Thread (12 messages) 12 messages, 5 authors, 2021-08-31

Re: [PATCH v3] lockdown,selinux: fix wrong subject in some SELinux lockdown checks

From: Thomas Gleixner <hidden>
Date: 2021-06-19 17:00:39
Also in: bpf, kexec, linux-acpi, linux-cxl, linux-efi, linux-fsdevel, linux-pci, linux-pm, linux-security-module, linuxppc-dev, lkml, netdev, selinux

On Wed, Jun 16 2021 at 10:51, Ondrej Mosnacek wrote:
quoted hunk ↗ jump to hunk
diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c
index bda73cb7a044..c43a13241ae8 100644
--- a/arch/x86/mm/testmmiotrace.c
+++ b/arch/x86/mm/testmmiotrace.c
@@ -116,7 +116,7 @@ static void do_test_bulk_ioremapping(void)
 static int __init init(void)
 {
 	unsigned long size = (read_far) ? (8 << 20) : (16 << 10);
-	int ret = security_locked_down(LOCKDOWN_MMIOTRACE);
+	int ret = security_locked_down(current_cred(), LOCKDOWN_MMIOTRACE);
I have no real objection to those patches, but it strikes me odd that
out of the 62 changed places 58 have 'current_cred()' and 4 have NULL as
argument.

I can't see why this would ever end up with anything else than
current_cred() or NULL and NULL being the 'special' case. So why not
having security_locked_down_no_cred() and make current_cred() implicit
for security_locked_down() which avoids most of the churn and just makes
the special cases special. I might be missing something though.

Thanks,

        tglx
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help