From patchwork Wed Oct 18 10:50:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Michael_Wei=C3=9F?= X-Patchwork-Id: 154817 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2908:b0:403:3b70:6f57 with SMTP id ib8csp4703356vqb; Wed, 18 Oct 2023 03:57:28 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGPVhXG5YVIm0E7h1UttT3YP+KyDJU+egOlCpkS+BMJMqFD4GxnrSsHyL2CSPJiTbHoAIP+ X-Received: by 2002:a05:6a00:330c:b0:68e:2fd4:288a with SMTP id cq12-20020a056a00330c00b0068e2fd4288amr4671486pfb.3.1697626648262; Wed, 18 Oct 2023 03:57:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697626648; cv=none; d=google.com; s=arc-20160816; b=hi3No7uoZbg3hkipHPCStesyYmL8WJVd9j97wQULXk9EWOrfa3AmtUi+//SOHa1nu6 b7qVEgqfNqnC4AIW5JJqgkWvWLwbocC3OUg6CA2FqWu2iwfNxvcNJLoNM/j7iM3GCaSP ZRk0zxDtPyMfDA90PW1c50VYdt5N6iIG/tng08IEEK6nZZK9mP6c/d1mHtu9w1lfhrV+ Lec/9BK8GtWhoVtxvJRY319PRb5lkqPEshJeYb3+5ZaSfDY3Suc91X3MSdf1YfgJXT4Y 4aL1AoLXyoagQAS7f6iV6d6qSyxLkQA2/pLfMpdevBanFnvgm4pK7R950kL85mhIPh2l USkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:ui-outboundreport:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=aCT4SgUoL/0yussYGEXY6ao3ykL3wUcuHQGDwrCZVEU=; fh=c4ql7d5QsFreQmYQr7ycbAsMayBEmNUOv2nmR/PVp9M=; b=E+7MrYopPV/7DdH6SHd4MSFIDN81OaYwsm8xzxMD8fFGV+kqeZA52cJcc8Gf5pXnw6 uQnZQghwNs7FNUNuLJqGNOU8hDgQ11+KPaSnfBBziorSVEFctvz7rsijzVmvEf/70eNx uq7MM4Us9irefFlUEUE6ZBSssrscjx15ockSQ1L1fxO2hxBh4EnqJnGREg+MiEyyZ+RU FmT1Ah+3MNffDrJzywa0IHUjYUvWXlsx6gGoXMc06r8uy/7NdcbDxhF5EaIX1sUnN7zf fEfcJC7WQhu6ubRKzBZEoa0Q+XrurGPad4ENTYHueYZ+I+Bd6TcdoRYRRCTOpI7D0OwQ Ibfg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aisec.fraunhofer.de Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id v67-20020a626146000000b006bd92819450si1350952pfb.170.2023.10.18.03.57.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 03:57:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aisec.fraunhofer.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 5A83181393C0; Wed, 18 Oct 2023 03:57:27 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230019AbjJRK5T (ORCPT + 24 others); Wed, 18 Oct 2023 06:57:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40420 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229966AbjJRK5H (ORCPT ); Wed, 18 Oct 2023 06:57:07 -0400 Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.134]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 29D99FE; Wed, 18 Oct 2023 03:57:01 -0700 (PDT) Received: from weisslap.aisec.fraunhofer.de ([91.67.186.133]) by mrelayeu.kundenserver.de (mreue012 [212.227.15.167]) with ESMTPSA (Nemesis) id 1MhWx1-1rVgc83BZ5-00eePP; Wed, 18 Oct 2023 12:50:55 +0200 From: =?utf-8?q?Michael_Wei=C3=9F?= To: Alexander Mikhalitsyn , Christian Brauner , Alexei Starovoitov , Paul Moore Cc: Daniel Borkmann , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , John Fastabend , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , Quentin Monnet , Alexander Viro , Miklos Szeredi , Amir Goldstein , "Serge E. Hallyn" , bpf@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, gyroidos@aisec.fraunhofer.de, =?utf-8?q?Mich?= =?utf-8?q?ael_Wei=C3=9F?= Subject: [RFC PATCH v2 02/14] vfs: Remove explicit devcgroup_inode calls Date: Wed, 18 Oct 2023 12:50:21 +0200 Message-Id: <20231018105033.13669-3-michael.weiss@aisec.fraunhofer.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20231018105033.13669-1-michael.weiss@aisec.fraunhofer.de> References: <20231018105033.13669-1-michael.weiss@aisec.fraunhofer.de> MIME-Version: 1.0 X-Provags-ID: V03:K1:MwrgA482pCeYk6KYV5/2aD7JrSA7beredsb42ak4qjUk29yCG4F 7ozM/orvi5JvxuxaHlfd7s3x0H6l8BEfSx9VyqBcaIMLhD2HvadYIa310SbPVj9WBZNA5hN eyEBw2WJnInrwDmOLPUoqvtPwe9sY67pqLb7cEuGdcA/Yz8Qz3Zy7I/E6gv2ci5xum09k4D o1DVQbV79xFvjqjsXz2pQ== UI-OutboundReport: notjunk:1;M01:P0:1PbBlzRlcpE=;1PQasu6XjQfwCddLHV02Vs2Km+I mCHapxjy4piWul7yxhld7hFtIyqov59KRgk/xxmmWaDICYqlPkE7cQ/e/TgZXI1rYvmt932js NB6XZ5PZxAlDZdC/GcfnM28zEVKaVAw7s0PwS5uEUvI9jy+szhJqcABicjROD6csQWS3mqJi5 cTjQsE/5DDjUi94ATRXwsoeQKJ19Sj9o1615svODHUtw02Sef+9nYRb/ak8qSYwewJyANFrUA eiKDldV1luSBV9xgikMW7JeHh9rmfQVJvbcwh8CHfhA9vcMotyoEwoZ5tsN6tTWCrScXw5y3e chcPudB3+H3NdPqfRFUq67+xxz3I2Sqx8PcSxkVZlCMPe7Q/3KGKkZHGftG37q02lAsRczTxg qNySApya/dYiqVM7AYXSmt2zjhCq0m5fzNAk6kHRjL+G/RTCS0HJkmkxq0XtULXKA42bR3b/P pspj/yaxSe8m1Mo5ub0FAqv0e969zM3zhAF7RDAQjGWonGD7kBii0cH/mYSSrqAoEAK1eo4jw t0wlLEfkxYML28X7/003vWddEB3a27aKLHdGHnf1sXzuTzeJiCektpr0ppgvoxAmUYwRkOd7U XcVV4otNWI5FPR/JdkAcH5Rv6aVUsjEEwUQny8xwZrj8oHXDB41KEkZTI159qq9XnpTGxpBpO N7htj1qHtJY0sMZ/IejuxmBWZPJYCtsNOQ0swLTnvhhYTxyP/LlN/gmi1NwUNUDRAIK3FKsZQ KgNfJDJVAWJFCt4oPmGKNHrTP5wPFCx3NLRsW1Dk0jnXp/tLtSgwuf6W+GJf2ZtK78H79ROOG zE8tMIMWL4gPQouWVfAv7rvp2nTsbmZ/1ir6hbBIAiySGjsLKTIZyiY+pnIoKjVgh/bxO6nrZ RV/jBc5FLTsgYN3Pl9orJp06QaHtJjLnnfhI= X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL, SPF_HELO_NONE,SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Wed, 18 Oct 2023 03:57:27 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780090560329107683 X-GMAIL-MSGID: 1780090560329107683 Since the new lsm-based cgroup device access control is settled, the explicit calls to devcgroup_inode_permission and devcgroup_inode_mknod in fs/namei.c are redundant and can safely be dropped. The corresponding security_inode_permission and security_inode_mknod hooks are taking over. Signed-off-by: Michael Weiß --- fs/namei.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index 567ee547492b..f601fcbdc4d2 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -34,7 +34,6 @@ #include #include #include -#include #include #include #include @@ -529,10 +528,6 @@ int inode_permission(struct mnt_idmap *idmap, if (retval) return retval; - retval = devcgroup_inode_permission(inode, mask); - if (retval) - return retval; - return security_inode_permission(inode, mask); } EXPORT_SYMBOL(inode_permission); @@ -3987,9 +3982,6 @@ int vfs_mknod(struct mnt_idmap *idmap, struct inode *dir, return -EPERM; mode = vfs_prepare_mode(idmap, dir, mode, mode, mode); - error = devcgroup_inode_mknod(mode, dev); - if (error) - return error; error = security_inode_mknod(dir, dentry, mode, dev); if (error)