Re: [PATCH v4 5/6] fs: provide function to report enum strings
On Tue, 2016-04-12 at 15:38 -0700, Kees Cook wrote: > On Tue, Apr 12, 2016 at 3:31 PM, Al Viro wrote: > > On Tue, Apr 12, 2016 at 09:54:44AM -0700, Kees Cook wrote: > >> Providing human-readable (and audit-parsable) strings for the READING_* > >> enums is needed by some LSMs. > >> > >> Signed-off-by: Kees Cook > >> --- > >> fs/exec.c | 19 +++ > >> include/linux/fs.h | 1 + > >> 2 files changed, 20 insertions(+) > > > > What the devil is that doing in fs/exec.c, of all places? > > Since that's where the kernel_read* functions that use the enum live, > it seemed like the right place to put the string function too. I'm > happy to move it where ever folks think it's best to live. Al, The problem is keeping the enum and corresponding string in sync. As soon as the enum definition is separated from the string definition, it will become a problem. I've tried to use _stringify() to initialize both the enum and the string, but it is ugly. Perhaps someone else has a better, prettier method. Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v4 5/6] fs: provide function to report enum strings
On Tue, Apr 12, 2016 at 3:31 PM, Al Viro wrote: > On Tue, Apr 12, 2016 at 09:54:44AM -0700, Kees Cook wrote: >> Providing human-readable (and audit-parsable) strings for the READING_* >> enums is needed by some LSMs. >> >> Signed-off-by: Kees Cook >> --- >> fs/exec.c | 19 +++ >> include/linux/fs.h | 1 + >> 2 files changed, 20 insertions(+) > > What the devil is that doing in fs/exec.c, of all places? Since that's where the kernel_read* functions that use the enum live, it seemed like the right place to put the string function too. I'm happy to move it where ever folks think it's best to live. -Kees -- Kees Cook Chrome OS & Brillo Security -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v4 5/6] fs: provide function to report enum strings
On Tue, Apr 12, 2016 at 09:54:44AM -0700, Kees Cook wrote: > Providing human-readable (and audit-parsable) strings for the READING_* > enums is needed by some LSMs. > > Signed-off-by: Kees Cook > --- > fs/exec.c | 19 +++ > include/linux/fs.h | 1 + > 2 files changed, 20 insertions(+) What the devil is that doing in fs/exec.c, of all places? -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v4 5/6] fs: provide function to report enum strings
Quoting Kees Cook (keesc...@chromium.org):
> Providing human-readable (and audit-parsable) strings for the READING_*
> enums is needed by some LSMs.
>
> Signed-off-by: Kees Cook
Acked-by: Serge Hallyn
> ---
> fs/exec.c | 19 +++
> include/linux/fs.h | 1 +
> 2 files changed, 20 insertions(+)
>
> diff --git a/fs/exec.c b/fs/exec.c
> index c4010b8207a1..05e71b6c0ef0 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -819,6 +819,25 @@ struct file *open_exec(const char *name)
> }
> EXPORT_SYMBOL(open_exec);
>
> +const char *kernel_read_file_id_str(enum kernel_read_file_id id)
> +{
> + switch (id) {
> + case READING_FIRMWARE:
> + return "firmware";
> + case READING_MODULE:
> + return "kernel-module";
> + case READING_KEXEC_IMAGE:
> + return "kexec-image";
> + case READING_KEXEC_INITRAMFS:
> + return "kexec-initramfs";
> + case READING_POLICY:
> + return "security-policy";
> + default:
> + return "unknown";
> + }
> +}
> +EXPORT_SYMBOL(kernel_read_file_id_str);
> +
> int kernel_read(struct file *file, loff_t offset,
> char *addr, unsigned long count)
> {
> diff --git a/include/linux/fs.h b/include/linux/fs.h
> index 304991a80e23..596b403d5a28 100644
> --- a/include/linux/fs.h
> +++ b/include/linux/fs.h
> @@ -2589,6 +2589,7 @@ enum kernel_read_file_id {
> READING_MAX_ID
> };
>
> +extern const char *kernel_read_file_id_str(enum kernel_read_file_id id);
> extern int kernel_read(struct file *, loff_t, char *, unsigned long);
> extern int kernel_read_file(struct file *, void **, loff_t *, loff_t,
> enum kernel_read_file_id);
> --
> 2.6.3
--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v4 5/6] fs: provide function to report enum strings
Providing human-readable (and audit-parsable) strings for the READING_*
enums is needed by some LSMs.
Signed-off-by: Kees Cook
---
fs/exec.c | 19 +++
include/linux/fs.h | 1 +
2 files changed, 20 insertions(+)
diff --git a/fs/exec.c b/fs/exec.c
index c4010b8207a1..05e71b6c0ef0 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -819,6 +819,25 @@ struct file *open_exec(const char *name)
}
EXPORT_SYMBOL(open_exec);
+const char *kernel_read_file_id_str(enum kernel_read_file_id id)
+{
+ switch (id) {
+ case READING_FIRMWARE:
+ return "firmware";
+ case READING_MODULE:
+ return "kernel-module";
+ case READING_KEXEC_IMAGE:
+ return "kexec-image";
+ case READING_KEXEC_INITRAMFS:
+ return "kexec-initramfs";
+ case READING_POLICY:
+ return "security-policy";
+ default:
+ return "unknown";
+ }
+}
+EXPORT_SYMBOL(kernel_read_file_id_str);
+
int kernel_read(struct file *file, loff_t offset,
char *addr, unsigned long count)
{
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 304991a80e23..596b403d5a28 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2589,6 +2589,7 @@ enum kernel_read_file_id {
READING_MAX_ID
};
+extern const char *kernel_read_file_id_str(enum kernel_read_file_id id);
extern int kernel_read(struct file *, loff_t, char *, unsigned long);
extern int kernel_read_file(struct file *, void **, loff_t *, loff_t,
enum kernel_read_file_id);
--
2.6.3
--
To unsubscribe from this list: send the line "unsubscribe linux-doc" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
