Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp330477rwe; Wed, 31 Aug 2022 03:42:52 -0700 (PDT) X-Google-Smtp-Source: AA6agR4vOjmQR/WRLacpQeqpY23ssizveFBWgO04CIXgAaayxnrgPhhnPnIWHZuvXXkdy8I43LCo X-Received: by 2002:a17:902:74c9:b0:174:e7dc:1dfb with SMTP id f9-20020a17090274c900b00174e7dc1dfbmr11207433plt.1.1661942572280; Wed, 31 Aug 2022 03:42:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661942572; cv=none; d=google.com; s=arc-20160816; b=MbVt4TM4hZKYaeEX6YieZVY+wADa/5H9orjRsaNSEd8cG0oHqTz0NXyZFSQ5yxl/W2 8uSS0ee6nLtqFvjtKCLUrbZJKAUTE9/7VWzdLPdc4c+cf9rDODZI5KbkWUZdABQ1D7u9 YmBWYCMWK6+DTqAiqsEbcTx1JY+Ie0d0Wmc65/DAkab4gDfuF5B72CZNE8ug3bZ0nORD kFWouBs3RuGms65muCHHEET5qgrfnwAZk6squpnjOAn1NUVmXGrx9Hhjtvi5jvWet0WI 3TRVJ883szulgQo22HMfg6rpgxsAzPxt/rVZagiDue97UWi+3wRqz6GVIC68AE0F6Gw4 n3Tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id; bh=r7qRg2jbo/Ulhupn5f0DlZRJKz225hQ+TB/bAloHgn8=; b=NOnnRCfzGUiTli/lpeP0la5mv9h4JVSwK2oWaD8HmHc95+ArvjjTjASQh3Ya4LArB1 7ynC5mb+Ec7V14H3Tpu/qmj3KCRQofqf/odt98pj8ba8jave/CKV0aZscO6F+jKopIJ5 3aoKWpCYX9wrW77Oo1buMATCbfMxwFcnGvh6sCV+M7qeu+YF6rPXcIcRwMxpKrLiHOul l3FC1vtYaufoW3ZAVS7mcatzkLW/MCJjJr/pJ75WCBSvlsvI6kdg+wr6Durbwf3QnXon olTNj2rAvgCK+ruKew/1/PHJypPMhr0S8dKFl/KJZmij11qIF0IET94nHSGbgSBR/Quv y4Rg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d13-20020a65620d000000b004198148dd1fsi4641557pgv.192.2022.08.31.03.42.40; Wed, 31 Aug 2022 03:42:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231837AbiHaJYR (ORCPT + 99 others); Wed, 31 Aug 2022 05:24:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42894 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231604AbiHaJYL (ORCPT ); Wed, 31 Aug 2022 05:24:11 -0400 Received: from frasgout11.his.huawei.com (frasgout11.his.huawei.com [14.137.139.23]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73BB057231; Wed, 31 Aug 2022 02:24:08 -0700 (PDT) Received: from mail02.huawei.com (unknown [172.18.147.229]) by frasgout11.his.huawei.com (SkyGuard) with ESMTP id 4MHdrw2BnPz9v7Ts; Wed, 31 Aug 2022 17:18:40 +0800 (CST) Received: from roberto-ThinkStation-P620 (unknown [10.204.63.22]) by APP1 (Coremail) with SMTP id LxC2BwA34JOPKA9jgTwQAA--.40239S2; Wed, 31 Aug 2022 10:23:40 +0100 (CET) Message-ID: Subject: Re: [PATCH v14 05/12] KEYS: Move KEY_LOOKUP_ to include/linux/key.h and set KEY_LOOKUP_FLAGS_ALL From: Roberto Sassu To: Jarkko Sakkinen Cc: ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org, martin.lau@linux.dev, song@kernel.org, yhs@fb.com, john.fastabend@gmail.com, kpsingh@kernel.org, sdf@google.com, haoluo@google.com, jolsa@kernel.org, mykolal@fb.com, dhowells@redhat.com, rostedt@goodmis.org, mingo@redhat.com, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, shuah@kernel.org, bpf@vger.kernel.org, keyrings@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, deso@posteo.net, memxor@gmail.com, Roberto Sassu Date: Wed, 31 Aug 2022 11:23:25 +0200 In-Reply-To: References: <20220830161716.754078-1-roberto.sassu@huaweicloud.com> <20220830161716.754078-6-roberto.sassu@huaweicloud.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.36.5-0ubuntu1 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-CM-TRANSID: LxC2BwA34JOPKA9jgTwQAA--.40239S2 X-Coremail-Antispam: 1UD129KBjvJXoW7uF4xGF1kWrWrAFWDZFy3XFb_yoW8Kr4DpF yDGF1jkr1Utry3WwnFganIy3WxK39xtr12gr90gwnYqFsaqryxKr12gF15uF1F9rW7uw4I vr42ganxuryDA3DanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUk0b4IE77IF4wAFF20E14v26rWj6s0DM7CY07I20VC2zVCF04k2 6cxKx2IYs7xG6r1S6rWUM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rwA2F7IY1VAKz4 vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Jr0_JF4l84ACjcxK6xIIjxv20xvEc7Cj xVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVAFwI0_Gr0_Cr1l84ACjcxK6I8E87Iv6xkF7I 0E14v26r4j6r4UJwAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC0VAKzVAqx4xG 6I80ewAv7VC0I7IYx2IY67AKxVWUGVWUXwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFV Cjc4AY6r1j6r4UM4x0Y48IcVAKI48JM4IIrI8v6xkF7I0E8cxan2IY04v7MxAIw28IcxkI 7VAKI48JMxC20s026xCaFVCjc4AY6r1j6r4UMI8I3I0E5I8CrVAFwI0_Jr0_Jr4lx2IqxV Cjr7xvwVAFwI0_JrI_JrWlx4CE17CEb7AF67AKxVW8ZVWrXwCIc40Y0x0EwIxGrwCI42IY 6xIIjxv20xvE14v26r1j6r1xMIIF0xvE2Ix0cI8IcVCY1x0267AKxVWxJVW8Jr1lIxAIcV CF04k26cxKx2IYs7xG6Fyj6rWUJwCI42IY6I8E87Iv67AKxVWUJVW8JwCI42IY6I8E87Iv 6xkF7I0E14v26r4j6r4UJbIYCTnIWIevJa73UjIFyTuYvjxUOlksDUUUU X-CM-SenderInfo: purev21wro2thvvxqx5xdzvxpfor3voofrz/1tbiAQABBF1jj4J04wAAsg X-CFilter-Loop: Reflected X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2022-08-31 at 07:51 +0300, Jarkko Sakkinen wrote: > On Wed, Aug 31, 2022 at 05:53:28AM +0300, Jarkko Sakkinen wrote: > > On Tue, Aug 30, 2022 at 06:17:09PM +0200, Roberto Sassu wrote: > > > From: Roberto Sassu > > > > > > In preparation for the patch that introduces the > > > bpf_lookup_user_key() eBPF > > > kfunc, move KEY_LOOKUP_ definitions to include/linux/key.h, to be > > > able to > > > validate the kfunc parameters. > > > > > > Also, define the new constant KEY_LOOKUP_FLAGS_ALL, to facilitate > > > checking > > > whether a variable contains only defined flags. > > > > > > Signed-off-by: Roberto Sassu > > > Reviewed-by: KP Singh > > > --- > > > include/linux/key.h | 4 ++++ > > > security/keys/internal.h | 2 -- > > > 2 files changed, 4 insertions(+), 2 deletions(-) > > > > > > diff --git a/include/linux/key.h b/include/linux/key.h > > > index 7febc4881363..e2a70e0fa89f 100644 > > > --- a/include/linux/key.h > > > +++ b/include/linux/key.h > > > @@ -88,6 +88,10 @@ enum key_need_perm { > > > KEY_DEFER_PERM_CHECK, /* Special: permission check is deferred > > > */ > > > }; > > > > > > +#define KEY_LOOKUP_CREATE 0x01 > > > +#define KEY_LOOKUP_PARTIAL 0x02 > > > +#define KEY_LOOKUP_FLAGS_ALL (KEY_LOOKUP_CREATE | > > > KEY_LOOKUP_PARTIAL) > > > > IMHO this could be just KEY_LOOKUP_ALL. > > > > > + > > > struct seq_file; > > > struct user_struct; > > > struct signal_struct; > > > diff --git a/security/keys/internal.h b/security/keys/internal.h > > > index 9b9cf3b6fcbb..3c1e7122076b 100644 > > > --- a/security/keys/internal.h > > > +++ b/security/keys/internal.h > > > @@ -165,8 +165,6 @@ extern struct key > > > *request_key_and_link(struct key_type *type, > > > > > > extern bool lookup_user_key_possessed(const struct key *key, > > > const struct key_match_data > > > *match_data); > > > -#define KEY_LOOKUP_CREATE 0x01 > > > -#define KEY_LOOKUP_PARTIAL 0x02 > > > > > > extern long join_session_keyring(const char *name); > > > extern void key_change_session_keyring(struct callback_head > > > *twork); > > > -- > > > 2.25.1 > > > > > > > Other than that wfm. > > Roberto, with the change done above, just add my ack > to the next version: > > Acked-by: Jarkko Sakkinen > Perfect, thanks. Roberto