From patchwork Sat May 13 11:51:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 9725209 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id AD19960325 for ; Sat, 13 May 2017 11:55:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9AB60288DD for ; Sat, 13 May 2017 11:55:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8CB6F288E2; Sat, 13 May 2017 11:55:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0EF25288DD for ; Sat, 13 May 2017 11:55:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752766AbdEMLzW (ORCPT ); Sat, 13 May 2017 07:55:22 -0400 Received: from mail-pf0-f174.google.com ([209.85.192.174]:34366 "EHLO mail-pf0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753470AbdEMLwE (ORCPT ); Sat, 13 May 2017 07:52:04 -0400 Received: by mail-pf0-f174.google.com with SMTP id 9so1850061pfj.1 for ; Sat, 13 May 2017 04:52:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=KSfsC54w0ahhyds8SIZR4ekLR4muJZ3SiaNfhzHPFcs=; b=XExKBLv+wWrUpB+ClHjydHm0EQZK6OAqlogPzYOj/osOKmEt1Ys5bbMy4FzRrvaWEc 02eKuMxlmJFLBS6t2+ar3qmaOtBonkncVc8CrCTOkv8N3Vx1VdVy1t9WEBXgmdxmTbC9 3h/qpGl9t96/y8LsFagopc+79swbhO5mSWoO0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=KSfsC54w0ahhyds8SIZR4ekLR4muJZ3SiaNfhzHPFcs=; b=TGiJ549lfd0nCb+V9CWRspNJagq5TfGZR++fbayHmiBRE4iWiMwswk7QbmFjO3Sudq ZK16XDnF11JB+SXZe69JW32l5p/iYR1u0QZ0S3Y+WwWE0NBU0vjgRJi5/s5B0/2Ceo0j KOcwiLgFZLfQwS19p5PUJeQFxN169vGSnpjtrjjpwFM7lB7UqF6WcS+lcHmHvNW0+kSX M8aLksX/Ab+WLeLJNIGmP1jUqgOap1P+YdqHx3pFn+VgLfTKPnAoco8KsGPDs3AsjblO PW993vGPEuu3jhUxMiR/JW5za2srgGsY3DHvDVlYHxAFoTsvRjesh3HkOHm+FsbH0oLY DAhw== X-Gm-Message-State: AODbwcAAaMuQpvorc8vJP+gKwoxYi5wWj6WrOhTBsYBqOCs1SrEH0bBz +0m6z03uzBoQ4X3B X-Received: by 10.98.200.142 with SMTP id i14mr9496780pfk.154.1494676323662; Sat, 13 May 2017 04:52:03 -0700 (PDT) Received: from www.outflux.net (173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133]) by smtp.gmail.com with ESMTPSA id r69sm11083700pfi.33.2017.05.13.04.52.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 13 May 2017 04:52:01 -0700 (PDT) From: Kees Cook To: Jonathan Corbet Cc: Kees Cook , Casey Schaufler , John Johansen , Tetsuo Handa , Paul Moore , David Howells , Mimi Zohar , James Morris , Tyler Hicks , David Safford , linux-doc@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 06/17] doc: security: minor cleanups to build kernel-doc Date: Sat, 13 May 2017 04:51:42 -0700 Message-Id: <1494676313-144890-7-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1494676313-144890-1-git-send-email-keescook@chromium.org> References: <1494676313-144890-1-git-send-email-keescook@chromium.org> Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP These fixes were needed to parse lsm_hooks.h kernel-doc. More work is needed, but this is the first step. Cc: Casey Schaufler Signed-off-by: Kees Cook Acked-by: James Morris --- include/linux/lsm_hooks.h | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 080f34e66017..a1eeaf603d2f 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -29,6 +29,8 @@ #include /** + * union security_list_options - Linux Security Module hook function list + * * Security hooks for program execution operations. * * @bprm_set_creds: @@ -193,8 +195,8 @@ * @value will be set to the allocated attribute value. * @len will be set to the length of the value. * Returns 0 if @name and @value have been successfully set, - * -EOPNOTSUPP if no security attribute is needed, or - * -ENOMEM on memory allocation failure. + * -EOPNOTSUPP if no security attribute is needed, or + * -ENOMEM on memory allocation failure. * @inode_create: * Check permission to create a regular file. * @dir contains inode structure of the parent of the new file. @@ -510,8 +512,7 @@ * process @tsk. Note that this hook is sometimes called from interrupt. * Note that the fown_struct, @fown, is never outside the context of a * struct file, so the file structure (and associated security information) - * can always be obtained: - * container_of(fown, struct file, f_owner) + * can always be obtained: container_of(fown, struct file, f_owner) * @tsk contains the structure of task receiving signal. * @fown contains the file owner information. * @sig is the signal that will be sent. When 0, kernel sends SIGIO. @@ -521,7 +522,7 @@ * to receive an open file descriptor via socket IPC. * @file contains the file structure being received. * Return 0 if permission is granted. - * @file_open + * @file_open: * Save open-time permission checking state for later use upon * file_permission, and recheck access if anything has changed * since inode_permission. @@ -1143,7 +1144,7 @@ * @sma contains the semaphore structure. May be NULL. * @cmd contains the operation to be performed. * Return 0 if permission is granted. - * @sem_semop + * @sem_semop: * Check permissions before performing operations on members of the * semaphore set @sma. If the @alter flag is nonzero, the semaphore set * may be modified. @@ -1153,20 +1154,20 @@ * @alter contains the flag indicating whether changes are to be made. * Return 0 if permission is granted. * - * @binder_set_context_mgr + * @binder_set_context_mgr: * Check whether @mgr is allowed to be the binder context manager. * @mgr contains the task_struct for the task being registered. * Return 0 if permission is granted. - * @binder_transaction + * @binder_transaction: * Check whether @from is allowed to invoke a binder transaction call * to @to. * @from contains the task_struct for the sending task. * @to contains the task_struct for the receiving task. - * @binder_transfer_binder + * @binder_transfer_binder: * Check whether @from is allowed to transfer a binder reference to @to. * @from contains the task_struct for the sending task. * @to contains the task_struct for the receiving task. - * @binder_transfer_file + * @binder_transfer_file: * Check whether @from is allowed to transfer @file to @to. * @from contains the task_struct for the sending task. * @file contains the struct file being transferred. @@ -1214,7 +1215,7 @@ * @cred contains the credentials to use. * @ns contains the user namespace we want the capability in * @cap contains the capability . - * @audit: Whether to write an audit message or not + * @audit contains whether to write an audit message or not * Return 0 if the capability is granted for @tsk. * @syslog: * Check permission before accessing the kernel message ring or changing @@ -1336,9 +1337,7 @@ * @inode we wish to get the security context of. * @ctx is a pointer in which to place the allocated security context. * @ctxlen points to the place to put the length of @ctx. - * This is the main security structure. */ - union security_list_options { int (*binder_set_context_mgr)(struct task_struct *mgr); int (*binder_transaction)(struct task_struct *from,