On 7/19/2024 10:08 AM, Paul Moore wrote:
On Jul 11, 2024 Xu Kuohai xukuohai@huaweicloud.com wrote:
To be consistent with most LSM hooks, convert the return value of hook inode_copy_up_xattr to 0 or a negative error code.
Before:
- Hook inode_copy_up_xattr returns 0 when accepting xattr, 1 when discarding xattr, -EOPNOTSUPP if it does not know xattr, or any other negative error code otherwise.
After:
- Hook inode_copy_up_xattr returns 0 when accepting xattr, *-ECANCELED* when discarding xattr, -EOPNOTSUPP if it does not know xattr, or any other negative error code otherwise.
Signed-off-by: Xu Kuohai xukuohai@huawei.com
fs/overlayfs/copy_up.c | 6 +++--- security/integrity/evm/evm_main.c | 2 +- security/security.c | 12 ++++++------ security/selinux/hooks.c | 4 ++-- security/smack/smack_lsm.c | 6 +++--- 5 files changed, 15 insertions(+), 15 deletions(-)
...
diff --git a/security/security.c b/security/security.c index 26eea8f4cd74..12215ca286af 100644 --- a/security/security.c +++ b/security/security.c @@ -2675,18 +2675,18 @@ EXPORT_SYMBOL(security_inode_copy_up);
- lower layer to the union/overlay layer. The caller is responsible for
- reading and writing the xattrs, this hook is merely a filter.
- Return: Returns 0 to accept the xattr, 1 to discard the xattr, -EOPNOTSUPP
if the security module does not know about attribute, or a negative
error code to abort the copy up.
- Return: Returns 0 to accept the xattr, -ECANCELED to discard the xattr,
-EOPNOTSUPP if the security module does not know about attribute,
*/ int security_inode_copy_up_xattr(struct dentry *src, const char *name) { int rc;
or a negative error code to abort the copy up.
/*
* The implementation can return 0 (accept the xattr), 1 (discard the
* xattr), -EOPNOTSUPP if it does not know anything about the xattr or
* any other error code in case of an error.
* The implementation can return 0 (accept the xattr), -ECANCELED
* (discard the xattr), -EOPNOTSUPP if it does not know anything
*/* about the xattr or any other error code in case of an error.
Updating the comment here is good, but considering that we also discuss the return value in the function header comment, I think it might be better to just remove this comment entirely and leave the function header comment as the single source. Duplicated comments/docs tend to fall out of sync and create confusion.
OK, will do
rc = call_int_hook(inode_copy_up_xattr, src, name); if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
-- paul-moore.com