for permission to change the mode of the file referenced by @path. * @path the file whose mode would be modified or similar. I'd suggest looking to kerneldoc comments in fs/*.c or elsewhere as better examples.