qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/security/apparmor
History
NeilBrown fa6fe07d15
VFS: rename lookup_one_len family to lookup_noperm and remove permission check 
The lookup_one_len family of functions is (now) only used internally by
a filesystem on itself either
- in a context where permission checking is irrelevant such as by a
  virtual filesystem populating itself, or xfs accessing its ORPHANAGE
  or dquota accessing the quota file; or
- in a context where a permission check (MAY_EXEC on the parent) has just
  been performed such as a network filesystem finding in "silly-rename"
  file in the same directory.  This is also the context after the
  _parentat() functions where currently lookup_one_qstr_excl() is used.

So the permission check is pointless.

The name "one_len" is unhelpful in understanding the purpose of these
functions and should be changed.  Most of the callers pass the len as
"strlen()" so using a qstr and QSTR() can simplify the code.

This patch renames these functions (include lookup_positive_unlocked()
which is part of the family despite the name) to have a name based on
"lookup_noperm".  They are changed to receive a 'struct qstr' instead
of separate name and len.  In a few cases the use of QSTR() results in a
new call to strlen().

try_lookup_noperm() takes a pointer to a qstr instead of the whole
qstr.  This is consistent with d_hash_and_lookup() (which is nearly
identical) and useful for lookup_noperm_unlocked().

The new lookup_noperm_common() doesn't take a qstr yet.  That will be
tidied up in a subsequent patch.

Signed-off-by: NeilBrown <neil@brown.name>
Link: https://lore.kernel.org/r/20250319031545.2999807-5-neil@brown.name
Signed-off-by: Christian Brauner <brauner@kernel.org>
 		2025-04-08 11:24:36 +02:00
..
include lsm: replace context+len with lsm_context 2024-12-04 14:42:31 -05:00
.gitignore
Kconfig
Makefile
apparmorfs.c VFS: rename lookup_one_len family to lookup_noperm and remove permission check 2025-04-08 11:24:36 +02:00
audit.c lsm: remove lsm_prop scaffolding 2024-10-11 14:34:16 -04:00
capability.c apparmor: audit_cap dedup based on subj_cred instead of profile 2024-11-26 19:21:06 -08:00
crypto.c
domain.c apparmor: lift new_profile declaration to remove C23 extension warning 2024-11-26 19:21:06 -08:00
file.c
ipc.c
label.c apparmor: Remove deadcode 2024-11-26 19:21:05 -08:00
lib.c apparmor: Remove deadcode 2024-11-26 19:21:05 -08:00
lsm.c treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
match.c apparmor: add support for 2^24 states to the dfa state machine. 2024-11-26 19:21:05 -08:00
mount.c
net.c
nulldfa.in
path.c apparmor: Use IS_ERR_OR_NULL() helper function 2024-11-26 19:21:05 -08:00
policy.c apparmor: Remove deadcode 2024-11-26 19:21:05 -08:00
policy_compat.c
policy_ns.c
policy_unpack.c apparmor: document first entry is in packed perms struct is reserved 2024-11-26 19:21:05 -08:00
policy_unpack_test.c module: Convert symbol namespace to string literal 2024-12-02 11:34:44 -08:00
procattr.c
resource.c
secid.c lsm: secctx provider check on release 2024-12-04 14:59:57 -05:00
stacksplitdfa.in
task.c