Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp94695ybt; Tue, 7 Jul 2020 17:05:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy2Ydc0dPxhXNFNDCyk9OWaP1jEOoHfDjVFjtFtKLyUW/IPomaRf2WgDECq/xt196dawVEQ X-Received: by 2002:a17:906:d9d9:: with SMTP id qk25mr52198487ejb.448.1594166736789; Tue, 07 Jul 2020 17:05:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594166736; cv=none; d=google.com; s=arc-20160816; b=0DwaFNYuTuX0ITpFVtQWshlKUXF9IwOAZ+a7KfSAolvgmqJZSWiqBvRkZjU8PSet1D FgKwiVeviEHRaA0vA5WDCy81mhxOdXsTuan80NoRhwpnuswr2ii3yAQwyUicvowW79Fq AQNnT1uFcCvIaXTzCkjqvOGGkp/iQ+rVjdYJMRMJngdMY9XH//yiRkVyIb9rvkEl4qjD RaQSGtalhqJzyDkS1R10YUQbJDUa5BVYCN6KSc0MG+AL28yd/9/ef0SUzGVVPtPjKwr4 7QbIiWEKH5xxOJDtl2jLPXh9LAOO/azkHvj+FkHzmCNql7i7fn1QgKrZ3ZIfM/tyN0nx g2IQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=+qsfHnXN4F+YEwETsQED11ORVN8eSCHPY9sNm+VzKiE=; b=Jj3CIErH0Kx14sGk5OvTn9WMxVruyK/q95NfQj4t6KQ+7JCc82gherB3ifJgFVdwxT +idJoUvQXOLs79QUF3qBQwbdgHCCmDTh0FY6XhNn3Y2t5mZJN2aibZEwa6SUot8xti28 qKTYpI01MZInUNqBw3slw4/ka8Rj7SpKCsijGuh2dWRO8knXrGnCA6t83EAhvrn5xkaF YIPRfVxniG8Y8z7JdpDpPXBmZRJ/h3NUUAU2nzbRVuIptmT0jpctu5A1Gxj/aOy+f8jb p7UaJUhE+oN9N+MdIDjYgQuoM6b0yrrC8NJagLErg5ShA3pguc5hd+81eA/nsCBTUvcp x9Dg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=dfwsrWMW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c22si15079026edy.549.2020.07.07.17.05.13; Tue, 07 Jul 2020 17:05:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=dfwsrWMW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728881AbgGGXlB (ORCPT + 99 others); Tue, 7 Jul 2020 19:41:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53538 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728589AbgGGXlA (ORCPT ); Tue, 7 Jul 2020 19:41:00 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE89FC08C5DC for ; Tue, 7 Jul 2020 16:40:59 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id x9so3723984plr.2 for ; Tue, 07 Jul 2020 16:40:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=+qsfHnXN4F+YEwETsQED11ORVN8eSCHPY9sNm+VzKiE=; b=dfwsrWMWQXKk98nBQT0zKCcMgM2CYJMVBv5xq71lWfK4e3eNBX3+TIoBsD9shyxp+a /BspAc5iLOh45pal+FknoV+rVp7AzTkJ15nRomNNzb4Q+iiUJ4hdBQdSPo3Y2zx5kZAU NQaKaRX5qq3OWa8xLA8ACmvgxCobMjwHQg2vw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=+qsfHnXN4F+YEwETsQED11ORVN8eSCHPY9sNm+VzKiE=; b=Nwnn0wC2EMx5NXM0sqWrGDxdkTgXjQMXKpiysKPcQeOm8ihSLX71X6hhq6jD2yiyTh lVFlXplLQpjMwYU/kctLG0akzvmlv+N5dnQM9zkCOPYhJSH15exc9LHp1o+6uZtVwaxj w/AGhLjuHXq+slBN9oW2Lr5DNQT7mbuKxeEfmtkdjNCYFgXTXaMyimT8NXOyDamZNtkZ YQ2rFcDBNnhui+RYexHWFa+Ox5TFmK6C0JZ1w5sIiDW8vkE6XyJhT7EpZWwA90tpQR1j Guzf6Q19CvSE4wgpzICGuLuMb9WA8pJyPDmAcU/kx1hwkFxCgQdK9k1IpQP9OKhqCPGx bi+Q== X-Gm-Message-State: AOAM532YDlZsTctvfc107F9/iSOA+xM4T7rpXkkjX7Zhi/cmLN77WIDE uPeqTjzLUsNDYvH61J5PzqOnlg== X-Received: by 2002:a17:902:d211:: with SMTP id t17mr11298783ply.106.1594165259350; Tue, 07 Jul 2020 16:40:59 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id c187sm22795684pfc.146.2020.07.07.16.40.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Jul 2020 16:40:58 -0700 (PDT) Date: Tue, 7 Jul 2020 16:40:57 -0700 From: Kees Cook To: Scott Branden Cc: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann , Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH v10 1/9] fs: move kernel_read_file* to its own include file Message-ID: <202007071637.ABF914AB@keescook> References: <20200706232309.12010-1-scott.branden@broadcom.com> <20200706232309.12010-2-scott.branden@broadcom.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200706232309.12010-2-scott.branden@broadcom.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 06, 2020 at 04:23:01PM -0700, Scott Branden wrote: > Move kernel_read_file* out of linux/fs.h to its own linux/kernel_read_file.h > include file. That header gets pulled in just about everywhere > and doesn't really need functions not related to the general fs interface. > > Suggested-by: Christoph Hellwig > Signed-off-by: Scott Branden > Reviewed-by: Christoph Hellwig > Acked-by: Greg Kroah-Hartman > --- > drivers/base/firmware_loader/main.c | 1 + > fs/exec.c | 1 + > include/linux/fs.h | 39 ---------------------- > include/linux/ima.h | 1 + > include/linux/kernel_read_file.h | 52 +++++++++++++++++++++++++++++ > include/linux/security.h | 1 + > kernel/kexec_file.c | 1 + > kernel/module.c | 1 + > security/integrity/digsig.c | 1 + > security/integrity/ima/ima_fs.c | 1 + > security/integrity/ima/ima_main.c | 1 + > security/integrity/ima/ima_policy.c | 1 + > security/loadpin/loadpin.c | 1 + > security/security.c | 1 + > security/selinux/hooks.c | 1 + > 15 files changed, 65 insertions(+), 39 deletions(-) > create mode 100644 include/linux/kernel_read_file.h This looks like too many files are getting touched. If it got added to security.h, very few of the above .c files will need it explicitly added (maybe none). You can test future versions of this change with an allmodconfig build and make sure you have a matching .o for each .c file that calls kernel_read_file(). :) But otherwise, sure, seems good. -- Kees Cook