Received: by 2002:a05:7412:bbc7:b0:fc:a2b0:25d7 with SMTP id kh7csp2787332rdb; Mon, 5 Feb 2024 19:05:35 -0800 (PST) X-Google-Smtp-Source: AGHT+IG1LUc6JTDOyP63ohvUTINqIdV/zTInS0VfdnnK2AihCWRSMRB3yr7NpEZlskJWQMph8i3/ X-Received: by 2002:a05:620a:1364:b0:785:8a90:240e with SMTP id d4-20020a05620a136400b007858a90240emr1091210qkl.24.1707188735653; Mon, 05 Feb 2024 19:05:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1707188735; cv=pass; d=google.com; s=arc-20160816; b=HCQirBdDhLaD+f6L3Qgkrcq6f/JLHkDLVByFbj34NXcByg7rUTZq0qnwvqr0wH+ZeT eM7Oz3LLD8L5dxxyPtwDat+pr0iMVNYxeoiVOv/iw3eevShrRSyQ7fRGRdWTLb1K9a2d Bd3FwQJcC4+iB5N14UbRZfE0Mf5M+goHTlKr/hdH4dPWo+UnEa2xQzXwmWi8OMdLqbKQ RnODDR6JGgIbd2IXNEi2XWASXbxiBWc2SJstg1l/+pPx4W6Pqp9wT6wWyHIPcqYWBSiL sElFvZiAPsp1qVitPxADp3/gyiaMIow5Jgq0iA6MnaPc/sYFeFDm5uuhIQ+6/25lX+PM SpgQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=b0UfQpHEtXO/8VzhpaBnVDwPH0mrKoy/5y/LWxRdi0E=; fh=WmjO9qjVO89ucrGsmrse0+2akG4kTzvEnaKqro3KMSk=; b=wzC8TnzpIVbA7oEtiSm/8CEXaU4xT91SAm1Vv+8EVhLBoRjE4xGhC9KgsHVK7u+ozT TQPRGHia+B3wtSbeh276zHzOi3Zh7KGUEdUpZThf3yP3CxjgP8Mr2DKZerDgL3jtG1EX sjsxXDM4ECfRdJTuZN5VkzPqTZgocIiyOED31Cqy6EFmWRG167EOigod2mJOrskMBt0u R4XJPVXPriQ4fvkHbxToU3ARC86/9GeaZvP90lPVQKaWx8meo6jgGU0pkSg84JV2XF/r XGP8FQp7E0c0or6TTw5xqcqJ+u2vxX+xTqBeXeS/if3WKs8VSChQL4AK461dpqRtLSHy W8Zg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@umich.edu header.s=google-2016-06-03 header.b=U+FfCzqO; arc=pass (i=1 spf=pass spfdomain=umich.edu dkim=pass dkdomain=umich.edu dmarc=pass fromdomain=umich.edu); spf=pass (google.com: domain of linux-kernel+bounces-54234-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-54234-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umich.edu X-Forwarded-Encrypted: i=1; AJvYcCUUKNW8WFq2AdvfXn1j19Z+3QlYiMNNxZQUa+K6VNOX3sTwfkQkXPvF8sQV6J+gzEPi9Xd2ByNEvPHo2HSTPvSR/bbdWF9NQ+OAaZ6c4A== Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id v22-20020a05620a441600b007858bb07be3si1197649qkp.207.2024.02.05.19.05.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 05 Feb 2024 19:05:35 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-54234-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@umich.edu header.s=google-2016-06-03 header.b=U+FfCzqO; arc=pass (i=1 spf=pass spfdomain=umich.edu dkim=pass dkdomain=umich.edu dmarc=pass fromdomain=umich.edu); spf=pass (google.com: domain of linux-kernel+bounces-54234-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-54234-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=umich.edu Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 520881C23670 for ; Tue, 6 Feb 2024 03:05:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 288CD74297; Tue, 6 Feb 2024 03:05:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=umich.edu header.i=@umich.edu header.b="U+FfCzqO" Received: from mail-yb1-f181.google.com (mail-yb1-f181.google.com [209.85.219.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 823D26E2B0 for ; Tue, 6 Feb 2024 03:05:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.181 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707188706; cv=none; b=bX9iAiQlWABAGje4Nc8dxCBBB9g5tGkrenS2fiPxYuZ8L2q5pZP9Wjgfh8DkRYFIcA8R4QsMWH85WSp6+Lx8QQQORtZ+Bio/nM/SU2caOkyVlUET9HBcshLcZReM0KWfk+A102xjF0NYELltq8+zVxqo1j8m9yAxv/m/f11RhiI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707188706; c=relaxed/simple; bh=HyRrmX8bhSNFlvuh2ssOWx1Ww9UPRMeRQF3Qp15vtq4=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=DvaAVUmUJowV+QvfUTAsY57Re3pRZHiXX8e42MGwEejA7MHvSv1kG9MrIsm4iXPpX+EjifsktY9QbsQj85nl9EQay+mVUZPrt1gn3azX2So6WtITE+9hzhf05M0KCf3Or1LTdRWKW5zMsP1nJc4Dp8osQkdpnwdRKpFp3zPZFrE= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=umich.edu; spf=pass smtp.mailfrom=umich.edu; dkim=pass (2048-bit key) header.d=umich.edu header.i=@umich.edu header.b=U+FfCzqO; arc=none smtp.client-ip=209.85.219.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=umich.edu Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=umich.edu Received: by mail-yb1-f181.google.com with SMTP id 3f1490d57ef6-dc6e080c1f0so4328951276.2 for ; Mon, 05 Feb 2024 19:05:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; t=1707188703; x=1707793503; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=b0UfQpHEtXO/8VzhpaBnVDwPH0mrKoy/5y/LWxRdi0E=; b=U+FfCzqO/0WaB4SXxX5/yr/yviTTSOYos/ZP/LkbKGeJYo+7cxQfbyud86glEPoQQf +vMasZKTH5s77ikXoSsX5inDmgdtdLfVvx4XiO0ndyOnCmoV92oqUScnJZxKs+qNacVQ f+Srn3HOdHhOg3/Crvo5MmedfsERjFoS8/h8v9Ygo674H3NcSHWNTGa/Luup5CqLV6B1 Zs7CssIRNyVjKjk5fjRj8Li7vdGKjnMFOAkUWDPP41MdpaHhZnrEt7Mz/Tz2W1Eka+K4 /G/Zu5G3QinkO25AyEUlqo3ELy53IsAbtLk/tvAEZlSw+itGwD3O4gpxOUpf0uexqXJA CJWg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707188703; x=1707793503; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=b0UfQpHEtXO/8VzhpaBnVDwPH0mrKoy/5y/LWxRdi0E=; b=UzQm5F1z2xriwlY/xg2fSiyZ8NYhHaEOmBn7pBW9ILk0LCWMdptO4AdZp5GnwVtKte 3c6H9wCm04P5p050yYv2BOjw1NjgcYE+g1qGjLvA3urS7HH2coJStmCOP0rHbhn8TN9u 4RcJ9IWE8dOb2MFbxTVMqGIOIbaEJS+8fMoNwq7hRZrWwi10UtIvEbrR5tKhOnnrvjvo jxg8cPbJcRlhw7tUe1EQIbLFxdQY82LXjbBll1wyEIB1a/v+6KeTJVTTgMWM8kPPnhAE ro1sGKQleR08cWUfIeIAiA0lfqKrtaBHfnJuvgGbwHocCzb7U4+eH3+lX0PYpzGnNAk/ eenQ== X-Gm-Message-State: AOJu0Yx5o05M60dMLv7YzjO1CeQv/WLFM4OAj+/JPbSNsA9AsQ54cx0s tTA5AuarbPUnMNxMQa7YgPcURgXVGFRNATkhegZyfgVyzdoANmbnjhDGhYOfH3q/aWGYrLK+SRv GSuw45zR9dVVfgIgKMAK91HybTn8SQxAqyQ3aAA== X-Received: by 2002:a05:6902:2485:b0:dc6:d541:74be with SMTP id ds5-20020a056902248500b00dc6d54174bemr451795ybb.64.1707188703522; Mon, 05 Feb 2024 19:05:03 -0800 (PST) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240202-alice-file-v4-0-fc9c2080663b@google.com> <20240202-alice-file-v4-5-fc9c2080663b@google.com> In-Reply-To: <20240202-alice-file-v4-5-fc9c2080663b@google.com> From: Trevor Gross Date: Mon, 5 Feb 2024 22:04:52 -0500 Message-ID: Subject: Re: [PATCH v4 5/9] rust: security: add abstraction for secctx To: Alice Ryhl Cc: Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?UTF-8?Q?Bj=C3=B6rn_Roy_Baron?= , Benno Lossin , Andreas Hindborg , Peter Zijlstra , Alexander Viro , Christian Brauner , Greg Kroah-Hartman , =?UTF-8?B?QXJ2ZSBIasO4bm5ldsOlZw==?= , Todd Kjos , Martijn Coenen , Joel Fernandes , Carlos Llamas , Suren Baghdasaryan , Dan Williams , Kees Cook , Matthew Wilcox , Thomas Gleixner , Daniel Xu , linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org, linux-fsdevel@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Feb 2, 2024 at 5:57=E2=80=AFAM Alice Ryhl wr= ote: > > Adds an abstraction for viewing the string representation of a security > context. Adds -> add > This is needed by Rust Binder because it has feature where a process can has feature -> has a feature > view the string representation of the security context for incoming > transactions. The process can use that to authenticate incoming > transactions, and since the feature is provided by the kernel, the > process can trust that the security context is legitimate. > > Reviewed-by: Benno Lossin > Signed-off-by: Alice Ryhl > --- > [...] > diff --git a/rust/kernel/cred.rs b/rust/kernel/cred.rs > index fabc50e48c9e..0640356a8c29 100644 > --- a/rust/kernel/cred.rs > +++ b/rust/kernel/cred.rs > @@ -48,6 +48,14 @@ pub unsafe fn from_ptr<'a>(ptr: *const bindings::cred)= -> &'a Credential { > unsafe { &*ptr.cast() } > } > > + /// Get the id for this security context. > + pub fn get_secid(&self) -> u32 { Since this is used in multiple places, would a typedef be useful? type SecurityId =3D u32; > [...] Reviewed-by: Trevor Gross