landlock: Format with clang-format

l0kod · l0kod · commit 06a1c40a09a8 · 2022-05-09T12:31:10.000+02:00
Let's follow a consistent and documented coding style. Everything may not be to our liking but it is better than tacit knowledge. Moreover, this will help maintain style consistency between different developers. This contains only whitespace changes. Automatically formatted with: clang-format-14 -i security/landlock/*.[ch] include/uapi/linux/landlock.h Link: https://lore.kernel.org/r/20220506160513.523257-3-mic@digikod.net Cc: stable@vger.kernel.org Signed-off-by: Mickaël Salaün <mic@digikod.net>
diff --git a/security/landlock/cred.c b/security/landlock/cred.c
@@ -15,7 +15,7 @@
 #include "setup.h"
 
 static int hook_cred_prepare(struct cred *const new,
-		const struct cred *const old, const gfp_t gfp)
+			     const struct cred *const old, const gfp_t gfp)
 {
 	struct landlock_ruleset *const old_dom = landlock_cred(old)->domain;
 
@@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
 __init void landlock_add_cred_hooks(void)
 {
 	security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
-			LANDLOCK_NAME);
+			   LANDLOCK_NAME);
 }
diff --git a/security/landlock/cred.h b/security/landlock/cred.h
@@ -20,8 +20,8 @@ struct landlock_cred_security {
 	struct landlock_ruleset *domain;
 };
 
-static inline struct landlock_cred_security *landlock_cred(
-		const struct cred *cred)
+static inline struct landlock_cred_security *
+landlock_cred(const struct cred *cred)
 {
 	return cred->security + landlock_blob_sizes.lbs_cred;
 }
@@ -34,8 +34,8 @@ static inline const struct landlock_ruleset *landlock_get_current_domain(void)
 /*
  * The call needs to come from an RCU read-side critical section.
  */
-static inline const struct landlock_ruleset *landlock_get_task_domain(
-		const struct task_struct *const task)
+static inline const struct landlock_ruleset *
+landlock_get_task_domain(const struct task_struct *const task)
 {
 	return landlock_cred(__task_cred(task))->domain;
 }
diff --git a/security/landlock/fs.c b/security/landlock/fs.c
@@ -152,14 +152,14 @@ static struct landlock_object *get_inode_object(struct inode *const inode)
  * @path: Should have been checked by get_path_from_fd().
  */
 int landlock_append_fs_rule(struct landlock_ruleset *const ruleset,
-		const struct path *const path, u32 access_rights)
+			    const struct path *const path, u32 access_rights)
 {
 	int err;
 	struct landlock_object *object;
 
 	/* Files only get access rights that make sense. */
-	if (!d_is_dir(path->dentry) && (access_rights | ACCESS_FILE) !=
-			ACCESS_FILE)
+	if (!d_is_dir(path->dentry) &&
+	    (access_rights | ACCESS_FILE) != ACCESS_FILE)
 		return -EINVAL;
 	if (WARN_ON_ONCE(ruleset->num_layers != 1))
 		return -EINVAL;
@@ -182,10 +182,9 @@ int landlock_append_fs_rule(struct landlock_ruleset *const ruleset,
 
 /* Access-control management */
 
-static inline u64 unmask_layers(
-		const struct landlock_ruleset *const domain,
-		const struct path *const path, const u32 access_request,
-		u64 layer_mask)
+static inline u64 unmask_layers(const struct landlock_ruleset *const domain,
+				const struct path *const path,
+				const u32 access_request, u64 layer_mask)
 {
 	const struct landlock_rule *rule;
 	const struct inode *inode;
@@ -196,8 +195,8 @@ static inline u64 unmask_layers(
 		return layer_mask;
 	inode = d_backing_inode(path->dentry);
 	rcu_read_lock();
-	rule = landlock_find_rule(domain,
-			rcu_dereference(landlock_inode(inode)->object));
+	rule = landlock_find_rule(
+		domain, rcu_dereference(landlock_inode(inode)->object));
 	rcu_read_unlock();
 	if (!rule)
 		return layer_mask;
@@ -225,7 +224,7 @@ static inline u64 unmask_layers(
 }
 
 static int check_access_path(const struct landlock_ruleset *const domain,
-		const struct path *const path, u32 access_request)
+			     const struct path *const path, u32 access_request)
 {
 	bool allowed = false;
 	struct path walker_path;
@@ -245,8 +244,8 @@ static int check_access_path(const struct landlock_ruleset *const domain,
 	 * /proc/<pid>/fd/<file-descriptor> .
 	 */
 	if ((path->dentry->d_sb->s_flags & SB_NOUSER) ||
-			(d_is_positive(path->dentry) &&
-			 unlikely(IS_PRIVATE(d_backing_inode(path->dentry)))))
+	    (d_is_positive(path->dentry) &&
+	     unlikely(IS_PRIVATE(d_backing_inode(path->dentry)))))
 		return 0;
 	if (WARN_ON_ONCE(domain->num_layers < 1))
 		return -EACCES;
@@ -270,8 +269,8 @@ static int check_access_path(const struct landlock_ruleset *const domain,
 	while (true) {
 		struct dentry *parent_dentry;
 
-		layer_mask = unmask_layers(domain, &walker_path,
-				access_request, layer_mask);
+		layer_mask = unmask_layers(domain, &walker_path, access_request,
+					   layer_mask);
 		if (layer_mask == 0) {
 			/* Stops when a rule from each layer grants access. */
 			allowed = true;
@@ -310,7 +309,7 @@ static int check_access_path(const struct landlock_ruleset *const domain,
 }
 
 static inline int current_check_access_path(const struct path *const path,
-		const u32 access_request)
+					    const u32 access_request)
 {
 	const struct landlock_ruleset *const dom =
 		landlock_get_current_domain();
@@ -438,8 +437,8 @@ static void hook_sb_delete(struct super_block *const sb)
 	if (prev_inode)
 		iput(prev_inode);
 	/* Waits for pending iput() in release_inode(). */
-	wait_var_event(&landlock_superblock(sb)->inode_refs, !atomic_long_read(
-				&landlock_superblock(sb)->inode_refs));
+	wait_var_event(&landlock_superblock(sb)->inode_refs,
+		       !atomic_long_read(&landlock_superblock(sb)->inode_refs));
 }
 
 /*
@@ -461,16 +460,16 @@ static void hook_sb_delete(struct super_block *const sb)
  * a dedicated user space option would be required (e.g. as a ruleset flag).
  */
 static int hook_sb_mount(const char *const dev_name,
-		const struct path *const path, const char *const type,
-		const unsigned long flags, void *const data)
+			 const struct path *const path, const char *const type,
+			 const unsigned long flags, void *const data)
 {
 	if (!landlock_get_current_domain())
 		return 0;
 	return -EPERM;
 }
 
 static int hook_move_mount(const struct path *const from_path,
-		const struct path *const to_path)
+			   const struct path *const to_path)
 {
 	if (!landlock_get_current_domain())
 		return 0;
@@ -504,7 +503,7 @@ static int hook_sb_remount(struct super_block *const sb, void *const mnt_opts)
  * view of the filesystem.
  */
 static int hook_sb_pivotroot(const struct path *const old_path,
-		const struct path *const new_path)
+			     const struct path *const new_path)
 {
 	if (!landlock_get_current_domain())
 		return 0;
@@ -547,8 +546,8 @@ static inline u32 get_mode_access(const umode_t mode)
  * deal with that.
  */
 static int hook_path_link(struct dentry *const old_dentry,
-		const struct path *const new_dir,
-		struct dentry *const new_dentry)
+			  const struct path *const new_dir,
+			  struct dentry *const new_dentry)
 {
 	const struct landlock_ruleset *const dom =
 		landlock_get_current_domain();
@@ -561,22 +560,23 @@ static int hook_path_link(struct dentry *const old_dentry,
 		return -EXDEV;
 	if (unlikely(d_is_negative(old_dentry)))
 		return -ENOENT;
-	return check_access_path(dom, new_dir,
-			get_mode_access(d_backing_inode(old_dentry)->i_mode));
+	return check_access_path(
+		dom, new_dir,
+		get_mode_access(d_backing_inode(old_dentry)->i_mode));
 }
 
 static inline u32 maybe_remove(const struct dentry *const dentry)
 {
 	if (d_is_negative(dentry))
 		return 0;
 	return d_is_dir(dentry) ? LANDLOCK_ACCESS_FS_REMOVE_DIR :
-		LANDLOCK_ACCESS_FS_REMOVE_FILE;
+				  LANDLOCK_ACCESS_FS_REMOVE_FILE;
 }
 
 static int hook_path_rename(const struct path *const old_dir,
-		struct dentry *const old_dentry,
-		const struct path *const new_dir,
-		struct dentry *const new_dentry)
+			    struct dentry *const old_dentry,
+			    const struct path *const new_dir,
+			    struct dentry *const new_dentry)
 {
 	const struct landlock_ruleset *const dom =
 		landlock_get_current_domain();
@@ -590,20 +590,21 @@ static int hook_path_rename(const struct path *const old_dir,
 	if (unlikely(d_is_negative(old_dentry)))
 		return -ENOENT;
 	/* RENAME_EXCHANGE is handled because directories are the same. */
-	return check_access_path(dom, old_dir, maybe_remove(old_dentry) |
-			maybe_remove(new_dentry) |
+	return check_access_path(
+		dom, old_dir,
+		maybe_remove(old_dentry) | maybe_remove(new_dentry) |
 			get_mode_access(d_backing_inode(old_dentry)->i_mode));
 }
 
 static int hook_path_mkdir(const struct path *const dir,
-		struct dentry *const dentry, const umode_t mode)
+			   struct dentry *const dentry, const umode_t mode)
 {
 	return current_check_access_path(dir, LANDLOCK_ACCESS_FS_MAKE_DIR);
 }
 
 static int hook_path_mknod(const struct path *const dir,
-		struct dentry *const dentry, const umode_t mode,
-		const unsigned int dev)
+			   struct dentry *const dentry, const umode_t mode,
+			   const unsigned int dev)
 {
 	const struct landlock_ruleset *const dom =
 		landlock_get_current_domain();
@@ -614,19 +615,20 @@ static int hook_path_mknod(const struct path *const dir,
 }
 
 static int hook_path_symlink(const struct path *const dir,
-		struct dentry *const dentry, const char *const old_name)
+			     struct dentry *const dentry,
+			     const char *const old_name)
 {
 	return current_check_access_path(dir, LANDLOCK_ACCESS_FS_MAKE_SYM);
 }
 
 static int hook_path_unlink(const struct path *const dir,
-		struct dentry *const dentry)
+			    struct dentry *const dentry)
 {
 	return current_check_access_path(dir, LANDLOCK_ACCESS_FS_REMOVE_FILE);
 }
 
 static int hook_path_rmdir(const struct path *const dir,
-		struct dentry *const dentry)
+			   struct dentry *const dentry)
 {
 	return current_check_access_path(dir, LANDLOCK_ACCESS_FS_REMOVE_DIR);
 }
@@ -690,5 +692,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
 __init void landlock_add_fs_hooks(void)
 {
 	security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
-			LANDLOCK_NAME);
+			   LANDLOCK_NAME);
 }
diff --git a/security/landlock/fs.h b/security/landlock/fs.h
@@ -50,21 +50,22 @@ struct landlock_superblock_security {
 	atomic_long_t inode_refs;
 };
 
-static inline struct landlock_inode_security *landlock_inode(
-		const struct inode *const inode)
+static inline struct landlock_inode_security *
+landlock_inode(const struct inode *const inode)
 {
 	return inode->i_security + landlock_blob_sizes.lbs_inode;
 }
 
-static inline struct landlock_superblock_security *landlock_superblock(
-		const struct super_block *const superblock)
+static inline struct landlock_superblock_security *
+landlock_superblock(const struct super_block *const superblock)
 {
 	return superblock->s_security + landlock_blob_sizes.lbs_superblock;
 }
 
 __init void landlock_add_fs_hooks(void);
 
 int landlock_append_fs_rule(struct landlock_ruleset *const ruleset,
-		const struct path *const path, u32 access_hierarchy);
+			    const struct path *const path,
+			    u32 access_hierarchy);
 
 #endif /* _SECURITY_LANDLOCK_FS_H */
diff --git a/security/landlock/object.c b/security/landlock/object.c
@@ -17,9 +17,9 @@
 
 #include "object.h"
 
-struct landlock_object *landlock_create_object(
-		const struct landlock_object_underops *const underops,
-		void *const underobj)
+struct landlock_object *
+landlock_create_object(const struct landlock_object_underops *const underops,
+		       void *const underobj)
 {
 	struct landlock_object *new_object;
 
diff --git a/security/landlock/object.h b/security/landlock/object.h
@@ -76,9 +76,9 @@ struct landlock_object {
 	};
 };
 
-struct landlock_object *landlock_create_object(
-		const struct landlock_object_underops *const underops,
-		void *const underobj);
+struct landlock_object *
+landlock_create_object(const struct landlock_object_underops *const underops,
+		       void *const underobj);
 
 void landlock_put_object(struct landlock_object *const object);
 
diff --git a/security/landlock/ptrace.c b/security/landlock/ptrace.c
@@ -30,7 +30,7 @@
  * means a subset of) the @child domain.
  */
 static bool domain_scope_le(const struct landlock_ruleset *const parent,
-		const struct landlock_ruleset *const child)
+			    const struct landlock_ruleset *const child)
 {
 	const struct landlock_hierarchy *walker;
 
@@ -48,7 +48,7 @@ static bool domain_scope_le(const struct landlock_ruleset *const parent,
 }
 
 static bool task_is_scoped(const struct task_struct *const parent,
-		const struct task_struct *const child)
+			   const struct task_struct *const child)
 {
 	bool is_scoped;
 	const struct landlock_ruleset *dom_parent, *dom_child;
@@ -62,7 +62,7 @@ static bool task_is_scoped(const struct task_struct *const parent,
 }
 
 static int task_ptrace(const struct task_struct *const parent,
-		const struct task_struct *const child)
+		       const struct task_struct *const child)
 {
 	/* Quick return for non-landlocked tasks. */
 	if (!landlocked(parent))
@@ -86,7 +86,7 @@ static int task_ptrace(const struct task_struct *const parent,
  * granted, -errno if denied.
  */
 static int hook_ptrace_access_check(struct task_struct *const child,
-		const unsigned int mode)
+				    const unsigned int mode)
 {
 	return task_ptrace(current, child);
 }
@@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {
 __init void landlock_add_ptrace_hooks(void)
 {
 	security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),
-			LANDLOCK_NAME);
+			   LANDLOCK_NAME);
 }
diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c
diff --git a/security/landlock/ruleset.h b/security/landlock/ruleset.h
diff --git a/security/landlock/syscalls.c b/security/landlock/syscalls.c

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@`
`15`	`15`	`#include "setup.h"`
`16`	`16`
`17`	`17`	`static int hook_cred_prepare(struct cred *const new,`
`18`		`- const struct cred *const old, const gfp_t gfp)`
	`18`	`+ const struct cred *const old, const gfp_t gfp)`
`19`	`19`	`{`
`20`	`20`	`struct landlock_ruleset *const old_dom = landlock_cred(old)->domain;`
`21`	`21`
`@@ -42,5 +42,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {`
`42`	`42`	`__init void landlock_add_cred_hooks(void)`
`43`	`43`	`{`
`44`	`44`	`security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),`
`45`		`- LANDLOCK_NAME);`
	`45`	`+ LANDLOCK_NAME);`
`46`	`46`	`}`
Original file line number	Diff line number	Diff line change
`@@ -20,8 +20,8 @@ struct landlock_cred_security {`
`20`	`20`	`struct landlock_ruleset *domain;`
`21`	`21`	`};`
`22`	`22`
`23`		`-static inline struct landlock_cred_security *landlock_cred(`
`24`		`- const struct cred *cred)`
	`23`	`+static inline struct landlock_cred_security *`
	`24`	`+landlock_cred(const struct cred *cred)`
`25`	`25`	`{`
`26`	`26`	`return cred->security + landlock_blob_sizes.lbs_cred;`
`27`	`27`	`}`
`@@ -34,8 +34,8 @@ static inline const struct landlock_ruleset *landlock_get_current_domain(void)`
`34`	`34`	`/*`
`35`	`35`	`* The call needs to come from an RCU read-side critical section.`
`36`	`36`	`*/`
`37`		`-static inline const struct landlock_ruleset *landlock_get_task_domain(`
`38`		`- const struct task_struct *const task)`
	`37`	`+static inline const struct landlock_ruleset *`
	`38`	`+landlock_get_task_domain(const struct task_struct *const task)`
`39`	`39`	`{`
`40`	`40`	`return landlock_cred(__task_cred(task))->domain;`
`41`	`41`	`}`
Original file line number	Diff line number	Diff line change
`@@ -50,21 +50,22 @@ struct landlock_superblock_security {`
`50`	`50`	`atomic_long_t inode_refs;`
`51`	`51`	`};`
`52`	`52`
`53`		`-static inline struct landlock_inode_security *landlock_inode(`
`54`		`- const struct inode *const inode)`
	`53`	`+static inline struct landlock_inode_security *`
	`54`	`+landlock_inode(const struct inode *const inode)`
`55`	`55`	`{`
`56`	`56`	`return inode->i_security + landlock_blob_sizes.lbs_inode;`
`57`	`57`	`}`
`58`	`58`
`59`		`-static inline struct landlock_superblock_security *landlock_superblock(`
`60`		`- const struct super_block *const superblock)`
	`59`	`+static inline struct landlock_superblock_security *`
	`60`	`+landlock_superblock(const struct super_block *const superblock)`
`61`	`61`	`{`
`62`	`62`	`return superblock->s_security + landlock_blob_sizes.lbs_superblock;`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`__init void landlock_add_fs_hooks(void);`
`66`	`66`
`67`	`67`	`int landlock_append_fs_rule(struct landlock_ruleset *const ruleset,`
`68`		`- const struct path *const path, u32 access_hierarchy);`
	`68`	`+ const struct path *const path,`
	`69`	`+ u32 access_hierarchy);`
`69`	`70`
`70`	`71`	`#endif /* _SECURITY_LANDLOCK_FS_H */`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@`
`30`	`30`	`* means a subset of) the @child domain.`
`31`	`31`	`*/`
`32`	`32`	`static bool domain_scope_le(const struct landlock_ruleset *const parent,`
`33`		`- const struct landlock_ruleset *const child)`
	`33`	`+ const struct landlock_ruleset *const child)`
`34`	`34`	`{`
`35`	`35`	`const struct landlock_hierarchy *walker;`
`36`	`36`
`@@ -48,7 +48,7 @@ static bool domain_scope_le(const struct landlock_ruleset *const parent,`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`static bool task_is_scoped(const struct task_struct *const parent,`
`51`		`- const struct task_struct *const child)`
	`51`	`+ const struct task_struct *const child)`
`52`	`52`	`{`
`53`	`53`	`bool is_scoped;`
`54`	`54`	`const struct landlock_ruleset dom_parent, dom_child;`
`@@ -62,7 +62,7 @@ static bool task_is_scoped(const struct task_struct *const parent,`
`62`	`62`	`}`
`63`	`63`
`64`	`64`	`static int task_ptrace(const struct task_struct *const parent,`
`65`		`- const struct task_struct *const child)`
	`65`	`+ const struct task_struct *const child)`
`66`	`66`	`{`
`67`	`67`	`/* Quick return for non-landlocked tasks. */`
`68`	`68`	`if (!landlocked(parent))`
`@@ -86,7 +86,7 @@ static int task_ptrace(const struct task_struct *const parent,`
`86`	`86`	`* granted, -errno if denied.`
`87`	`87`	`*/`
`88`	`88`	`static int hook_ptrace_access_check(struct task_struct *const child,`
`89`		`- const unsigned int mode)`
	`89`	`+ const unsigned int mode)`
`90`	`90`	`{`
`91`	`91`	`return task_ptrace(current, child);`
`92`	`92`	`}`
`@@ -116,5 +116,5 @@ static struct security_hook_list landlock_hooks[] __lsm_ro_after_init = {`
`116`	`116`	`__init void landlock_add_ptrace_hooks(void)`
`117`	`117`	`{`
`118`	`118`	`security_add_hooks(landlock_hooks, ARRAY_SIZE(landlock_hooks),`
`119`		`- LANDLOCK_NAME);`
	`119`	`+ LANDLOCK_NAME);`
`120`	`120`	`}`