Message ID | 20230303181842.1087717-12-roberto.sassu@huaweicloud.com (mailing list archive) |
---|---|
State | New |
Headers | show |
Series | security: Move IMA and EVM to the LSM infrastructure | expand |
On 3/3/23 13:18, Roberto Sassu wrote: > From: Roberto Sassu <roberto.sassu@huawei.com> > > Add the description for missing parameters of evm_inode_setattr() to > avoid the warning arising with W=n compile option. > > Fixes: 817b54aa45db ("evm: add evm_inode_setattr to prevent updating an invalid security.evm") > Fixes: c1632a0f1120 ("fs: port ->setattr() to pass mnt_idmap") > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Among the previous patches I think there were 2 fixes like this one you could possibly also split off. Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> > --- > security/integrity/evm/evm_main.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c > index 1155a58ae87..8b5c472f78b 100644 > --- a/security/integrity/evm/evm_main.c > +++ b/security/integrity/evm/evm_main.c > @@ -798,7 +798,9 @@ static int evm_attr_change(struct mnt_idmap *idmap, > > /** > * evm_inode_setattr - prevent updating an invalid EVM extended attribute > + * @idmap: idmap of the mount > * @dentry: pointer to the affected dentry > + * @attr: iattr structure containing the new file attributes > * > * Permit update of file attributes when files have a valid EVM signature, > * except in the case of them having an immutable portable signature.
On Mon, 2023-03-06 at 12:04 -0500, Stefan Berger wrote: > > On 3/3/23 13:18, Roberto Sassu wrote: > > From: Roberto Sassu <roberto.sassu@huawei.com> > > > > Add the description for missing parameters of evm_inode_setattr() to > > avoid the warning arising with W=n compile option. > > > > Fixes: 817b54aa45db ("evm: add evm_inode_setattr to prevent updating an invalid security.evm") > > Fixes: c1632a0f1120 ("fs: port ->setattr() to pass mnt_idmap") > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> > > Among the previous patches I think there were 2 fixes like this one you could possibly also split off. Didn't find it. Thanks Roberto > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> > > --- > > security/integrity/evm/evm_main.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c > > index 1155a58ae87..8b5c472f78b 100644 > > --- a/security/integrity/evm/evm_main.c > > +++ b/security/integrity/evm/evm_main.c > > @@ -798,7 +798,9 @@ static int evm_attr_change(struct mnt_idmap *idmap, > > > > /** > > * evm_inode_setattr - prevent updating an invalid EVM extended attribute > > + * @idmap: idmap of the mount > > * @dentry: pointer to the affected dentry > > + * @attr: iattr structure containing the new file attributes > > * > > * Permit update of file attributes when files have a valid EVM signature, > > * except in the case of them having an immutable portable signature.
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index 1155a58ae87..8b5c472f78b 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -798,7 +798,9 @@ static int evm_attr_change(struct mnt_idmap *idmap, /** * evm_inode_setattr - prevent updating an invalid EVM extended attribute + * @idmap: idmap of the mount * @dentry: pointer to the affected dentry + * @attr: iattr structure containing the new file attributes * * Permit update of file attributes when files have a valid EVM signature, * except in the case of them having an immutable portable signature.