Received: by 2002:a05:7412:8598:b0:f9:33c2:5753 with SMTP id n24csp372897rdh;
        Tue, 19 Dec 2023 01:11:31 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFets5i/LBMXiOO8XNbKaGUycmSaMt634Tm2IWe8jpCcbPQ43POC8ki3GK+iCGmq4WpNaZh
X-Received: by 2002:a05:6512:290:b0:50e:35a7:3bf1 with SMTP id j16-20020a056512029000b0050e35a73bf1mr1738237lfp.57.1702977091609;
        Tue, 19 Dec 2023 01:11:31 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702977091; cv=none;
        d=google.com; s=arc-20160816;
        b=ykk3NMhzRb/OXq+lrX1sbKOVhLTO590O8qAaFVDVl4gliyuoEuj55lqlvRIspPy+PE
         XnRjnOtNx4/Q1ew4MHjOvS4j67Z5j1rpS164V7zmJQa2yV3OWCkRXDN+arsk/XQH6pb+
         HIVWw1ImYJNTBlUAXx/SfUgkM42gBw9tEBDXB2OEsk9taIiD4HynSS+UOhCehJC/oeJS
         kfjMSKVlGTCx8psjOk5Ubve8fHEI2dhMelrYIAWWQb74qv0vdP6H9yQCZsF1U7DXWuhV
         w/+RQy7FAIDwXKzKC7ZFGlMuHbtrh+oFleXQEMoYlJB350Uv+/S2SyDmpcphrquJgEBD
         IiWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:list-unsubscribe:list-subscribe:list-id:precedence
         :dkim-signature;
        bh=b00Z9YbA6rA199UjNKAF7p+NcpYYH9RXLvnxhrRldNs=;
        fh=FyHZRsUSI+UQdiz7Y9R1E5kgcLCGFIwsCXv2HWtACOM=;
        b=BOBbKUsSDbqGjomE0jxkQ/XBgc8rMfj08TAHgQ5ctCHnCD4fOpiFlkZZIOY/bD7/Om
         ernilBo1GmVZ2MetxLCqTKHnD4M8emIuEwCr2rnhkZKMduHOZi/0q+RNvV2+HVtxmon7
         SkBFc98nBPWo32WP/Dh2GbZpHqv8tbnscHOEPOIbGnUzgnDDSd6vpyZuMLrcnErRPUzO
         4ETkp71YMQgDDM+bp1w8OaYC2uDuFK2MVuB8TX7uitPDFntG3ghD0T0nWo83xoOYnybJ
         3ZTco3xjFbK2ujLdRsRCzbxgqO+pHcz9LqRKoN/8a2yffFhzWXXO3xBipzIGhI8jnv5r
         vkLw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=X1pFzzzt;
       spf=pass (google.com: domain of linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249])
        by mx.google.com with ESMTPS id fy26-20020a170906b7da00b00a2362707d61si1154677ejb.540.2023.12.19.01.11.31
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 19 Dec 2023 01:11:31 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20230601 header.b=X1pFzzzt;
       spf=pass (google.com: domain of linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-4943-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by am.mirrors.kernel.org (Postfix) with ESMTPS id 5A2121F23E1B
	for <linux.lists.archive@gmail.com>; Tue, 19 Dec 2023 09:11:31 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id D1386134B4;
	Tue, 19 Dec 2023 09:11:18 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="X1pFzzzt"
X-Original-To: linux-kernel@vger.kernel.org
Received: from mail-wr1-f51.google.com (mail-wr1-f51.google.com [209.85.221.51])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 961B213FEC
	for <linux-kernel@vger.kernel.org>; Tue, 19 Dec 2023 09:11:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com
Received: by mail-wr1-f51.google.com with SMTP id ffacd0b85a97d-33664b6d6d5so1872309f8f.0
        for <linux-kernel@vger.kernel.org>; Tue, 19 Dec 2023 01:11:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1702977075; x=1703581875; darn=vger.kernel.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=b00Z9YbA6rA199UjNKAF7p+NcpYYH9RXLvnxhrRldNs=;
        b=X1pFzzztdUHd8mHSLNiqNr22PmncTgH96U9IX1GIIm9lu2g1qGZ9lfK+O26M71UvRk
         CV0Xt9rHsGklH5GdElwV5PU155Oq8CiPC/f2mmNWnE189AnpOlKbcPuqet0v+Nw+GXxr
         eI4z6PYuoJK2Zf42y63Yt+SG90zvJNoTkeCJTwOzcCeZLAFE7zoXaiHdJfYjG3nOtWpB
         ubvp2v0pm92Ejzx5qwCXVkcomEbezlSOxoev9TPrgbxAu+r6JaaFgKZZnCigXvvX97Ya
         eiARN/GVQXRN8yAS/1LtqhF1xCthWJyxZEqd/dCOU0TmsdSetpp9mfrwKQBrU4xEPiI1
         BJZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1702977075; x=1703581875;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=b00Z9YbA6rA199UjNKAF7p+NcpYYH9RXLvnxhrRldNs=;
        b=Fic9hi1bY8+npX4RD8bkluKY00drblcyHFXsxy0cn/GwNmzyTx9YkUt5tX8Q9hPGwd
         spxHinSB6KYpCV3iWS3zgn9SBeRaJwJSXtGmlHSjeW0bO9sDPApl6hD3spCZY43YPhzI
         cHgtM+8YEP4MvzYq5iP1boKvItzaCaNd29VFnl6aAx0S3IVhSzABrrdUQdB4i1y55kn4
         JZlJRMLZiGY73cuh/jQbU8k33O6OfKcFjP3C3AiwqLm5FSYRo/Gxq1rZBI6TPux5g5Vu
         XKqG4Gk9iW5GFMHsXRq5LLDjTlVk1oNe5+NrLrPKKzsO/wIm6GY7Rg9DxKgjZBpBQr8w
         zZyQ==
X-Gm-Message-State: AOJu0YzuA2wMBmlOBGO6tympLapEbQoAezrNMxnnkzNI7LINEaDZj8v0
	dbTprYb/+TPcV5m8Ux4o4NXOcwu0vruP1L2cBxZtSQ==
X-Received: by 2002:adf:ea4c:0:b0:336:6690:6d3 with SMTP id
 j12-20020adfea4c000000b00336669006d3mr1693620wrn.29.1702977074695; Tue, 19
 Dec 2023 01:11:14 -0800 (PST)
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
References: <20230906102557.3432236-1-alpic@google.com> <20231219090909.2827497-1-alpic@google.com>
In-Reply-To: <20231219090909.2827497-1-alpic@google.com>
From: Alfred Piccioni <alpic@google.com>
Date: Tue, 19 Dec 2023 10:10:38 +0100
Message-ID: <CALcwBGC9LzzdJeq3SWy9F3g5A32s5uSvJZae4j+rwNQqqLHCKg@mail.gmail.com>
Subject: Re: [PATCH] security: new security_file_ioctl_compat() hook
To: Paul Moore <paul@paul-moore.com>, Stephen Smalley <stephen.smalley.work@gmail.com>, 
	Eric Paris <eparis@parisplace.org>
Cc: linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, 
	stable@vger.kernel.org, selinux@vger.kernel.org, linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"

Thanks for taking the time to review! Apologies for the number of
small mistakes.

> s/syscal/syscall/
> Might to consider checking using codespell to catch such things
> although it is imperfect.

Fixed, loaded codespell.

> Paul doesn't like C++-style comments so rewrite using kernel coding
> style for multi-line comments or drop.
> I don't think kernel coding style strictly prohibits use for
> single-line comments and it isn't detected by checkpatch.pl but he has
> previously
> raised this on other patches. I actually like the C++-style comments
> for one-liners especially for comments at the end of a line of code
> but Paul is the maintainer so he gets the final word.

Changed to /**/ style comments. No particular preference on my side
for comment structure, just used to C++/Java style.

> Sorry, missed this the first time but cut-and-paste error above:
> s/GETFLAGS/SETFLAGS/

Egads. Fixed.

> Also, IIRC, Paul prefers putting a pair of parentheses after function
> names to distinguish them, so in the subject line
> and description it should be security_file_ioctl_compat() and
> security_file_ioctl(), and you should put a patch version
> in the [PATCH] prefix e.g. [PATCH v3] to make clear that it is a later
> version, and usually one doesn't capitalize SELinux
> or the leading verb in the subject line (just "selinux: introduce").

Changed title to lower-case, prefixed with security, changed slightly
to fit in summary with new parentheses. Added [PATCH V3] to the
subject.

> Actually, since this spans more than just SELinux, the prefix likely
> needs to reflect that (e.g. security: introduce ...)
> and the patch should go to the linux-security-module mailing list too
> and perhaps linux-fsdevel for the ioctl change.

Added cc 'selinux@vger.kernel.org' and cc
'linux-kernel@vger.kernel.org'. Thanks!

> I didn't do an audit but does anything need to be updated for the BPF
> LSM or does it auto-magically pick up new hooks?

I'm unsure. I looked through the BPF LSM and I can't see any way it's
picking up the file_ioctl hook to begin with. It appears to me
skimming through the code that it automagically picks it up, but I'm
not willing to bet the kernel on it.

Do you know who would be a good person to ask about this to make sure?