From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.9 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A50CC433E1 for ; Tue, 7 Jul 2020 23:41:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 67C102067D for ; Tue, 7 Jul 2020 23:41:02 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="dfwsrWMW" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728967AbgGGXlB (ORCPT ); Tue, 7 Jul 2020 19:41:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53538 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728589AbgGGXlA (ORCPT ); Tue, 7 Jul 2020 19:41:00 -0400 Received: from mail-pl1-x642.google.com (mail-pl1-x642.google.com [IPv6:2607:f8b0:4864:20::642]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EE89FC08C5DC for ; Tue, 7 Jul 2020 16:40:59 -0700 (PDT) Received: by mail-pl1-x642.google.com with SMTP id x9so3723984plr.2 for ; Tue, 07 Jul 2020 16:40:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=+qsfHnXN4F+YEwETsQED11ORVN8eSCHPY9sNm+VzKiE=; b=dfwsrWMWQXKk98nBQT0zKCcMgM2CYJMVBv5xq71lWfK4e3eNBX3+TIoBsD9shyxp+a /BspAc5iLOh45pal+FknoV+rVp7AzTkJ15nRomNNzb4Q+iiUJ4hdBQdSPo3Y2zx5kZAU NQaKaRX5qq3OWa8xLA8ACmvgxCobMjwHQg2vw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=+qsfHnXN4F+YEwETsQED11ORVN8eSCHPY9sNm+VzKiE=; b=Nwnn0wC2EMx5NXM0sqWrGDxdkTgXjQMXKpiysKPcQeOm8ihSLX71X6hhq6jD2yiyTh lVFlXplLQpjMwYU/kctLG0akzvmlv+N5dnQM9zkCOPYhJSH15exc9LHp1o+6uZtVwaxj w/AGhLjuHXq+slBN9oW2Lr5DNQT7mbuKxeEfmtkdjNCYFgXTXaMyimT8NXOyDamZNtkZ YQ2rFcDBNnhui+RYexHWFa+Ox5TFmK6C0JZ1w5sIiDW8vkE6XyJhT7EpZWwA90tpQR1j Guzf6Q19CvSE4wgpzICGuLuMb9WA8pJyPDmAcU/kx1hwkFxCgQdK9k1IpQP9OKhqCPGx bi+Q== X-Gm-Message-State: AOAM532YDlZsTctvfc107F9/iSOA+xM4T7rpXkkjX7Zhi/cmLN77WIDE uPeqTjzLUsNDYvH61J5PzqOnlg== X-Google-Smtp-Source: ABdhPJznDqnbmackWsksp8CmINCpL3p2ylcX2LFfCew2p3uhTVRTDZtOXaCuS1FezTamiBVHO3ifLQ== X-Received: by 2002:a17:902:d211:: with SMTP id t17mr11298783ply.106.1594165259350; Tue, 07 Jul 2020 16:40:59 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id c187sm22795684pfc.146.2020.07.07.16.40.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Jul 2020 16:40:58 -0700 (PDT) Date: Tue, 7 Jul 2020 16:40:57 -0700 From: Kees Cook To: Scott Branden Cc: Luis Chamberlain , Wolfram Sang , Greg Kroah-Hartman , David Brown , Alexander Viro , Shuah Khan , bjorn.andersson@linaro.org, Shuah Khan , Arnd Bergmann , Mimi Zohar , "Rafael J . Wysocki" , linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-fsdevel@vger.kernel.org, BCM Kernel Feedback , Olof Johansson , Andrew Morton , Dan Carpenter , Colin Ian King , Takashi Iwai , linux-kselftest@vger.kernel.org, Andy Gross , linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org Subject: Re: [PATCH v10 1/9] fs: move kernel_read_file* to its own include file Message-ID: <202007071637.ABF914AB@keescook> References: <20200706232309.12010-1-scott.branden@broadcom.com> <20200706232309.12010-2-scott.branden@broadcom.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200706232309.12010-2-scott.branden@broadcom.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jul 06, 2020 at 04:23:01PM -0700, Scott Branden wrote: > Move kernel_read_file* out of linux/fs.h to its own linux/kernel_read_file.h > include file. That header gets pulled in just about everywhere > and doesn't really need functions not related to the general fs interface. > > Suggested-by: Christoph Hellwig > Signed-off-by: Scott Branden > Reviewed-by: Christoph Hellwig > Acked-by: Greg Kroah-Hartman > --- > drivers/base/firmware_loader/main.c | 1 + > fs/exec.c | 1 + > include/linux/fs.h | 39 ---------------------- > include/linux/ima.h | 1 + > include/linux/kernel_read_file.h | 52 +++++++++++++++++++++++++++++ > include/linux/security.h | 1 + > kernel/kexec_file.c | 1 + > kernel/module.c | 1 + > security/integrity/digsig.c | 1 + > security/integrity/ima/ima_fs.c | 1 + > security/integrity/ima/ima_main.c | 1 + > security/integrity/ima/ima_policy.c | 1 + > security/loadpin/loadpin.c | 1 + > security/security.c | 1 + > security/selinux/hooks.c | 1 + > 15 files changed, 65 insertions(+), 39 deletions(-) > create mode 100644 include/linux/kernel_read_file.h This looks like too many files are getting touched. If it got added to security.h, very few of the above .c files will need it explicitly added (maybe none). You can test future versions of this change with an allmodconfig build and make sure you have a matching .o for each .c file that calls kernel_read_file(). :) But otherwise, sure, seems good. -- Kees Cook