* [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
@ 2020-02-16 7:08 Randy Dunlap
2020-02-16 19:27 ` Casey Schaufler
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Randy Dunlap @ 2020-02-16 7:08 UTC (permalink / raw)
To: LKML, linux-security-module
Cc: John Johansen, Kees Cook, Micah Morton, James Morris,
Serge E. Hallyn, Paul Moore, Stephen Smalley, Eric Paris,
Casey Schaufler, Kentaro Takeda, Tetsuo Handa
From: Randy Dunlap <rdunlap@infradead.org>
Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
Fixes the following warnings:
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: John Johansen <john.johansen@canonical.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Micah Morton <mortonm@chromium.org>
Cc: James Morris <jmorris@namei.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: linux-security-module@vger.kernel.org
Cc: Paul Moore <paul@paul-moore.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Eric Paris <eparis@parisplace.org>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
---
Notes:
a. The location for some of these might need to be modified.
b. 'locked_down' was just missing a final ':'.
c. Added a new section: Security hooks for perf events.
include/linux/lsm_hooks.h | 36 +++++++++++++++++++++++++++++++++++-
1 file changed, 35 insertions(+), 1 deletion(-)
--- lnx-56-rc1.orig/include/linux/lsm_hooks.h
+++ lnx-56-rc1/include/linux/lsm_hooks.h
@@ -103,6 +103,10 @@
* @sb_free_security:
* Deallocate and clear the sb->s_security field.
* @sb contains the super_block structure to be modified.
+ * @sb_free_mnt_opts:
+ * Free memory associated with @mnt_ops.
+ * @sb_eat_lsm_opts:
+ * Eat (scan @orig options) and save them in @mnt_opts.
* @sb_statfs:
* Check permission before obtaining filesystem statistics for the @mnt
* mountpoint.
@@ -136,6 +140,10 @@
* @sb superblock being remounted
* @data contains the filesystem-specific data.
* Return 0 if permission is granted.
+ * @sb_kern_mount:
+ * Mount this @sb if allowed by permissions.
+ * @sb_show_options:
+ * Show (print on @m) mount options for this @sb.
* @sb_umount:
* Check permission before the @mnt file system is unmounted.
* @mnt contains the mounted file system.
@@ -155,6 +163,8 @@
* Copy all security options from a given superblock to another
* @oldsb old superblock which contain information to clone
* @newsb new superblock which needs filled in
+ * @sb_add_mnt_opt:
+ * Add one mount @option to @mnt_opts.
* @sb_parse_opts_str:
* Parse a string of security data filling in the opts structure
* @options string containing all mount options known by the LSM
@@ -451,6 +461,12 @@
* security module does not know about attribute or a negative error code
* to abort the copy up. Note that the caller is responsible for reading
* and writing the xattrs as this hook is merely a filter.
+ * @d_instantiate:
+ * Fill in @inode security information for a @dentry if allowed.
+ * @getprocattr:
+ * Read attribute @name for process @p and store it into @value if allowed.
+ * @setprocattr:
+ * Write (set) attribute @name to @value, size @size if allowed.
*
* Security hooks for kernfs node operations
*
@@ -1113,6 +1129,7 @@
* In case of failure, @secid will be set to zero.
*
* Security hooks for individual messages held in System V IPC message queues
+ *
* @msg_msg_alloc_security:
* Allocate and attach a security structure to the msg->security field.
* The security field is initialized to NULL when the structure is first
@@ -1302,6 +1319,10 @@
* @cap contains the capability <include/linux/capability.h>.
* @opts contains options for the capable check <include/linux/security.h>
* Return 0 if the capability is granted for @tsk.
+ * @quotactl:
+ * Check whether the quotactl syscall is allowed for this @sb.
+ * @quota_on:
+ * Check whether QUOTAON is allowed for this @dentry.
* @syslog:
* Check permission before accessing the kernel message ring or changing
* logging to the console.
@@ -1449,11 +1470,24 @@
* @bpf_prog_free_security:
* Clean up the security information stored inside bpf prog.
*
- * @locked_down
+ * @locked_down:
* Determine whether a kernel feature that potentially enables arbitrary
* code execution in kernel space should be permitted.
*
* @what: kernel feature being accessed
+ *
+ * Security hooks for perf events
+ *
+ * @perf_event_open:
+ * Check whether the @type of perf_event_open syscall is allowed.
+ * @perf_event_alloc:
+ * Allocate and save perf_event security info.
+ * @perf_event_free:
+ * Release (free) perf_event security info.
+ * @perf_event_read:
+ * Read perf_event security info if allowed.
+ * @perf_event_write:
+ * Write perf_event security info if allowed.
*/
union security_list_options {
int (*binder_set_context_mgr)(struct task_struct *mgr);
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
2020-02-16 7:08 [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings Randy Dunlap
@ 2020-02-16 19:27 ` Casey Schaufler
2020-02-17 18:39 ` Kees Cook
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Casey Schaufler @ 2020-02-16 19:27 UTC (permalink / raw)
To: Randy Dunlap, LKML, linux-security-module
Cc: John Johansen, Kees Cook, Micah Morton, James Morris,
Serge E. Hallyn, Paul Moore, Stephen Smalley, Eric Paris,
Kentaro Takeda, Tetsuo Handa
On 2/15/2020 11:08 PM, Randy Dunlap wrote:
> From: Randy Dunlap <rdunlap@infradead.org>
>
> Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
> Fixes the following warnings:
>
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
>
> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Thank you very much.
> Cc: John Johansen <john.johansen@canonical.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Micah Morton <mortonm@chromium.org>
> Cc: James Morris <jmorris@namei.org>
> Cc: "Serge E. Hallyn" <serge@hallyn.com>
> Cc: linux-security-module@vger.kernel.org
> Cc: Paul Moore <paul@paul-moore.com>
> Cc: Stephen Smalley <sds@tycho.nsa.gov>
> Cc: Eric Paris <eparis@parisplace.org>
> Cc: Casey Schaufler <casey@schaufler-ca.com>
> Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> ---
> Notes:
> a. The location for some of these might need to be modified.
> b. 'locked_down' was just missing a final ':'.
> c. Added a new section: Security hooks for perf events.
>
> include/linux/lsm_hooks.h | 36 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 35 insertions(+), 1 deletion(-)
>
> --- lnx-56-rc1.orig/include/linux/lsm_hooks.h
> +++ lnx-56-rc1/include/linux/lsm_hooks.h
> @@ -103,6 +103,10 @@
> * @sb_free_security:
> * Deallocate and clear the sb->s_security field.
> * @sb contains the super_block structure to be modified.
> + * @sb_free_mnt_opts:
> + * Free memory associated with @mnt_ops.
> + * @sb_eat_lsm_opts:
> + * Eat (scan @orig options) and save them in @mnt_opts.
> * @sb_statfs:
> * Check permission before obtaining filesystem statistics for the @mnt
> * mountpoint.
> @@ -136,6 +140,10 @@
> * @sb superblock being remounted
> * @data contains the filesystem-specific data.
> * Return 0 if permission is granted.
> + * @sb_kern_mount:
> + * Mount this @sb if allowed by permissions.
> + * @sb_show_options:
> + * Show (print on @m) mount options for this @sb.
> * @sb_umount:
> * Check permission before the @mnt file system is unmounted.
> * @mnt contains the mounted file system.
> @@ -155,6 +163,8 @@
> * Copy all security options from a given superblock to another
> * @oldsb old superblock which contain information to clone
> * @newsb new superblock which needs filled in
> + * @sb_add_mnt_opt:
> + * Add one mount @option to @mnt_opts.
> * @sb_parse_opts_str:
> * Parse a string of security data filling in the opts structure
> * @options string containing all mount options known by the LSM
> @@ -451,6 +461,12 @@
> * security module does not know about attribute or a negative error code
> * to abort the copy up. Note that the caller is responsible for reading
> * and writing the xattrs as this hook is merely a filter.
> + * @d_instantiate:
> + * Fill in @inode security information for a @dentry if allowed.
> + * @getprocattr:
> + * Read attribute @name for process @p and store it into @value if allowed.
> + * @setprocattr:
> + * Write (set) attribute @name to @value, size @size if allowed.
> *
> * Security hooks for kernfs node operations
> *
> @@ -1113,6 +1129,7 @@
> * In case of failure, @secid will be set to zero.
> *
> * Security hooks for individual messages held in System V IPC message queues
> + *
> * @msg_msg_alloc_security:
> * Allocate and attach a security structure to the msg->security field.
> * The security field is initialized to NULL when the structure is first
> @@ -1302,6 +1319,10 @@
> * @cap contains the capability <include/linux/capability.h>.
> * @opts contains options for the capable check <include/linux/security.h>
> * Return 0 if the capability is granted for @tsk.
> + * @quotactl:
> + * Check whether the quotactl syscall is allowed for this @sb.
> + * @quota_on:
> + * Check whether QUOTAON is allowed for this @dentry.
> * @syslog:
> * Check permission before accessing the kernel message ring or changing
> * logging to the console.
> @@ -1449,11 +1470,24 @@
> * @bpf_prog_free_security:
> * Clean up the security information stored inside bpf prog.
> *
> - * @locked_down
> + * @locked_down:
> * Determine whether a kernel feature that potentially enables arbitrary
> * code execution in kernel space should be permitted.
> *
> * @what: kernel feature being accessed
> + *
> + * Security hooks for perf events
> + *
> + * @perf_event_open:
> + * Check whether the @type of perf_event_open syscall is allowed.
> + * @perf_event_alloc:
> + * Allocate and save perf_event security info.
> + * @perf_event_free:
> + * Release (free) perf_event security info.
> + * @perf_event_read:
> + * Read perf_event security info if allowed.
> + * @perf_event_write:
> + * Write perf_event security info if allowed.
> */
> union security_list_options {
> int (*binder_set_context_mgr)(struct task_struct *mgr);
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
2020-02-16 7:08 [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings Randy Dunlap
2020-02-16 19:27 ` Casey Schaufler
@ 2020-02-17 18:39 ` Kees Cook
2020-02-18 14:03 ` Stephen Smalley
2020-02-20 0:10 ` James Morris
3 siblings, 0 replies; 6+ messages in thread
From: Kees Cook @ 2020-02-17 18:39 UTC (permalink / raw)
To: Randy Dunlap
Cc: LKML, linux-security-module, John Johansen, Micah Morton,
James Morris, Serge E. Hallyn, Paul Moore, Stephen Smalley,
Eric Paris, Casey Schaufler, Kentaro Takeda, Tetsuo Handa
On Sat, Feb 15, 2020 at 11:08:38PM -0800, Randy Dunlap wrote:
> From: Randy Dunlap <rdunlap@infradead.org>
>
> Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
> Fixes the following warnings:
>
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
>
> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Yay! Thanks for working through these. :)
Acked-by: Kees Cook <keescook@chromium.org>
--
Kees Cook
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
2020-02-16 7:08 [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings Randy Dunlap
2020-02-16 19:27 ` Casey Schaufler
2020-02-17 18:39 ` Kees Cook
@ 2020-02-18 14:03 ` Stephen Smalley
2020-02-18 19:30 ` Randy Dunlap
2020-02-20 0:10 ` James Morris
3 siblings, 1 reply; 6+ messages in thread
From: Stephen Smalley @ 2020-02-18 14:03 UTC (permalink / raw)
To: Randy Dunlap, LKML, linux-security-module
Cc: John Johansen, Kees Cook, Micah Morton, James Morris,
Serge E. Hallyn, Paul Moore, Eric Paris, Casey Schaufler,
Kentaro Takeda, Tetsuo Handa
On 2/16/20 2:08 AM, Randy Dunlap wrote:
> From: Randy Dunlap <rdunlap@infradead.org>
>
> Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
> Fixes the following warnings:
>
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
>
> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
> Cc: John Johansen <john.johansen@canonical.com>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Micah Morton <mortonm@chromium.org>
> Cc: James Morris <jmorris@namei.org>
> Cc: "Serge E. Hallyn" <serge@hallyn.com>
> Cc: linux-security-module@vger.kernel.org
> Cc: Paul Moore <paul@paul-moore.com>
> Cc: Stephen Smalley <sds@tycho.nsa.gov>
> Cc: Eric Paris <eparis@parisplace.org>
> Cc: Casey Schaufler <casey@schaufler-ca.com>
> Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> ---
> Notes:
> a. The location for some of these might need to be modified.
> b. 'locked_down' was just missing a final ':'.
> c. Added a new section: Security hooks for perf events.
>
> include/linux/lsm_hooks.h | 36 +++++++++++++++++++++++++++++++++++-
> 1 file changed, 35 insertions(+), 1 deletion(-)
>
> --- lnx-56-rc1.orig/include/linux/lsm_hooks.h
> +++ lnx-56-rc1/include/linux/lsm_hooks.h
> @@ -136,6 +140,10 @@
> * @sb superblock being remounted
> * @data contains the filesystem-specific data.
> * Return 0 if permission is granted.
> + * @sb_kern_mount:
> + * Mount this @sb if allowed by permissions.
> + * @sb_show_options:
> + * Show (print on @m) mount options for this @sb.
> * @sb_umount:
> * Check permission before the @mnt file system is unmounted.
> * @mnt contains the mounted file system.
Thanks for doing this. Note that some of the existing kernel-doc
comments for these hooks include a separate line describing each
parameter (not just embedded in the function description) and a line
describing the return value. Is that optional for kernel-doc?
Obviously what you have added here is an improvement, just wondering
whether it suffices or needs further augmentation.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
2020-02-18 14:03 ` Stephen Smalley
@ 2020-02-18 19:30 ` Randy Dunlap
0 siblings, 0 replies; 6+ messages in thread
From: Randy Dunlap @ 2020-02-18 19:30 UTC (permalink / raw)
To: Stephen Smalley, LKML, linux-security-module
Cc: John Johansen, Kees Cook, Micah Morton, James Morris,
Serge E. Hallyn, Paul Moore, Eric Paris, Casey Schaufler,
Kentaro Takeda, Tetsuo Handa
On 2/18/20 6:03 AM, Stephen Smalley wrote:
> On 2/16/20 2:08 AM, Randy Dunlap wrote:
>> From: Randy Dunlap <rdunlap@infradead.org>
>>
>> Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
>> Fixes the following warnings:
>>
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
>> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
>>
>> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
>> Cc: John Johansen <john.johansen@canonical.com>
>> Cc: Kees Cook <keescook@chromium.org>
>> Cc: Micah Morton <mortonm@chromium.org>
>> Cc: James Morris <jmorris@namei.org>
>> Cc: "Serge E. Hallyn" <serge@hallyn.com>
>> Cc: linux-security-module@vger.kernel.org
>> Cc: Paul Moore <paul@paul-moore.com>
>> Cc: Stephen Smalley <sds@tycho.nsa.gov>
>> Cc: Eric Paris <eparis@parisplace.org>
>> Cc: Casey Schaufler <casey@schaufler-ca.com>
>> Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
>> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
>> ---
>> Notes:
>> a. The location for some of these might need to be modified.
>> b. 'locked_down' was just missing a final ':'.
>> c. Added a new section: Security hooks for perf events.
>>
>> include/linux/lsm_hooks.h | 36 +++++++++++++++++++++++++++++++++++-
>> 1 file changed, 35 insertions(+), 1 deletion(-)
>>
>> --- lnx-56-rc1.orig/include/linux/lsm_hooks.h
>> +++ lnx-56-rc1/include/linux/lsm_hooks.h
>> @@ -136,6 +140,10 @@
>> * @sb superblock being remounted
>> * @data contains the filesystem-specific data.
>> * Return 0 if permission is granted.
>> + * @sb_kern_mount:
>> + * Mount this @sb if allowed by permissions.
>> + * @sb_show_options:
>> + * Show (print on @m) mount options for this @sb.
>> * @sb_umount:
>> * Check permission before the @mnt file system is unmounted.
>> * @mnt contains the mounted file system.
>
> Thanks for doing this. Note that some of the existing kernel-doc comments for these hooks include a separate line describing each parameter (not just embedded in the function description) and a line describing the return value. Is that optional for kernel-doc? Obviously what you have added here is an improvement, just wondering whether it suffices or needs further augmentation.
Hi Stephen,
The additional kernel-doc comments that you refer to are obviously Good to Have,
but they are not required. I didn't feel comfortable or qualified to add
all of that info, but if anyone wants to help/contribute, please do so.
thanks.
--
~Randy
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings
2020-02-16 7:08 [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings Randy Dunlap
` (2 preceding siblings ...)
2020-02-18 14:03 ` Stephen Smalley
@ 2020-02-20 0:10 ` James Morris
3 siblings, 0 replies; 6+ messages in thread
From: James Morris @ 2020-02-20 0:10 UTC (permalink / raw)
To: Randy Dunlap
Cc: LKML, linux-security-module, John Johansen, Kees Cook,
Micah Morton, Serge E. Hallyn, Paul Moore, Stephen Smalley,
Eric Paris, Casey Schaufler, Kentaro Takeda, Tetsuo Handa
On Sat, 15 Feb 2020, Randy Dunlap wrote:
> From: Randy Dunlap <rdunlap@infradead.org>
>
> Fix all kernel-doc warnings in <linux/lsm_hooks.h>.
> Fixes the following warnings:
>
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quotactl' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'quota_on' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_free_mnt_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_eat_lsm_opts' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_kern_mount' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_show_options' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'sb_add_mnt_opt' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'd_instantiate' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'getprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'setprocattr' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'locked_down' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_open' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_alloc' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_free' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_read' not described in 'security_list_options'
> ../include/linux/lsm_hooks.h:1830: warning: Function parameter or member 'perf_event_write' not described in 'security_list_options'
>
> Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Thanks, applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git next-general
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-02-20 0:11 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-16 7:08 [RFC PATCH] security: <linux/lsm_hooks.h>: fix all kernel-doc warnings Randy Dunlap
2020-02-16 19:27 ` Casey Schaufler
2020-02-17 18:39 ` Kees Cook
2020-02-18 14:03 ` Stephen Smalley
2020-02-18 19:30 ` Randy Dunlap
2020-02-20 0:10 ` James Morris
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).