Message ID | 20231124173026.3257122-2-gnoack@google.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Landlock: IOCTL support | expand |
Thanks for this cleanup. Maybe add a (one-line) explanation? On Fri, Nov 24, 2023 at 06:30:18PM +0100, Günther Noack wrote: > Suggested-by: Mickaël Salaün <mic@digikod.net> > Signed-off-by: Günther Noack <gnoack@google.com> > --- > security/landlock/fs.c | 26 +++++++++++++------------- > security/landlock/ruleset.c | 2 +- > 2 files changed, 14 insertions(+), 14 deletions(-) > > diff --git a/security/landlock/fs.c b/security/landlock/fs.c > index bc7c126deea2..9ba989ef46a5 100644 > --- a/security/landlock/fs.c > +++ b/security/landlock/fs.c > @@ -193,7 +193,7 @@ int landlock_append_fs_rule(struct landlock_ruleset *const ruleset, > * > * Returns NULL if no rule is found or if @dentry is negative. > */ > -static inline const struct landlock_rule * > +static const struct landlock_rule * > find_rule(const struct landlock_ruleset *const domain, > const struct dentry *const dentry) > { > @@ -220,7 +220,7 @@ find_rule(const struct landlock_ruleset *const domain, > * sockfs, pipefs), but can still be reachable through > * /proc/<pid>/fd/<file-descriptor> > */ > -static inline bool is_nouser_or_private(const struct dentry *dentry) > +static bool is_nouser_or_private(const struct dentry *dentry) > { > return (dentry->d_sb->s_flags & SB_NOUSER) || > (d_is_positive(dentry) && > @@ -264,7 +264,7 @@ static const struct landlock_ruleset *get_current_fs_domain(void) > * > * @layer_masks_child2: Optional child masks. > */ > -static inline bool no_more_access( > +static bool no_more_access( > const layer_mask_t (*const layer_masks_parent1)[LANDLOCK_NUM_ACCESS_FS], > const layer_mask_t (*const layer_masks_child1)[LANDLOCK_NUM_ACCESS_FS], > const bool child1_is_directory, > @@ -316,7 +316,7 @@ static inline bool no_more_access( > * > * Returns true if the request is allowed, false otherwise. > */ > -static inline bool > +static bool > scope_to_request(const access_mask_t access_request, > layer_mask_t (*const layer_masks)[LANDLOCK_NUM_ACCESS_FS]) > { > @@ -335,7 +335,7 @@ scope_to_request(const access_mask_t access_request, > * Returns true if there is at least one access right different than > * LANDLOCK_ACCESS_FS_REFER. > */ > -static inline bool > +static bool > is_eacces(const layer_mask_t (*const layer_masks)[LANDLOCK_NUM_ACCESS_FS], > const access_mask_t access_request) > { > @@ -551,9 +551,9 @@ static bool is_access_to_paths_allowed( > return allowed_parent1 && allowed_parent2; > } > > -static inline int check_access_path(const struct landlock_ruleset *const domain, > - const struct path *const path, > - access_mask_t access_request) > +static int check_access_path(const struct landlock_ruleset *const domain, > + const struct path *const path, > + access_mask_t access_request) > { > layer_mask_t layer_masks[LANDLOCK_NUM_ACCESS_FS] = {}; > > @@ -565,8 +565,8 @@ static inline int check_access_path(const struct landlock_ruleset *const domain, > return -EACCES; > } > > -static inline int current_check_access_path(const struct path *const path, > - const access_mask_t access_request) > +static int current_check_access_path(const struct path *const path, > + const access_mask_t access_request) > { > const struct landlock_ruleset *const dom = get_current_fs_domain(); > > @@ -575,7 +575,7 @@ static inline int current_check_access_path(const struct path *const path, > return check_access_path(dom, path, access_request); > } > > -static inline access_mask_t get_mode_access(const umode_t mode) > +static access_mask_t get_mode_access(const umode_t mode) > { > switch (mode & S_IFMT) { > case S_IFLNK: > @@ -600,7 +600,7 @@ static inline access_mask_t get_mode_access(const umode_t mode) > } > } > > -static inline access_mask_t maybe_remove(const struct dentry *const dentry) > +static access_mask_t maybe_remove(const struct dentry *const dentry) > { > if (d_is_negative(dentry)) > return 0; > @@ -1086,7 +1086,7 @@ static int hook_path_truncate(const struct path *const path) > * Returns the access rights that are required for opening the given file, > * depending on the file type and open mode. > */ > -static inline access_mask_t > +static access_mask_t > get_required_file_open_access(const struct file *const file) > { > access_mask_t access = 0; > diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c > index ffedc99f2b68..789c81b26a50 100644 > --- a/security/landlock/ruleset.c > +++ b/security/landlock/ruleset.c > @@ -305,7 +305,7 @@ int landlock_insert_rule(struct landlock_ruleset *const ruleset, > return insert_rule(ruleset, id, &layers, ARRAY_SIZE(layers)); > } > > -static inline void get_hierarchy(struct landlock_hierarchy *const hierarchy) > +static void get_hierarchy(struct landlock_hierarchy *const hierarchy) > { > if (hierarchy) > refcount_inc(&hierarchy->usage); > -- > 2.43.0.rc1.413.gea7ed67945-goog > >
On Thu, Nov 30, 2023 at 10:27:18AM +0100, Mickaël Salaün wrote: > > Thanks for this cleanup. Maybe add a (one-line) explanation? Done. —Günther
diff --git a/security/landlock/fs.c b/security/landlock/fs.c index bc7c126deea2..9ba989ef46a5 100644 --- a/security/landlock/fs.c +++ b/security/landlock/fs.c @@ -193,7 +193,7 @@ int landlock_append_fs_rule(struct landlock_ruleset *const ruleset, * * Returns NULL if no rule is found or if @dentry is negative. */ -static inline const struct landlock_rule * +static const struct landlock_rule * find_rule(const struct landlock_ruleset *const domain, const struct dentry *const dentry) { @@ -220,7 +220,7 @@ find_rule(const struct landlock_ruleset *const domain, * sockfs, pipefs), but can still be reachable through * /proc/<pid>/fd/<file-descriptor> */ -static inline bool is_nouser_or_private(const struct dentry *dentry) +static bool is_nouser_or_private(const struct dentry *dentry) { return (dentry->d_sb->s_flags & SB_NOUSER) || (d_is_positive(dentry) && @@ -264,7 +264,7 @@ static const struct landlock_ruleset *get_current_fs_domain(void) * * @layer_masks_child2: Optional child masks. */ -static inline bool no_more_access( +static bool no_more_access( const layer_mask_t (*const layer_masks_parent1)[LANDLOCK_NUM_ACCESS_FS], const layer_mask_t (*const layer_masks_child1)[LANDLOCK_NUM_ACCESS_FS], const bool child1_is_directory, @@ -316,7 +316,7 @@ static inline bool no_more_access( * * Returns true if the request is allowed, false otherwise. */ -static inline bool +static bool scope_to_request(const access_mask_t access_request, layer_mask_t (*const layer_masks)[LANDLOCK_NUM_ACCESS_FS]) { @@ -335,7 +335,7 @@ scope_to_request(const access_mask_t access_request, * Returns true if there is at least one access right different than * LANDLOCK_ACCESS_FS_REFER. */ -static inline bool +static bool is_eacces(const layer_mask_t (*const layer_masks)[LANDLOCK_NUM_ACCESS_FS], const access_mask_t access_request) { @@ -551,9 +551,9 @@ static bool is_access_to_paths_allowed( return allowed_parent1 && allowed_parent2; } -static inline int check_access_path(const struct landlock_ruleset *const domain, - const struct path *const path, - access_mask_t access_request) +static int check_access_path(const struct landlock_ruleset *const domain, + const struct path *const path, + access_mask_t access_request) { layer_mask_t layer_masks[LANDLOCK_NUM_ACCESS_FS] = {}; @@ -565,8 +565,8 @@ static inline int check_access_path(const struct landlock_ruleset *const domain, return -EACCES; } -static inline int current_check_access_path(const struct path *const path, - const access_mask_t access_request) +static int current_check_access_path(const struct path *const path, + const access_mask_t access_request) { const struct landlock_ruleset *const dom = get_current_fs_domain(); @@ -575,7 +575,7 @@ static inline int current_check_access_path(const struct path *const path, return check_access_path(dom, path, access_request); } -static inline access_mask_t get_mode_access(const umode_t mode) +static access_mask_t get_mode_access(const umode_t mode) { switch (mode & S_IFMT) { case S_IFLNK: @@ -600,7 +600,7 @@ static inline access_mask_t get_mode_access(const umode_t mode) } } -static inline access_mask_t maybe_remove(const struct dentry *const dentry) +static access_mask_t maybe_remove(const struct dentry *const dentry) { if (d_is_negative(dentry)) return 0; @@ -1086,7 +1086,7 @@ static int hook_path_truncate(const struct path *const path) * Returns the access rights that are required for opening the given file, * depending on the file type and open mode. */ -static inline access_mask_t +static access_mask_t get_required_file_open_access(const struct file *const file) { access_mask_t access = 0; diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c index ffedc99f2b68..789c81b26a50 100644 --- a/security/landlock/ruleset.c +++ b/security/landlock/ruleset.c @@ -305,7 +305,7 @@ int landlock_insert_rule(struct landlock_ruleset *const ruleset, return insert_rule(ruleset, id, &layers, ARRAY_SIZE(layers)); } -static inline void get_hierarchy(struct landlock_hierarchy *const hierarchy) +static void get_hierarchy(struct landlock_hierarchy *const hierarchy) { if (hierarchy) refcount_inc(&hierarchy->usage);
Suggested-by: Mickaël Salaün <mic@digikod.net> Signed-off-by: Günther Noack <gnoack@google.com> --- security/landlock/fs.c | 26 +++++++++++++------------- security/landlock/ruleset.c | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-)