Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp1922869rwe; Sat, 27 Aug 2022 22:26:49 -0700 (PDT) X-Google-Smtp-Source: AA6agR4psu8afZgKGEPAV8URHf3vBcx/imEM0qulHNsdCPZGK6PVmphAT27oBBaGpyMDIUJDPUMB X-Received: by 2002:a50:baea:0:b0:448:182d:9bc2 with SMTP id x97-20020a50baea000000b00448182d9bc2mr4915589ede.341.1661664408761; Sat, 27 Aug 2022 22:26:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661664408; cv=none; d=google.com; s=arc-20160816; b=wzS9GbIBk5rl9Z4po1ZdCrSt1LWAxbFbdGtxWna3E23U9Ccwj27l2b7sdufDhjo2vY 4lTmcO9FfcxGXH5I2R9Im57UB10/wLBciW2ObGjjq0cYnrorMttysVHoc8iB+Lt0xevQ xev/9EiU944gn630EZ7KpQKz3Insm3pCwllIYn4J8sVpCG0qOlcoQMg7XUFG2MG8iriN Z5cTlNhGwTJ3Q8rIwhnMdbZEGl914pWRazjT8iRs8axX8J03QhjAjYfyJf4Vwpzei6Nk zHAgzz2rVa8Tti2EAMm68foosGq2bWjNgPRZzBOfd5WQ8ZNfRLApL06uIrcP7nLz9XNb Euqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=bUHV2N0LQPjl/Ql2YD6/w9uuynW9f/SQ/xONEN11xyU=; b=BEwuD3qOAFQxSP6AoI/HHCb74LT/JF78WzFn0oSZkIqgauwLFeX+fCJ29V08R0YAOc Hwrl6L7qzVIYtcCz0kLSt97kFRMzwTyiJxJfrkX4sxYn6eTrS64c8rbHSXJnWgcnmUeF u4KiBbhaDtlAVNpM3Z11/zrsEdjfm7R93/nqlNvgnTWjtxdcs4VHKdDeYBmSza5jcZ9K YxsApWeenc/XAi3dm1utEU9UqbC8bxpByzuz86a6uqnZwjBbvXOF9XTOJ59MzSrQdB81 13ZoqyM480T3Oyb6YflXxneRTRsWWTjRIhBKzUWaYcAPxabsDmAvQaHpKNZDka6MeRAN W6kw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZWNzKiOy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id hp35-20020a1709073e2300b0073dde76f08bsi4326938ejc.674.2022.08.27.22.26.23; Sat, 27 Aug 2022 22:26:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=ZWNzKiOy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231210AbiH1D5y (ORCPT + 99 others); Sat, 27 Aug 2022 23:57:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45368 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229486AbiH1D5w (ORCPT ); Sat, 27 Aug 2022 23:57:52 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DC89D2E9ED; Sat, 27 Aug 2022 20:57:51 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8B675B80782; Sun, 28 Aug 2022 03:57:50 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A43E1C433D6; Sun, 28 Aug 2022 03:57:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661659069; bh=aLxP25wDWEInIvXhlH9j51/2YWETEUidD0n/OTr2pK4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ZWNzKiOyT21V4JyykeIWDNlktUtVvAV3qdLPCvmMWyytyA5VHrqjNKDxLu252/8TM XwKUJ+iyP9uImOcVcNzIiITHKtVYzwZn2cZxJ56AJFihKNPA/YaT8p0drsQsVjeyik BFDRUHeU+8Dx+uA/myfFJDPL+6X5CHlZh1244NN5JjHEsldxtkSU8eNRwt8Hhxi+Nj ofVVe0zdAxL8vKra2UO9R8NsKsqQQosYmRYbSAkSzNULPnhiWJ70xRucftOwK3e2PL /t/DFAAMSl1I85SeFR+ip+6BKCBa8x1hQiJNehG1ISDYZVlkkUNKsG8GxHQsboIiAP sCNLzPdbYwyUw== Date: Sun, 28 Aug 2022 06:57:41 +0300 From: Jarkko Sakkinen To: Roberto Sassu Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, martin.lau@linux.dev, song@kernel.org, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, mykolal@fb.com, corbet@lwn.net, dhowells@redhat.com, rostedt@goodmis.org, mingo@redhat.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, shuah@kernel.org, bpf@vger.kernel.org, linux-doc@vger.kernel.org, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, deso@posteo.net, Roberto Sassu Subject: Re: [PATCH v12 04/10] KEYS: Move KEY_LOOKUP_ to include/linux/key.h Message-ID: References: <20220818152929.402605-1-roberto.sassu@huaweicloud.com> <20220818152929.402605-5-roberto.sassu@huaweicloud.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 26, 2022 at 09:14:09AM +0200, Roberto Sassu wrote: > On Fri, 2022-08-26 at 08:42 +0300, Jarkko Sakkinen wrote: > > On Thu, Aug 18, 2022 at 05:29:23PM +0200, > > roberto.sassu@huaweicloud.com wrote: > > > From: Roberto Sassu > > > > > > In preparation for the patch that introduces the > > > bpf_lookup_user_key() eBPF > > > kfunc, move KEY_LOOKUP_ definitions to include/linux/key.h, to be > > > able to > > > validate the kfunc parameters. > > > > > > Also, introduce key_lookup_flags_check() directly in > > > include/linux/key.h, > > > to reduce the risk that the check is not in sync with currently > > > defined > > > flags. > > > > Missing the description what the heck this function even is. > > > > Please, explain that. > > Hi Jarkko > > sorry, forgot to update the commit description. Will do it. > > > Also, the short subject is misleading because this *just* > > does not move flags. > > > > > Signed-off-by: Roberto Sassu > > > Reviewed-by: KP Singh > > > --- > > > include/linux/key.h | 11 +++++++++++ > > > security/keys/internal.h | 2 -- > > > 2 files changed, 11 insertions(+), 2 deletions(-) > > > > > > diff --git a/include/linux/key.h b/include/linux/key.h > > > index 7febc4881363..b5bbae77a9e7 100644 > > > --- a/include/linux/key.h > > > +++ b/include/linux/key.h > > > @@ -88,6 +88,17 @@ enum key_need_perm { > > > KEY_DEFER_PERM_CHECK, /* Special: permission check is > > > deferred */ > > > }; > > > > > > +#define KEY_LOOKUP_CREATE 0x01 > > > +#define KEY_LOOKUP_PARTIAL 0x02 > > > + > > > > /* > > * Explain what the heck this function is. > > */ > > > +static inline int key_lookup_flags_check(u64 flags) > > > +{ > > > + if (flags & ~(KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL)) > > > + return -EINVAL; > > > + > > > + return 0; > > > +} > > > > This is essentially a boolean function, right? > > > > I.e. the implementation can be just: > > > > !!(flags & ~(KEY_LOOKUP_CREATE | KEY_LOOKUP_PARTIAL)) > > Absolutely fine with that, if you prefer. It can be either, it more depends on if a new function is needed in the first place. E.g. if you are worried about maintaining you could just as well define a constant containing the mask, right? > > > Not even sure if this is needed in the first place, or > > would it be better just to open code it. How many call > > sites does it have anyway? > > > > Daniel preferred to have this check here. How many call sites? BR, Jarkko