Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp1648801imj; Sun, 17 Feb 2019 10:46:21 -0800 (PST) X-Google-Smtp-Source: AHgI3IbZZgX8QmEEiXzKromMgi9uw6jdGjWQDwcCKmnfvFj22Rt6tLM+/3Xh/EWOu5bkE48Kz08G X-Received: by 2002:a63:6a05:: with SMTP id f5mr18809952pgc.72.1550429181767; Sun, 17 Feb 2019 10:46:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550429181; cv=none; d=google.com; s=arc-20160816; b=suXzejeUhfrnssjL0cHOv0yeXOfxFVRiltCzxUt6AILnRvzQjW48VhJrfLpJ645rS6 gIYk7azi35tomqrR8fyJwrol5iXHh+NW3TzcoREUMvxfnjQu6/9z0A5FiXO8WkGOmd5o htflnEbOX2eMfR8ytN3bE73V6QNau4EZHGhfs8SfvHaa15+ZDB5UTFzReJ0/Sog62o1v jtG9bMd69ftWMp0+wX00uAa0mM9XZIhNQBq1YNa7EXlJGH6IeBZeKhMgQcnrOhPolK0P O9cS0xiJ0CTRrgEvmYf6RsKGgiLOroWKDIsc9Xso+O3mZlUQJFhQ7zuI8Lg278iGECKB t10Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:message-id:references :in-reply-to:organization:subject:cc:to:from:date :content-transfer-encoding:mime-version; bh=gDOImN9QNtRzCMv6cbuOSVTFYy4Xf7dRW4rTbRApI7s=; b=sAs9q7ZcKa00kSx2vq14I6VpLvd1bY7PXvWAfS1GWVr7FZbrOzVis7uuwffWOL6KKf fdzy9H5SQIkMc3bDCNCZjY7TJrIgoiHZcce22r934BBbZhqRXdDJftAJobekqzq9jkxW 0cx9eGYWjdRxvRDC8c5HU/O4Fdv9/ksY7Iv8wq+YBE0Yd5d4KXisv9Ys+gPFGMmrVeRC a+HKYZtrGmiwbQVFfJFjPEXLoMBVcrvSZ77UWJrm0ir4P93ZI5OYxZI4LgibVQ6d18q2 3uCudjZuxUVePhbZGcF+yc4j7wRpDHBotlC3B5OnWxd6G5FoR91BxcONrqnhwj64yNK3 hiJg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v3si11793248plo.147.2019.02.17.10.46.04; Sun, 17 Feb 2019 10:46:21 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726035AbfBQSp6 (ORCPT + 99 others); Sun, 17 Feb 2019 13:45:58 -0500 Received: from mail.ispras.ru ([83.149.199.45]:46212 "EHLO mail.ispras.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725554AbfBQSp6 (ORCPT ); Sun, 17 Feb 2019 13:45:58 -0500 Received: from mail.ispras.ru (localhost [127.0.0.1]) by mail.ispras.ru (Postfix) with ESMTPSA id 632C6540093; Sun, 17 Feb 2019 21:45:54 +0300 (MSK) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Sun, 17 Feb 2019 21:45:54 +0300 From: efremov To: Al Viro Cc: Edwin Zimmerman , 'Casey Schaufler' , "'Eric W. Biederman'" , 'Eric Paris' , 'Kees Cook' , 'John Johansen' , 'James Morris' , "'Serge E. Hallyn'" , 'Paul Moore' , 'Kentaro Takeda' , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, owner-linux-security-module@vger.kernel.org Subject: Re: [PATCH 06/10] security: fix documentation for the path_chmod hook Organization: ISPRAS In-Reply-To: <20190207144654.GB2217@ZenIV.linux.org.uk> References: <0275d06334cdb1d2a87384d7971924a70776b3cb.1549540487.git.efremov@ispras.ru> <20190207134939.GA2217@ZenIV.linux.org.uk> <000001d4beee$caa8eff0$5ffacfd0$@211mainstreet.net> <20190207144654.GB2217@ZenIV.linux.org.uk> Message-ID: X-Sender: efremov@ispras.ru User-Agent: Roundcube Webmail/1.1.2 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Al Viro писал 2019-02-07 17:46: > On Thu, Feb 07, 2019 at 09:09:49AM -0500, Edwin Zimmerman wrote: >> > > diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h >> > > index cb93972257be..5d6428d0027b 100644 >> > > --- a/include/linux/lsm_hooks.h >> > > +++ b/include/linux/lsm_hooks.h >> > > @@ -304,8 +304,7 @@ >> > > * Return 0 if permission is granted. >> > > * @path_chmod: >> > > * Check for permission to change DAC's permission of a file or directory. >> > > - * @dentry contains the dentry structure. >> > > - * @mnt contains the vfsmnt structure. >> > > + * @path contains the path structure. >> > >> > May I politely inquire about the value of these comments? How much information >> > is provided by refering to an argument as "the dentry structure" or "the path >> > structure", especially when there's nothing immediately above that would introduce >> > either. "Type of 'dentry' argument is somehow related to struct dentry, >> > try and guess what the value might be - we don't care, we just need every >> > argument commented"? >> > >> > Who needs that crap in the first place? >> >> The comments fill a valuable place to folks like me who are new to the >> linux security modules. >> In my spare time, I'm writing a new LSM specifically geared for >> parental controls uses, and the >> comments in lsm_hooks.h have helped me out more than once. Perhaps >> the comments could >> be inproved by changing them to something like this: >> "@[arg] contains the [type] structure, defined in linux/[?].h" > > Um... The _type_ of argument is visible in declaration already; > it doesn't say a damn thing about the value of that argument. > > In this particular case, dentry/mnt pair (whichever way it gets > passed; struct path is exactly such a pair) is actually used to > specify the location of file or directory in question, but > try to guess that by description given in this "documentation"... > > As for "defined in"... that's what grep/ctags/etc. are for. > Again, the useful information about an argument is _what_ gets > passed in it, not just which type it is... While I completely agree about the doubtful value of such comments, the whole documentation is written in style like that. Unfortunately, I don't have the knowledge to rewrite the documentation in every case even for functions from this patchset. And I will be surprised if a single person could do it for the whole LSM set. The patchset only minimally updates the documentation to lift it up to the current LSM declarations. And maybe to show once again that despite we've got the documentation on a hook it maybe not actual for 12 years since the hook was changed in 2006. But of course, it doesn't mean that documentation is not needed. This can give the maintainers additional arguments for stricter checks before accepting new hooks and changing the existing ones. I will try to improve the description in the second version of the patchset.