git.baikalelectronics.ru Git - kernel.git/commit

author	Mickaël Salaün <mic@digikod.net>
	Fri, 6 May 2022 16:10:56 +0000 (18:10 +0200)
committer	Mickaël Salaün <mic@digikod.net>
	Mon, 23 May 2022 11:27:58 +0000 (13:27 +0200)
commit	76b9dc9baee1ee3f3ae52133eb3f48fdb3cf3a01
tree	037d009604dce35f82e15cdc324258d39dbaed9b	tree \| snapshot
parent	489aea5ddaf2f927f557af53d40415b7297846e6	commit \| diff

LSM: Remove double path_rename hook calls for RENAME_EXCHANGE

In order to be able to identify a file exchange with renameat2(2) and
RENAME_EXCHANGE, which will be useful for Landlock [1], propagate the
rename flags to LSMs. This may also improve performance because of the
switch from two set of LSM hook calls to only one, and because LSMs
using this hook may optimize the double check (e.g. only one lock,
reduce the number of path walks).

AppArmor, Landlock and Tomoyo are updated to leverage this change. This
should not change the current behavior (same check order), except
(different level of) speed boosts.

[1] https://lore.kernel.org/r/20220221212522.320243-1-mic@digikod.net

Cc: James Morris <jmorris@namei.org>
Cc: Kentaro Takeda <takedakn@nttdata.co.jp>
Cc: Serge E. Hallyn <serge@hallyn.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reviewed-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Link: https://lore.kernel.org/r/20220506161102.525323-7-mic@digikod.net

include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
security/apparmor/lsm.c		diff \| blob \| history
security/landlock/fs.c		diff \| blob \| history
security/security.c		diff \| blob \| history
security/tomoyo/tomoyo.c		diff \| blob \| history