lsm: styling fixes to security/security.c

As we were already making massive changes to security/security.c by moving all of the function header comments above the function definitions, let's take the opportunity to fix various style crimes. Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Paul Moore <paul@paul-moore.com>

lsm: styling fixes to security/security.c
As we were already making massive changes to security/security.c by moving all of the function header comments above the function definitions, let's take the opportunity to fix various style crimes. Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
63c1845b · Paul Moore · e261301c · 63c1845b
Commit 63c1845b authored Feb 16, 2023 by Paul Moore
Show whitespace changes
Inline Side-by-side

Showing with 98 additions and 84 deletions

security/security.c security/security.c +98 -84

No files found.
--- a/security/security.c
+++ b/security/security.c
@@ -42,7 +42,7 @@
 * all security modules to use the same descriptions for auditing
 * purposes.
 */
-const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
+const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = {
 	[LOCKDOWN_NONE] = "none",
 	[LOCKDOWN_MODULE_SIGNATURE] = "unsigned module loading",
 	[LOCKDOWN_DEV_MEM] = "/dev/mem,kmem,port",
@@ -88,7 +88,7 @@ static struct lsm_blob_sizes blob_sizes __lsm_ro_after_init;
 static __initdata const char *chosen_lsm_order;
 static __initdata const char *chosen_major_lsm;

-static __initconst const char * const builtin_lsm_order = CONFIG_LSM;
+static __initconst const char *const builtin_lsm_order = CONFIG_LSM;

 /* Ordered list of LSMs to initialize. */
 static __initdata struct lsm_info **ordered_lsms;
@@ -332,7 +332,8 @@ static void __init report_lsm_order(void)
 	pr_info("initializing lsm=");

 	/* Report each enabled LSM name, comma separated. */
-	for (early = __start_early_lsm_info; early < __end_early_lsm_info; early++)
+	for (early = __start_early_lsm_info;
+	     early < __end_early_lsm_info; early++)
 		if (is_enabled(early))
 			pr_cont("%s%s", first++ == 0 ? "" : ",", early->name);
 	for (lsm = ordered_lsms; *lsm; lsm++)
@@ -420,9 +421,9 @@ int __init security_init(void)
 {
 	struct lsm_info *lsm;

-	init_debug("legacy security=%s\n", chosen_major_lsm ?: " *unspecified*");
+	init_debug("legacy security=%s\n", chosen_major_lsm ? : " *unspecified*");
 	init_debug("  CONFIG_LSM=%s\n", builtin_lsm_order);
-	init_debug("boot arg lsm=%s\n", chosen_lsm_order ?: " *unspecified*");
+	init_debug("boot arg lsm=%s\n", chosen_lsm_order ? : " *unspecified*");

 	/*
 	 * Append the names of the early LSM modules now that kmalloc() is
@@ -1376,7 +1377,8 @@ int security_sb_umount(struct vfsmount *mnt, int flags)
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_sb_pivotroot(const struct path *old_path, const struct path *new_path)
+int security_sb_pivotroot(const struct path *old_path,
+			  const struct path *new_path)
 {
 	return call_int_hook(sb_pivotroot, 0, old_path, new_path);
 }
@@ -1433,7 +1435,8 @@ EXPORT_SYMBOL(security_sb_clone_mnt_opts);
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_move_mount(const struct path *from_path, const struct path *to_path)
+int security_move_mount(const struct path *from_path,
+			const struct path *to_path)
 {
 	return call_int_hook(move_mount, 0, from_path, to_path);
 }
@@ -1535,7 +1538,8 @@ int security_dentry_init_security(struct dentry *dentry, int mode,
 	/*
 	 * Only one module will provide a security context.
 	 */
-	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security, list) {
+	hlist_for_each_entry(hp, &security_hook_heads.dentry_init_security,
+			     list) {
 		rc = hp->hook.dentry_init_security(dentry, mode, name,
 						   xattr_name, ctx, ctxlen);
 		if (rc != LSM_RET_DEFAULT(dentry_init_security))
@@ -1669,8 +1673,8 @@ EXPORT_SYMBOL(security_old_inode_init_security);
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_path_mknod(const struct path *dir, struct dentry *dentry, umode_t mode,
-			unsigned int dev)
+int security_path_mknod(const struct path *dir, struct dentry *dentry,
+			umode_t mode, unsigned int dev)
 {
 	if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
 		return 0;
@@ -1688,7 +1692,8 @@ EXPORT_SYMBOL(security_path_mknod);
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_path_mkdir(const struct path *dir, struct dentry *dentry, umode_t mode)
+int security_path_mkdir(const struct path *dir, struct dentry *dentry,
+			umode_t mode)
 {
 	if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry))))
 		return 0;
@@ -1782,7 +1787,8 @@ int security_path_rename(const struct path *old_dir, struct dentry *old_dentry,
 			 unsigned int flags)
 {
 	if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
-		     (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
+		     (d_is_positive(new_dentry) &&
+		      IS_PRIVATE(d_backing_inode(new_dentry)))))
 		return 0;

 	return call_int_hook(path_rename, 0, old_dir, old_dentry, new_dir,
@@ -1854,7 +1860,7 @@ int security_path_chroot(const struct path *path)
 {
 	return call_int_hook(path_chroot, 0, path);
 }
-#endif
+#endif /* CONFIG_SECURITY_PATH */

 /**
 * security_inode_create() - Check if creating a file is allowed
@@ -1866,7 +1872,8 @@ int security_path_chroot(const struct path *path)
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode)
+int security_inode_create(struct inode *dir, struct dentry *dentry,
+			  umode_t mode)
 {
 	if (unlikely(IS_PRIVATE(dir)))
 		return 0;
@@ -1975,7 +1982,8 @@ int security_inode_rmdir(struct inode *dir, struct dentry *dentry)
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
+int security_inode_mknod(struct inode *dir, struct dentry *dentry,
+			 umode_t mode, dev_t dev)
 {
 	if (unlikely(IS_PRIVATE(dir)))
 		return 0;
@@ -1999,7 +2007,8 @@ int security_inode_rename(struct inode *old_dir, struct dentry *old_dentry,
 			  unsigned int flags)
 {
 	if (unlikely(IS_PRIVATE(d_backing_inode(old_dentry)) ||
-            (d_is_positive(new_dentry) && IS_PRIVATE(d_backing_inode(new_dentry)))))
+		     (d_is_positive(new_dentry) &&
+		      IS_PRIVATE(d_backing_inode(new_dentry)))))
 		return 0;

 	if (flags & RENAME_EXCHANGE) {
@@ -2370,7 +2379,8 @@ int security_inode_getsecurity(struct mnt_idmap *idmap,
 	 * Only one module will provide an attribute with a given name.
 	 */
 	hlist_for_each_entry(hp, &security_hook_heads.inode_getsecurity, list) {
-		rc = hp->hook.inode_getsecurity(idmap, inode, name, buffer, alloc);
+		rc = hp->hook.inode_getsecurity(idmap, inode, name, buffer,
+						alloc);
 		if (rc != LSM_RET_DEFAULT(inode_getsecurity))
 			return rc;
 	}
@@ -2392,7 +2402,8 @@ int security_inode_getsecurity(struct mnt_idmap *idmap,
 *
 * Return: Returns 0 on success.
 */
-int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
+int security_inode_setsecurity(struct inode *inode, const char *name,
+			       const void *value, size_t size, int flags)
 {
 	struct security_hook_list *hp;
 	int rc;
@@ -2424,7 +2435,8 @@ int security_inode_setsecurity(struct inode *inode, const char *name, const void
 *
 * Return: Returns number of bytes used/required on success.
 */
-int security_inode_listsecurity(struct inode *inode, char *buffer, size_t buffer_size)
+int security_inode_listsecurity(struct inode *inode,
+				char *buffer, size_t buffer_size)
 {
 	if (unlikely(IS_PRIVATE(inode)))
 		return 0;
@@ -3649,7 +3661,8 @@ int security_shm_shmctl(struct kern_ipc_perm *shp, int cmd)
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_shm_shmat(struct kern_ipc_perm *shp, char __user *shmaddr, int shmflg)
+int security_shm_shmat(struct kern_ipc_perm *shp,
+		       char __user *shmaddr, int shmflg)
 {
 	return call_int_hook(shm_shmat, 0, shp, shmaddr, shmflg);
 }
@@ -4001,7 +4014,7 @@ int security_watch_key(struct key *key)
 {
 	return call_int_hook(watch_key, 0, key);
 }
-#endif
+#endif /* CONFIG_KEY_NOTIFICATIONS */

 #ifdef CONFIG_SECURITY_NETWORK
 /**
@@ -4025,7 +4038,8 @@ int security_watch_key(struct key *key)
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_unix_stream_connect(struct sock *sock, struct sock *other, struct sock *newsk)
+int security_unix_stream_connect(struct sock *sock, struct sock *other,
+				 struct sock *newsk)
 {
 	return call_int_hook(unix_stream_connect, 0, sock, other, newsk);
 }
@@ -4126,7 +4140,8 @@ EXPORT_SYMBOL(security_socket_socketpair);
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_socket_bind(struct socket *sock, struct sockaddr *address, int addrlen)
+int security_socket_bind(struct socket *sock,
+			 struct sockaddr *address, int addrlen)
 {
 	return call_int_hook(socket_bind, 0, sock, address, addrlen);
 }
@@ -4142,7 +4157,8 @@ int security_socket_bind(struct socket *sock, struct sockaddr *address, int addr
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_socket_connect(struct socket *sock, struct sockaddr *address, int addrlen)
+int security_socket_connect(struct socket *sock,
+			    struct sockaddr *address, int addrlen)
 {
 	return call_int_hook(socket_connect, 0, sock, address, addrlen);
 }
@@ -4336,7 +4352,8 @@ int security_socket_getpeersec_stream(struct socket *sock, sockptr_t optval,
 *
 * Return: Returns 0 on success, error on failure.
 */
-int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
+int security_socket_getpeersec_dgram(struct socket *sock,
+				     struct sk_buff *skb, u32 *secid)
 {
 	return call_int_hook(socket_getpeersec_dgram, -ENOPROTOOPT, sock,
 			     skb, secid);
@@ -4591,7 +4608,8 @@ EXPORT_SYMBOL(security_tun_dev_open);
 *
 * Return: Returns 0 on success, error on failure.
 */
-int security_sctp_assoc_request(struct sctp_association *asoc, struct sk_buff *skb)
+int security_sctp_assoc_request(struct sctp_association *asoc,
+				struct sk_buff *skb)
 {
 	return call_int_hook(sctp_assoc_request, 0, asoc, skb);
 }
@@ -4656,7 +4674,6 @@ EXPORT_SYMBOL(security_sctp_assoc_established);
 #endif	/* CONFIG_SECURITY_NETWORK */

 #ifdef CONFIG_SECURITY_INFINIBAND
-
 /**
 * security_ib_pkey_access() - Check if access to an IB pkey is allowed
 * @sec: LSM blob
@@ -4683,9 +4700,11 @@ EXPORT_SYMBOL(security_ib_pkey_access);
 *
 * Return: Returns 0 if permission is granted.
 */
-int security_ib_endport_manage_subnet(void *sec, const char *dev_name, u8 port_num)
+int security_ib_endport_manage_subnet(void *sec,
+				      const char *dev_name, u8 port_num)
 {
-	return call_int_hook(ib_endport_manage_subnet, 0, sec, dev_name, port_num);
+	return call_int_hook(ib_endport_manage_subnet, 0, sec,
+			     dev_name, port_num);
 }
 EXPORT_SYMBOL(security_ib_endport_manage_subnet);

@@ -4717,7 +4736,6 @@ EXPORT_SYMBOL(security_ib_free_security);
 #endif	/* CONFIG_SECURITY_INFINIBAND */

 #ifdef CONFIG_SECURITY_NETWORK_XFRM
-
 /**
 * security_xfrm_policy_alloc() - Allocate a xfrm policy LSM blob
 * @ctxp: xfrm security context being added to the SPD
@@ -4912,11 +4930,9 @@ void security_skb_classify_flow(struct sk_buff *skb, struct flowi_common *flic)
 	BUG_ON(rc);
 }
 EXPORT_SYMBOL(security_skb_classify_flow);
-
 #endif	/* CONFIG_SECURITY_NETWORK_XFRM */

 #ifdef CONFIG_KEYS
-
 /**
 * security_key_alloc() - Allocate and initialize a kernel key LSM blob
 * @key: key
@@ -4979,11 +4995,9 @@ int security_key_getsecurity(struct key *key, char **_buffer)
 	*_buffer = NULL;
 	return call_int_hook(key_getsecurity, 0, key, _buffer);
 }
-
 #endif	/* CONFIG_KEYS */

 #ifdef CONFIG_AUDIT
-
 /**
 * security_audit_rule_init() - Allocate and init an LSM audit rule struct
 * @field: audit action